#!/usr/bin/env python3
import base64
import hmac
import os
import secrets
import sys
P=int(base64.b85decode('|NsC0|NsC0$q(A1A!x!h#KvNafZQC>DFRLiif7Dp0t>#TI}@8CQA!ATjx+?_@0A&|%{oIHFe?ge@?R7;PvJFfZBfES<b}0%VqSj6^h`qOrZ??t3;$fU^ai)>?l^1vT8W>fuAd|kd`lnZNhoGf?BrWL!T@}@p<}-VnA%7-997erX%;`I{Upy{gJoSK+@r0Q9AfiUAca!9p4BM_aF&*BXACt?O1zi^@pNnm$`~PhGLT+IE;i0P<DPdc7!HO5n<s;!><6NcwZ&cVZ%k6j-Yd)Yl~@-TIh9F#>XmBc71AacnEC|}6>^SRima+=|NsC0|NsC0').hex(),16)
h=lambda k,m:hmac.new(k,m,'sha256').digest()
def kg():s=secrets.randbelow((P-1)//2);return s,pow(2,s,P)
cr=lambda k,x:bytes(a^b for a,b in zip(x,b''.join(h(h(b'e',k),n+bytes([i&255,i>>8]))for i in range((len(x)+31)//32))))
def pe(s):print(s,file=sys.stderr);sys.exit(1)
def us():pe('Usage: qraltcrypt.py -G|-E|-D seckeyfile/pubkey')
a=sys.argv
if len(a)!=3:us()
if a[1]=='-G':
	s,p=kg()
	with open(a[2],'w')as f:f.write('%0512x\n'%s)
	print('pk: %0512x'%p)
elif a[1]=='-E':
	m=sys.stdin.buffer.read()
	if len(m)>1<<21:pe('Error: input too big')
	e,E=kg();k=bytes.fromhex('%0512x'%pow(int(a[2],16),e,P));n=os.urandom(32);c=cr(k,m);print('%0512x%s'%(E,(n+c+h(h(b'm',k),c)).hex()))
elif a[1]=='-D':
	with open(a[2],'r')as f:s=int(f.read(),16)
	i=input();E,e=int(i[:512],16),bytes.fromhex(i[512:]);n,c,t=e[:32],e[32:-32],e[-32:];k=bytes.fromhex('%0512x'%pow(E,s,P))
	if not secrets.compare_digest(t,h(h(b'm',k),c)):pe('Error: auth fail')
	sys.stdout.buffer.write(cr(k,c))
else:us()