This commit was manufactured by cvs2svn to create tag 'OpenSSL_0_9_5'.

Call dh_tmp_cb with correct 'is_export' flag.

Avoid tabs in CHANGES.

.cvsignore

@@ -7,7 +7,5 @@ outinc
 rehash.time
 testlog
 make.log
-maketest.log
 cctest
 cctest.c
-cctest.a

CHANGES

@@ -2,139 +2,6 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.5 and 0.9.5a  [1 Apr 2000]
-
-  *) Make sure _lrotl and _lrotr are only used with MSVC.
-
-  *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status
-     (the default implementation of RAND_status).
-
-  *) Rename openssl x509 option '-crlext', which was added in 0.9.5,
-     to '-clrext' (= clear extensions), as intended and documented.
-     [Bodo Moeller; inconsistency pointed out by Michael Attili
-     <attili@amaxo.com>]
-
-  *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
-     was larger than the MD block size.      
-     [Steve Henson, pointed out by Yost William <YostW@tce.com>]
-
-  *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
-     fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
-     using the passed key: if the passed key was a private key the result
-     of X509_print(), for example, would be to print out all the private key
-     components.
-     [Steve Henson]
-
-  *) des_quad_cksum() byte order bug fix.
-     [Ulf M<>ller, using the problem description in krb4-0.9.7, where
-      the solution is attributed to Derrick J Brashear <shadow@DEMENTIA.ORG>]
-
-  *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
-     discouraged.
-     [Steve Henson, pointed out by Brian Korver <briank@cs.stanford.edu>]
-
-  *) For easily testing in shell scripts whether some command
-     'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
-     returns with exit code 0 iff no command of the given name is available.
-     'no-XXX' is printed in this case, 'XXX' otherwise.  In both cases,
-     the output goes to stdout and nothing is printed to stderr.
-     Additional arguments are always ignored.
-
-     Since for each cipher there is a command of the same name,
-     the 'no-cipher' compilation switches can be tested this way.
-
-     ('openssl no-XXX' is not able to detect pseudo-commands such
-     as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
-     [Bodo Moeller]
-
-  *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
-     [Bodo Moeller]
-
-  *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
-     is set; it will be thrown away anyway because each handshake creates
-     its own key.
-     ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
-     to parameters -- in previous versions (since OpenSSL 0.9.3) the
-     'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
-     you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
-     [Bodo Moeller]
-
-  *) New s_client option -ign_eof: EOF at stdin is ignored, and
-     'Q' and 'R' lose their special meanings (quit/renegotiate).
-     This is part of what -quiet does; unlike -quiet, -ign_eof
-     does not suppress any output.
-     [Richard Levitte]
-
-  *) Add compatibility options to the purpose and trust code. The
-     purpose X509_PURPOSE_ANY is "any purpose" which automatically
-     accepts a certificate or CA, this was the previous behaviour,
-     with all the associated security issues.
-
-     X509_TRUST_COMPAT is the old trust behaviour: only and
-     automatically trust self signed roots in certificate store. A
-     new trust setting X509_TRUST_DEFAULT is used to specify that
-     a purpose has no associated trust setting and it should instead
-     use the value in the default purpose.
-     [Steve Henson]
-
-  *) Fix the PKCS#8 DSA private key code so it decodes keys again
-     and fix a memory leak.
-     [Steve Henson]
-
-  *) In util/mkerr.pl (which implements 'make errors'), preserve
-     reason strings from the previous version of the .c file, as
-     the default to have only downcase letters (and digits) in
-     automatically generated reasons codes is not always appropriate.
-     [Bodo Moeller]
-
-  *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
-     using strerror.  Previously, ERR_reason_error_string() returned
-     library names as reason strings for SYSerr; but SYSerr is a special
-     case where small numbers are errno values, not library numbers.
-     [Bodo Moeller]
-
-  *) Add '-dsaparam' option to 'openssl dhparam' application.  This
-     converts DSA parameters into DH parameters. (When creating parameters,
-     DSA_generate_parameters is used.)
-     [Bodo Moeller]
-
-  *) Include 'length' (recommended exponent length) in C code generated
-     by 'openssl dhparam -C'.
-     [Bodo Moeller]
-
-  *) The second argument to set_label in perlasm was already being used
-     so couldn't be used as a "file scope" flag. Moved to third argument
-     which was free.
-     [Steve Henson]
-
-  *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
-     instead of RAND_bytes for encryption IVs and salts.
-     [Bodo Moeller]
-
-  *) Include RAND_status() into RAND_METHOD instead of implementing
-     it only for md_rand.c  Otherwise replacing the PRNG by calling
-     RAND_set_rand_method would be impossible.
-     [Bodo Moeller]
-
-  *) Don't let DSA_generate_key() enter an infinite loop if the random
-     number generation fails.
-     [Bodo Moeller]
-
-  *) New 'rand' application for creating pseudo-random output.
-     [Bodo Moeller]
-
-  *) Added configuration support for Linux/IA64
-     [Rolf Haberrecker <rolf@suse.de>]
-
-  *) Assembler module support for Mingw32.
-     [Ulf M<>ller]
-
-  *) Shared library support for HPUX (in shlib/).
-     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Anonymous]
-
-  *) Shared library support for Solaris gcc.
-     [Lutz Behnke <behnke@trustcenter.de>]
-
  Changes between 0.9.4 and 0.9.5  [28 Feb 2000]
 
   *) PKCS7_encrypt() was adding text MIME headers twice because they

Configure

@@ -10,7 +10,7 @@ use strict;
 
 # see INSTALL for instructions.
 
-my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [rsaref] [no-threads] [no-asm] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n";
+my $usage="Usage: Configure [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [rsaref] [no-threads] [no-asm] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] os/compiler[:flags]\n";
 
 # Options:
 #
@@ -89,10 +89,10 @@ my $x86_bsdi_asm="asm/bn86bsdi.o asm/co86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:as
 #config-string	$cc : $cflags : $unistd : $thread_cflag : $lflags : $bn_ops : $bn_obj : $des_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj
 
 my %table=(
-#"b",		"${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
-#"bl-4c-2c",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
-#"bl-4c-ri",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
-#"b2-is-ri-dp",	"${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
+#"b",		"$tcc:$tflags::$tlib:$bits1:$tbn_mul::",
+#"bl-4c-2c",	"$tcc:$tflags::$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
+#"bl-4c-ri",	"$tcc:$tflags::$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
+#"b2-is-ri-dp",	"$tcc:$tflags::$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
 
 # Our development configs
 "purify",	"purify gcc:-g -DPURIFY -Wall::(unknown):-lsocket -lnsl::::",
@@ -100,11 +100,11 @@ my %table=(
 "debug-ben",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
 "debug-ben-debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown):::::",
 "debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown):::::",
-"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-levitte-linux-elf","gcc:-DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
+"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-bodo",	"gcc:-DBIO_PAIR_DEBUG -DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -m486 -pedantic -Wshadow -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -O2 -m486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::$x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-levitte-linux-elf","gcc:-DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe::-D_REENTRANT:::",
 "dist",		"cc:-O::(unknown):::::",
 
 # Basic configs that should work on any (32 and less bit) box
@@ -117,7 +117,7 @@ my %table=(
 # surrounds it with #APP #NO_APP comment pair which (at least Solaris
 # 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
 # error message.
-"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_sol_asm}",
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DNO_INLINE_ASM::-D_REENTRANT:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm",
 
 #### SPARC Solaris with GNU C setups
 "solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:-lsocket -lnsl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
@@ -158,7 +158,7 @@ my %table=(
 
 # Sunos configs, assuming sparc for the gcc one.
 ##"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown)::DES_UNROLL:::",
-"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",
+"sunos-gcc","gcc:-O3 -mv8::(unknown)::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:::",
 
 #### IRIX 5.x configs
 # -mips2 flag is added by ./config when appropriate.
@@ -203,8 +203,6 @@ my %table=(
 #					<appro@fy.chalmers.se>
 #
 "hpux-parisc-cc","cc:-Ae +O3 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
-# Since there is mention of this in shlib/hpux10-cc.sh
-"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
 "hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
 "hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:::",
 
@@ -268,26 +266,25 @@ my %table=(
 
 # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
 # bn86-elf.o file file since it is hand tweaked assembler.
-"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
 "linux-mips",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::BN_LLONG:::",
 "linux-ppc",    "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::BN_LLONG::",
-"linux-ia64",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown)::SIXTY_FOUR_BIT_LONG::",
 "NetBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
 "NetBSD-m68",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
-"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
-"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
-"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_bsdi_asm}",
-"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
-"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+"NetBSD-x86",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"FreeBSD-elf",  "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"FreeBSD",      "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"bsdi-gcc",     "gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5 -m486::(unknown)::RSA_LLONG $x86_gcc_des $x86_gcc_opts:$x86_bsdi_asm",
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"nextstep",	"cc:-O -Wall:<libc.h>:(unknown)::BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::",
+"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown)::BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::",
 # NCR MP-RAS UNIX ver 02.03.01
-"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown):-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
 
 # UnixWare 2.0
-"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-2.0","cc:-O -DFILIO_H::(unknown):-lsocket -lnsl:$x86_gcc_des ${x86_gcc_opts}:::",
 "unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread::(unknown):-lsocket -lnsl:MD2_CHAR RC4_INDEX ${x86_gcc_des}::",
 
 # UnixWare 7
@@ -323,12 +320,12 @@ my %table=(
 # DGUX, 88100.
 "dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown)::RC4_INDEX DES_UNROLL:::",
 "dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
-"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown):-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
 
 # SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the
 # SCO cc.
-"sco5-cc",  "cc:::(unknown):-lsocket:${x86_gcc_des} ${x86_gcc_opts}:::", # des options?
-"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
+"sco5-cc",  "cc:::(unknown):-lsocket:$x86_gcc_des ${x86_gcc_opts}:::", # des options?
+"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown):-lsocket:BN_LLONG $x86_gcc_des ${x86_gcc_opts}:::", # the SCO assembler doesn't seem to like our assembler files ...
 
 # Sinix/ReliantUNIX RM400
 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
@@ -355,8 +352,8 @@ my %table=(
 # CygWin32
 # (Note: the real CFLAGS for Windows builds are defined by util/mk1mf.pl
 # and its library files in util/pl/*)
-"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
-"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:",
+"CygWin32", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown)::::::",
@@ -366,7 +363,7 @@ my %table=(
 
 # Some OpenBSD from Bob Beck <beck@obtuse.com>
 "OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:::",
-"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
+"OpenBSD-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown)::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
 "OpenBSD",      "gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown)::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL:::",
 "OpenBSD-mips","gcc:-O2 -DL_ENDIAN::(unknown):BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR::::",
 
@@ -424,7 +421,6 @@ my $target="";
 my $options="";
 foreach (@ARGV)
 	{
-	s /^-no-/no-/; # some people just can't read the instructions
 	if (/^no-asm$/)
 	 	{
 		$no_asm=1;
@@ -869,6 +865,9 @@ EOF
 print <<EOF;
 
 Configured for $target.
+
+NOTE: OpenSSL header files were moved from <*.h> to <openssl/*.h>;
+see file INSTALL for hints on coping with compatibility problems.
 EOF
 
 print <<\EOF if (!$no_threads && !$threads);
@@ -939,11 +938,12 @@ sub dofile
 		{
 		grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
 		}
-	open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
+	($ff=$f) =~ s/\..*$//;
+	open(OUT,">$ff.new") || die "unable to open $f:$!\n";
 	print OUT @a;
 	close(OUT);
-	rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
-	rename("$f.new",$f) || die "unable to rename $f.new\n";
+	rename($f,"$ff.bak") || die "unable to rename $f\n" if -e $f;
+	rename("$ff.new",$f) || die "unable to rename $ff.new\n";
 	}
 
 sub print_table_entry

FAQ

@@ -9,22 +9,12 @@ OpenSSL  -  Frequently Asked Questions
 * Why do I get a "PRNG not seeded" error message?
 * Why does the linker complain about undefined symbols?
 * Where can I get a compiled version of OpenSSL?
-* I've compiled a program under Windows and it crashes: why?
-* I've called <some function> and it fails, why?
-* I just get a load of numbers for the error output, what do they mean?
-* Why do I get errors about unknown algorithms?
-* How do I create certificates or certificate requests?
-* Why can't I create certificate requests?
-* Why does <SSL program> fail with a certificate verify error?
-* How can I create DSA certificates?
-* Why can't I make an SSL connection using a DSA certificate?
-* Why can't the OpenSSH configure script detect OpenSSL?
 
 
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.5a was released on April 1st, 2000.
+OpenSSL 0.9.5 was released on February 28th, 2000.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -89,11 +79,9 @@ the popular web browsers without RSA support.
 
 * Is OpenSSL thread-safe?
 
-Yes (with limitations: an SSL connection may not concurrently be used
-by multiple threads).  On Windows and many Unix systems, OpenSSL
-automatically uses the multi-threaded versions of the standard
-libraries.  If your platform is not one of these, consult the INSTALL
-file.
+Yes.  On Windows and many Unix systems, OpenSSL automatically uses the
+multi-threaded versions of the standard libraries.  If your platform
+is not one of these, consult the INSTALL file.
 
 Multi-threaded applications must provide two callback functions to
 OpenSSL.  This is described in the threads(3) manpage.
@@ -112,21 +100,8 @@ OpenSSL functions that need randomness report an error if the random
 number generator has not been seeded with at least 128 bits of
 randomness.  If this error occurs, please contact the author of the
 application you are using.  It is likely that it never worked
-correctly.  OpenSSL 0.9.5 and later make the error visible by refusing
-to perform potentially insecure encryption.
-
-On systems without /dev/urandom, it is a good idea to use the Entropy
-Gathering Demon; see the RAND_egd() manpage for details.
-
-Most components of the openssl command line tool try to use the
-file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
-for seeding the PRNG.  If this file does not exist or is too short,
-the "PRNG not seeded" error message may occur.
-
-[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in version
-0.9.5 does not do this and will fail on systems without /dev/urandom
-when trying to password-encrypt an RSA key!  This is a bug in the
-library; try a later version instead.]
+correctly.  OpenSSL 0.9.5 makes the error visible by refusing to
+perform potentially insecure encryption.
 
 
 * Why does the linker complain about undefined symbols?
@@ -138,18 +113,7 @@ If you used ./Configure instead of ./config, make sure that you
 selected the right target.  File formats may differ slightly between
 OS versions (for example sparcv8/sparcv9, or a.out/elf).
 
-In case you get errors about the following symbols, use the config
-option "no-asm", as described in INSTALL:
-
- BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt,
- CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt,
- RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words,
- bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4,
- bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3,
- des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3,
- des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order
-
-If none of these helps, you may want to try using the current snapshot.
+If that doesn't help, you may want to try using the current snapshot.
 If the problem persists, please submit a bug report.
 
 
@@ -164,124 +128,3 @@ a C compiler, read the "Mingw32" section of INSTALL.W32 for information
 on how to obtain and install the free GNU C compiler.
 
 A number of Linux and *BSD distributions include OpenSSL.
-
-
-* I've compiled a program under Windows and it crashes: why?
-
-This is usually because you've missed the comment in INSTALL.W32. You
-must link with the multithreaded DLL version of the VC++ runtime library
-otherwise the conflict will cause a program to crash: typically on the
-first BIO related read or write operation.
-
-
-* I've called <some function> and it fails, why?
-
-Before submitting a report or asking in one of the mailing lists you
-should try to determine the cause. In particular you should call
-ERR_print_errors() or ERR_print_errors_fp() after the failed call
-and see if the message helps. 
-
-
-* I just get a load of numbers for the error output, what do they mean?
-
-The actual format is described in the ERR_print_errors() manual page.
-You should call the function ERR_load_crypto_strings() before hand and
-the message will be output in text form. If you can't do this (for example
-it is a pre-compiled binary) you can use the errstr utility on the error
-code itself (the hex digits after the second colon).
-
-
-* Why do I get errors about unknown algorithms?
-
-This can happen under several circumstances such as reading in an
-encrypted private key or attempting to decrypt a PKCS#12 file. The cause
-is forgetting to load OpenSSL's table of algorithms with
-OpenSSL_add_all_algorithms(). See the manual page for more information.
-
-
-* How do I create certificates or certificate requests?
-
-Check out the CA.pl(1) manual page. This provides a simple wrapper round
-the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
-out the manual pages for the individual utilities and the certificate
-extensions documentation (currently in doc/openssl.txt).
-
-
-* Why can't I create certificate requests?
-
-You typically get the error:
-
-	unable to find 'distinguished_name' in config
-	problems making Certificate Request
-
-This is because it can't find the configuration file. Check out the
-DIAGNOSTICS section of req(1) for more information.
-
-
-* Why does <SSL program> fail with a certificate verify error?
-
-This problem is usually indicated by log messages saying something like
-"unable to get local issuer certificate" or "self signed certificate".
-When a certificate is verified its root CA must be "trusted" by OpenSSL
-this typically means that the CA certificate must be placed in a directory
-or file and the relevant program configured to read it. The OpenSSL program
-'verify' behaves in a similar way and issues similar error messages: check
-the verify(1) program manual page for more information.
-
-
-* How can I create DSA certificates?
-
-Check the CA.pl(1) manual page for a DSA certificate example.
-
-
-* Why can't I make an SSL connection to a server using a DSA certificate?
-
-Typically you'll see a message saying there are no shared ciphers when
-the same setup works fine with an RSA certificate. There are two possible
-causes. The client may not support connections to DSA servers most web
-browsers only support connections to servers supporting RSA cipher suites.
-The other cause is that a set of DH parameters has not been supplied to
-the server. DH parameters can be created with the dhparam(1) command and
-loaded using the SSL_CTX_set_tmp_dh() for example: check the source to
-s_server in apps/s_server.c for an example.
-
-
-* Why can't the OpenSSH configure script detect OpenSSL?
-
-There is a problem with OpenSSH 1.2.2p1, in that the configure script
-can't find the installed OpenSSL libraries.  The problem is actually
-a small glitch that is easily solved with the following patch to be
-applied to the OpenSSH distribution:
-
------ snip:start -----
---- openssh-1.2.2p1/configure.in.orig	Thu Mar 23 18:56:58 2000
-+++ openssh-1.2.2p1/configure.in	Thu Mar 23 18:55:05 2000
-@@ -152,10 +152,10 @@
- AC_MSG_CHECKING([for OpenSSL/SSLeay directory])
- for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
- 	if test ! -z "$ssldir" ; then
--		LIBS="$saved_LIBS -L$ssldir"
-+		LIBS="$saved_LIBS -L$ssldir/lib"
- 		CFLAGS="$CFLAGS -I$ssldir/include"
- 		if test "x$need_dash_r" = "x1" ; then
--			LIBS="$LIBS -R$ssldir"
-+			LIBS="$LIBS -R$ssldir/lib"
- 		fi
- 	fi
- 	LIBS="$LIBS -lcrypto"
---- openssh-1.2.2p1/configure.orig	Thu Mar 23 18:55:02 2000
-+++ openssh-1.2.2p1/configure	Thu Mar 23 18:57:08 2000
-@@ -1890,10 +1890,10 @@
- echo "configure:1891: checking for OpenSSL/SSLeay directory" >&5
- for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
- 	if test ! -z "$ssldir" ; then
--		LIBS="$saved_LIBS -L$ssldir"
-+		LIBS="$saved_LIBS -L$ssldir/lib"
- 		CFLAGS="$CFLAGS -I$ssldir/include"
- 		if test "x$need_dash_r" = "x1" ; then
--			LIBS="$LIBS -R$ssldir"
-+			LIBS="$LIBS -R$ssldir/lib"
- 		fi
- 	fi
- 	LIBS="$LIBS -lcrypto"
------ snip:end -----

INSTALL

@@ -2,8 +2,8 @@
  INSTALLATION ON THE UNIX PLATFORM
  ---------------------------------
 
- [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described
-  in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.]
+ [See INSTALL.W32 for instructions for compiling OpenSSL on Windows systems,
+  and INSTALL.VMS for installing on OpenVMS systems.]
 
  To install OpenSSL, you will need:
 
@@ -33,8 +33,7 @@
  Configuration Options
  ---------------------
 
- There are several options to ./config (or ./Configure) to customize
- the build:
+ There are several options to ./config to customize the build:
 
   --prefix=DIR  Install in DIR/bin, DIR/lib, DIR/include/openssl.
 	        Configuration files used by OpenSSL will be in DIR/ssl

INSTALL.W32

@@ -116,12 +116,10 @@
 
  * Compile OpenSSL:
 
-   > ms\mingw32
+   > perl Configure Mingw32
+   > ms\mw.bat
 
-   This will create the library and binaries in out. In case any problems
-   occur, try
-   > ms\mingw32 no-asm
-   instead.
+   This will create the library and binaries in out.
 
    libcrypto.a and libssl.a are the static libraries. To use the DLLs,
    link with libeay32.a and libssl32.a instead.

MacOS/GetHTTPS.src/GetHTTPS.cpp

@@ -19,7 +19,6 @@
  *				are installed!  Use the AppleScript applet in the "openssl-0.9.4" folder to do this!
  */
 /* modified to seed the PRNG */
-/* modified to use CRandomizer for seeding */
 
 
 //	Include some funky libs I've developed over time
@@ -27,13 +26,14 @@
 #include "CPStringUtils.hpp"
 #include "ErrorHandling.hpp"
 #include "MacSocket.h"
-#include "Randomizer.h"
+
 
 //	We use the OpenSSL implementation of SSL....
 //	This was a lot of work to finally get going, though you wouldn't know it by the results!
 
 #include <openssl/ssl.h>
 #include <openssl/err.h>
+#include <openssl/rand.h>
 
 #include <timer.h>
 
@@ -48,6 +48,10 @@
 
 OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr);
 
+
+
+
+
 //	My idle-wait callback.  Doesn't do much, does it?  Silly cooperative multitasking.
 
 OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr)
@@ -55,33 +59,31 @@ OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr)
 #pragma unused(inUserRefPtr)
 
 EventRecord		theEvent;
+
 	::EventAvail(everyEvent,&theEvent);
-	
-	CRandomizer *randomizer = (CRandomizer*)inUserRefPtr;
-	if (randomizer)
-		randomizer->PeriodicAction();
 
 	return(noErr);
 }
 
 
+
 //	Finally!
 
 void main(void)
 {
-	OSErr				errCode;
-	int					theSocket = -1;
-	int					theTimeout = 30;
+OSErr				errCode;
+int					theSocket = -1;
+int					theTimeout = 30;
 
-	SSL_CTX				*ssl_ctx = nil;
-	SSL					*ssl = nil;
+SSL_CTX				*ssl_ctx = nil;
+SSL					*ssl = nil;
 
-	char				tempString[256];
-	UnsignedWide		microTickCount;
-
-
-	CRandomizer randomizer;
+char				tempString[256];
+UnsignedWide		microTickCount;
 	
+#warning   -- USE A TRUE RANDOM SEED, AND ADD ENTROPY WHENEVER POSSIBLE. --
+const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*";	// Just gobbledygook
+
 	printf("OpenSSL Demo by Roy Wood, roy@centricsystems.ca\n\n");
 	
 	BailIfError(errCode = MacSocket_Startup());
@@ -90,7 +92,7 @@ void main(void)
 
 	//	Create a socket-like object
 	
-	BailIfError(errCode = MacSocket_socket(&theSocket,false,theTimeout * 60,MyMacSocket_IdleWaitCallback,&randomizer));
+	BailIfError(errCode = MacSocket_socket(&theSocket,false,theTimeout * 60,MyMacSocket_IdleWaitCallback,nil));
 
 	
 	//	Set up the connect string and try to connect
@@ -116,6 +118,10 @@ void main(void)
 //	ssl_ctx = SSL_CTX_new(SSLv3_client_method());
 			
 
+	RAND_seed (seed, sizeof (seed));
+	Microseconds (&microTickCount);
+	RAND_add (&microTickCount, sizeof (microTickCount), 0);		// Entropy is actually > 0, needs an estimate
+
 	//	Create an SSL thingey and try to negotiate the connection
 	
 	ssl = SSL_new(ssl_ctx);

MacOS/Randomizer.cpp

@@ -1,476 +0,0 @@
-/* 
-------- Strong random data generation on a Macintosh (pre - OS X) ------
-		
---	GENERAL: We aim to generate unpredictable bits without explicit
-	user interaction. A general review of the problem may be found
-	in RFC 1750, "Randomness Recommendations for Security", and some
-	more discussion, of general and Mac-specific issues has appeared
-	in "Using and Creating Cryptographic- Quality Random Numbers" by
-	Jon Callas (www.merrymeet.com/jon/usingrandom.html).
-
-	The data and entropy estimates provided below are based on my
-	limited experimentation and estimates, rather than by any
-	rigorous study, and the entropy estimates tend to be optimistic.
-	They should not be considered absolute.
-
-	Some of the information being collected may be correlated in
-	subtle ways. That includes mouse positions, timings, and disk
-	size measurements. Some obvious correlations will be eliminated
-	by the programmer, but other, weaker ones may remain. The
-	reliability of the code depends on such correlations being
-	poorly understood, both by us and by potential interceptors.
-
-	This package has been planned to be used with OpenSSL, v. 0.9.5.
-	It requires the OpenSSL function RAND_add. 
-
---	OTHER WORK: Some source code and other details have been
-	published elsewhere, but I haven't found any to be satisfactory
-	for the Mac per se:
-
-	* The Linux random number generator (by Theodore Ts'o, in
-	  drivers/char/random.c), is a carefully designed open-source
-	  crypto random number package. It collects data from a variety
-	  of sources, including mouse, keyboard and other interrupts.
-	  One nice feature is that it explicitly estimates the entropy
-	  of the data it collects. Some of its features (e.g. interrupt
-	  timing) cannot be reliably exported to the Mac without using
-	  undocumented APIs.
-
-	* Truerand by Don P. Mitchell and Matt Blaze uses variations
-	  between different timing mechanisms on the same system. This
-	  has not been tested on the Mac, but requires preemptive
-	  multitasking, and is hardware-dependent, and can't be relied
-	  on to work well if only one oscillator is present.
-
-	* Cryptlib's RNG for the Mac (RNDMAC.C by Peter Gutmann),
-	  gathers a lot of information about the machine and system
-	  environment. Unfortunately, much of it is constant from one
-	  startup to the next. In other words, the random seed could be
-	  the same from one day to the next. Some of the APIs are
-	  hardware-dependent, and not all are compatible with Carbon (OS
-	  X). Incidentally, the EGD library is based on the UNIX entropy
-	  gathering methods in cryptlib, and isn't suitable for MacOS
-	  either.
-
-	* Mozilla (and perhaps earlier versions of Netscape) uses the
-	  time of day (in seconds) and an uninitialized local variable
-	  to seed the random number generator. The time of day is known
-	  to an outside interceptor (to within the accuracy of the
-	  system clock). The uninitialized variable could easily be
-	  identical between subsequent launches of an application, if it
-	  is reached through the same path.
-
-	* OpenSSL provides the function RAND_screen(), by G. van
-	  Oosten, which hashes the contents of the screen to generate a
-	  seed. This is not useful for an extension or for an
-	  application which launches at startup time, since the screen
-	  is likely to look identical from one launch to the next. This
-	  method is also rather slow.
-
-	* Using variations in disk drive seek times has been proposed
-	  (Davis, Ihaka and Fenstermacher, world.std.com/~dtd/;
-	  Jakobsson, Shriver, Hillyer and Juels,
-	  www.bell-labs.com/user/shriver/random.html). These variations
-	  appear to be due to air turbulence inside the disk drive
-	  mechanism, and are very strongly unpredictable. Unfortunately
-	  this technique is slow, and some implementations of it may be
-	  patented (see Shriver's page above.) It of course cannot be
-	  used with a RAM disk.
-
---	TIMING: On the 601 PowerPC the time base register is guaranteed
-	to change at least once every 10 addi instructions, i.e. 10
-	cycles. On a 60 MHz machine (slowest PowerPC) this translates to
-	a resolution of 1/6 usec. Newer machines seem to be using a 10
-	cycle resolution as well.
-	
-	For 68K Macs, the Microseconds() call may be used. See Develop
-	issue 29 on the Apple developer site
-	(developer.apple.com/dev/techsupport/develop/issue29/minow.html)
-	for information on its accuracy and resolution. The code below
-	has been tested only on PowerPC based machines.
-
-	The time from machine startup to the launch of an application in
-	the startup folder has a variance of about 1.6 msec on a new G4
-	machine with a defragmented and optimized disk, most extensions
-	off and no icons on the desktop. This can be reasonably taken as
-	a lower bound on the variance. Most of this variation is likely
-	due to disk seek time variability. The distribution of startup
-	times is probably not entirely even or uncorrelated. This needs
-	to be investigated, but I am guessing that it not a majpor
-	problem. Entropy = log2 (1600/0.166) ~= 13 bits on a 60 MHz
-	machine, ~16 bits for a 450 MHz machine.
-
-	User-launched application startup times will have a variance of
-	a second or more relative to machine startup time. Entropy >~22
-	bits.
-
-	Machine startup time is available with a 1-second resolution. It
-	is predictable to no better a minute or two, in the case of
-	people who show up punctually to work at the same time and
-	immediately start their computer. Using the scheduled startup
-	feature (when available) will cause the machine to start up at
-	the same time every day, making the value predictable. Entropy
-	>~7 bits, or 0 bits with scheduled startup.
-
-	The time of day is of course known to an outsider and thus has 0
-	entropy if the system clock is regularly calibrated.
-
---	KEY TIMING: A  very fast typist (120 wpm) will have a typical
-	inter-key timing interval of 100 msec. We can assume a variance
-	of no less than 2 msec -- maybe. Do good typists have a constant
-	rhythm, like drummers? Since what we measure is not the
-	key-generated interrupt but the time at which the key event was
-	taken off the event queue, our resolution is roughly the time
-	between process switches, at best 1 tick (17 msec). I  therefore
-	consider this technique questionable and not very useful for
-	obtaining high entropy data on the Mac.
-
---	MOUSE POSITION AND TIMING: The high bits of the mouse position
-	are far from arbitrary, since the mouse tends to stay in a few
-	limited areas of the screen. I am guessing that the position of
-	the mouse is arbitrary within a 6 pixel square. Since the mouse
-	stays still for long periods of time, it should be sampled only
-	after it was moved, to avoid correlated data. This gives an
-	entropy of log2(6*6) ~= 5 bits per measurement.
-
-	The time during which the mouse stays still can vary from zero
-	to, say, 5 seconds (occasionally longer). If the still time is
-	measured by sampling the mouse during null events, and null
-	events are received once per tick, its resolution is 1/60th of a
-	second, giving an entropy of log2 (60*5) ~= 8 bits per
-	measurement. Since the distribution of still times is uneven,
-	this estimate is on the high side.
-
-	For simplicity and compatibility across system versions, the
-	mouse is to be sampled explicitly (e.g. in the event loop),
-	rather than in a time manager task.
-
---	STARTUP DISK TOTAL FILE SIZE: Varies typically by at least 20k
-	from one startup to the next, with 'minimal' computer use. Won't
-	vary at all if machine is started again immediately after
-	startup (unless virtual memory is on), but any application which
-	uses the web and caches information to disk is likely to cause
-	this much variation or more. The variation is probably not
-	random, but I don't know in what way. File sizes tend to be
-	divisible by 4 bytes since file format fields are often
-	long-aligned. Entropy > log2 (20000/4) ~= 12 bits.
-	
---	STARTUP DISK FIRST AVAILABLE ALLOCATION BLOCK: As the volume
-	gets fragmented this could be anywhere in principle. In a
-	perfectly unfragmented volume this will be strongly correlated
-	with the total file size on the disk. With more fragmentation
-	comes less certainty. I took the variation in this value to be
-	1/8 of the total file size on the volume.
-
---	SYSTEM REQUIREMENTS: The code here requires System 7.0 and above
-	(for Gestalt and Microseconds calls). All the calls used are
-	Carbon-compatible.
-*/
-
-/*------------------------------ Includes ----------------------------*/
-
-#include "Randomizer.h"
-
-// Mac OS API
-#include <Files.h>
-#include <Folders.h>
-#include <Events.h>
-#include <Processes.h>
-#include <Gestalt.h>
-#include <Resources.h>
-#include <LowMem.h>
-
-// Standard C library
-#include <stdlib.h>
-#include <math.h>
-
-/*---------------------- Function declarations -----------------------*/
-
-// declared in OpenSSL/crypto/rand/rand.h
-extern "C" void RAND_add (const void *buf, int num, double entropy);
-
-unsigned long GetPPCTimer (bool is601);	// Make it global if needed
-					// elsewhere
-
-/*---------------------------- Constants -----------------------------*/
-
-#define kMouseResolution 6		// Mouse position has to differ
-					// from the last one by this
-					// much to be entered
-#define kMousePositionEntropy 5.16	// log2 (kMouseResolution**2)
-#define kTypicalMouseIdleTicks 300.0	// I am guessing that a typical
-					// amount of time between mouse
-					// moves is 5 seconds
-#define kVolumeBytesEntropy 12.0	// about log2 (20000/4),
-					// assuming a variation of 20K
-					// in total file size and
-					// long-aligned file formats.
-#define kApplicationUpTimeEntropy 6.0	// Variance > 1 second, uptime
-					// in ticks  
-#define kSysStartupEntropy 7.0		// Entropy for machine startup
-					// time
-
-
-/*------------------------ Function definitions ----------------------*/
-
-CRandomizer::CRandomizer (void)
-{
-	long	result;
-	
-	mSupportsLargeVolumes =
-		(Gestalt(gestaltFSAttr, &result) == noErr) &&
-		((result & (1L << gestaltFSSupports2TBVols)) != 0);
-	
-	if (Gestalt (gestaltNativeCPUtype, &result) != noErr)
-	{
-		mIsPowerPC = false;
-		mIs601 = false;
-	}
-	else
-	{
-		mIs601 = (result == gestaltCPU601);
-		mIsPowerPC = (result >= gestaltCPU601);
-	}
-	mLastMouse.h = mLastMouse.v = -10;	// First mouse will
-						// always be recorded
-	mLastPeriodicTicks = TickCount();
-	GetTimeBaseResolution ();
-	
-	// Add initial entropy
-	AddTimeSinceMachineStartup ();
-	AddAbsoluteSystemStartupTime ();
-	AddStartupVolumeInfo ();
-	AddFiller ();
-}
-
-void CRandomizer::PeriodicAction (void)
-{
-	AddCurrentMouse ();
-	AddNow (0.0);	// Should have a better entropy estimate here
-	mLastPeriodicTicks = TickCount();
-}
-
-/*------------------------- Private Methods --------------------------*/
-
-void CRandomizer::AddCurrentMouse (void)
-{
-	Point mouseLoc;
-	unsigned long lastCheck;	// Ticks since mouse was last
-					// sampled
-
-#if TARGET_API_MAC_CARBON
-	GetGlobalMouse (&mouseLoc);
-#else
-	mouseLoc = LMGetMouseLocation();
-#endif
-	
-	if (labs (mLastMouse.h - mouseLoc.h) > kMouseResolution/2 &&
-	    labs (mLastMouse.v - mouseLoc.v) > kMouseResolution/2)
-		AddBytes (&mouseLoc, sizeof (mouseLoc),
-				kMousePositionEntropy);
-	
-	if (mLastMouse.h == mouseLoc.h && mLastMouse.v == mouseLoc.v)
-		mMouseStill ++;
-	else
-	{
-		double entropy;
-		
-		// Mouse has moved. Add the number of measurements for
-		// which it's been still. If the resolution is too
-		// coarse, assume the entropy is 0.
-
-		lastCheck = TickCount() - mLastPeriodicTicks;
-		if (lastCheck <= 0)
-			lastCheck = 1;
-		entropy = log2l
-			(kTypicalMouseIdleTicks/(double)lastCheck);
-		if (entropy < 0.0)
-			entropy = 0.0;
-		AddBytes (&mMouseStill, sizeof (mMouseStill), entropy);
-		mMouseStill = 0;
-	}
-	mLastMouse = mouseLoc;
-}
-
-void CRandomizer::AddAbsoluteSystemStartupTime (void)
-{
-	unsigned long	now;		// Time in seconds since
-					// 1/1/1904
-	GetDateTime (&now);
-	now -= TickCount() / 60;	// Time in ticks since machine
-					// startup
-	AddBytes (&now, sizeof (now), kSysStartupEntropy);
-}
-
-void CRandomizer::AddTimeSinceMachineStartup (void)
-{
-	AddNow (1.5);			// Uncertainty in app startup
-					// time is > 1.5 msec (for
-					// automated app startup).
-}
-
-void CRandomizer::AddAppRunningTime (void)
-{
-	ProcessSerialNumber PSN;
-	ProcessInfoRec		ProcessInfo;
-	
-	ProcessInfo.processInfoLength = sizeof (ProcessInfoRec);
-	ProcessInfo.processName = nil;
-	ProcessInfo.processAppSpec = nil;
-	
-	GetCurrentProcess (&PSN);
-	GetProcessInformation (&PSN, &ProcessInfo);
-
-	// Now add the amount of time in ticks that the current process
-	// has been active
-
-	AddBytes (&ProcessInfo, sizeof (ProcessInfoRec),
-			kApplicationUpTimeEntropy);
-}
-
-void CRandomizer::AddStartupVolumeInfo (void)
-{
-	short			vRefNum;
-	long			dirID;
-	XVolumeParam	pb;
-	OSErr			err;
-	
-	if (!mSupportsLargeVolumes)
-		return;
-		
-	FindFolder (kOnSystemDisk, kSystemFolderType, kDontCreateFolder,
-			&vRefNum, &dirID);
-	pb.ioVRefNum = vRefNum;
-	pb.ioCompletion = 0;
-	pb.ioNamePtr = 0;
-	pb.ioVolIndex = 0;
-	err = PBXGetVolInfoSync (&pb);
-	if (err != noErr)
-		return;
-		
-	// Base the entropy on the amount of space used on the disk and
-	// on the next available allocation block. A lot else might be
-	// unpredictable, so might as well toss the whole block in. See
-	// comments for entropy estimate justifications.
-
-	AddBytes (&pb, sizeof (pb),
-		kVolumeBytesEntropy +
-		log2l (((pb.ioVTotalBytes.hi - pb.ioVFreeBytes.hi)
-				* 4294967296.0D +
-			(pb.ioVTotalBytes.lo - pb.ioVFreeBytes.lo))
-				/ pb.ioVAlBlkSiz - 3.0));
-}
-
-/*
-	On a typical startup CRandomizer will come up with about 60
-	bits of good, unpredictable data. Assuming no more input will
-	be available, we'll need some more lower-quality data to give
-	OpenSSL the 128 bits of entropy it desires. AddFiller adds some
-	relatively predictable data into the soup.
-*/
-
-void CRandomizer::AddFiller (void)
-{
-	struct
-	{
-		ProcessSerialNumber psn;	// Front process serial
-						// number
-		RGBColor	hiliteRGBValue;	// User-selected
-						// highlight color
-		long		processCount;	// Number of active
-						// processes
-		long		cpuSpeed;	// Processor speed
-		long		totalMemory;	// Total logical memory
-						// (incl. virtual one)
-		long		systemVersion;	// OS version
-		short		resFile;	// Current resource file
-	} data;
-	
-	GetNextProcess ((ProcessSerialNumber*) kNoProcess);
-	while (GetNextProcess (&data.psn) == noErr)
-		data.processCount++;
-	GetFrontProcess (&data.psn);
-	LMGetHiliteRGB (&data.hiliteRGBValue);
-	Gestalt (gestaltProcClkSpeed, &data.cpuSpeed);
-	Gestalt (gestaltLogicalRAMSize, &data.totalMemory);
-	Gestalt (gestaltSystemVersion, &data.systemVersion);
-	data.resFile = CurResFile ();
-	
-	// Here we pretend to feed the PRNG completely random data. This
-	// is of course false, as much of the above data is predictable
-	// by an outsider. At this point we don't have any more
-	// randomness to add, but with OpenSSL we must have a 128 bit
-	// seed before we can start. We just add what we can, without a
-	// real entropy estimate, and hope for the best.
-
-	AddBytes (&data, sizeof(data), 8.0 * sizeof(data));
-	AddCurrentMouse ();
-	AddNow (1.0);
-}
-
-//-------------------  LOW LEVEL ---------------------
-
-void CRandomizer::AddBytes (void *data, long size, double entropy)
-{
-	RAND_add (data, size, entropy * 0.125);	// Convert entropy bits
-						// to bytes
-}
-
-void CRandomizer::AddNow (double millisecondUncertainty)
-{
-	long time = SysTimer();
-	AddBytes (&time, sizeof (time), log2l (millisecondUncertainty *
-			mTimebaseTicksPerMillisec));
-}
-
-//----------------- TIMING SUPPORT ------------------
-
-void CRandomizer::GetTimeBaseResolution (void)
-{	
-#ifdef __powerc
-	long speed;
-	
-	// gestaltProcClkSpeed available on System 7.5.2 and above
-	if (Gestalt (gestaltProcClkSpeed, &speed) != noErr)
-		// Only PowerPCs running pre-7.5.2 are 60-80 MHz
-		// machines.
-		mTimebaseTicksPerMillisec =  6000.0D;
-	// Assume 10 cycles per clock update, as in 601 spec. Seems true
-	// for later chips as well.
-	mTimebaseTicksPerMillisec = speed / 1.0e4D;
-#else
-	// 68K VIA-based machines (see Develop Magazine no. 29)
-	mTimebaseTicksPerMillisec = 783.360D;
-#endif
-}
-
-unsigned long CRandomizer::SysTimer (void)	// returns the lower 32
-						// bit of the chip timer
-{
-#ifdef __powerc
-	return GetPPCTimer (mIs601);
-#else
-	UnsignedWide usec;
-	Microseconds (&usec);
-	return usec.lo;
-#endif
-}
-
-#ifdef __powerc
-// The timebase is available through mfspr on 601, mftb on later chips.
-// Motorola recommends that an 601 implementation map mftb to mfspr
-// through an exception, but I haven't tested to see if MacOS actually
-// does this. We only sample the lower 32 bits of the timer (i.e. a
-// few minutes of resolution)
-
-asm unsigned long GetPPCTimer (register bool is601)
-{
-	cmplwi	is601, 0	// Check if 601
-	bne	_601		// if non-zero goto _601
-	mftb  	r3		// Available on 603 and later.
-	blr			// return with result in r3
-_601:
-	mfspr r3, spr5  	// Available on 601 only.
-				// blr inserted automatically
-}
-#endif

MacOS/Randomizer.h

@@ -1,43 +0,0 @@
-
-//	Gathers unpredictable system data to be used for generating
-//	random bits
-
-#include <MacTypes.h>
-
-class CRandomizer
-{
-public:
-	CRandomizer (void);
-	void PeriodicAction (void);
-	
-private:
-
-	// Private calls
-
-	void		AddTimeSinceMachineStartup (void);
-	void		AddAbsoluteSystemStartupTime (void);
-	void		AddAppRunningTime (void);
-	void		AddStartupVolumeInfo (void);
-	void		AddFiller (void);
-
-	void		AddCurrentMouse (void);
-	void		AddNow (double millisecondUncertainty);
-	void		AddBytes (void *data, long size, double entropy);
-	
-	void		GetTimeBaseResolution (void);
-	unsigned long	SysTimer (void);
-
-	// System Info	
-	bool		mSupportsLargeVolumes;
-	bool		mIsPowerPC;
-	bool		mIs601;
-	
-	// Time info
-	double		mTimebaseTicksPerMillisec;
-	unsigned long	mLastPeriodicTicks;
-	
-	// Mouse info
-	long		mSamplePeriod;
-	Point		mLastMouse;
-	long		mMouseStill;
-};

Makefile.org

@@ -28,6 +28,8 @@ OPENSSLDIR=/usr/local/ssl
 # DEVRANDOM - Give this the value of the 'random device' if your OS supports
 #           one.  32 bytes will be read from this when the random
 #           number generator is initalised.
+# SSL_ALLOW_ADH - define if you want the server to be able to use the
+#           SSLv3 anon-DH ciphers.
 # SSL_FORBID_ENULL - define if you want the server to be not able to use the
 #           NULL encryption ciphers.
 #
@@ -366,28 +368,21 @@ install_docs:
 		$(INSTALL_PREFIX)$(MANDIR)/man7
 	@echo installing man 1 and man 5
 	@for i in doc/apps/*.pod; do \
+		(cd `dirname $$i`; \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "config" ] && echo 5 || echo 1`; \
-		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
-			 --release=$(VERSION) `basename $$i`) \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
+			 --release=$(VERSION) `basename $$i` \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
 	done
 	@echo installing man 3 and man 7
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+		(cd `dirname $$i`; \
 		fn=`basename $$i .pod`; \
 		sec=`[ "$$fn" = "des_modes" ] && echo 7 || echo 3`; \
-		(cd `dirname $$i`; \
 		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`) \
-			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
+			--release=$(VERSION) `basename $$i` \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec); \
 	done
 
-shlib: all
-	if [ ! -d shlib_dir ] ; then mkdir shlib_dir ; else rm -f shlib_dir/* ; fi
-	cd shlib_dir ; ar -x ../libcrypto.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libcrypto.so.0.9 \
-            -o ./libcrypto.so.0.9.4 && rm *.o
-	cd shlib_dir ; ar -x ../libssl.a && $(CC) -shared ./*.o -Wl,-soname -Wl,libssl.so.0.9 \
-            -o ./libssl.so.0.9.4 && rm *.o
-
 # DO NOT DELETE THIS LINE -- make depend depends on it.

NEWS

@@ -5,15 +5,6 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
-  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
-
-      o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
-      o Shared library support for HPUX and Solaris-gcc
-      o Support of Linux/IA64
-      o Assembler support for Mingw32
-      o New 'rand' application
-      o New way to check for existence of algorithms from scripts
-
   Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:
 
       o S/MIME support in new 'smime' command

README

@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.5a  1 Apr 2000
+ OpenSSL 0.9.5  28 Feb 2000
 
  Copyright (c) 1998-2000 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@@ -11,10 +11,9 @@
  The OpenSSL Project is a collaborative effort to develop a robust,
  commercial-grade, fully featured, and Open Source toolkit implementing the
  Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
- protocols as well as a full-strength general purpose cryptography library.
- The project is managed by a worldwide community of volunteers that use the
- Internet to communicate, plan, and develop the OpenSSL toolkit and its
- related documentation. 
+ protocols with full-strength cryptography world-wide. The project is managed
+ by a worldwide community of volunteers that use the Internet to communicate,
+ plan, and develop the OpenSSL toolkit and its related documentation. 
 
  OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
  and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the

STATUS

@@ -1,45 +1,9 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2000/03/25 10:44:28 $
+  ______________                           $Date: 2000/02/28 11:59:02 $
 
   DEVELOPMENT STATE
 
-    o  OpenSSL 0.9.5a: Under development...
-                       Proposed release date March 31st, 2000
-                       0.9.5a-beta1 is available.
-                        sunos-gcc                       - failed (ssize_t)
-                        ultrix-gcc, ultrix-cc           - failed (ssize_t)
-                        sco5-cc                         - bc fails in test
-			VC-Win32 (MSVC6SP3, nasm)       - failed (fixed) 
-			FreeBSD-elf (i686-pc-freebsd3.2)- failed (fixed)
-			HPUX (hpux-parisc-cc w/ +02)	- passed
-			OpenBSD-x86			- passed
-			solaris-sparcv9-cc		- passed
-                       0.9.5a-beta2 is available.
-                        linux-elf                       - passed
-                        linux-ppc (egcs 2.91.66)        - passed
-                        OpenBSD-elf                     - passed
-                        FreeBSD-elf (i586-pc-freebsd3.2)- passed
-                        solaris-sparcv9-cc              - passed
-                        solaris-sparcv9-gcc             - passed
-                        Mingw32                         - passed
-                        VMS/Alpha 7.1 w/ DEC C 5.6-003  - passed
-                        VMS/Alpha 7.2-1 w/ CPQ C 6.2-003- passed
-                        VMS/VAX 7.1 w/ DEC C 5.6-003    - passed
-                        VMS/VAX 7.2 w/ DEC C 6.0-001    - passed  
-                        AIX 4.3.3.0 w/ cc               - passed
-                        AIX 4.3.3.0 w/ gcc (2.7.2.3?)   - passed
-                        Irix 6.4 w/ cc                  - passed
-                        Irix 6.4 w/ gcc                 - passed
-                        Irix 6.5 w/ cc                  - passed
-                        Irix 6.5 w/ gcc                 - passed
-                        NetBSD-x86                      - passed
-                        Unixware 7.0.1 w/ native cc     - passed
-                        Solaris-x86 2.6 w/ gcc 2.7.2.3  - passed
-                        Solaris-x86 2.7 w/ gcc 2.7.2.3  - passed
-                        True64 Unix w/ gcc 2.7.2.3      - passed
-                        Win32 w/ VC++ 5 & NASM 0.98     - passed
-
     o  OpenSSL 0.9.5:  Released on February 28th, 2000
     o  OpenSSL 0.9.4:  Released on August   09th, 1999
     o  OpenSSL 0.9.3a: Released on May      29th, 1999
@@ -51,6 +15,7 @@
 
   AVAILABLE PATCHES
 
+    o shared libraries <behnke@trustcenter.de>
     o CA.pl patch (Damien Miller)
 
   IN PROGRESS

TABLE

@@ -665,7 +665,7 @@ $rc5_obj      = asm/r586-elf.o
 
 *** debug-levitte-linux-elf
 $cc           = gcc
-$cflags       = -DUSE_ALLOCATING_PRINT -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
+$cflags       = -DRL_DEBUG -DREF_CHECK -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DNO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -ggdb -g3 -m486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $lflags       = 
@@ -986,23 +986,6 @@ $rc4_obj      =
 $rmd160_obj   = 
 $rc5_obj      = 
 
-*** hpux-parisc-cc-o4
-$cc           = cc
-$cflags       = -Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = 
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_UNROLL DES_RISC1
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-
 *** hpux-parisc-gcc
 $cc           = gcc
 $cflags       = -O3 -DB_ENDIAN -DBN_DIV2W
@@ -1309,23 +1292,6 @@ $rc4_obj      = asm/rx86-elf.o
 $rmd160_obj   = asm/rm86-elf.o
 $rc5_obj      = asm/r586-elf.o
 
-*** linux-ia64
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-$unistd       = 
-$thread_cflag = (unknown)
-$lflags       = 
-$bn_ops       = SIXTY_FOUR_BIT_LONG
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-
 *** linux-mips
 $cc           = gcc
 $cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
@@ -1702,7 +1668,7 @@ $rc5_obj      =
 
 *** sunos-gcc
 $cc           = gcc
-$cflags       = -O3 -mv8 -Dssize_t=int
+$cflags       = -O3 -mv8
 $unistd       = 
 $thread_cflag = (unknown)
 $lflags       = 

apps/Makefile.ssl

@@ -38,7 +38,7 @@ E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
 	ca crl rsa dsa dsaparam \
 	x509 genrsa gendsa s_server s_client speed \
 	s_time version pkcs7 crl2pkcs7 sess_id ciphers nseq pkcs12 \
-	pkcs8 spkac smime rand
+	pkcs8 spkac smime
 
 PROGS= $(PROGRAM).c
 
@@ -54,14 +54,18 @@ E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o er
 	rsa.o dsa.o dsaparam.o \
 	x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
 	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
-	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o
+	ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o
+
+#	pem_mail.o
 
 E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
 	pkcs7.c crl2p7.c crl.c \
 	rsa.c dsa.c dsaparam.c \
 	x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
 	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
-	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c rand.c
+	ciphers.c nseq.c pkcs12.c pkcs8.c spkac.c smime.c
+
+#	pem_mail.c
 
 SRC=$(E_SRC)
 
@@ -533,23 +537,6 @@ pkcs8.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
 pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h
 pkcs8.o: ../include/openssl/stack.h ../include/openssl/x509.h
 pkcs8.o: ../include/openssl/x509_vfy.h apps.h
-rand.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-rand.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-rand.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-rand.o: ../include/openssl/crypto.h ../include/openssl/des.h
-rand.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-rand.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
-rand.o: ../include/openssl/err.h ../include/openssl/evp.h
-rand.o: ../include/openssl/idea.h ../include/openssl/md2.h
-rand.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
-rand.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-rand.o: ../include/openssl/opensslv.h ../include/openssl/pkcs7.h
-rand.o: ../include/openssl/rand.h ../include/openssl/rc2.h
-rand.o: ../include/openssl/rc4.h ../include/openssl/rc5.h
-rand.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-rand.o: ../include/openssl/stack.h ../include/openssl/x509.h
-rand.o: ../include/openssl/x509_vfy.h apps.h
 req.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 req.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 req.o: ../include/openssl/buffer.h ../include/openssl/cast.h
@@ -747,12 +734,11 @@ speed.o: ./testrsa.h apps.h
 spkac.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 spkac.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
 spkac.o: ../include/openssl/buffer.h ../include/openssl/cast.h
-spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h
-spkac.o: ../include/openssl/des.h ../include/openssl/dh.h
-spkac.o: ../include/openssl/dsa.h ../include/openssl/e_os.h
-spkac.o: ../include/openssl/e_os2.h ../include/openssl/err.h
-spkac.o: ../include/openssl/evp.h ../include/openssl/idea.h
-spkac.o: ../include/openssl/lhash.h ../include/openssl/md2.h
+spkac.o: ../include/openssl/crypto.h ../include/openssl/des.h
+spkac.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+spkac.o: ../include/openssl/e_os.h ../include/openssl/e_os2.h
+spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
+spkac.o: ../include/openssl/idea.h ../include/openssl/md2.h
 spkac.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
 spkac.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
 spkac.o: ../include/openssl/opensslv.h ../include/openssl/pem.h

apps/app_rand.c

@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -109,9 +109,7 @@
  *
  */
 
-#define NON_MAIN
 #include "apps.h"
-#undef NON_MAIN
 #include <openssl/bio.h>
 #include <openssl/rand.h>
 
@@ -164,7 +162,7 @@ long app_RAND_load_files(char *name)
 	char *p,*n;
 	int last;
 	long tot=0;
-	int egd;
+    int egd;
 	
 	for (;;)
 		{
@@ -176,9 +174,9 @@ long app_RAND_load_files(char *name)
 		name=p+1;
 		if (*n == '\0') break;
 
-		egd=RAND_egd(n);
+        egd=RAND_egd(n);
 		if (egd > 0) tot+=egd;
-		tot+=RAND_load_file(n,-1);
+		tot+=RAND_load_file(n,1024L*1024L);
 		if (last) break;
 		}
 	if (tot > 512)

apps/ca.c

@@ -1662,7 +1662,7 @@ again2:
 					}
 				if (j < 0)
 					{
-					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str2 == NULL)?"NULL":(char *)str2->data),((str == NULL)?"NULL":(char *)str->data));
+					BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str == NULL)?"NULL":(char *)str->data),((str2 == NULL)?"NULL":(char *)str2->data));
 					goto err;
 					}
 				}

apps/dh.c

@@ -1,5 +1,4 @@
 /* apps/dh.c */
-/* obsoleted by dhparam.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -235,8 +234,8 @@ bad:
 			}
 		if (i & DH_CHECK_P_NOT_PRIME)
 			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
+		if (i & DH_CHECK_P_NOT_STRONG_PRIME)
+			printf("p value is not a strong prime\n");
 		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
 			printf("unable to check the generator value\n");
 		if (i & DH_NOT_SUITABLE_GENERATOR)

apps/dhparam.c

@@ -55,59 +55,6 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
 
 #ifndef NO_DH
 #include <stdio.h>
@@ -122,10 +69,6 @@
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 
-#ifndef NO_DSA
-#include <openssl/dsa.h>
-#endif
-
 #undef PROG
 #define PROG	dhparam_main
 
@@ -135,7 +78,6 @@
  * -outform arg - output format - default PEM
  * -in arg	- input file - default stdin
  * -out arg	- output file - default stdout
- * -dsaparam  - read or generate DSA parameters, convert to DH
  * -check	- check the parameters are ok
  * -noout
  * -text
@@ -150,9 +92,6 @@ int MAIN(int argc, char **argv)
 	{
 	DH *dh=NULL;
 	int i,badops=0,text=0;
-#ifndef NO_DSA
-	int dsaparam=0;
-#endif
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,check=0,noout=0,C=0,ret=1;
 	char *infile,*outfile,*prog;
@@ -199,10 +138,6 @@ int MAIN(int argc, char **argv)
 			check=1;
 		else if (strcmp(*argv,"-text") == 0)
 			text=1;
-#ifndef NO_DSA
-		else if (strcmp(*argv,"-dsaparam") == 0)
-			dsaparam=1;
-#endif
 		else if (strcmp(*argv,"-C") == 0)
 			C=1;
 		else if (strcmp(*argv,"-noout") == 0)
@@ -231,16 +166,13 @@ bad:
 		BIO_printf(bio_err," -outform arg  output format - one of DER PEM\n");
 		BIO_printf(bio_err," -in arg       input file\n");
 		BIO_printf(bio_err," -out arg      output file\n");
-#ifndef NO_DSA
-		BIO_printf(bio_err," -dsaparam     read or generate DSA parameters, convert to DH\n");
-#endif
 		BIO_printf(bio_err," -check        check the DH parameters\n");
 		BIO_printf(bio_err," -text         print a text form of the DH parameters\n");
 		BIO_printf(bio_err," -C            Output C code\n");
 		BIO_printf(bio_err," -2            generate parameters using  2 as the generator value\n");
 		BIO_printf(bio_err," -5            generate parameters using  5 as the generator value\n");
 		BIO_printf(bio_err," numbits       number of bits in to generate (default 512)\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err," -rand file:file:...\n");
 		BIO_printf(bio_err,"               - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"               the random number generator\n");
 		BIO_printf(bio_err," -noout        no output\n");
@@ -249,25 +181,8 @@ bad:
 
 	ERR_load_crypto_strings();
 
-	if (g && !num)
-		num = DEFBITS;
-
-#ifndef NO_DSA
-	if (dsaparam)
-		{
-		if (g)
-			{
-			BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n");
-			goto end;
-			}
-		}
-	else
-#endif
-		{
-		/* DH parameters */
-		if (num && !g)
-			g = 2;
-		}
+	if(g && !num) num = DEFBITS;
+	else if(num && !g) g = 2;
 
 	if(num) {
 
@@ -279,40 +194,11 @@ bad:
 			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 				app_RAND_load_files(inrand));
 
-#ifndef NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa;
+		BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
+		BIO_printf(bio_err,"This is going to take a long time\n");
+		dh=DH_generate_parameters(num,g,dh_cb,bio_err);
 			
-			BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
-	        dsa = DSA_generate_parameters(num, NULL, 0, NULL, NULL, dh_cb, bio_err);
-			if (dsa == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
-			BIO_printf(bio_err,"This is going to take a long time\n");
-			dh=DH_generate_parameters(num,g,dh_cb,bio_err);
-			
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
+		if (dh == NULL) goto end;
 
 		app_RAND_write_file(NULL, bio_err);
 	} else {
@@ -334,56 +220,24 @@ bad:
 				}
 			}
 
-		if	(informat != FORMAT_ASN1 && informat != FORMAT_PEM)
+		if	(informat == FORMAT_ASN1)
+			dh=d2i_DHparams_bio(in,NULL);
+		else if (informat == FORMAT_PEM)
+			dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
+		else
 			{
 			BIO_printf(bio_err,"bad input format specified\n");
 			goto end;
 			}
+		if (dh == NULL)
+			{
+			BIO_printf(bio_err,"unable to load DH parameters\n");
+			ERR_print_errors(bio_err);
+			goto end;
+			}
 
-#ifndef NO_DSA
-		if (dsaparam)
-			{
-			DSA *dsa;
-			
-			if (informat == FORMAT_ASN1)
-				dsa=d2i_DSAparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL);
-			
-			if (dsa == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DSA parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			
-			dh = DSA_dup_DH(dsa);
-			DSA_free(dsa);
-			if (dh == NULL)
-				{
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		else
-#endif
-			{
-			if (informat == FORMAT_ASN1)
-				dh=d2i_DHparams_bio(in,NULL);
-			else /* informat == FORMAT_PEM */
-				dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL);
-			
-			if (dh == NULL)
-				{
-				BIO_printf(bio_err,"unable to load DH parameters\n");
-				ERR_print_errors(bio_err);
-				goto end;
-				}
-			}
-		
-		/* dh != NULL */
 	}
-	
+
 	out=BIO_new(BIO_s_file());
 	if (out == NULL)
 		{
@@ -401,6 +255,7 @@ bad:
 			}
 		}
 
+	
 
 	if (text)
 		{
@@ -416,8 +271,8 @@ bad:
 			}
 		if (i & DH_CHECK_P_NOT_PRIME)
 			printf("p value is not prime\n");
-		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
-			printf("p value is not a safe prime\n");
+		if (i & DH_CHECK_P_NOT_STRONG_PRIME)
+			printf("p value is not a strong prime\n");
 		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
 			printf("unable to check the generator value\n");
 		if (i & DH_NOT_SUITABLE_GENERATOR)
@@ -438,29 +293,25 @@ bad:
 			perror("Malloc");
 			goto end;
 			}
-		printf("#ifndef HEADER_DH_H\n"
-		       "#include <openssl/dh.h>\n"
-		       "#endif\n");
-		printf("DH *get_dh%d()\n\t{\n",bits);
-
 		l=BN_bn2bin(dh->p,data);
-		printf("\tstatic unsigned char dh%d_p[]={",bits);
+		printf("static unsigned char dh%d_p[]={",bits);
 		for (i=0; i<l; i++)
 			{
-			if ((i%12) == 0) printf("\n\t\t");
+			if ((i%12) == 0) printf("\n\t");
 			printf("0x%02X,",data[i]);
 			}
-		printf("\n\t\t};\n");
+		printf("\n\t};\n");
 
 		l=BN_bn2bin(dh->g,data);
-		printf("\tstatic unsigned char dh%d_g[]={",bits);
+		printf("static unsigned char dh%d_g[]={",bits);
 		for (i=0; i<l; i++)
 			{
-			if ((i%12) == 0) printf("\n\t\t");
+			if ((i%12) == 0) printf("\n\t");
 			printf("0x%02X,",data[i]);
 			}
-		printf("\n\t\t};\n");
+		printf("\n\t};\n\n");
 
+		printf("DH *get_dh%d()\n\t{\n",bits);
 		printf("\tDH *dh;\n\n");
 		printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
 		printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
@@ -468,9 +319,7 @@ bad:
 		printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
 			bits,bits);
 		printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
-		printf("\t\t{ DH_free(dh); return(NULL); }\n");
-		if (dh->length)
-			printf("\tdh->length = %d;\n", dh->length);
+		printf("\t\treturn(NULL);\n");
 		printf("\treturn(dh);\n\t}\n");
 		Free(data);
 		}
@@ -501,7 +350,6 @@ end:
 	EXIT(ret);
 	}
 
-/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
 static void MS_CALLBACK dh_cb(int p, int n, void *arg)
 	{
 	char c='*';

apps/eay.c

@@ -0,0 +1,131 @@
+/* apps/eay.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define MONOLITH
+#define USE_SOCKETS
+
+#include "openssl/e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/stack.h>
+#include <openssl/lhash.h>
+
+#include <openssl/err.h>
+
+#include <openssl/bn.h>
+
+#include <openssl/evp.h>
+
+#include <openssl/rand.h>
+#include <openssl/conf.h>
+#include <openssl/txt_db.h>
+
+#include <openssl/err.h>
+
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+
+#define MONOLITH
+
+#include "openssl.c"
+#include "apps.c"
+#include "asn1pars.c"
+#ifndef NO_RSA
+#include "ca.c"
+#include "genrsa.c"
+#include "req.c"
+#include "rsa.c"
+#endif
+#ifndef NO_DH
+#include "gendh.c"
+#include "dh.c"
+#endif
+#include "crl.c"
+#include "crl2p7.c"
+#include "dgst.c"
+#include "enc.c"
+#include "errstr.c"
+#if !defined(NO_SSL2) || !defined(NO_SSL3)
+#ifndef NO_SOCK
+#include "s_cb.c"
+#include "s_client.c"
+#include "s_server.c"
+#include "s_socket.c"
+#include "s_time.c"
+#endif
+#endif
+#include "speed.c"
+#include "verify.c"
+#include "version.c"
+#include "x509.c"
+#include "ciphers.c"
+#include "sess_id.c"
+#include "pkcs7.c"
+#ifndef NO_DSA
+#include "dsaparam.c"
+#include "dsa.c"
+#include "gendsa.c"
+#endif
+

apps/gendh.c

@@ -1,5 +1,4 @@
 /* apps/gendh.c */
-/* obsoleted by dhparam.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -128,7 +127,7 @@ bad:
 		BIO_printf(bio_err," -2    use 2 as the generator value\n");
 	/*	BIO_printf(bio_err," -3    use 3 as the generator value\n"); */
 		BIO_printf(bio_err," -5    use 5 as the generator value\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err," -rand file:file:...\n");
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
 		goto end;
@@ -160,7 +159,7 @@ bad:
 		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
 			app_RAND_load_files(inrand));
 
-	BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
+	BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
 	BIO_printf(bio_err,"This is going to take a long time\n");
 	dh=DH_generate_parameters(num,g,dh_cb,bio_err);
 		

apps/gendsa.c

@@ -145,7 +145,7 @@ bad:
 #ifndef NO_IDEA
 		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
 #endif
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err," -rand file:file:...\n");
 		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"             the random number generator\n");
 		BIO_printf(bio_err," dsaparam-file\n");

apps/genrsa.c

@@ -154,7 +154,7 @@ bad:
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
 		BIO_printf(bio_err," -3              use 3 for the E value\n");
-		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err," -rand file:file:...\n");
 		BIO_printf(bio_err,"                 load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,"                 the random number generator\n");
 		goto err;

apps/makeapps.com

@@ -157,13 +157,13 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+-
 	      "RSA;DSA;DSAPARAM;"+-
 	      "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+-
 	      "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+-
-	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND"
+	      "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME"
 $ APP_FILES := OPENSSL,'OBJ_DIR'VERIFY.OBJ,ASN1PARS.OBJ,REQ.OBJ,DGST.OBJ,DH.OBJ,DHPARAM.OBJ,ENC.OBJ,PASSWD.OBJ,GENDH.OBJ,ERRSTR.OBJ,-
 	       CA.OBJ,PKCS7.OBJ,CRL2P7.OBJ,CRL.OBJ,-
 	       RSA.OBJ,DSA.OBJ,DSAPARAM.OBJ,-
 	       X509.OBJ,GENRSA.OBJ,GENDSA.OBJ,S_SERVER.OBJ,S_CLIENT.OBJ,SPEED.OBJ,-
 	       S_TIME.OBJ,APPS.OBJ,S_CB.OBJ,S_SOCKET.OBJ,APP_RAND.OBJ,VERSION.OBJ,SESS_ID.OBJ,-
-	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ,RAND.OBJ
+	       CIPHERS.OBJ,NSEQ.OBJ,PKCS12.OBJ,PKCS8.OBJ,SPKAC.OBJ,SMIME.OBJ
 $ TCPIP_PROGRAMS = ",,"
 $ IF COMPILER .EQS. "VAXC" THEN -
      TCPIP_PROGRAMS = ",OPENSSL,"

apps/openssl.c

@@ -56,10 +56,13 @@
  * [including the GNU Public Licence.]
  */
 
+#ifndef DEBUG
+#undef DEBUG
+#endif
+
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
-#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
 #include <openssl/lhash.h>
@@ -68,11 +71,18 @@
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
 #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
+#define OPENSSL_C /* tells apps.h to use complete apps_startup() */
 #include "apps.h"
 #include "progs.h"
 #include "s_apps.h"
 #include <openssl/err.h>
 
+/*
+#ifdef WINDOWS
+#include "bss_file.c"
+#endif
+*/
+
 static unsigned long MS_CALLBACK hash(FUNCTION *a);
 static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
 static LHASH *prog_init(void );
@@ -80,6 +90,15 @@ static int do_cmd(LHASH *prog,int argc,char *argv[]);
 LHASH *config=NULL;
 char *default_config_file=NULL;
 
+#ifdef DEBUG
+static void sig_stop(int i)
+	{
+	char *a=NULL;
+
+	*a='\0';
+	}
+#endif
+
 /* Make sure there is only one when MONOLITH is defined */
 #ifdef MONOLITH
 BIO *bio_err=NULL;
@@ -101,6 +120,15 @@ int main(int Argc, char *Argv[])
 	arg.data=NULL;
 	arg.count=0;
 
+#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
+#ifdef SIGBUS
+	signal(SIGBUS,sig_stop);
+#endif
+#ifdef SIGSEGV
+	signal(SIGSEGV,sig_stop);
+#endif
+#endif
+
 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 
 	apps_startup();
@@ -206,7 +234,13 @@ end:
 
 	EVP_cleanup();
 	ERR_free_strings();
-	
+
+#ifdef LEVITTE_DEBUG
+	CRYPTO_push_info("Just to make sure I get a memory leak I can see :-)");
+	(void)Malloc(1024);
+	CRYPTO_pop_info();
+#endif
+
 	CRYPTO_mem_leaks(bio_err);
 	if (bio_err != NULL)
 		{
@@ -233,18 +267,6 @@ static int do_cmd(LHASH *prog, int argc, char *argv[])
 		{
 		ret=fp->func(argc,argv);
 		}
-	else if ((strncmp(argv[0],"no-",3)) == 0)
-		{
-		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
-		f.name=argv[0]+3;
-		ret = (lh_retrieve(prog,&f) != NULL);
-		if (!ret)
-			BIO_printf(bio_stdout, "%s\n", argv[0]);
-		else
-			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
-		BIO_free(bio_stdout);
-		goto end;
-		}
 	else if ((strcmp(argv[0],"quit") == 0) ||
 		(strcmp(argv[0],"q") == 0) ||
 		(strcmp(argv[0],"exit") == 0) ||

apps/pkcs12.c

@@ -265,7 +265,7 @@ int MAIN(int argc, char **argv)
 	BIO_printf (bio_err, "-password p   set import/export password source\n");
 	BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
 	BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
-	BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+	BIO_printf(bio_err,  "-rand file:file:...\n");
 	BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
 	BIO_printf(bio_err,  "              the random number generator\n");
     	goto end;

apps/progs.h

@@ -33,7 +33,6 @@ extern int pkcs12_main(int argc,char *argv[]);
 extern int pkcs8_main(int argc,char *argv[]);
 extern int spkac_main(int argc,char *argv[]);
 extern int smime_main(int argc,char *argv[]);
-extern int rand_main(int argc,char *argv[]);
 
 #define FUNC_TYPE_GENERAL	1
 #define FUNC_TYPE_MD		2
@@ -104,7 +103,6 @@ FUNCTION functions[] = {
 	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
 	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
 	{FUNC_TYPE_GENERAL,"smime",smime_main},
-	{FUNC_TYPE_GENERAL,"rand",rand_main},
 	{FUNC_TYPE_MD,"md2",dgst_main},
 	{FUNC_TYPE_MD,"md5",dgst_main},
 	{FUNC_TYPE_MD,"sha",dgst_main},

apps/rand.c

@@ -1,140 +0,0 @@
-/* apps/rand.c */
-
-#include "apps.h"
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#undef PROG
-#define PROG rand_main
-
-/* -out file         - write to file
- * -rand file:file   - PRNG seed files
- * -base64           - encode output
- * num               - write 'num' bytes
- */
-
-int MAIN(int, char **);
-
-int MAIN(int argc, char **argv)
-	{
-	int i, r, ret = 1;
-	int badopt;
-	char *outfile = NULL;
-	char *inrand = NULL;
-	int base64 = 0;
-	BIO *out = NULL;
-	int num = -1;
-
-	apps_startup();
-
-	if (bio_err == NULL)
-		if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
-	badopt = 0;
-	i = 0;
-	while (!badopt && argv[++i] != NULL)
-		{
-		if (strcmp(argv[i], "-out") == 0)
-			{
-			if ((argv[i+1] != NULL) && (outfile == NULL))
-				outfile = argv[++i];
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-rand") == 0)
-			{
-			if ((argv[i+1] != NULL) && (inrand == NULL))
-				inrand = argv[++i];
-			else
-				badopt = 1;
-			}
-		else if (strcmp(argv[i], "-base64") == 0)
-			{
-			if (!base64)
-				base64 = 1;
-			else
-				badopt = 1;
-			}
-		else if (isdigit(argv[i][0]))
-			{
-			if (num < 0)
-				{
-				r = sscanf(argv[i], "%d", &num);
-				if (r == 0 || num < 0)
-					badopt = 1;
-				}
-			else
-				badopt = 1;
-			}
-		else
-			badopt = 1;
-		}
-
-	if (num < 0)
-		badopt = 1;
-	
-	if (badopt) 
-		{
-		BIO_printf(bio_err, "Usage: rand [options] num\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-out file            - write to file\n");
-		BIO_printf(bio_err, "-rand file%cfile%c...  - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
-		BIO_printf(bio_err, "-base64              - encode output\n");
-		goto err;
-		}
-
-	app_RAND_load_file(NULL, bio_err, (inrand != NULL));
-	if (inrand != NULL)
-		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
-			app_RAND_load_files(inrand));
-
-	out = BIO_new(BIO_s_file());
-	if (out == NULL)
-		goto err;
-	if (outfile != NULL)
-		r = BIO_write_filename(out, outfile);
-	else
-		r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-	if (r <= 0)
-		goto err;
-
-	if (base64)
-		{
-		BIO *b64 = BIO_new(BIO_f_base64());
-		if (b64 == NULL)
-			goto err;
-		out = BIO_push(b64, out);
-		}
-	
-	while (num > 0) 
-		{
-		unsigned char buf[4096];
-		int chunk;
-
-		chunk = num;
-		if (chunk > sizeof buf)
-			chunk = sizeof buf;
-		r = RAND_bytes(buf, chunk);
-		if (r <= 0)
-			goto err;
-		BIO_write(out, buf, chunk);
-		num -= chunk;
-		}
-	BIO_flush(out);
-
-	app_RAND_write_file(NULL, bio_err);
-	ret = 0;
-	
-err:
-	ERR_print_errors(bio_err);
-	if (out)
-		BIO_free_all(out);
-	EXIT(ret);
-	}

apps/req.c

@@ -878,8 +878,8 @@ end:
 	EVP_PKEY_free(pkey);
 	X509_REQ_free(req);
 	X509_free(x509ss);
-	if(passargin && passin) Free(passin);
-	if(passargout && passout) Free(passout);
+	if(passin) Free(passin);
+	if(passout) Free(passout);
 	OBJ_cleanup();
 #ifndef NO_DSA
 	if (dsa_params != NULL) DSA_free(dsa_params);

apps/rsa.c

@@ -179,6 +179,7 @@ bad:
 		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -in arg         input file\n");
 		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
+		BIO_printf(bio_err," -in arg         input file\n");
 		BIO_printf(bio_err," -out arg        output file\n");
 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");

apps/rsa/01.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----

apps/rsa/1.txt

@@ -0,0 +1,50 @@
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/ST=New York/L=New York/O=Industrial Press Inc./CN=www.industrialpress.com
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            68:ae:14:a4:c9:9f:a9:f3:9a:23:cf:2f:15:19:b3:5a
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: May 18 00:00:00 1998 GMT
+            Not After : May 18 23:59:59 1999 GMT
+        Subject: C=US, ST=New York, L=New York, O=Industrial Press Inc., CN=www.industrialpress.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:aa:21:fd:c5:42:4d:1e:fa:82:99:a0:e8:9f:6e:
+                    d5:6a:52:5b:a9:32:f2:98:5d:f2:28:a5:81:c5:b3:
+                    83:2d:68:d7:ef:22:a3:7b:0a:2a:5a:1a:2d:68:40:
+                    11:23:a8:d7:3e:aa:26:53:ce:e0:15:4d:6d:1f:8a:
+                    ff:6e:0c:21:dc:59:94:30:ad:ea:a3:dd:97:3a:cb:
+                    f0:34:01:f3:5f:35:91:5d:03:49:9a:6e:78:83:61:
+                    75:45:4b:74:d2:98:18:88:ec:62:98:3b:1e:d6:df:
+                    51:2f:93:ce:08:31:1b:7d:7f:03:82:e8:2b:13:f5:
+                    b0:91:2d:85:ad:2a:1c:e7:f7
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md5WithRSAEncryption
+        8c:3b:7e:f1:74:12:d1:2f:ac:d4:bf:2d:8b:aa:02:05:30:fe:
+        d1:f4:14:b8:02:92:a2:8b:99:86:26:ff:24:7e:67:48:43:d9:
+        e3:ff:52:11:7e:8c:0c:26:57:ca:c7:b4:19:da:4c:ce:e8:37:
+        6d:d1:55:6d:a4:09:ff:2c:a2:21:9f:af:63:d8:b5:fb:9f:a5:
+        7b:5d:ed:ac:d4:15:af:96:24:25:a7:a7:43:76:f4:41:b4:05:
+        1d:49:38:50:b4:43:fe:1d:87:f5:fd:aa:e9:4c:f2:5b:aa:3e:
+        3a:e6:c3:67:92:81:b7:66:99:db:a6:58:07:0d:3d:56:d5
+-----BEGIN CERTIFICATE-----
+MIICTjCCAbsCEGiuFKTJn6nzmiPPLxUZs1owDQYJKoZIhvcNAQEEBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4
+MDUxODAwMDAwMFoXDTk5MDUxODIzNTk1OVowdTELMAkGA1UEBhMCVVMxETAPBgNV
+BAgTCE5ldyBZb3JrMREwDwYDVQQHFAhOZXcgWW9yazEeMBwGA1UEChQVSW5kdXN0
+cmlhbCBQcmVzcyBJbmMuMSAwHgYDVQQDFBd3d3cuaW5kdXN0cmlhbHByZXNzLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqiH9xUJNHvqCmaDon27ValJb
+qTLymF3yKKWBxbODLWjX7yKjewoqWhotaEARI6jXPqomU87gFU1tH4r/bgwh3FmU
+MK3qo92XOsvwNAHzXzWRXQNJmm54g2F1RUt00pgYiOximDse1t9RL5POCDEbfX8D
+gugrE/WwkS2FrSoc5/cCAwEAATANBgkqhkiG9w0BAQQFAAN+AIw7fvF0EtEvrNS/
+LYuqAgUw/tH0FLgCkqKLmYYm/yR+Z0hD2eP/UhF+jAwmV8rHtBnaTM7oN23RVW2k
+Cf8soiGfr2PYtfufpXtd7azUFa+WJCWnp0N29EG0BR1JOFC0Q/4dh/X9qulM8luq
+Pjrmw2eSgbdmmdumWAcNPVbV
+-----END CERTIFICATE-----

apps/rsa/SecureServer.pem

@@ -0,0 +1,47 @@
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: Nov  9 00:00:00 1994 GMT
+            Not After : Jan  7 23:59:59 2010 GMT
+        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1000 bit)
+                Modulus (1000 bit):
+                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+                    dd:2d:d6:c8:1e:7b
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----

apps/rsa/s.txt

@@ -0,0 +1,49 @@
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0
+        Signature Algorithm: md2WithRSAEncryption
+        Issuer: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Validity
+            Not Before: Nov  9 00:00:00 1994 GMT
+            Not After : Jan  7 23:59:59 2010 GMT
+        Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification Authority
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1000 bit)
+                Modulus (1000 bit):
+                    00:92:ce:7a:c1:ae:83:3e:5a:aa:89:83:57:ac:25:
+                    01:76:0c:ad:ae:8e:2c:37:ce:eb:35:78:64:54:03:
+                    e5:84:40:51:c9:bf:8f:08:e2:8a:82:08:d2:16:86:
+                    37:55:e9:b1:21:02:ad:76:68:81:9a:05:a2:4b:c9:
+                    4b:25:66:22:56:6c:88:07:8f:f7:81:59:6d:84:07:
+                    65:70:13:71:76:3e:9b:77:4c:e3:50:89:56:98:48:
+                    b9:1d:a7:29:1a:13:2e:4a:11:59:9c:1e:15:d5:49:
+                    54:2c:73:3a:69:82:b1:97:39:9c:6d:70:67:48:e5:
+                    dd:2d:d6:c8:1e:7b
+                Exponent: 65537 (0x10001)
+    Signature Algorithm: md2WithRSAEncryption
+        65:dd:7e:e1:b2:ec:b0:e2:3a:e0:ec:71:46:9a:19:11:b8:d3:
+        c7:a0:b4:03:40:26:02:3e:09:9c:e1:12:b3:d1:5a:f6:37:a5:
+        b7:61:03:b6:5b:16:69:3b:c6:44:08:0c:88:53:0c:6b:97:49:
+        c7:3e:35:dc:6c:b9:bb:aa:df:5c:bb:3a:2f:93:60:b6:a9:4b:
+        4d:f2:20:f7:cd:5f:7f:64:7b:8e:dc:00:5c:d7:fa:77:ca:39:
+        16:59:6f:0e:ea:d3:b5:83:7f:4d:4d:42:56:76:b4:c9:5f:04:
+        f8:38:f8:eb:d2:5f:75:5f:cd:7b:fc:e5:8e:80:7c:fc:50
+-----BEGIN CERTIFICATE-----
+MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0
+MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV
+BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy
+dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ
+ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII
+0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI
+uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI
+hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3
+YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc
+1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==
+-----END CERTIFICATE-----

apps/s_apps.h

@@ -84,6 +84,7 @@ typedef fd_mask fd_set;
 #define PORT_STR        "4433"
 #define PROTOCOL        "tcp"
 
+int do_accept(int acc_sock, int *sock, char **host);
 int do_server(int port, int *ret, int (*cb) (), char *context);
 #ifdef HEADER_X509_H
 int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
@@ -96,9 +97,17 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_stuff(char *ctx, char *cert_file, char *key_file);
 #endif
 int init_client(int *sock, char *server, int port);
+int init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_sock_error(int sock);
+int spawn(int argc, char **argv, int *in, int *out);
+int init_server(int *sock, int port);
+int init_server_long(int *sock, int port,char *ip);
 int should_retry(int i);
+void sock_cleanup(void );
 int extract_port(char *str, short *port_ptr);
 int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int host_ip(char *str, unsigned char ip[4]);
 
 long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, const char *argp,
 	int argi, long argl, long ret);

apps/s_cb.c

@@ -1,4 +1,4 @@
-/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
+/* apps/s_cb.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *

apps/s_client.c

@@ -117,7 +117,6 @@ static void sc_usage(void);
 static void print_stuff(BIO *berr,SSL *con,int full);
 static BIO *bio_c_out=NULL;
 static int c_quiet=0;
-static int c_ign_eof=0;
 
 static void sc_usage(void)
 	{
@@ -144,7 +143,6 @@ static void sc_usage(void)
 #endif
 	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
-	BIO_printf(bio_err," -ign_eof      - ignore input eof (default when -quiet)\n");
 	BIO_printf(bio_err," -ssl2         - just use SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - just use SSLv3\n");
 	BIO_printf(bio_err," -tls1         - just use TLSv1\n");
@@ -194,7 +192,6 @@ int MAIN(int argc, char **argv)
 	apps_startup();
 	c_Pause=0;
 	c_quiet=0;
-	c_ign_eof=0;
 	c_debug=0;
 	c_showcerts=0;
 
@@ -252,12 +249,7 @@ int MAIN(int argc, char **argv)
 		else if	(strcmp(*argv,"-crlf") == 0)
 			crlf=1;
 		else if	(strcmp(*argv,"-quiet") == 0)
-			{
 			c_quiet=1;
-			c_ign_eof=1;
-			}
-		else if	(strcmp(*argv,"-ign_eof") == 0)
-			c_ign_eof=1;
 		else if	(strcmp(*argv,"-pause") == 0)
 			c_Pause=1;
 		else if	(strcmp(*argv,"-debug") == 0)
@@ -719,13 +711,13 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			else
 				i=read(fileno(stdin),cbuf,BUFSIZZ);
 
-			if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q')))
+			if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
 				{
 				BIO_printf(bio_err,"DONE\n");
 				goto shut;
 				}
 
-			if ((!c_ign_eof) && (cbuf[0] == 'R'))
+			if ((!c_quiet) && (cbuf[0] == 'R'))
 				{
 				BIO_printf(bio_err,"RENEGOTIATING\n");
 				SSL_renegotiate(con);

apps/s_socket.c

@@ -1,4 +1,4 @@
-/* apps/s_socket.c -  socket-related functions used by s_client and s_server */
+/* apps/s_socket.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -79,17 +79,16 @@ typedef unsigned int u_int;
 #include "s_apps.h"
 #include <openssl/ssl.h>
 
-static struct hostent *GetHostByName(char *name);
-#ifdef WINDOWS
-static void sock_cleanup(void);
+#ifdef VMS
+#if (__VMS_VER < 70000000) /* FIONBIO used as a switch to enable ioctl,
+			      and that isn't in VMS < 7.0 */
+#undef FIONBIO
+#endif
+#include <processes.h> /* for vfork() */
 #endif
-static int sock_init(void);
-static int init_client_ip(int *sock,unsigned char ip[4], int port);
-static int init_server(int *sock, int port);
-static int init_server_long(int *sock, int port,char *ip);
-static int do_accept(int acc_sock, int *sock, char **host);
-static int host_ip(char *str, unsigned char ip[4]);
 
+static struct hostent *GetHostByName(char *name);
+int sock_init(void );
 #ifdef WIN16
 #define SOCKET_PROTOCOL	0 /* more microsoft stupidity */
 #else
@@ -132,19 +131,19 @@ static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
 #endif /* WIN32 */
 #endif /* WINDOWS */
 
-#ifdef WINDOWS
-static void sock_cleanup(void)
+void sock_cleanup(void)
 	{
+#ifdef WINDOWS
 	if (wsa_init_done)
 		{
 		wsa_init_done=0;
 		WSACancelBlockingCall();
 		WSACleanup();
 		}
-	}
 #endif
+	}
 
-static int sock_init(void)
+int sock_init(void)
 	{
 #ifdef WINDOWS
 	if (!wsa_init_done)
@@ -188,7 +187,7 @@ int init_client(int *sock, char *host, int port)
 	return(init_client_ip(sock,ip,port));
 	}
 
-static int init_client_ip(int *sock, unsigned char ip[4], int port)
+int init_client_ip(int *sock, unsigned char ip[4], int port)
 	{
 	unsigned long addr;
 	struct sockaddr_in them;
@@ -219,6 +218,75 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port)
 	return(1);
 	}
 
+int nbio_sock_error(int sock)
+	{
+	int j,i;
+	int size;
+
+	size=sizeof(int);
+	/* Note: under VMS with SOCKETSHR the third parameter is currently
+	 * of type (int *) whereas under other systems it is (void *) if
+	 * you don't have a cast it will choke the compiler: if you do
+	 * have a cast then you can either go for (int *) or (void *).
+	 */
+	i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,(void *)&size);
+	if (i < 0)
+		return(1);
+	else
+		return(j);
+	}
+
+int nbio_init_client_ip(int *sock, unsigned char ip[4], int port)
+	{
+	unsigned long addr;
+	struct sockaddr_in them;
+	int s,i;
+
+	if (!sock_init()) return(0);
+
+	memset((char *)&them,0,sizeof(them));
+	them.sin_family=AF_INET;
+	them.sin_port=htons((unsigned short)port);
+	addr=	(unsigned long)
+		((unsigned long)ip[0]<<24L)|
+		((unsigned long)ip[1]<<16L)|
+		((unsigned long)ip[2]<< 8L)|
+		((unsigned long)ip[3]);
+	them.sin_addr.s_addr=htonl(addr);
+
+	if (*sock <= 0)
+		{
+#ifdef FIONBIO
+		unsigned long l=1;
+#endif
+
+		s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+		if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+		i=0;
+		i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+		if (i < 0) { perror("keepalive"); return(0); }
+		*sock=s;
+
+#ifdef FIONBIO
+		BIO_socket_ioctl(s,FIONBIO,&l);
+#endif
+		}
+	else
+		s= *sock;
+
+	i=connect(s,(struct sockaddr *)&them,sizeof(them));
+	if (i == INVALID_SOCKET)
+		{
+		if (BIO_sock_should_retry(i))
+			return(-1);
+		else
+			return(0);
+		}
+	else
+		return(1);
+	}
+
 int do_server(int port, int *ret, int (*cb)(), char *context)
 	{
 	int sock;
@@ -251,7 +319,7 @@ int do_server(int port, int *ret, int (*cb)(), char *context)
 		}
 	}
 
-static int init_server_long(int *sock, int port, char *ip)
+int init_server_long(int *sock, int port, char *ip)
 	{
 	int ret=0;
 	struct sockaddr_in server;
@@ -301,12 +369,12 @@ err:
 	return(ret);
 	}
 
-static int init_server(int *sock, int port)
+int init_server(int *sock, int port)
 	{
 	return(init_server_long(sock, port, NULL));
 	}
 
-static int do_accept(int acc_sock, int *sock, char **host)
+int do_accept(int acc_sock, int *sock, char **host)
 	{
 	int ret,i;
 	struct hostent *h1,*h2;
@@ -422,7 +490,7 @@ err:
 	return(0);
 	}
 
-static int host_ip(char *str, unsigned char ip[4])
+int host_ip(char *str, unsigned char ip[4])
 	{
 	unsigned int in[4]; 
 	int i;
@@ -538,3 +606,69 @@ static struct hostent *GetHostByName(char *name)
 		return(ret);
 		}
 	}
+
+#ifndef MSDOS
+int spawn(int argc, char **argv, int *in, int *out)
+	{
+	int pid;
+#define CHILD_READ	p1[0]
+#define CHILD_WRITE	p2[1]
+#define PARENT_READ	p2[0]
+#define PARENT_WRITE	p1[1]
+	int p1[2],p2[2];
+
+	if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
+
+#ifdef VMS
+	if ((pid=vfork()) == 0)
+#else
+	if ((pid=fork()) == 0)
+#endif
+		{ /* child */
+		if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
+			perror("dup2");
+		if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
+			perror("dup2");
+		if (dup2(CHILD_READ,fileno(stdin)) < 0)
+			perror("dup2");
+		close(CHILD_READ); 
+		close(CHILD_WRITE);
+
+		close(PARENT_READ);
+		close(PARENT_WRITE);
+		execvp(argv[0],argv);
+		perror("child");
+		exit(1);
+		}
+
+	/* parent */
+	*in= PARENT_READ;
+	*out=PARENT_WRITE;
+	close(CHILD_READ);
+	close(CHILD_WRITE);
+	return(pid);
+	}
+#endif /* MSDOS */
+
+
+#ifdef undef
+	/* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
+	 * on sockets */
+	{
+	SOCKET s;
+	int optionValue = SO_SYNCHRONOUS_NONALERT;
+	int err;
+
+	err = setsockopt( 
+	    INVALID_SOCKET, 
+	    SOL_SOCKET, 
+	    SO_OPENTYPE, 
+	    (char *)&optionValue, 
+	    sizeof(optionValue));
+	if (err != NO_ERROR) {
+	/* failed for some reason... */
+		BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
+			WSAGetLastError());
+		}
+	}
+#endif

apps/smime.c

@@ -272,7 +272,7 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
 		BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
 		BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
-		BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+		BIO_printf(bio_err,  "-rand file:file:...\n");
 		BIO_printf(bio_err,  "               load the file (or the files in the directory) into\n");
 		BIO_printf(bio_err,  "               the random number generator\n");
 		BIO_printf (bio_err, "cert.pem       recipient certificate(s) for encryption\n");
@@ -309,6 +309,9 @@ int MAIN(int argc, char **argv)
 			goto end;
 #endif
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("load encryption certificates");
+#endif		
 		encerts = sk_X509_new_null();
 		while (*args) {
 			if(!(cert = load_cert(*args))) {
@@ -319,29 +322,50 @@ int MAIN(int argc, char **argv)
 			cert = NULL;
 			args++;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	if(signerfile && (operation == SMIME_SIGN)) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("load signer certificate");
+#endif		
 		if(!(signer = load_cert(signerfile))) {
 			BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	if(certfile) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("load other certfiles");
+#endif		
 		if(!(other = load_certs(certfile))) {
 			BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	if(recipfile && (operation == SMIME_DECRYPT)) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("load recipient certificate");
+#endif		
 		if(!(recip = load_cert(recipfile))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	if(operation == SMIME_DECRYPT) {
@@ -351,13 +375,22 @@ int MAIN(int argc, char **argv)
 	} else keyfile = NULL;
 
 	if(keyfile) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("load keyfile");
+#endif		
 		if(!(key = load_key(keyfile, passin))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile);
 			ERR_print_errors(bio_err);
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_push_info("open input files");
+#endif		
 	if (infile) {
 		if (!(in = BIO_new_file(infile, inmode))) {
 			BIO_printf (bio_err,
@@ -365,7 +398,13 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	} else in = BIO_new_fp(stdin, BIO_NOCLOSE);
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+#endif		
 
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_push_info("open output files");
+#endif		
 	if (outfile) {
 		if (!(out = BIO_new_file(outfile, outmode))) {
 			BIO_printf (bio_err,
@@ -373,23 +412,50 @@ int MAIN(int argc, char **argv)
 			goto end;
 		}
 	} else out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+#endif		
 
 	if(operation == SMIME_VERIFY) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("setup_verify");
+#endif		
 		if(!(store = setup_verify(CAfile, CApath))) goto end;
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	ret = 3;
 
 	if(operation == SMIME_ENCRYPT) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("PKCS7_encrypt");
+#endif		
 		p7 = PKCS7_encrypt(encerts, in, cipher, flags);
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	} else if(operation == SMIME_SIGN) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("PKCS7_sign");
+#endif		
 		p7 = PKCS7_sign(signer, key, other, in, flags);
 		BIO_reset(in);
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	} else {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("SMIME_read_PKCS7");
+#endif		
 		if(!(p7 = SMIME_read_PKCS7(in, &indata))) {
 			BIO_printf(bio_err, "Error reading S/MIME message\n");
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	}
 
 	if(!p7) {
@@ -399,25 +465,45 @@ int MAIN(int argc, char **argv)
 
 	ret = 4;
 	if(operation == SMIME_DECRYPT) {
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("PKCS7_decrypt");
+#endif		
 		if(!PKCS7_decrypt(p7, key, recip, out, flags)) {
 			BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 	} else if(operation == SMIME_VERIFY) {
 		STACK_OF(X509) *signers;
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_push_info("PKCS7_verify");
+#endif		
 		if(PKCS7_verify(p7, other, store, indata, out, flags)) {
 			BIO_printf(bio_err, "Verification Successful\n");
 		} else {
 			BIO_printf(bio_err, "Verification Failure\n");
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+		CRYPTO_push_info("PKCS7_get0_signers");
+#endif		
 		signers = PKCS7_get0_signers(p7, other, flags);
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+		CRYPTO_push_info("save_certs");
+#endif		
 		if(!save_certs(signerfile, signers)) {
 			BIO_printf(bio_err, "Error writing signers to %s\n",
 								signerfile);
 			ret = 5;
 			goto end;
 		}
+#ifdef CRYPTO_MDEBUG
+		CRYPTO_pop_info();
+#endif		
 		sk_X509_free(signers);
 	} else if(operation == SMIME_PK7OUT) {
 		PEM_write_bio_PKCS7(out, p7);
@@ -429,6 +515,9 @@ int MAIN(int argc, char **argv)
 	}
 	ret = 0;
 end:
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_remove_all_info();
+#endif
 	if (need_rand)
 		app_RAND_write_file(NULL, bio_err);
 	if(ret) ERR_print_errors(bio_err);
@@ -494,9 +583,20 @@ static X509_STORE *setup_verify(char *CAfile, char *CApath)
 {
 	X509_STORE *store;
 	X509_LOOKUP *lookup;
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_push_info("X509_STORE_new");
+#endif	
 	if(!(store = X509_STORE_new())) goto end;
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+	CRYPTO_push_info("X509_STORE_add_lookup(...file)");
+#endif	
 	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
 	if (lookup == NULL) goto end;
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+	CRYPTO_push_info("X509_LOOKUP_load_file");
+#endif	
 	if (CAfile) {
 		if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
 			BIO_printf(bio_err, "Error loading file %s\n", CAfile);
@@ -504,14 +604,25 @@ static X509_STORE *setup_verify(char *CAfile, char *CApath)
 		}
 	} else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
 		
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+	CRYPTO_push_info("X509_STORE_add_lookup(...hash_dir)");
+#endif	
 	lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
 	if (lookup == NULL) goto end;
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+	CRYPTO_push_info("X509_LOOKUP_add_dir");
+#endif	
 	if (CApath) {
 		if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
 			BIO_printf(bio_err, "Error loading directory %s\n", CApath);
 			goto end;
 		}
 	} else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+#endif	
 
 	ERR_clear_error();
 	return store;

apps/speed.c

@@ -1030,11 +1030,6 @@ int MAIN(int argc, char **argv)
 
 	RAND_pseudo_bytes(buf,20);
 #ifndef NO_DSA
-	if (RAND_status() != 1)
-		{
-		RAND_seed(rnd_seed, sizeof rnd_seed);
-		rnd_fake = 1;
-		}
 	for (j=0; j<DSA_NUM; j++)
 		{
 		unsigned int kk;
@@ -1094,7 +1089,6 @@ int MAIN(int argc, char **argv)
 				dsa_doit[j]=0;
 			}
 		}
-	if (rnd_fake) RAND_cleanup();
 #endif
 
 	fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION));

apps/spkac.c

@@ -63,10 +63,8 @@
 #include <time.h>
 #include "apps.h"
 #include <openssl/bio.h>
-#include <openssl/conf.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
-#include <openssl/lhash.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
 

apps/testdsa.h

@@ -1,5 +1,4 @@
 /* NOCW */
-/* used by apps/speed.c */
 DSA *get_dsa512(void );
 DSA *get_dsa1024(void );
 DSA *get_dsa2048(void );
@@ -147,5 +146,3 @@ DSA *get_dsa2048()
 	return(dsa);
 	}
 
-static const char rnd_seed[] = "string to make the random number generator think it has entropy";
-static int rnd_fake = 0;

apps/testrsa.h

@@ -1,5 +1,4 @@
 /* apps/testrsa.h */
-/* used by apps/speed.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *

apps/tkca

@@ -0,0 +1,66 @@
+#!/usr/local/bin/perl5
+#
+# This is only something I'm playing with, it does not work :-)
+#
+
+use Tk;
+
+my $main=MainWindow->new();
+my $f=$main->Frame(-relief => "ridge", -borderwidth => 2);
+$f->pack(-fill => 'x');
+
+my $ff=$f->Frame;
+$ff->pack(-fill => 'x');
+my $l=$ff->Label(-text => "TkCA - SSLeay",
+	-relief => "ridge", -borderwidth => 2);
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Certify");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Review");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Revoke");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Generate CRL");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my($db)=&load_db("demoCA/index.txt");
+
+MainLoop;
+
+sub load_db
+	{
+	my(%ret);
+	my($file)=@_;
+	my(*IN);
+	my(%db_serial,%db_name,@f,@db_s);
+
+	$ret{'serial'}=\%db_serial;
+	$ret{'name'}=\%db_name;
+
+	open(IN,"<$file") || die "unable to open $file:$!\n";
+	while (<IN>)
+		{
+		chop;
+		s/([^\\])\t/\1\t\t/g;
+		my(@f)=split(/\t\t/);
+		die "wrong number of fields in $file, line $.\n"
+			if ($#f != 5);
+
+		my(%f);
+		$f{'type'}=$f[0];
+		$f{'exp'}=$f[1];
+		$f{'rev'}=$f[2];
+		$f{'serial'}=$f[3];
+		$f{'file'}=$f[4];
+		$f{'name'}=$f[5];
+		die "serial number $f{'serial'} appears twice (line $.)\n"
+			if (defined($db{$f{'serial'}}))
+		$db_serial{$f{'serial'}}=\%f;
+		$db_name{$f{'name'}}.=$f{'serial'}." ";
+		}
+	return \%ret;
+	}

apps/winrand.c

@@ -1,149 +0,0 @@
-/* apps/winrand.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Usage: winrand [filename]
- *
- * Collects entropy from mouse movements and other events and writes
- * random data to filename or .rnd
- */
-
-#include <windows.h>
-#include <openssl/opensslv.h>
-#include <openssl/rand.h>
-
-LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
-const char *filename;
-
-int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
-        PSTR cmdline, int iCmdShow)
-	{
-	static char appname[] = "OpenSSL";
-	HWND hwnd;
-	MSG msg;
-	WNDCLASSEX wndclass;
-        char buffer[200];
-
-        if (cmdline[0] == '\0')
-                filename = RAND_file_name(buffer, sizeof buffer);
-        else
-                filename = cmdline;
-
-        RAND_load_file(filename, -1);
-
-	wndclass.cbSize = sizeof(wndclass);
-	wndclass.style = CS_HREDRAW | CS_VREDRAW;
-	wndclass.lpfnWndProc = WndProc;
-	wndclass.cbClsExtra = 0;
-	wndclass.cbWndExtra = 0;
-	wndclass.hInstance = hInstance;
-	wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION);
-	wndclass.hCursor = LoadCursor(NULL, IDC_ARROW);
-	wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH);
-	wndclass.lpszMenuName = NULL;
-        wndclass.lpszClassName = appname;
-	wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION);
-	RegisterClassEx(&wndclass);
-
-        hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
-		WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
-		CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance, NULL);
-
-	ShowWindow(hwnd, iCmdShow);
-	UpdateWindow(hwnd);
-
-
-	while (GetMessage(&msg, NULL, 0, 0))
-		{
-		TranslateMessage(&msg);
-		DispatchMessage(&msg);
-		}
-
-	return msg.wParam;
-	}
-
-LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
-	{
-        HDC hdc;
-	PAINTSTRUCT ps;
-        RECT rect;
-        char buffer[200];
-        static int seeded = 0;
-
-	switch (iMsg)
-		{
-	case WM_PAINT:
-		hdc = BeginPaint(hwnd, &ps);
-		GetClientRect(hwnd, &rect);
-                DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1,
-			&rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER);
-		EndPaint(hwnd, &ps);
-		return 0;
-		
-        case WM_DESTROY:
-                PostQuitMessage(0);
-                return 0;
-                }
-
-        if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0)
-                {
-                seeded = 1;
-                if (RAND_write_file(filename) <= 0)
-                        MessageBox(hwnd, "Couldn't write random file!",
-				"OpenSSL", MB_OK | MB_ICONERROR);
-                PostQuitMessage(0);
-                }
-
-	return DefWindowProc(hwnd, iMsg, wParam, lParam);
-	}

apps/x509.c

@@ -126,7 +126,7 @@ static char *x509_usage[]={
 " -md2/-md5/-sha1/-mdc2 - digest to use\n",
 " -extfile        - configuration file with X509V3 extensions to add\n",
 " -extensions     - section from config file with X509V3 extensions to add\n",
-" -clrext         - delete extensions before signing and input certificate\n",
+" -crlext         - delete extensions before signing and input certificate\n",
 NULL
 };
 
@@ -365,15 +365,8 @@ int MAIN(int argc, char **argv)
 			aliasout= ++num;
 		else if (strcmp(*argv,"-CAcreateserial") == 0)
 			CA_createserial= ++num;
-		else if (strcmp(*argv,"-clrext") == 0)
-			clrext = 1;
-#if 1 /* stay backwards-compatible with 0.9.5; this should go away soon */
 		else if (strcmp(*argv,"-crlext") == 0)
-			{
-			BIO_printf(bio_err,"use -clrext instead of -crlext\n");
 			clrext = 1;
-			}
-#endif
 		else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
 			{
 			/* ok */

config

@@ -292,8 +292,6 @@ TEST="false"
 for i
 do
 case "$i" in 
-# shared library support (behnke@trustcenter.de)
--shared) SHARED=true;;
 -d*) PREFIX="debug-";;
 -t*) TEST="true";;
 -h*) TEST="true"; cat <<EOF
@@ -409,7 +407,6 @@ case "$GUESSOS" in
 	;;
   mips-*-linux?) OUT="linux-mips" ;;
   ppc-*-linux2) OUT="linux-ppc" ;;
-  ia64-*-linux?) OUT="linux-ia64" ;;
   ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
   sparc64-*-linux2)
 	#Before we can uncomment following lines we have to wait at least
@@ -479,16 +476,6 @@ then
   options="$options -DATALLA"
 fi
 
-#get some basic shared lib support (behnke@trustcenter.de)
-case "$OUT" in
-   solaris-*-gcc)
-	if  [ "$SHARED" = "true" ] 
-	 then
-	  options="$options -DPIC -fPIC"
-        fi
-     ;;
-esac
-
 # gcc < 2.8 does not support -mcpu=ultrasparc
 if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
 then

crypto/Makefile.ssl

@@ -40,7 +40,7 @@ LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdi
 SRC= $(LIBSRC)
 
 EXHEADER= crypto.h tmdiff.h opensslv.h opensslconf.h ebcdic.h
-HEADER=	cryptlib.h buildinf.h md32_common.h $(EXHEADER)
+HEADER=	cryptlib.h buildinf.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 

crypto/asn1/asn1_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/asn1/p5_pbe.c

@@ -129,7 +129,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
 	}
 	pbe->salt->length = saltlen;
 	if (salt) memcpy (pbe->salt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
+	else if (RAND_bytes (pbe->salt->data, saltlen) <= 0)
 		return NULL;
 
 	if (!(astype = ASN1_TYPE_new())) {

crypto/asn1/p5_pbev2.c

@@ -194,8 +194,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
 
 	/* Create random IV */
-	if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
-		goto err;
+	RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher));
 
 	/* Dummy cipherinit to just setup the IV */
 	EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
@@ -213,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
 	if (!(osalt->data = Malloc (saltlen))) goto merr;
 	osalt->length = saltlen;
 	if (salt) memcpy (osalt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
+	else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr;
 
 	if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
 	if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;

crypto/asn1/t_req.c

@@ -119,7 +119,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 
 	pkey=X509_REQ_get_pubkey(x);
 #ifndef NO_RSA
-	if (pkey != NULL && pkey->type == EVP_PKEY_RSA)
+	if (pkey->type == EVP_PKEY_RSA)
 		{
 		BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
 			BN_num_bits(pkey->pkey.rsa->n));
@@ -128,7 +128,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 	else 
 #endif
 #ifndef NO_DSA
-		if (pkey != NULL && pkey->type == EVP_PKEY_DSA)
+		if (pkey->type == EVP_PKEY_DSA)
 		{
 		BIO_printf(bp,"%12sDSA Public Key:\n","");
 		DSA_print(bp,pkey->pkey.dsa,16);
@@ -137,8 +137,7 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 #endif
 		BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
-	if (pkey != NULL)
-	    EVP_PKEY_free(pkey);
+	EVP_PKEY_free(pkey);
 
 	/* may not be */
 	sprintf(str,"%8sAttributes:\n","");

crypto/asn1/x_pubkey.c

@@ -183,10 +183,8 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 
 	Free(s);
 
-#if 0
 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
 	pk->pkey=pkey;
-#endif
 
 	if (*x != NULL)
 		X509_PUBKEY_free(*x);

crypto/bf/Makefile.ssl

@@ -49,7 +49,7 @@ lib:	$(LIBOBJ)
 
 # elf
 asm/bx86-elf.o: asm/bx86unix.cpp
-	$(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o
+	$(CPP) -DELF asm/bx86unix.cpp | as -o asm/bx86-elf.o
 
 # solaris
 asm/bx86-sol.o: asm/bx86unix.cpp
@@ -65,7 +65,7 @@ asm/bx86-out.o: asm/bx86unix.cpp
 asm/bx86bsdi.o: asm/bx86unix.cpp
 	$(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o
 
-asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+asm/bx86unix.cpp:
 	(cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp)
 
 files:

crypto/bf/Makefile.uni

@@ -0,0 +1,157 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+DIR=	bf
+TOP=	.
+# use BF_PTR2 for intel boxes,
+# BF_PTR for sparc and MIPS/SGI
+# use nothing for Alpha and HP.
+
+# There are 3 possible performance options, experiment :-)
+#OPTS= -DBF_PTR  # usr for sparc and MIPS/SGI
+#OPTS= -DBF_PTR2 # use for pentium
+OPTS=		 # use for pentium pro, Alpha and HP
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+RANLIB=ranlib
+
+# Assember version of bf_encrypt().
+BF_ENC=bf_enc.o		# normal C version
+#BF_ENC=asm/bx86-elf.o	# elf format x86
+#BF_ENC=asm/bx86-out.o	# a.out format x86
+#BF_ENC=asm/bx86-sol.o	# solaris format x86 
+#BF_ENC=asm/bx86bsdi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c
+
+GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
+	COPYRIGHT blowfish.doc INSTALL
+
+TESTING=    bftest bfspeed bf_opts
+TESTING_SRC=bftest.c bfspeed.c bf_opts.c
+HEADERS=bf_locl.h blowfish.h bf_pi.h
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
+
+BLIB=	libblowfish.a
+
+all: $(BLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) BF_ENC='asm/bx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) BF_ENC='asm/bx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) BF_ENC='asm/bx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/bx86-elf.o: asm/bx86unix.cpp
+	$(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
+
+# solaris
+asm/bx86-sol.o: asm/bx86unix.cpp
+	$(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
+	as -o asm/bx86-sol.o asm/bx86-sol.s
+	rm -f asm/bx86-sol.s
+
+# a.out
+asm/bx86-out.o: asm/bx86unix.cpp
+	$(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86unix.cpp
+	$(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
+
+asm/bx86unix.cpp:
+	(cd asm; perl bf-586.pl cpp >bx86unix.cpp)
+	
+test:	all
+	./bftest
+
+$(BLIB): $(LIBOBJ)
+	/bin/rm -f $(BLIB)
+	ar cr $(BLIB) $(LIBOBJ)
+	$(RANLIB) $(BLIB)
+
+bftest: bftest.o $(BLIB)
+	$(CC) $(CFLAGS) -o bftest bftest.o $(BLIB)
+
+bfspeed: bfspeed.o $(BLIB)
+	$(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
+
+bf_opts: bf_opts.o $(BLIB)
+	$(CC) $(CFLAGS) -o bf_opts bf_opts.o $(BLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBBF)
+
+tar:
+	tar chf libbf.tar $(ALL)
+
+shar:
+	shar $(ALL) >libbf.shar
+
+depend:
+	makedepend $(LIBBF) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(BLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(BLIB)
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(BLIB) $(INSTALLTOP)/lib; \
+		$(RANLIB) $(BLIB); \
+	    chmod 644 $(INSTALLTOP)/lib/$(BLIB); \
+	    cp blowfish.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/blowfish.h; \
+	else \
+	    echo Standalone install; \
+	    cp $(BLIB) $(LIBDIR)/$(BLIB); \
+		$(RANLIB) $(BLIB); \
+	    chmod 644 $(LIBDIR)/$(BLIB); \
+	    cp blowfish.h $(INCDIR)/blowfish.h; \
+	    chmod 644 $(INCDIR)/blowfish.h; \
+	fi
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.

crypto/bf/asm/b-win32.asm

@@ -0,0 +1,906 @@
+	; Don't even think of reading this code
+	; It was automatically generated by bf-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	bf-586.asm
+        .486
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_BF_encrypt
+
+_BF_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	mov	ebx,		DWORD PTR [ebp]
+	xor	ecx,		ecx
+	xor	edi,		ebx
+	; 
+	; Round 0
+	mov	edx,		DWORD PTR 4[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	edx,		DWORD PTR 12[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	edx,		DWORD PTR 20[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	edx,		DWORD PTR 28[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	edx,		DWORD PTR 36[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	edx,		DWORD PTR 44[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	edx,		DWORD PTR 52[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	edx,		DWORD PTR 60[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 15
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	; Load parameter 0 (16) enc=1
+	mov	eax,		DWORD PTR 20[esp]
+	xor	edi,		ebx
+	mov	edx,		DWORD PTR 68[ebp]
+	xor	esi,		edx
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_BF_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_BF_decrypt
+
+_BF_decrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	xor	eax,		eax
+	mov	ebx,		DWORD PTR 68[ebp]
+	xor	ecx,		ecx
+	xor	edi,		ebx
+	; 
+	; Round 16
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 15
+	mov	edx,		DWORD PTR 60[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 14
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 13
+	mov	edx,		DWORD PTR 52[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 12
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 11
+	mov	edx,		DWORD PTR 44[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 10
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 9
+	mov	edx,		DWORD PTR 36[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 8
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 7
+	mov	edx,		DWORD PTR 28[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 6
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 5
+	mov	edx,		DWORD PTR 20[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 4
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 3
+	mov	edx,		DWORD PTR 12[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	edi,		ebx
+	; 
+	; Round 2
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ebx,		edi
+	xor	esi,		edx
+	shr	ebx,		16
+	mov	edx,		edi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	xor	eax,		eax
+	xor	esi,		ebx
+	; 
+	; Round 1
+	mov	edx,		DWORD PTR 4[ebp]
+	mov	ebx,		esi
+	xor	edi,		edx
+	shr	ebx,		16
+	mov	edx,		esi
+	mov	al,		bh
+	and	ebx,		255
+	mov	cl,		dh
+	and	edx,		255
+	mov	eax,		DWORD PTR 72[eax*4+ebp]
+	mov	ebx,		DWORD PTR 1096[ebx*4+ebp]
+	add	ebx,		eax
+	mov	eax,		DWORD PTR 2120[ecx*4+ebp]
+	xor	ebx,		eax
+	mov	edx,		DWORD PTR 3144[edx*4+ebp]
+	add	ebx,		edx
+	; Load parameter 0 (1) enc=0
+	mov	eax,		DWORD PTR 20[esp]
+	xor	edi,		ebx
+	mov	edx,		DWORD PTR [ebp]
+	xor	esi,		edx
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_BF_decrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_BF_cbc_encrypt
+
+_BF_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 48[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L000decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	jz	$L001encrypt_finish
+L002encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L002encrypt_loop
+$L001encrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L004cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L005ej7:
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L006ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L007ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L008ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L009ejend
+L010ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	shl	ecx,		8
+L011ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L012ej1:
+	mov	cl,		BYTE PTR [esi]
+$L009ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L003finish
+$L000decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L013decrypt_finish
+L014decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L014decrypt_loop
+$L013decrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L003finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_BF_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L015dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L016dj6:
+	mov	BYTE PTR 5[edi],dh
+L017dj5:
+	mov	BYTE PTR 4[edi],dl
+L018dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L019djend
+L020dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L021dj2:
+	mov	BYTE PTR 1[esi],ch
+L022dj1:
+	mov	BYTE PTR [esi],	cl
+$L019djend:
+	jmp	$L003finish
+$L003finish:
+	mov	ecx,		DWORD PTR 60[esp]
+	add	esp,		24
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L004cbc_enc_jmp_table:
+	DD	0
+	DD	L012ej1
+	DD	L011ej2
+	DD	L010ej3
+	DD	L008ej4
+	DD	L007ej5
+	DD	L006ej6
+	DD	L005ej7
+L023cbc_dec_jmp_table:
+	DD	0
+	DD	L022dj1
+	DD	L021dj2
+	DD	L020dj3
+	DD	L018dj4
+	DD	L017dj5
+	DD	L016dj6
+	DD	L015dj7
+_BF_cbc_encrypt ENDP
+_TEXT	ENDS
+END

crypto/bio/Makefile.ssl

@@ -172,10 +172,8 @@ bss_acpt.o: ../../include/openssl/opensslconf.h
 bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 bss_acpt.o: ../../include/openssl/stack.h ../cryptlib.h
 bss_bio.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
-bss_bio.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-bss_bio.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
-bss_bio.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-bss_bio.o: ../../include/openssl/stack.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/opensslv.h
+bss_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bss_conn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 bss_conn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
 bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h

crypto/bio/b_print.c

@@ -64,8 +64,6 @@
 #include <stdarg.h>
 #include <string.h>
 #include <ctype.h>
-#include <assert.h>
-#include <limits.h>
 #include "cryptlib.h"
 #ifndef NO_SYS_TYPES_H
 #include <sys/types.h>
@@ -74,16 +72,12 @@
 
 #ifdef BN_LLONG
 # ifndef HAVE_LONG_LONG
-#  define HAVE_LONG_LONG 1
+#  define HAVE_LONG_LONG
 # endif
 #endif
 
 static void dopr (char *buffer, size_t maxlen, size_t *retlen,
 	const char *format, va_list args);
-#ifdef USE_ALLOCATING_PRINT
-static void doapr (char **buffer, size_t *retlen,
-	const char *format, va_list args);
-#endif
 
 int BIO_printf (BIO *bio, ...)
 	{
@@ -91,32 +85,15 @@ int BIO_printf (BIO *bio, ...)
 	char *format;
 	int ret;
 	size_t retlen;
-#ifdef USE_ALLOCATING_PRINT
-	char *hugebuf;
-#else
 	MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
-#endif
 
 	va_start(args, bio);
 	format=va_arg(args, char *);
 
-#ifndef USE_ALLOCATING_PRINT
 	hugebuf[0]='\0';
 	dopr(hugebuf, sizeof(hugebuf), &retlen, format, args);
-#else
-	hugebuf = NULL;
-	CRYPTO_push_info("doapr()");
-	doapr(&hugebuf, &retlen, format, args);
-	if (hugebuf)
-		{
-#endif
-		ret=BIO_write(bio, hugebuf, (int)retlen);
+	ret=BIO_write(bio, hugebuf, (int)retlen);
 
-#ifdef USE_ALLOCATING_PRINT
-		Free(hugebuf);
-		}
-	CRYPTO_pop_info();
-#endif
 	va_end(args);
 	return(ret);
 	}
@@ -154,26 +131,10 @@ int BIO_printf (BIO *bio, ...)
 #define LLONG long
 #endif
 
-static void fmtstr     (void (*)(char **, size_t *, size_t *, int),
-			char **, size_t *, size_t *, const char *, int, int,
-			int);
-static void fmtint     (void (*)(char **, size_t *, size_t *, int),
-			char **, size_t *, size_t *, LLONG, int, int, int, int);
-static void fmtfp      (void (*)(char **, size_t *, size_t *, int),
-			char **, size_t *, size_t *, LDOUBLE, int, int, int);
-#ifndef USE_ALLOCATING_PRINT
-static int dopr_isbig (size_t, size_t);
-static int dopr_copy (size_t);
-static void dopr_outch (char **, size_t *, size_t *, int);
-#else
-static int doapr_isbig (size_t, size_t);
-static int doapr_copy (size_t);
-static void doapr_outch (char **, size_t *, size_t *, int);
-#endif
-static void _dopr(void (*)(char **, size_t *, size_t *, int),
-		  int (*)(size_t, size_t), int (*)(size_t),
-		  char **buffer, size_t *maxlen, size_t *retlen,
-		  const char *format, va_list args);
+static void fmtstr     (char *, size_t *, size_t, char *, int, int, int);
+static void fmtint     (char *, size_t *, size_t, LLONG, int, int, int, int);
+static void fmtfp      (char *, size_t *, size_t, LDOUBLE, int, int, int);
+static void dopr_outch (char *, size_t *, size_t, int);
 
 /* format read states */
 #define DP_S_DEFAULT    0
@@ -204,7 +165,6 @@ static void _dopr(void (*)(char **, size_t *, size_t *, int),
 #define char_to_int(p) (p - '0')
 #define MAX(p,q) ((p >= q) ? p : q)
 
-#ifndef USE_ALLOCATING_PRINT
 static void
 dopr(
     char *buffer,
@@ -212,35 +172,6 @@ dopr(
     size_t *retlen,
     const char *format,
     va_list args)
-{
-    _dopr(dopr_outch, dopr_isbig, dopr_copy,
-	  &buffer, &maxlen, retlen, format, args);
-}
-
-#else
-static void
-doapr(
-    char **buffer,
-    size_t *retlen,
-    const char *format,
-    va_list args)
-{
-    size_t dummy_maxlen = 0;
-    _dopr(doapr_outch, doapr_isbig, doapr_copy,
-	  buffer, &dummy_maxlen, retlen, format, args);
-}
-#endif
-
-static void
-_dopr(
-    void (*outch_fn)(char **, size_t *, size_t *, int),
-    int (*isbig_fn)(size_t, size_t),
-    int (*copy_fn)(size_t),
-    char **buffer,
-    size_t *maxlen,
-    size_t *retlen,
-    const char *format,
-    va_list args)
 {
     char ch;
     LLONG value;
@@ -259,7 +190,7 @@ _dopr(
     ch = *format++;
 
     while (state != DP_S_DONE) {
-        if ((ch == '\0') || (*isbig_fn)(currlen, *maxlen))
+        if ((ch == '\0') || (currlen >= maxlen))
             state = DP_S_DONE;
 
         switch (state) {
@@ -267,7 +198,7 @@ _dopr(
             if (ch == '%')
                 state = DP_S_FLAGS;
             else
-                (*outch_fn)(buffer, &currlen, maxlen, ch);
+                dopr_outch(buffer, &currlen, maxlen, ch);
             ch = *format++;
             break;
         case DP_S_FLAGS:
@@ -373,8 +304,7 @@ _dopr(
                     value = va_arg(args, int);
                     break;
                 }
-                fmtint(outch_fn, buffer, &currlen, maxlen,
-		       value, 10, min, max, flags);
+                fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags);
                 break;
             case 'X':
                 flags |= DP_F_UP;
@@ -399,7 +329,7 @@ _dopr(
                         unsigned int);
                     break;
                 }
-                fmtint(outch_fn, buffer, &currlen, maxlen, value,
+                fmtint(buffer, &currlen, maxlen, value,
                        ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
                        min, max, flags);
                 break;
@@ -408,8 +338,7 @@ _dopr(
                     fvalue = va_arg(args, LDOUBLE);
                 else
                     fvalue = va_arg(args, double);
-                fmtfp(outch_fn, buffer, &currlen, maxlen,
-		      fvalue, min, max, flags);
+                fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags);
                 break;
             case 'E':
                 flags |= DP_F_UP;
@@ -428,19 +357,19 @@ _dopr(
                     fvalue = va_arg(args, double);
                 break;
             case 'c':
-                (*outch_fn)(buffer, &currlen, maxlen,
+                dopr_outch(buffer, &currlen, maxlen,
                     va_arg(args, int));
                 break;
             case 's':
                 strvalue = va_arg(args, char *);
                 if (max < 0)
-                    max = (*copy_fn)(*maxlen);
-                fmtstr(outch_fn, buffer, &currlen, maxlen, strvalue,
-		       flags, min, max);
+                    max = maxlen;
+                fmtstr(buffer, &currlen, maxlen, strvalue,
+                    flags, min, max);
                 break;
             case 'p':
                 value = (long)va_arg(args, void *);
-                fmtint(outch_fn, buffer, &currlen, maxlen,
+                fmtint(buffer, &currlen, maxlen,
                     value, 16, min, max, flags);
                 break;
             case 'n': /* XXX */
@@ -463,7 +392,7 @@ _dopr(
                 }
                 break;
             case '%':
-                (*outch_fn)(buffer, &currlen, maxlen, ch);
+                dopr_outch(buffer, &currlen, maxlen, ch);
                 break;
             case 'w':
                 /* not supported yet, treat as next char */
@@ -484,20 +413,19 @@ _dopr(
             break;
         }
     }
-    if (currlen >= *maxlen - 1)
-        currlen = *maxlen - 1;
-    (*buffer)[currlen] = '\0';
+    if (currlen >= maxlen - 1)
+        currlen = maxlen - 1;
+    buffer[currlen] = '\0';
     *retlen = currlen;
     return;
 }
 
 static void
 fmtstr(
-    void (*outch_fn)(char **, size_t *, size_t *, int),
-    char **buffer,
+    char *buffer,
     size_t *currlen,
-    size_t *maxlen,
-    const char *value,
+    size_t maxlen,
+    char *value,
     int flags,
     int min,
     int max)
@@ -516,16 +444,16 @@ fmtstr(
         padlen = -padlen;
 
     while ((padlen > 0) && (cnt < max)) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         --padlen;
         ++cnt;
     }
     while (*value && (cnt < max)) {
-        (*outch_fn)(buffer, currlen, maxlen, *value++);
+        dopr_outch(buffer, currlen, maxlen, *value++);
         ++cnt;
     }
     while ((padlen < 0) && (cnt < max)) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         ++padlen;
         ++cnt;
     }
@@ -533,10 +461,9 @@ fmtstr(
 
 static void
 fmtint(
-    void (*outch_fn)(char **, size_t *, size_t *, int),
-    char **buffer,
+    char *buffer,
     size_t *currlen,
-    size_t *maxlen,
+    size_t maxlen,
     LLONG value,
     int base,
     int min,
@@ -590,28 +517,28 @@ fmtint(
 
     /* spaces */
     while (spadlen > 0) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         --spadlen;
     }
 
     /* sign */
     if (signvalue)
-        (*outch_fn)(buffer, currlen, maxlen, signvalue);
+        dopr_outch(buffer, currlen, maxlen, signvalue);
 
     /* zeros */
     if (zpadlen > 0) {
         while (zpadlen > 0) {
-            (*outch_fn)(buffer, currlen, maxlen, '0');
+            dopr_outch(buffer, currlen, maxlen, '0');
             --zpadlen;
         }
     }
     /* digits */
     while (place > 0)
-        (*outch_fn)(buffer, currlen, maxlen, convert[--place]);
+        dopr_outch(buffer, currlen, maxlen, convert[--place]);
 
     /* left justified spaces */
     while (spadlen < 0) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         ++spadlen;
     }
     return;
@@ -650,10 +577,9 @@ round(LDOUBLE value)
 
 static void
 fmtfp(
-    void (*outch_fn)(char **, size_t *, size_t *, int),
-    char **buffer,
+    char *buffer,
     size_t *currlen,
-    size_t *maxlen,
+    size_t maxlen,
     LDOUBLE fvalue,
     int min,
     int max,
@@ -731,114 +657,54 @@ fmtfp(
 
     if ((flags & DP_F_ZERO) && (padlen > 0)) {
         if (signvalue) {
-            (*outch_fn)(buffer, currlen, maxlen, signvalue);
+            dopr_outch(buffer, currlen, maxlen, signvalue);
             --padlen;
             signvalue = 0;
         }
         while (padlen > 0) {
-            (*outch_fn)(buffer, currlen, maxlen, '0');
+            dopr_outch(buffer, currlen, maxlen, '0');
             --padlen;
         }
     }
     while (padlen > 0) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         --padlen;
     }
     if (signvalue)
-        (*outch_fn)(buffer, currlen, maxlen, signvalue);
+        dopr_outch(buffer, currlen, maxlen, signvalue);
 
     while (iplace > 0)
-        (*outch_fn)(buffer, currlen, maxlen, iconvert[--iplace]);
+        dopr_outch(buffer, currlen, maxlen, iconvert[--iplace]);
 
     /*
      * Decimal point. This should probably use locale to find the correct
      * char to print out.
      */
     if (max > 0) {
-        (*outch_fn)(buffer, currlen, maxlen, '.');
+        dopr_outch(buffer, currlen, maxlen, '.');
 
         while (fplace > 0)
-            (*outch_fn)(buffer, currlen, maxlen, fconvert[--fplace]);
+            dopr_outch(buffer, currlen, maxlen, fconvert[--fplace]);
     }
     while (zpadlen > 0) {
-        (*outch_fn)(buffer, currlen, maxlen, '0');
+        dopr_outch(buffer, currlen, maxlen, '0');
         --zpadlen;
     }
 
     while (padlen < 0) {
-        (*outch_fn)(buffer, currlen, maxlen, ' ');
+        dopr_outch(buffer, currlen, maxlen, ' ');
         ++padlen;
     }
 }
 
-static int
-dopr_copy(
-    size_t len)
-{
-    return len;
-}
-
-#ifdef USE_ALLOCATING_PRINT
-static int
-doapr_copy(
-    size_t len)
-{
-    /* Return as high an integer as possible */
-    return INT_MAX;
-}
-#endif
-
-static int
-dopr_isbig(
-    size_t currlen,
-    size_t maxlen)
-{
-    return currlen > maxlen;
-}
-
-#ifdef USE_ALLOCATING_PRINT
-static int
-doapr_isbig(
-    size_t currlen,
-    size_t maxlen)
-{
-    return 0;
-}
-#endif
-
 static void
 dopr_outch(
-    char **buffer,
+    char *buffer,
     size_t *currlen,
-    size_t *maxlen,
+    size_t maxlen,
     int c)
 {
-    if (*currlen < *maxlen)
-        (*buffer)[(*currlen)++] = (char)c;
+    if (*currlen < maxlen)
+        buffer[(*currlen)++] = (char)c;
     return;
 }
-
-#ifdef USE_ALLOCATING_PRINT
-static void
-doapr_outch(
-    char **buffer,
-    size_t *currlen,
-    size_t *maxlen,
-    int c)
-{
-    if (*buffer == NULL) {
-	if (*maxlen == 0)
-	    *maxlen = 1024;
-	*buffer = Malloc(*maxlen);
-    }
-    while (*currlen >= *maxlen) {
-	*maxlen += 1024;
-	*buffer = Realloc(*buffer, *maxlen);
-    }
-    /* What to do if *buffer is NULL? */
-    assert(*buffer != NULL);
-
-    (*buffer)[(*currlen)++] = (char)c;
-    return;
-}
-#endif

crypto/bio/bio.h

@@ -507,7 +507,7 @@ int	BIO_set(BIO *a,BIO_METHOD *type);
 int	BIO_free(BIO *a);
 int	BIO_read(BIO *b, void *data, int len);
 int	BIO_gets(BIO *bp,char *buf, int size);
-int	BIO_write(BIO *b, const void *data, int len);
+int	BIO_write(BIO *b, const char *data, int len);
 int	BIO_puts(BIO *bp,const char *buf);
 long	BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
 long	BIO_callback_ctrl(BIO *bp,int cmd,void (*fp)());

crypto/bio/bio_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/bio/bio_lib.c

@@ -169,7 +169,7 @@ int BIO_read(BIO *b, void *out, int outl)
 	return(i);
 	}
 
-int BIO_write(BIO *b, const void *in, int inl)
+int BIO_write(BIO *b, const char *in, int inl)
 	{
 	int i;
 	long (*cb)();

crypto/bio/bss_bio.c

@@ -19,14 +19,8 @@
 
 #include <openssl/bio.h>
 #include <openssl/err.h>
-#include <openssl/err.h>
 #include <openssl/crypto.h>
 
-#include "openssl/e_os.h"
-#ifndef SSIZE_MAX
-# define SSIZE_MAX INT_MAX
-#endif
-
 static int bio_new(BIO *bio);
 static int bio_free(BIO *bio);
 static int bio_read(BIO *bio, char *buf, int size);
@@ -211,10 +205,10 @@ static int bio_read(BIO *bio, char *buf, int size_)
  */
 /* WARNING: The non-copying interface is largely untested as of yet
  * and may contain bugs. */
-static ssize_t bio_nread0(BIO *bio, char **buf)
+static size_t bio_nread0(BIO *bio, char **buf)
 	{
 	struct bio_bio_st *b, *peer_b;
-	ssize_t num;
+	size_t num;
 	
 	BIO_clear_retry_flags(bio);
 
@@ -249,20 +243,15 @@ static ssize_t bio_nread0(BIO *bio, char **buf)
 	return num;
 	}
 
-static ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
+static size_t bio_nread(BIO *bio, char **buf, size_t num)
 	{
 	struct bio_bio_st *b, *peer_b;
-	ssize_t num, available;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
+	size_t available;
 
 	available = bio_nread0(bio, buf);
 	if (num > available)
 		num = available;
-	if (num <= 0)
+	if (num == 0)
 		return num;
 
 	b = bio->ptr;
@@ -362,7 +351,7 @@ static int bio_write(BIO *bio, char *buf, int num_)
  * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
  *  or just         bio_nwrite(), write to buffer)
  */
-static ssize_t bio_nwrite0(BIO *bio, char **buf)
+static size_t bio_nwrite0(BIO *bio, char **buf)
 	{
 	struct bio_bio_st *b;
 	size_t num;
@@ -410,20 +399,15 @@ static ssize_t bio_nwrite0(BIO *bio, char **buf)
 	return num;
 	}
 
-static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
+static size_t bio_nwrite(BIO *bio, char **buf, size_t num)
 	{
 	struct bio_bio_st *b;
-	ssize_t num, space;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
+	size_t space;
 
 	space = bio_nwrite0(bio, buf);
 	if (num > space)
 		num = space;
-	if (num <= 0)
+	if (num == 0)
 		return num;
 	b = bio->ptr;
 	assert(b != NULL);
@@ -525,11 +509,6 @@ static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
 		ret = 1;
 		break;
 
-	case BIO_C_NREAD0:
-		/* prepare for non-copying read */
-		ret = (long) bio_nread0(bio, ptr);
-		break;
-		
 	case BIO_C_NREAD:
 		/* non-copying read */
 		ret = (long) bio_nread(bio, ptr, (size_t) num);

crypto/bio/bss_log.c

@@ -57,8 +57,8 @@
 	Why BIO_s_log?
 
 	BIO_s_log is useful for system daemons (or services under NT).
-	It is one-way BIO, it sends all stuff to syslogd (on system that
-	commonly use that), or event log (on NT), or OPCOM (on OpenVMS).
+	It is one-way BIO, it sends all stuff to syslogd (or event log
+	under NT).
 
 */
 
@@ -66,58 +66,29 @@
 #include <stdio.h>
 #include <errno.h>
 
-#if defined(WIN32)
-#  include <process.h>
-#elif defined(VMS) || defined(__VMS)
-#  include <opcdef.h>
-#  include <descrip.h>
-#  include <lib$routines.h>
-#  include <starlet.h>
-#elif defined(__ultrix)
-#  include <sys/syslog.h>
-#elif !defined(MSDOS) /* Unix */
-#  include <syslog.h>
+#ifndef WIN32
+#ifdef __ultrix
+#include <sys/syslog.h>
+#else
+#include <syslog.h>
+#endif
+#else
+#include <process.h>
 #endif
 
 #include "cryptlib.h"
 #include <openssl/buffer.h>
 #include <openssl/err.h>
-
 #ifndef NO_SYSLOG
 
-#if defined(WIN32)
-#define LOG_EMERG	0
-#define LOG_ALERT	1
-#define LOG_CRIT	2
-#define LOG_ERR		3
-#define LOG_WARNING	4
-#define LOG_NOTICE	5
-#define LOG_INFO	6
-#define LOG_DEBUG	7
-
-#define LOG_DAEMON	(3<<3)
-#elif defined(VMS)
-/* On VMS, we don't really care about these, but we need them to compile */
-#define LOG_EMERG	0
-#define LOG_ALERT	1
-#define LOG_CRIT	2
-#define LOG_ERR		3
-#define LOG_WARNING	4
-#define LOG_NOTICE	5
-#define LOG_INFO	6
-#define LOG_DEBUG	7
-
-#define LOG_DAEMON	OPC$M_NM_NTWORK
-#endif
 
 static int MS_CALLBACK slg_write(BIO *h,char *buf,int num);
 static int MS_CALLBACK slg_puts(BIO *h,char *str);
 static long MS_CALLBACK slg_ctrl(BIO *h,int cmd,long arg1,char *arg2);
 static int MS_CALLBACK slg_new(BIO *h);
 static int MS_CALLBACK slg_free(BIO *data);
-static void xopenlog(BIO* bp, const char* name, int level);
-static void xsyslog(BIO* bp, int priority, const char* string);
-static void xcloselog(BIO* bp);
+static int xopenlog(BIO* bp, const char* name, int level);
+static int xcloselog(BIO* bp);
 
 static BIO_METHOD methods_slg=
 	{
@@ -142,7 +113,11 @@ static int MS_CALLBACK slg_new(BIO *bi)
 	bi->init=1;
 	bi->num=0;
 	bi->ptr=NULL;
+#ifndef WIN32
 	xopenlog(bi, "application", LOG_DAEMON);
+#else
+	xopenlog(bi, "application", 0);
+#endif
 	return(1);
 	}
 
@@ -158,14 +133,43 @@ static int MS_CALLBACK slg_write(BIO *b, char *in, int inl)
 	int ret= inl;
 	char* buf= in;
 	char* pp;
+#if defined(WIN32)
+	LPCSTR lpszStrings[2];
+	WORD evtype= EVENTLOG_ERROR_TYPE;
+	int pid = _getpid();
+	char pidbuf[20];
+#else
 	int priority;
+#endif
 
 	if((buf= (char *)Malloc(inl+ 1)) == NULL){
 		return(0);
 	}
 	strncpy(buf, in, inl);
 	buf[inl]= '\0';
+#if defined(WIN32)
+	if(strncmp(buf, "ERR ", 4) == 0){
+		evtype= EVENTLOG_ERROR_TYPE;
+		pp= buf+ 4;
+	}else if(strncmp(buf, "WAR ", 4) == 0){
+		evtype= EVENTLOG_WARNING_TYPE;
+		pp= buf+ 4;
+	}else if(strncmp(buf, "INF ", 4) == 0){
+		evtype= EVENTLOG_INFORMATION_TYPE;
+		pp= buf+ 4;
+	}else{
+		evtype= EVENTLOG_ERROR_TYPE;
+		pp= buf;
+	}
 
+	sprintf(pidbuf, "[%d] ", pid);
+	lpszStrings[0] = pidbuf;
+	lpszStrings[1] = pp;
+
+	if(b->ptr)
+		ReportEvent(b->ptr, evtype, 0, 1024, NULL, 2, 0,
+				lpszStrings, NULL);
+#else
 	if(strncmp(buf, "ERR ", 4) == 0){
 		priority= LOG_ERR;
 		pp= buf+ 4;
@@ -180,8 +184,8 @@ static int MS_CALLBACK slg_write(BIO *b, char *in, int inl)
 		pp= buf;
 	}
 
-	xsyslog(b, priority, pp);
-
+	syslog(priority, "%s", pp);
+#endif
 	Free(buf);
 	return(ret);
 	}
@@ -209,128 +213,28 @@ static int MS_CALLBACK slg_puts(BIO *bp, char *str)
 	return(ret);
 	}
 
+static int xopenlog(BIO* bp, const char* name, int level)
+{
 #if defined(WIN32)
-
-static void xopenlog(BIO* bp, const char* name, int level)
-{
-	bp->ptr= (char *)RegisterEventSource(NULL, name);
+	if((bp->ptr= (char *)RegisterEventSource(NULL, name)) == NULL){
+		return(0);
+	}
+#else
+	openlog(name, LOG_PID|LOG_CONS, level);
+#endif
+	return(1);
 }
 
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	LPCSTR lpszStrings[2];
-	WORD evtype= EVENTLOG_ERROR_TYPE;
-	int pid = _getpid();
-	char pidbuf[20];
-
-	switch (priority)
-		{
-	case LOG_ERR:
-		evtype = EVENTLOG_ERROR_TYPE;
-		break;
-	case LOG_WARNING:
-		evtype = EVENTLOG_WARNING_TYPE;
-		break;
-	case LOG_INFO:
-		evtype = EVENTLOG_INFORMATION_TYPE;
-		break;
-	default:
-		evtype = EVENTLOG_ERROR_TYPE;
-		break;
-		}
-
-	sprintf(pidbuf, "[%d] ", pid);
-	lpszStrings[0] = pidbuf;
-	lpszStrings[1] = string;
-
-	if(bp->ptr)
-		ReportEvent(bp->ptr, evtype, 0, 1024, NULL, 2, 0,
-				lpszStrings, NULL);
-}
-	
-static void xcloselog(BIO* bp)
+static int xcloselog(BIO* bp)
 {
+#if defined(WIN32)
 	if(bp->ptr)
 		DeregisterEventSource((HANDLE)(bp->ptr));
 	bp->ptr= NULL;
-}
-
-#elif defined(VMS)
-
-static int VMS_OPC_target = LOG_DAEMON;
-
-static void xopenlog(BIO* bp, const char* name, int level)
-{
-	VMS_OPC_target = level; 
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	struct dsc$descriptor_s opc_dsc;
-	struct opcdef *opcdef_p;
-	char buf[10240];
-	unsigned int len;
-        struct dsc$descriptor_s buf_dsc;
-	$DESCRIPTOR(fao_cmd, "!AZ: !AZ");
-	char *priority_tag;
-
-	switch (priority)
-	  {
-	  case LOG_EMERG: priority_tag = "Emergency"; break;
-	  case LOG_ALERT: priority_tag = "Alert"; break;
-	  case LOG_CRIT: priority_tag = "Critical"; break;
-	  case LOG_ERR: priority_tag = "Error"; break;
-	  case LOG_WARNING: priority_tag = "Warning"; break;
-	  case LOG_NOTICE: priority_tag = "Notice"; break;
-	  case LOG_INFO: priority_tag = "Info"; break;
-	  case LOG_DEBUG: priority_tag = "DEBUG"; break;
-	  }
-
-	buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-	buf_dsc.dsc$b_class = DSC$K_CLASS_S;
-	buf_dsc.dsc$a_pointer = buf;
-	buf_dsc.dsc$w_length = sizeof(buf) - 1;
-
-	lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
-
-	/* we know there's an 8 byte header.  That's documented */
-	opcdef_p = (struct opcdef *) Malloc(8 + len);
-	opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
-	memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
-	opcdef_p->opc$l_ms_rqstid = 0;
-	memcpy(&opcdef_p->opc$l_ms_text, buf, len);
-
-	opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-	opc_dsc.dsc$b_class = DSC$K_CLASS_S;
-	opc_dsc.dsc$a_pointer = (char *)opcdef_p;
-	opc_dsc.dsc$w_length = len + 8;
-
-	sys$sndopr(opc_dsc, 0);
-
-	Free(opcdef_p);
-}
-
-static void xcloselog(BIO* bp)
-{
-}
-
-#else /* Unix */
-
-static void xopenlog(BIO* bp, const char* name, int level)
-{
-	openlog(name, LOG_PID|LOG_CONS, level);
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-	syslog(priority, "%s", string);
-}
-
-static void xcloselog(BIO* bp)
-{
+#else
 	closelog();
+#endif
+	return(1);
 }
 
-#endif /* Unix */
-
-#endif /* NO_SYSLOG */
+#endif

crypto/bn/Makefile.ssl

@@ -5,7 +5,6 @@
 DIR=	bn
 TOP=	../..
 CC=	cc
-CPP=    $(CC) -E
 INCLUDES= -I.. -I../../include
 CFLAG=-g
 INSTALL_PREFIX=
@@ -73,10 +72,10 @@ lib:	$(LIBOBJ)
 
 # elf
 asm/bn86-elf.o: asm/bn86unix.cpp
-	$(CPP) -DELF -x c asm/bn86unix.cpp | as -o asm/bn86-elf.o
+	$(CPP) -DELF asm/bn86unix.cpp | as -o asm/bn86-elf.o
 
 asm/co86-elf.o: asm/co86unix.cpp
-	$(CPP) -DELF -x c asm/co86unix.cpp | as -o asm/co86-elf.o
+	$(CPP) -DELF asm/co86unix.cpp | as -o asm/co86-elf.o
 
 # solaris
 asm/bn86-sol.o: asm/bn86unix.cpp
@@ -103,10 +102,10 @@ asm/bn86bsdi.o: asm/bn86unix.cpp
 asm/co86bsdi.o: asm/co86unix.cpp
 	$(CPP) -DBSDI asm/co86unix.cpp | sed 's/ :/:/' | as -o asm/co86bsdi.o
 
-asm/bn86unix.cpp: asm/bn-586.pl ../perlasm/x86asm.pl
+asm/bn86unix.cpp: asm/bn-586.pl
 	(cd asm; $(PERL) bn-586.pl cpp >bn86unix.cpp )
 
-asm/co86unix.cpp: asm/co-586.pl ../perlasm/x86asm.pl
+asm/co86unix.cpp: asm/co-586.pl
 	(cd asm; $(PERL) co-586.pl cpp >co86unix.cpp )
 
 asm/sparcv8.o: asm/sparcv8.S

crypto/bn/asm/x86w16.asm

@@ -0,0 +1,297 @@
+;	Static Name Aliases
+;
+	TITLE   bn_mulw.c
+	.8087
+F_TEXT	SEGMENT  WORD PUBLIC 'CODE'
+F_TEXT	ENDS
+_DATA	SEGMENT  WORD PUBLIC 'DATA'
+_DATA	ENDS
+_CONST	SEGMENT  WORD PUBLIC 'CONST'
+_CONST	ENDS
+_BSS	SEGMENT  WORD PUBLIC 'BSS'
+_BSS	ENDS
+DGROUP	GROUP	_CONST, _BSS, _DATA
+	ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT      SEGMENT
+	ASSUME	CS: F_TEXT
+	PUBLIC	_bn_mul_add_words
+_bn_mul_add_words	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 26
+;	num = 24
+;	ap = 20
+;	rp = 16
+	xor	si,si			;c=0;
+	mov	di,WORD PTR [bp+16]	; load r
+	mov	ds,WORD PTR [bp+18]	; load r
+	mov	bx,WORD PTR [bp+20]	; load a
+	mov	es,WORD PTR [bp+22]	; load a
+	mov	cx,WORD PTR [bp+26]	; load w
+	mov	bp,WORD PTR [bp+24]	; load num
+
+	shr	bp,1	; div count by 4 and do groups of 4
+	shr	bp,1
+	je	$L555
+
+$L546:
+	mov	ax,cx
+	mul	WORD PTR es:[bx]	; w* *a
+	add	ax,WORD PTR ds:[di]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]	; w* *a
+	add	ax,WORD PTR ds:[di+2]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]	; w* *a
+	add	ax,WORD PTR ds:[di+4]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+6]	; w* *a
+	add	ax,WORD PTR ds:[di+6]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+6],ax
+	mov	si,dx
+	;
+	add	bx,8
+	add	di,8
+	;
+	dec	bp
+	je	$L555
+	jmp	$L546
+;
+;
+$L555:
+	mov	bp,sp
+	mov	bp,WORD PTR [bp+24]	; load num
+	and	bp,3
+	dec	bp
+	js	$L547
+
+	mov	ax,cx
+	mul	WORD PTR es:[bx]	; w* *a
+	add	ax,WORD PTR ds:[di]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	dec	bp
+	js	$L547			; Note that we are now testing for -1
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]	; w* *a
+	add	ax,WORD PTR ds:[di+2]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	dec	bp
+	js	$L547
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]	; w* *a
+	add	ax,WORD PTR ds:[di+4]	; + *r
+	adc	dx,0
+	adc	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+$L547:
+	mov	ax,si
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+
+_bn_mul_add_words	ENDP
+	PUBLIC	_bn_mul_words
+_bn_mul_words	PROC FAR
+; Line 76
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	xor	si,si
+	mov	bp,sp
+	mov	di,WORD PTR [bp+16]	; r
+	mov	ds,WORD PTR [bp+18]
+	mov	bx,WORD PTR [bp+20]	; a
+	mov	es,WORD PTR [bp+22]
+	mov	cx,WORD PTR [bp+26]	; w
+	mov	bp,WORD PTR [bp+24]	; num 
+$FC743:
+	mov	ax,cx
+	mul	WORD PTR es:[bx]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+2]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+2],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+4]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+4],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	mov	ax,cx
+	mul	WORD PTR es:[bx+6]
+	add	ax,si
+	adc	dx,0
+	mov	WORD PTR ds:[di+6],ax
+	mov	si,dx
+	dec	bp
+	je	$L764
+	;
+	add	bx,8
+	add	di,8
+	jmp	$FC743
+	nop
+$L764:
+	mov	ax,si
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_mul_words	ENDP
+	PUBLIC	_bn_sqr_words
+_bn_sqr_words	PROC FAR
+; Line 92
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+	mov	si,WORD PTR [bp+16]
+	mov	ds,WORD PTR [bp+18]
+	mov	di,WORD PTR [bp+20]
+	mov	es,WORD PTR [bp+22]
+	mov	bx,WORD PTR [bp+24]
+
+	mov	bp,bx	; save a memory lookup later
+	shr	bx,1	; div count by 4 and do groups of 4
+	shr	bx,1
+	je	$L666
+
+$L765:
+	mov	ax,WORD PTR es:[di]
+	mul	ax
+	mov	WORD PTR ds:[si],ax
+	mov	WORD PTR ds:[si+2],dx
+	;
+	mov	ax,WORD PTR es:[di+2]
+	mul	ax
+	mov	WORD PTR ds:[si+4],ax
+	mov	WORD PTR ds:[si+6],dx
+	;
+	mov	ax,WORD PTR es:[di+4]
+	mul	ax
+	mov	WORD PTR ds:[si+8],ax
+	mov	WORD PTR ds:[si+10],dx
+	;
+	mov	ax,WORD PTR es:[di+6]
+	mul	ax
+	mov	WORD PTR ds:[si+12],ax
+	mov	WORD PTR ds:[si+14],dx
+	;
+	add	di,8
+	add	si,16
+	dec	bx
+	je	$L666
+	jmp	$L765
+$L666:
+	and	bp,3
+	dec	bp	; The copied value of bx (num)
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di]
+	mul	ax
+	mov	WORD PTR ds:[si],ax
+	mov	WORD PTR ds:[si+2],dx
+	dec	bp
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di+2]
+	mul	ax
+	mov	WORD PTR ds:[si+4],ax
+	mov	WORD PTR ds:[si+6],dx
+	dec	bp
+	js	$L645
+	;
+	mov	ax,WORD PTR es:[di+4]
+	mul	ax
+	mov	WORD PTR ds:[si+8],ax
+	mov	WORD PTR ds:[si+10],dx
+$L645:
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+
+_bn_sqr_words	ENDP
+	PUBLIC	_bn_div64
+_bn_div64	PROC FAR
+	push	bp
+	mov	bp,sp
+	mov	dx, WORD PTR [bp+6]
+	mov	ax, WORD PTR [bp+8]
+	div	WORD PTR [bp+10]
+	pop	bp
+	ret	
+_bn_div64	ENDP
+F_TEXT	ENDS
+END

crypto/bn/asm/x86w32.asm

@@ -0,0 +1,360 @@
+;	Static Name Aliases
+;
+	TITLE   bn_mulw.c
+	.386
+F_TEXT	SEGMENT  WORD USE16 PUBLIC 'CODE'
+F_TEXT	ENDS
+_DATA	SEGMENT  WORD USE16 PUBLIC 'DATA'
+_DATA	ENDS
+_CONST	SEGMENT  WORD USE16 PUBLIC 'CONST'
+_CONST	ENDS
+_BSS	SEGMENT  WORD USE16 PUBLIC 'BSS'
+_BSS	ENDS
+DGROUP	GROUP	_CONST, _BSS, _DATA
+	ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT      SEGMENT
+	ASSUME	CS: F_TEXT
+	PUBLIC	_bn_mul_add_words
+_bn_mul_add_words	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 28
+;	num = 26
+;	ap = 22
+;	rp = 18
+	xor	esi,esi			;c=0;
+	mov	di,WORD PTR [bp+18]	; load r
+	mov	ds,WORD PTR [bp+20]	; load r
+	mov	bx,WORD PTR [bp+22]	; load a
+	mov	es,WORD PTR [bp+24]	; load a
+	mov	ecx,DWORD PTR [bp+28]	; load w
+	mov	bp,WORD PTR [bp+26]	; load num
+	shr	bp,1	; div count by 4 and do groups of 4
+	shr	bp,1
+	je	$L555
+
+$L546:
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]	; w* *a
+	add	eax,DWORD PTR ds:[di]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]	; w* *a
+	add	eax,DWORD PTR ds:[di+4]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]	; w* *a
+	add	eax,DWORD PTR ds:[di+8]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+12]	; w* *a
+	add	eax,DWORD PTR ds:[di+12]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+12],eax
+	mov	esi,edx
+	;
+	add	bx,16
+	add	di,16
+	;
+	dec	bp
+	je	$L555
+	jmp	$L546
+;
+;
+$L555:
+	mov	bp,sp
+	mov	bp,WORD PTR [bp+26]	; load num
+	and	bp,3
+	dec	bp
+	js	$L547m
+
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]	; w* *a
+	add	eax,DWORD PTR ds:[di]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	dec	bp
+	js	$L547m			; Note that we are now testing for -1
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]	; w* *a
+	add	eax,DWORD PTR ds:[di+4]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	dec	bp
+	js	$L547m
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]	; w* *a
+	add	eax,DWORD PTR ds:[di+8]	; + *r
+	adc	edx,0
+	adc	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+$L547m:
+	mov	eax,esi
+	mov	edx,esi
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_mul_add_words	ENDP
+
+	PUBLIC	_bn_mul_words
+_bn_mul_words	PROC FAR
+; Line 76
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	xor	esi,esi
+	mov	bp,sp
+	mov	di,WORD PTR [bp+18]	; r
+	mov	ds,WORD PTR [bp+20]
+	mov	bx,WORD PTR [bp+22]	; a
+	mov	es,WORD PTR [bp+24]
+	mov	ecx,DWORD PTR [bp+28]	; w
+	mov	bp,WORD PTR [bp+26]	; num 
+
+$FC743:
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+4]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+4],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+8]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+8],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	mov	eax,ecx
+	mul	DWORD PTR es:[bx+12]
+	add	eax,esi
+	adc	edx,0
+	mov	DWORD PTR ds:[di+12],eax
+	mov	esi,edx
+	dec	bp
+	je	$L764
+	;
+	add	bx,16
+	add	di,16
+	jmp	$FC743
+	nop
+$L764:
+	mov	eax,esi
+	mov	edx,esi
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_mul_words	ENDP
+	PUBLIC	_bn_sqr_words
+_bn_sqr_words	PROC FAR
+; Line 92
+	push	bp
+	push	bx
+	push	si
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+	mov	si,WORD PTR [bp+16]
+	mov	ds,WORD PTR [bp+18]
+	mov	di,WORD PTR [bp+20]
+	mov	es,WORD PTR [bp+22]
+	mov	bx,WORD PTR [bp+24]
+
+	mov	bp,bx	; save a memory lookup later
+	shr	bx,1	; div count by 4 and do groups of 4
+	shr	bx,1
+	je	$L666
+
+$L765:
+	mov	eax,DWORD PTR es:[di]
+	mul	eax
+	mov	DWORD PTR ds:[si],eax
+	mov	DWORD PTR ds:[si+4],edx
+	;
+	mov	eax,DWORD PTR es:[di+4]
+	mul	eax
+	mov	DWORD PTR ds:[si+8],eax
+	mov	DWORD PTR ds:[si+12],edx
+	;
+	mov	eax,DWORD PTR es:[di+8]
+	mul	eax
+	mov	DWORD PTR ds:[si+16],eax
+	mov	DWORD PTR ds:[si+20],edx
+	;
+	mov	eax,DWORD PTR es:[di+12]
+	mul	eax
+	mov	DWORD PTR ds:[si+24],eax
+	mov	DWORD PTR ds:[si+28],edx
+	;
+	add	di,16
+	add	si,32
+	dec	bx
+	je	$L666
+	jmp	$L765
+$L666:
+	and	bp,3
+	dec	bp	; The copied value of bx (num)
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di]
+	mul	eax
+	mov	DWORD PTR ds:[si],eax
+	mov	DWORD PTR ds:[si+4],edx
+	dec	bp
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di+4]
+	mul	eax
+	mov	DWORD PTR ds:[si+8],eax
+	mov	DWORD PTR ds:[si+12],edx
+	dec	bp
+	js	$L645
+	;
+	mov	eax,DWORD PTR es:[di+8]
+	mul	eax
+	mov	DWORD PTR ds:[si+16],eax
+	mov	DWORD PTR ds:[si+20],edx
+$L645:
+	pop	es
+	pop	ds
+	pop	di
+	pop	si
+	pop	bx
+	pop	bp
+	ret	
+_bn_sqr_words	ENDP
+
+	PUBLIC	_bn_div64
+_bn_div64	PROC FAR
+	push	bp
+	mov	bp,sp
+	mov	edx, DWORD PTR [bp+6]
+	mov	eax, DWORD PTR [bp+10]
+	div	DWORD PTR [bp+14]
+	mov	edx,eax
+	shr	edx,16
+	pop	bp
+	ret	
+_bn_div64	ENDP
+
+	PUBLIC	_bn_add_words
+_bn_add_words	PROC FAR
+; Line 58
+	push	bp
+	push	bx
+	push	esi
+	push	di
+	push	ds
+	push	es
+	mov	bp,sp
+;	w = 28
+;	num = 26
+;	ap = 22
+;	rp = 18
+	xor	esi,esi			;c=0;
+	mov	bx,WORD PTR [bp+18]	; load low r
+	mov	si,WORD PTR [bp+22]	; load a
+	mov	es,WORD PTR [bp+24]	; load a
+	mov	di,WORD PTR [bp+26]	; load b
+	mov	ds,WORD PTR [bp+28]	; load b
+
+	mov	dx,WORD PTR [bp+30]	; load num
+	xor	ecx,ecx
+	dec	dx
+	js	$L547a
+
+$L5477:
+	mov	eax,DWORD PTR es:[si]	; *a
+	add	eax,ecx
+	mov	ecx,0
+	adc	ecx,0
+	add	si,4			; a++
+	add	eax,DWORD PTR ds:[di]	; + *b
+	adc	ecx,0
+	mov	ds,WORD PTR [bp+20]
+	add	di,4
+	mov	DWORD PTR ds:[bx],eax
+	mov	ds,WORD PTR [bp+28]
+	add	bx,4
+	dec	dx
+	js	$L547a			; Note that we are now testing for -1
+	jmp	$L5477
+	;
+$L547a:
+	mov	eax,ecx
+	mov	edx,ecx
+	shr	edx,16
+	pop	es
+	pop	ds
+	pop	di
+	pop	esi
+	pop	bx
+	pop	bp
+	ret	
+	nop	
+_bn_add_words	ENDP
+F_TEXT	ENDS
+END

crypto/bn/bn.h

@@ -89,7 +89,7 @@ extern "C" {
  * For machines with only one compiler (or shared libraries), this should
  * be on.  Again this in only really a problem on machines
  * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux)
+#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
 #define BN_DIV2W
 #endif
 

crypto/bn/bn_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/bn/bn_mont.c

@@ -73,7 +73,6 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
 			  BN_MONT_CTX *mont, BN_CTX *ctx)
 	{
 	BIGNUM *tmp,*tmp2;
-	int ret=0;
 
 	BN_CTX_start(ctx);
 	tmp = BN_CTX_get(ctx);
@@ -102,10 +101,10 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
 		}
 	/* reduce from aRR to aR */
 	if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
-	ret=1;
-err:
 	BN_CTX_end(ctx);
-	return(ret);
+	return(1);
+err:
+	return(0);
 	}
 
 int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont,

crypto/bn/bn_mul.c

@@ -61,9 +61,6 @@
 #include "bn_lcl.h"
 
 #ifdef BN_RECURSION
-/* Karatsuba recursive multiplication algorithm
- * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
-
 /* r is 2*n2 words in size,
  * a and b are both n2 words in size.
  * n2 must be a power of 2.

crypto/bn/bntest.c

@@ -234,8 +234,7 @@ int main(int argc, char *argv[])
 /**/
 	exit(0);
 err:
-	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
-	                      * the failure, see test_bn in test/Makefile.ssl*/
+	BIO_puts(out,"1\n"); /* make sure bc fails if we are piping to it */
 	BIO_flush(out);
 	ERR_load_crypto_strings();
 	ERR_print_errors_fp(stderr);

crypto/buffer/buf_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/cast/Makefile.ssl

@@ -52,7 +52,7 @@ lib:	$(LIBOBJ)
 
 # elf
 asm/cx86-elf.o: asm/cx86unix.cpp
-	$(CPP) -DELF -x c asm/cx86unix.cpp | as -o asm/cx86-elf.o
+	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
 
 # solaris
 asm/cx86-sol.o: asm/cx86unix.cpp
@@ -68,7 +68,7 @@ asm/cx86-out.o: asm/cx86unix.cpp
 asm/cx86bsdi.o: asm/cx86unix.cpp
 	$(CPP) -DBSDI asm/cx86unix.cpp | sed 's/ :/:/' | as -o asm/cx86bsdi.o
 
-asm/cx86unix.cpp: asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+asm/cx86unix.cpp: asm/cast-586.pl
 	(cd asm; $(PERL) cast-586.pl cpp $(PROCESSOR) >cx86unix.cpp)
 
 files:

crypto/cast/Makefile.uni

@@ -0,0 +1,124 @@
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# There are 3 possible performance options, experiment :-)
+#OPTS= -DBF_PTR
+#OPTS= -DBF_PTR2
+OPTS=
+
+DIR=    cast
+TOP=    .
+CC=     gcc
+CFLAG=	-O3 -fomit-frame-pointer
+
+CPP=    $(CC) -E
+INCLUDES=
+INSTALLTOP=/usr/local/lib
+MAKE=           make
+MAKEDEPEND=     makedepend
+MAKEFILE=       Makefile.uni
+AR=             ar r
+RANLIB=         ranlib
+
+CAST_ENC=c_enc.o
+# or use
+#CAST_ENC=asm/cx86-elf.o
+#CAST_ENC=asm/cx86-out.o
+#CAST_ENC=asm/cx86-sol.o
+#CAST_ENC=asm/cx86bdsi.o
+
+CFLAGS= $(OPTS) $(INCLUDES) $(CFLAG) -DFULL_TEST
+
+GENERAL=Makefile
+TEST=casttest
+APP1=cast_spd
+APP2=castopts
+APPS=$(APP1) $(APP2)
+
+LIB=libcast.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER= cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+all:    $(LIB) $(TEST) $(APPS)
+
+$(LIB):    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB)
+# elf
+asm/cx86-elf.o: asm/cx86unix.cpp
+	$(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+
+# solaris
+asm/cx86-sol.o: asm/cx86unix.cpp
+	$(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+	as -o asm/cx86-sol.o asm/cx86-sol.s
+	rm -f asm/cx86-sol.s
+
+# a.out
+asm/cx86-out.o: asm/cx86unix.cpp
+	$(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/cx86bsdi.o: asm/cx86unix.cpp
+	$(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+
+asm/cx86unix.cpp:
+	(cd asm; perl cast-586.pl cpp >cx86unix.cpp)
+
+test:	$(TEST)
+	./$(TEST)
+
+$(TEST): $(TEST).c $(LIB)
+	$(CC) -o $(TEST) $(CFLAGS) $(TEST).c $(LIB)
+
+$(APP1): $(APP1).c $(LIB)
+	$(CC) -o $(APP1) $(CFLAGS) $(APP1).c $(LIB)
+
+$(APP2): $(APP2).c $(LIB)
+	$(CC) -o $(APP2) $(CFLAGS) $(APP2).c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	/bin/rm -f $(LIB) $(TEST) $(APPS) *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+cc:
+	$(MAKE) CC="cc" CFLAG="-O" all
+
+gcc:
+	$(MAKE) CC="gcc" CFLAGS="-O3 -fomit-frame-pointer" all
+
+x86-elf:
+	$(MAKE) CAST_ENC="asm/cx86-elf.o" CFLAG="-DELF $(CFLAGS)" all
+
+x86-out:
+	$(MAKE) CAST_ENC="asm/cx86-out.o" CFLAG="-DOUT $(CFLAGS)" all
+
+x86-solaris:
+	$(MAKE) CAST_ENC="asm/cx86-sol.o" CFLAG="-DSOL $(CFLAGS)" all
+
+x86-bdsi:
+	$(MAKE) CAST_ENC="asm/cx86-bdsi.o" CFLAG="-DBDSI $(CFLAGS)" all
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.

crypto/cast/asm/c-win32.asm

@@ -0,0 +1,953 @@
+	; Don't even think of reading this code
+	; It was automatically generated by cast-586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	cast-586.asm
+        .486
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_CAST_encrypt
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+
+_CAST_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	; Get short key flag
+	mov	eax,		DWORD PTR 128[ebp]
+	push	eax
+	xor	eax,		eax
+	; round 0
+	mov	edx,		DWORD PTR [ebp]
+	mov	ecx,		DWORD PTR 4[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 2
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ecx,		DWORD PTR 20[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 3
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ecx,		DWORD PTR 28[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 4
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 5
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ecx,		DWORD PTR 44[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 6
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ecx,		DWORD PTR 52[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 7
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 8
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ecx,		DWORD PTR 68[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 9
+	mov	edx,		DWORD PTR 72[ebp]
+	mov	ecx,		DWORD PTR 76[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 10
+	mov	edx,		DWORD PTR 80[ebp]
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 11
+	mov	edx,		DWORD PTR 88[ebp]
+	mov	ecx,		DWORD PTR 92[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; test short key flag
+	pop	edx
+	or	edx,		edx
+	jnz	$L000cast_enc_done
+	; round 12
+	mov	edx,		DWORD PTR 96[ebp]
+	mov	ecx,		DWORD PTR 100[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 13
+	mov	edx,		DWORD PTR 104[ebp]
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 14
+	mov	edx,		DWORD PTR 112[ebp]
+	mov	ecx,		DWORD PTR 116[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 15
+	mov	edx,		DWORD PTR 120[ebp]
+	mov	ecx,		DWORD PTR 124[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+$L000cast_enc_done:
+	nop
+	mov	eax,		DWORD PTR 20[esp]
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_CAST_encrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_CAST_decrypt
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+
+_CAST_decrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	mov	ebx,		DWORD PTR 12[esp]
+	mov	ebp,		DWORD PTR 16[esp]
+	push	esi
+	push	edi
+	; Load the 2 words
+	mov	edi,		DWORD PTR [ebx]
+	mov	esi,		DWORD PTR 4[ebx]
+	; Get short key flag
+	mov	eax,		DWORD PTR 128[ebp]
+	or	eax,		eax
+	jnz	$L001cast_dec_skip
+	xor	eax,		eax
+	; round 15
+	mov	edx,		DWORD PTR 120[ebp]
+	mov	ecx,		DWORD PTR 124[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 14
+	mov	edx,		DWORD PTR 112[ebp]
+	mov	ecx,		DWORD PTR 116[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 13
+	mov	edx,		DWORD PTR 104[ebp]
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 12
+	mov	edx,		DWORD PTR 96[ebp]
+	mov	ecx,		DWORD PTR 100[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+$L001cast_dec_skip:
+	; round 11
+	mov	edx,		DWORD PTR 88[ebp]
+	mov	ecx,		DWORD PTR 92[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 10
+	mov	edx,		DWORD PTR 80[ebp]
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 9
+	mov	edx,		DWORD PTR 72[ebp]
+	mov	ecx,		DWORD PTR 76[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 8
+	mov	edx,		DWORD PTR 64[ebp]
+	mov	ecx,		DWORD PTR 68[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 7
+	mov	edx,		DWORD PTR 56[ebp]
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 6
+	mov	edx,		DWORD PTR 48[ebp]
+	mov	ecx,		DWORD PTR 52[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	; round 5
+	mov	edx,		DWORD PTR 40[ebp]
+	mov	ecx,		DWORD PTR 44[ebp]
+	sub	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	edi,		ecx
+	; round 4
+	mov	edx,		DWORD PTR 32[ebp]
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	esi,		ecx
+	; round 3
+	mov	edx,		DWORD PTR 24[ebp]
+	mov	ecx,		DWORD PTR 28[ebp]
+	add	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	edi,		ecx
+	; round 2
+	mov	edx,		DWORD PTR 16[ebp]
+	mov	ecx,		DWORD PTR 20[ebp]
+	sub	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	sub	ecx,		ebx
+	xor	esi,		ecx
+	; round 1
+	mov	edx,		DWORD PTR 8[ebp]
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	edx,		esi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	add	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	xor	ecx,		ebx
+	xor	edi,		ecx
+	; round 0
+	mov	edx,		DWORD PTR [ebp]
+	mov	ecx,		DWORD PTR 4[ebp]
+	add	edx,		edi
+	rol	edx,		cl
+	mov	ebx,		edx
+	xor	ecx,		ecx
+	mov	cl,		dh
+	and	ebx,		255
+	shr	edx,		16
+	xor	eax,		eax
+	mov	al,		dh
+	and	edx,		255
+	mov	ecx,		DWORD PTR _CAST_S_table0[ecx*4]
+	mov	ebx,		DWORD PTR _CAST_S_table1[ebx*4]
+	xor	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table2[eax*4]
+	sub	ecx,		ebx
+	mov	ebx,		DWORD PTR _CAST_S_table3[edx*4]
+	add	ecx,		ebx
+	xor	esi,		ecx
+	nop
+	mov	eax,		DWORD PTR 20[esp]
+	mov	DWORD PTR 4[eax],edi
+	mov	DWORD PTR [eax],esi
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_CAST_decrypt ENDP
+_TEXT	ENDS
+_TEXT	SEGMENT
+PUBLIC	_CAST_cbc_encrypt
+
+_CAST_cbc_encrypt PROC NEAR
+	; 
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	mov	ebp,		DWORD PTR 28[esp]
+	; getting iv ptr from parameter 4
+	mov	ebx,		DWORD PTR 36[esp]
+	mov	esi,		DWORD PTR [ebx]
+	mov	edi,		DWORD PTR 4[ebx]
+	push	edi
+	push	esi
+	push	edi
+	push	esi
+	mov	ebx,		esp
+	mov	esi,		DWORD PTR 36[esp]
+	mov	edi,		DWORD PTR 40[esp]
+	; getting encrypt flag from parameter 5
+	mov	ecx,		DWORD PTR 56[esp]
+	; get and push parameter 3
+	mov	eax,		DWORD PTR 48[esp]
+	push	eax
+	push	ebx
+	cmp	ecx,		0
+	jz	$L002decrypt
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	jz	$L003encrypt_finish
+L004encrypt_loop:
+	mov	ecx,		DWORD PTR [esi]
+	mov	edx,		DWORD PTR 4[esi]
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L004encrypt_loop
+$L003encrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L005finish
+	xor	ecx,		ecx
+	xor	edx,		edx
+	mov	ebp,		DWORD PTR $L006cbc_enc_jmp_table[ebp*4]
+	jmp	 ebp
+L007ej7:
+	xor	edx,		edx
+	mov	dh,		BYTE PTR 6[esi]
+	shl	edx,		8
+L008ej6:
+	mov	dh,		BYTE PTR 5[esi]
+L009ej5:
+	mov	dl,		BYTE PTR 4[esi]
+L010ej4:
+	mov	ecx,		DWORD PTR [esi]
+	jmp	$L011ejend
+L012ej3:
+	mov	ch,		BYTE PTR 2[esi]
+	xor	ecx,		ecx
+	shl	ecx,		8
+L013ej2:
+	mov	ch,		BYTE PTR 1[esi]
+L014ej1:
+	mov	cl,		BYTE PTR [esi]
+$L011ejend:
+	xor	eax,		ecx
+	xor	ebx,		edx
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_encrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR [edi],eax
+	mov	DWORD PTR 4[edi],ebx
+	jmp	$L005finish
+$L002decrypt:
+	and	ebp,		4294967288
+	mov	eax,		DWORD PTR 16[esp]
+	mov	ebx,		DWORD PTR 20[esp]
+	jz	$L015decrypt_finish
+L016decrypt_loop:
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	mov	DWORD PTR [edi],ecx
+	mov	DWORD PTR 4[edi],edx
+	mov	DWORD PTR 16[esp],eax
+	mov	DWORD PTR 20[esp],ebx
+	add	esi,		8
+	add	edi,		8
+	sub	ebp,		8
+	jnz	L016decrypt_loop
+$L015decrypt_finish:
+	mov	ebp,		DWORD PTR 52[esp]
+	and	ebp,		7
+	jz	$L005finish
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+	bswap	eax
+	bswap	ebx
+	mov	DWORD PTR 8[esp],eax
+	mov	DWORD PTR 12[esp],ebx
+	call	_CAST_decrypt
+	mov	eax,		DWORD PTR 8[esp]
+	mov	ebx,		DWORD PTR 12[esp]
+	bswap	eax
+	bswap	ebx
+	mov	ecx,		DWORD PTR 16[esp]
+	mov	edx,		DWORD PTR 20[esp]
+	xor	ecx,		eax
+	xor	edx,		ebx
+	mov	eax,		DWORD PTR [esi]
+	mov	ebx,		DWORD PTR 4[esi]
+L017dj7:
+	ror	edx,		16
+	mov	BYTE PTR 6[edi],dl
+	shr	edx,		16
+L018dj6:
+	mov	BYTE PTR 5[edi],dh
+L019dj5:
+	mov	BYTE PTR 4[edi],dl
+L020dj4:
+	mov	DWORD PTR [edi],ecx
+	jmp	$L021djend
+L022dj3:
+	ror	ecx,		16
+	mov	BYTE PTR 2[edi],cl
+	shl	ecx,		16
+L023dj2:
+	mov	BYTE PTR 1[esi],ch
+L024dj1:
+	mov	BYTE PTR [esi],	cl
+$L021djend:
+	jmp	$L005finish
+$L005finish:
+	mov	ecx,		DWORD PTR 60[esp]
+	add	esp,		24
+	mov	DWORD PTR [ecx],eax
+	mov	DWORD PTR 4[ecx],ebx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+$L006cbc_enc_jmp_table:
+	DD	0
+	DD	L014ej1
+	DD	L013ej2
+	DD	L012ej3
+	DD	L010ej4
+	DD	L009ej5
+	DD	L008ej6
+	DD	L007ej7
+L025cbc_dec_jmp_table:
+	DD	0
+	DD	L024dj1
+	DD	L023dj2
+	DD	L022dj3
+	DD	L020dj4
+	DD	L019dj5
+	DD	L018dj6
+	DD	L017dj7
+_CAST_cbc_encrypt ENDP
+_TEXT	ENDS
+END

crypto/cast/cast_lcl.h

@@ -151,7 +151,7 @@
                          *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
                          *((c)++)=(unsigned char)(((l)     )&0xff))
 
-#if defined(WIN32) && defined(_MSC_VER)
+#if defined(WIN32)
 #define ROTL(a,n)     (_lrotl(a,n))
 #else
 #define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))

crypto/comp/comp_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/conf/conf_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/cpt_err.c

@@ -54,8 +54,7 @@
  */
 
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
+ * made to it will be overwritten when the script next updates this file.
  */
 
 #include <stdio.h>

crypto/crypto-lib.com

@@ -186,7 +186,7 @@ $ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
 	"enc_read,enc_writ,ofb64enc,"+ -
 	"ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
 	"des_enc,fcrypt_b,read2pwd,"+ -
-	"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,ede_cbcm_enc"
+	"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp,ede_cbcm_enc"
 $ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
 $ LIB_RC4 = "rc4_skey,rc4_enc"
 $ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
@@ -208,7 +208,7 @@ $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
 	"bss_mem,bss_null,bss_fd,"+ -
 	"bss_file,bss_sock,bss_conn,"+ -
 	"bf_null,bf_buff,b_print,b_dump,"+ -
-	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio,bss_log"
+	"b_sock,bss_acpt,bf_nbio,bss_rtcp,bss_bio" ! + ",bss_log" for syslog
 $ LIB_STACK = "stack"
 $ LIB_LHASH = "lhash,lh_stats"
 $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd"
@@ -266,7 +266,7 @@ $!
 $! Setup exceptional compilations
 $!
 $ COMPILEWITH_CC3 = ",bss_rtcp,"
-$ COMPILEWITH_CC4 = ",a_utctm,bss_log,"
+$ COMPILEWITH_CC4 = ",a_utctm,"
 $ COMPILEWITH_CC5 = ",md2_dgst,md5_dgst,mdc2dgst,sha_dgst,sha1dgst," + -
                     "rmd_dgst,bf_enc,"
 $!
@@ -1441,7 +1441,6 @@ $!
 $ IF P7 .NES. ""
 $ THEN
 $   ENCRYPT_TYPES = P7
-$! NYI:   ENCRYPT_PROGRAMS = P7
 $ ENDIF
 $!
 $!  Time To RETURN...

crypto/des/DES.pod

@@ -0,0 +1,16 @@
+crypt	<= 	crypt(buf,salt)
+key	<=	set_odd_parity(key)
+int	<=	is_weak_key(key)
+keysched<=	set_key(key)
+key	<=	ecb_encrypt(string8,ks,enc)
+key	<=	ecb3_encrypt(input,ks1,ks2,enc)
+string	<=	cbc_encrypt(input,ks,ivec,enc)			=> ivec 
+string	<=	cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,enc)	=> ivec1&ivec2 
+ck1,ck2	<=	cbc_cksum(input,ks,ivec)			=> ivec
+string	<=	pcbc_encrypt(input,ks,ivec,enc)			=> ivec 
+string	<=	ofb_encrypt(input,numbits,ks,ivec)		=> ivec
+string	<=	cfb_encrypt(input,numbits,ks,ivec,enc)		=> ivec
+key	<=	random_key()
+key	<=	string_to_key(string)
+key1,key2<=	string_to_2keys(string)
+

crypto/des/MODES.DES

@@ -0,0 +1,84 @@
+Modes of DES
+Quite a bit of the following information has been taken from
+	AS 2805.5.2
+	Australian Standard
+	Electronic funds transfer - Requirements for interfaces,
+	Part 5.2: Modes of operation for an n-bit block cipher algorithm
+	Appendix A
+
+There are several different modes in which DES can be used, they are
+as follows.
+
+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
+- 64 bits are enciphered at a time.
+- The order of the blocks can be rearranged without detection.
+- The same plaintext block always produces the same ciphertext block
+  (for the same key) making it vulnerable to a 'dictionary attack'.
+- An error will only affect one ciphertext block.
+
+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
+- a multiple of 64 bits are enciphered at a time.
+- The CBC mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext blocks dependent on the
+  current and all preceding plaintext blocks and therefore blocks can not
+  be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- An error will affect the current and the following ciphertext blocks.
+
+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The CFB mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext variables dependent on the
+  current and all preceding variables and therefore j-bit variables are
+  chained together and con not be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- The strength of the CFB mode depends on the size of k (maximal if
+  j == k).  In my implementation this is always the case.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- An error will affect the current and the following ciphertext variables.
+
+Output Feedback Mode (OFB) (des_ofb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The OFB mode produces the same ciphertext whenever the same
+  plaintext enciphered using the same key and starting variable.  More
+  over, in the OFB mode the same key stream is produced when the same
+  key and start variable are used.  Consequently, for security reasons
+  a specific start variable should be used only once for a given key.
+- The absence of chaining makes the OFB more vulnerable to specific attacks.
+- The use of different start variables values prevents the same
+  plaintext enciphering to the same ciphertext, by producing different
+  key streams.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- OFB mode of operation does not extend ciphertext errors in the
+  resultant plaintext output.  Every bit error in the ciphertext causes
+  only one bit to be in error in the deciphered plaintext.
+- OFB mode is not self-synchronising.  If the two operation of
+  encipherment and decipherment get out of synchronism, the system needs
+  to be re-initialised.
+- Each re-initialisation should use a value of the start variable
+different from the start variable values used before with the same
+key.  The reason for this is that an identical bit stream would be
+produced each time from the same parameters.  This would be
+susceptible to a 'known plaintext' attack.
+
+Triple ECB Mode (des_ecb3_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for ECB encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+  just one key.
+
+Triple CBC Mode (des_3cbc_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for CBC encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+  just one key.

crypto/des/Makefile.PL

@@ -0,0 +1,14 @@
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile being created.
+&writeMakefile(
+	'potential_libs' => '',   # e.g., '-lm' 
+	'INC' => '',     # e.g., '-I/usr/include/other' 
+	'DISTNAME' => 'DES',
+	'VERSION' => '0.1',
+	'DEFINE' => '-DPERL5',
+	'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+	rand_key.o set_key.o str2key.o \
+	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+	ecb3_enc.o ofb_enc.o cbc3_enc.o des_enc.o',
+	);

crypto/des/Makefile.lit

@@ -0,0 +1,250 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords.  There a 5 systems
+# SGTTY   - the old BSD system
+# TERMIO  - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS     - the DEC operating system
+# MSDOS   - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'.  I have seen this give a %20 speedup.
+
+OPTS0= -DLIBDES_LIT -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform.  There are some listed in options.txt
+#OPTS2= -DDES_PTR 
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o		# normal C version
+#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+	xcbc_enc.o qud_cksm.o \
+	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
+	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+	des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
+	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+	des.org des_locl.org
+TESTING_LIT=	destest speed des_opts
+TESTING_FULL=	rpw $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
+	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
+	rand_key.c rpc_enc.c  str2key.c  supp.c \
+	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
+
+PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ=	$(OBJ_LIT)
+GENERAL=$(GENERAL_LIT)
+TESTING=$(TESTING_LIT)
+TESTING_SRC=$(TESTING_SRC_LIT)
+HEADERS=$(HEADERS_LIT)
+LIBDES=	$(LIBDES_LIT)
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB=	libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86unix.cpp
+	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/yx86-elf.o: asm/yx86unix.cpp
+	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86unix.cpp
+	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+	as -o asm/dx86-sol.o asm/dx86-sol.s
+	rm -f asm/dx86-sol.s
+
+asm/yx86-sol.o: asm/yx86unix.cpp
+	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
+	as -o asm/yx86-sol.o asm/yx86-sol.s
+	rm -f asm/yx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86unix.cpp
+	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp:
+	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp:
+	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
+
+test:	all
+	./destest
+
+$(DLIB): $(OBJ)
+	/bin/rm -f $(DLIB)
+	ar cr $(DLIB) $(OBJ)
+	-if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
+	else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
+	else exit 0; fi; fi
+
+des_opts: des_opts.o $(DLIB)
+	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+	$(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+	/bin/mv Makefile Makefile.tmp
+	/bin/cp Makefile.lit Makefile
+	tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
+		$(GENERAL_LIT) $(TESTING_SRC_LIT)
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
+
+tar:
+	tar chf libdes.tar $(ALL)
+
+shar:
+	shar $(ALL) >libdes.shar
+
+depend:
+	makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install:
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(DLIB) $(INSTALLTOP)/lib; \
+	    if test -s /bin/ranlib; then \
+	        /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    else \
+		if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+	    fi; fi; \
+	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+	    cp des.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/des.h; \
+	else \
+	    echo Standalone install; \
+	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
+	    if test -s /bin/ranlib; then \
+	      /bin/ranlib $(LIBDIR)/$(DLIB); \
+	    else \
+	      if test -s /usr/bin/ranlib; then \
+		/usr/bin/ranlib $(LIBDIR)/$(DLIB); \
+	      fi; \
+	    fi; \
+	    chmod 644 $(LIBDIR)/$(DLIB); \
+	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    cp des.h $(INCDIR)/des.h; \
+	    chmod 644 $(INCDIR)/des.h; \
+	fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.

crypto/des/Makefile.ssl

@@ -32,21 +32,21 @@ LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
 	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
 	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
 	des_enc.c fcrypt_b.c read2pwd.c \
-	xcbc_enc.c \
-	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c
+	fcrypt.c xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c supp.c ede_cbcm_enc.c
 
 LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
 	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
 	enc_read.o enc_writ.o ofb64enc.o \
 	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
 	${DES_ENC} read2pwd.o \
-	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o \
+	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o supp.o \
 	ede_cbcm_enc.o
 
 SRC= $(LIBSRC)
 
 EXHEADER= des.h
-HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+HEADER=	des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h $(EXHEADER)
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)
 
@@ -65,10 +65,10 @@ des: des.o cbc3_enc.o lib
 
 # elf
 asm/dx86-elf.o: asm/dx86unix.cpp
-	$(CPP) -DELF -x c asm/dx86unix.cpp | as -o asm/dx86-elf.o
+	$(CPP) -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
 
 asm/yx86-elf.o: asm/yx86unix.cpp
-	$(CPP) -DELF -x c asm/yx86unix.cpp | as -o asm/yx86-elf.o
+	$(CPP) -DELF asm/yx86unix.cpp | as -o asm/yx86-elf.o
 
 # solaris
 asm/dx86-sol.o: asm/dx86unix.cpp
@@ -95,10 +95,10 @@ asm/dx86bsdi.o: asm/dx86unix.cpp
 asm/yx86bsdi.o: asm/yx86unix.cpp
 	$(CPP) -DBSDI asm/yx86unix.cpp | sed 's/ :/:/' | as -o asm/yx86bsdi.o
 
-asm/dx86unix.cpp: asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+asm/dx86unix.cpp: asm/des-586.pl
 	(cd asm; $(PERL) des-586.pl cpp >dx86unix.cpp)
 
-asm/yx86unix.cpp: asm/crypt586.pl ../perlasm/x86asm.pl
+asm/yx86unix.cpp: asm/crypt586.pl
 	(cd asm; $(PERL) crypt586.pl cpp >yx86unix.cpp)
 
 files:
@@ -172,8 +172,10 @@ enc_writ.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
 enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
 enc_writ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 enc_writ.o: ../cryptlib.h des_locl.h
-fcrypt.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-fcrypt.o: ../../include/openssl/opensslconf.h des_locl.h
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des.h
+fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/e_os2.h
+fcrypt.o: ../../include/openssl/opensslconf.h
+fcrypt.o: ../../include/openssl/opensslconf.h des_locl.h des_locl.h
 fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 fcrypt_b.o: ../../include/openssl/opensslconf.h des_locl.h
 ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
@@ -199,8 +201,10 @@ read_pwd.o: ../../include/openssl/stack.h ../cryptlib.h des_locl.h
 rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 rpc_enc.o: ../../include/openssl/opensslconf.h des_locl.h des_ver.h rpc_des.h
 set_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-set_key.o: ../../include/openssl/opensslconf.h des_locl.h
+set_key.o: ../../include/openssl/opensslconf.h des_locl.h podd.h sk.h
 str2key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 str2key.o: ../../include/openssl/opensslconf.h des_locl.h
+supp.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
+supp.o: ../../include/openssl/opensslconf.h des_locl.h
 xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 xcbc_enc.o: ../../include/openssl/opensslconf.h des_locl.h

crypto/des/Makefile.uni

@@ -0,0 +1,251 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords.  There a 5 systems
+# SGTTY   - the old BSD system
+# TERMIO  - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS     - the DEC operating system
+# MSDOS   - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make          - twidle the options yourself :-)
+# make cc       - standard cc options
+# make gcc      - standard gcc options
+# make x86-elf  - linux-elf etc
+# make x86-out  - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'.  I have seen this give a %20 speedup.
+
+OPTS0= -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform.  There are some listed in options.txt
+#OPTS2= -DDES_PTR 
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+RANLIB=ranlib
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o		# normal C version
+#DES_ENC=asm/dx86-elf.o	asm/yx86-elf.o	# elf format x86
+#DES_ENC=asm/dx86-out.o	asm/yx86-out.o	# a.out format x86
+#DES_ENC=asm/dx86-sol.o	asm/yx86-sol.o	# solaris format x86 
+#DES_ENC=asm/dx86bsdi.o	asm/yx86basi.o	# bsdi format x86 
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=cbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+	xcbc_enc.o qud_cksm.o cbc3_enc.o \
+	cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+	enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o  \
+	rand_key.o read_pwd.o read2pwd.o rpc_enc.o  str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+	des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+	des.man DES.pm DES.pod DES.xs Makefile.PL dess.cpp des3s.cpp \
+	Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+	des.org des_locl.org
+TESTING_LIT=	destest speed des_opts
+TESTING_FULL=	rpw des $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c des.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=cbc_enc.c ecb_enc.c fcrypt.c set_key.c des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c cbc3_enc.c \
+	cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c \
+	enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c  \
+	rand_key.c rpc_enc.c  str2key.c  supp.c \
+	xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
+
+PERL=	des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ=	$(OBJ_FULL)
+GENERAL=$(GENERAL_FULL)
+TESTING=$(TESTING_FULL)
+TESTING_SRC=$(TESTING_SRC_FULL)
+HEADERS=$(HEADERS_FULL)
+LIBDES=	$(LIBDES_FULL)
+
+ALL=	$(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB=	libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+	$(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+	$(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+	$(MAKE) DES_ENC='asm/dx86-elf.o asm/yx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+	$(MAKE) DES_ENC='asm/dx86-out.o asm/yx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+	$(MAKE) DES_ENC='asm/dx86-sol.o asm/yx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+	$(MAKE) DES_ENC='asm/dx86bsdi.o asm/yx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86unix.cpp
+	$(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/yx86-elf.o: asm/yx86unix.cpp
+	$(CPP) -DELF asm/yx86unix.cpp | $(AS) -o asm/yx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86unix.cpp
+	$(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+	as -o asm/dx86-sol.o asm/dx86-sol.s
+	rm -f asm/dx86-sol.s
+
+asm/yx86-sol.o: asm/yx86unix.cpp
+	$(CC) -E -DSOL asm/yx86unix.cpp | sed 's/^#.*//' > asm/yx86-sol.s
+	as -o asm/yx86-sol.o asm/yx86-sol.s
+	rm -f asm/yx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86unix.cpp
+	$(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/yx86-out.o: asm/yx86unix.cpp
+	$(CPP) -DOUT asm/yx86unix.cpp | $(AS) -o asm/yx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86unix.cpp
+	$(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/yx86bsdi.o: asm/yx86unix.cpp
+	$(CPP) -DBSDI asm/yx86unix.cpp | $(AS) -o asm/yx86bsdi.o
+
+asm/dx86unix.cpp:
+	(cd asm; perl des-586.pl cpp >dx86unix.cpp)
+
+asm/yx86unix.cpp:
+	(cd asm; perl crypt586.pl cpp >yx86unix.cpp)
+
+test:	all
+	./destest
+
+$(DLIB): $(OBJ)
+	/bin/rm -f $(DLIB)
+	ar cr $(DLIB) $(OBJ)
+	$(RANLIB) $(DLIB)
+
+des_opts: des_opts.o $(DLIB)
+	$(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+	$(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+	$(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+	$(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+	$(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+	ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+	/bin/mv Makefile Makefile.tmp
+	/bin/cp Makefile.lit Makefile
+	for i in $(HEADERS_LIT) $(LIBDES_LIT) $(GENERAL_LIT) $(TESTING_SRC_LIT) ;\
+	do \
+		n="$$n des/$$i"; \
+	done; \
+	( cd .. ; tar chf - $$n )| gzip > libdes-l.tgz
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
+
+tar:
+	mv Makefile Makefile.tmp
+	/bin/cp Makefile.uni Makefile
+	for i in $(ALL) ;\
+	do \
+		n="$$n des/$$i"; \
+	done; \
+	( cd .. ; tar chf - $$n )| gzip > libdes.tgz
+	/bin/rm -f Makefile
+	/bin/mv Makefile.tmp Makefile
+
+shar:
+	shar $(ALL) >libdes.shar
+
+depend:
+	makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+	/bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o 
+
+dclean:
+	sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+	mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: des
+	if test $(INSTALLTOP); then \
+	    echo SSL style install; \
+	    cp $(DLIB) $(INSTALLTOP)/lib; \
+		$(RANLIB) $(DLIB); \
+	    chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+	    cp des.h $(INSTALLTOP)/include; \
+	    chmod 644 $(INSTALLTOP)/include/des.h; \
+	else \
+	    echo Standalone install; \
+	    cp $(DLIB) $(LIBDIR)/$(DLIB); \
+		$(RANLIB) $(DLIB); \
+	    chmod 644 $(LIBDIR)/$(DLIB); \
+	    cp des $(BINDIR)/des; \
+	    chmod 711 $(BINDIR)/des; \
+	    cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+	    cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+	    cp des.h $(INCDIR)/des.h; \
+	    chmod 644 $(INCDIR)/des.h; \
+	fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.

crypto/des/PC1

@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+@PC1=(  57,49,41,33,25,17, 9,
+	 1,58,50,42,34,26,18,
+	10, 2,59,51,43,35,27,
+	19,11, 3,60,52,44,36,
+	"-","-","-","-",
+	63,55,47,39,31,23,15,
+	 7,62,54,46,38,30,22,
+	14, 6,61,53,45,37,29,
+	21,13, 5,28,20,12, 4,
+	"-","-","-","-",
+	);
+
+foreach (@PC1)
+	{
+	if ($_ ne "-")
+		{
+		$_--;
+		$_=int($_/8)*8+7-($_%8);
+		printf "%2d  ",$_;
+		}
+	else
+		{ print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	print "\n" if ((($i) % 32) == 0);
+	}
+

crypto/des/PC2

@@ -0,0 +1,57 @@
+#!/usr/local/bin/perl
+
+@PC2_C=(14,17,11,24, 1, 5,
+	 3,28,15, 6,21,10,
+	23,19,12, 4,26, 8,
+	16, 7,27,20,13, 2,
+	);
+
+@PC2_D=(41,52,31,37,47,55,
+	30,40,51,45,33,48,
+	44,49,39,56,34,53,
+	46,42,50,36,29,32,
+	);
+
+foreach (@PC2_C) {
+	if ($_ ne "-")
+		{
+		$_--;
+		printf "%2d  ",$_; }
+	else { print "--  "; }
+	$C{$_}=1;
+	print "\n" if (((++$i) % 8) == 0);
+	}
+$i=0;
+print "\n";
+foreach (@PC2_D) {
+	if ($_ ne "-")
+		{
+		$_-=29;
+		printf "%2d  ",$_; }
+	else { print "--  "; }
+	$D{$_}=1;
+	print "\n" if (((++$i) % 8) == 0); }
+
+print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$C{$i};
+	if ($_ ne "-") {printf "%2d ",$_;}
+	else { print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	}
+print "\n";
+
+print "\n";
+foreach $i (0 .. 27)
+	{
+	$_=$D{$i};
+	if ($_ ne "-") {printf "%2d  ",$_;}
+	else { print "--  "; }
+	print "\n" if (((++$i) % 8) == 0);
+	}
+print "\n";
+sub numsort
+	{
+	$a-$b;
+	}

crypto/des/asm/y-win32.asm

@@ -0,0 +1,929 @@
+	; Don't even think of reading this code
+	; It was automatically generated by crypt586.pl
+	; Which is a perl program used to generate the x86 assember for
+	; any of elf, a.out, BSDI,Win32, or Solaris
+	; eric <eay@cryptsoft.com>
+	; 
+	TITLE	crypt586.asm
+        .386
+.model FLAT
+_TEXT	SEGMENT
+PUBLIC	_fcrypt_body
+EXTRN   _des_SPtrans:DWORD
+_fcrypt_body PROC NEAR
+	push	ebp
+	push	ebx
+	push	esi
+	push	edi
+	; 
+	; Load the 2 words
+	xor	edi,		edi
+	xor	esi,		esi
+	mov	ebp,		DWORD PTR 24[esp]
+	push	25
+L000start:
+	; 
+	; Round 0
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR [ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 4[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 1
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 8[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 12[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 2
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 16[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 20[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 3
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 24[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 28[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 4
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 32[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 36[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 5
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 40[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 44[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 6
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 48[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 52[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 7
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 56[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 60[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 8
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 64[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 68[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 9
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 72[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 76[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 10
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 80[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 84[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 11
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 88[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 92[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 12
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 96[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 100[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 13
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 104[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 108[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	; 
+	; Round 14
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		esi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		esi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 112[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 116[ebp]
+	xor	eax,		esi
+	xor	edx,		esi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	edi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	edi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	edi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	edi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	edi,		ebx
+	; 
+	; Round 15
+	mov	eax,		DWORD PTR 32[esp]
+	mov	edx,		edi
+	shr	edx,		16
+	mov	ecx,		DWORD PTR 36[esp]
+	xor	edx,		edi
+	and	eax,		edx
+	and	edx,		ecx
+	mov	ebx,		eax
+	shl	ebx,		16
+	mov	ecx,		edx
+	shl	ecx,		16
+	xor	eax,		ebx
+	xor	edx,		ecx
+	mov	ebx,		DWORD PTR 120[ebp]
+	xor	eax,		ebx
+	mov	ecx,		DWORD PTR 124[ebp]
+	xor	eax,		edi
+	xor	edx,		edi
+	xor	edx,		ecx
+	and	eax,		0fcfcfcfch
+	xor	ebx,		ebx
+	and	edx,		0cfcfcfcfh
+	xor	ecx,		ecx
+	mov	bl,		al
+	mov	cl,		ah
+	ror	edx,		4
+	mov	ebp,		DWORD PTR _des_SPtrans[ebx]
+	mov	bl,		dl
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR _des_SPtrans[0200h+ecx]
+	xor	esi,		ebp
+	mov	cl,		dh
+	shr	eax,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0100h+ebx]
+	xor	esi,		ebp
+	mov	bl,		ah
+	shr	edx,		16
+	mov	ebp,		DWORD PTR _des_SPtrans[0300h+ecx]
+	xor	esi,		ebp
+	mov	ebp,		DWORD PTR 28[esp]
+	mov	cl,		dh
+	and	eax,		0ffh
+	and	edx,		0ffh
+	mov	ebx,		DWORD PTR _des_SPtrans[0600h+ebx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0700h+ecx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0400h+eax]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR _des_SPtrans[0500h+edx]
+	xor	esi,		ebx
+	mov	ebx,		DWORD PTR [esp]
+	mov	eax,		edi
+	dec	ebx
+	mov	edi,		esi
+	mov	esi,		eax
+	mov	DWORD PTR [esp],ebx
+	jnz	L000start
+	; 
+	; FP
+	mov	edx,		DWORD PTR 24[esp]
+	ror	edi,		1
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		0aaaaaaaah
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	eax,		23
+	mov	esi,		eax
+	xor	eax,		edi
+	and	eax,		003fc03fch
+	xor	esi,		eax
+	xor	edi,		eax
+	; 
+	rol	esi,		10
+	mov	eax,		esi
+	xor	esi,		edi
+	and	esi,		033333333h
+	xor	eax,		esi
+	xor	edi,		esi
+	; 
+	rol	edi,		18
+	mov	esi,		edi
+	xor	edi,		eax
+	and	edi,		0fff0000fh
+	xor	esi,		edi
+	xor	eax,		edi
+	; 
+	rol	esi,		12
+	mov	edi,		esi
+	xor	esi,		eax
+	and	esi,		0f0f0f0f0h
+	xor	edi,		esi
+	xor	eax,		esi
+	; 
+	ror	eax,		4
+	mov	DWORD PTR [edx],eax
+	mov	DWORD PTR 4[edx],edi
+	pop	ecx
+	pop	edi
+	pop	esi
+	pop	ebx
+	pop	ebp
+	ret
+_fcrypt_body ENDP
+_TEXT	ENDS
+END

crypto/des/des.c

@@ -58,7 +58,6 @@
 
 #include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
 #ifndef MSDOS
 #ifndef VMS
 #include <openssl/opensslconf.h>
@@ -70,7 +69,7 @@
 #include <math.h>
 #endif /* __DECC */
 #endif /* VMS */
-#else /* MSDOS */
+#else
 #include <io.h>
 #endif
 
@@ -89,6 +88,10 @@
 #include <openssl/des.h>
 #include <openssl/rand.h>
 
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
 void usage(void);
 void doencryption(void);
 int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);

crypto/des/des.h

@@ -78,7 +78,10 @@ extern "C" {
 typedef unsigned char des_cblock[8];
 typedef /* const */ unsigned char const_des_cblock[8];
 /* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
- * and const_des_cblock * are incompatible pointer types. */
+ * and const_des_cblock * are incompatible pointer types.
+ * I haven't seen that warning on other systems ... I'll look
+ * what the standard says. */
+
 
 typedef struct des_ks_struct
 	{
@@ -138,26 +141,8 @@ void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
 		     int enc);
 void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
 		     des_key_schedule ks,int enc);
-
-/* 	This is the DES encryption function that gets called by just about
-	every other DES routine in the library.  You should not use this
-	function except to implement 'modes' of DES.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.  The characters are loaded 'little endian'.
-	Data is a pointer to 2 unsigned long's and ks is the
-	des_key_schedule to use.  enc, is non zero specifies encryption,
-	zero if decryption. */
 void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-
-/* 	This functions is the same as des_encrypt() except that the DES
-	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for des_encrypt(), you should not use this function.
-	It is used by the routines in the library that implement triple DES.
-	IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
-	as des_encrypt() des_encrypt() des_encrypt() except faster :-). */
 void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-
 void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
 	des_key_schedule ks2, des_key_schedule ks3);
 void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
@@ -207,7 +192,6 @@ int des_read_2passwords(des_cblock *key1,des_cblock *key2,
 			const char *prompt,int verify);
 int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
 void des_set_odd_parity(des_cblock *key);
-int des_check_key_parity(const_des_cblock *key);
 int des_is_weak_key(const_des_cblock *key);
 /* des_set_key (= set_key = des_key_sched = key_sched) calls
  * des_set_key_checked if global variable des_check_key is set,
@@ -225,6 +209,9 @@ void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
 		       des_key_schedule schedule,des_cblock *ivec,int *num);
 int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
 
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(const_des_cblock *cb, FILE *fp);
+
 /* The following definitions provide compatibility with the MIT Kerberos
  * library. The des_key_schedule structure is not binary compatible. */
 
@@ -254,11 +241,11 @@ int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
 #  define xcbc_encrypt des_xcbc_encrypt
 #  define cbc_cksum des_cbc_cksum
 #  define quad_cksum des_quad_cksum
-#  define check_parity des_check_key_parity
 #endif
 
 typedef des_key_schedule bit_64;
 #define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
 
 #ifdef  __cplusplus
 }

crypto/des/des.man

@@ -1,217 +1,186 @@
-=pod
-
-=head1 NAME
-
+.TH DES 1 
+.SH NAME
 des - encrypt or decrypt data using Data Encryption Standard
-
-=head1 SYNOPSIS
-
-B<des>
+.SH SYNOPSIS
+.B des
 (
-B<-e>
+.B \-e
 |
-B<-E>
+.B \-E
 ) | (
-B<-d>
+.B \-d
 |
-B<-D>
+.B \-D
 ) | (
-B<->[B<cC>][B<ckname>]
+.B \-\fR[\fPcC\fR][\fPckname\fR]\fP
 ) |
 [
-B<-b3hfs>
+.B \-b3hfs
 ] [
-B<-k>
-I<key>
+.B \-k
+.I key
 ]
 ] [
-B<-u>[I<uuname>]
+.B \-u\fR[\fIuuname\fR]
 [
-I<input-file>
+.I input-file
 [
-I<output-file>
+.I output-file
 ] ]
-
-=head1 NOTE
-
-This page describes the B<des> stand-alone program, not the B<openssl des>
-command.
-
-=head1 DESCRIPTION
-
-B<des>
+.SH DESCRIPTION
+.B des
 encrypts and decrypts data using the
 Data Encryption Standard algorithm.
 One of
-B<-e>, B<-E>
+.B \-e, \-E
 (for encrypt) or
-B<-d>, B<-D>
+.B \-d, \-D
 (for decrypt) must be specified.
 It is also possible to use
-B<-c>
+.B \-c
 or
-B<-C>
+.B \-C
 in conjunction or instead of the a encrypt/decrypt option to generate
 a 16 character hexadecimal checksum, generated via the
-I<des_cbc_cksum>.
-
+.I des_cbc_cksum.
+.LP
 Two standard encryption modes are supported by the
-B<des>
+.B des
 program, Cipher Block Chaining (the default) and Electronic Code Book
 (specified with
-B<-b>).
-
+.B \-b
+).
+.LP
 The key used for the DES
 algorithm is obtained by prompting the user unless the
-B<-k>
-I<key>
+.B `\-k
+.I key'
 option is given.
 If the key is an argument to the
-B<des>
+.B des
 command, it is potentially visible to users executing
-ps(1)
+.BR ps (1)
 or a derivative.  To minimise this possibility,
-B<des>
+.B des
 takes care to destroy the key argument immediately upon entry.
 If your shell keeps a history file be careful to make sure it is not
 world readable.
-
-Since this program attempts to maintain compatibility with sunOS's
+.LP
+Since this program attempts to maintain compatability with sunOS's
 des(1) command, there are 2 different methods used to convert the user
 supplied key to a des key.
 Whenever and one or more of
-B<-E>, B<-D>, B<-C>
+.B \-E, \-D, \-C
 or
-B<-3>
+.B \-3
 options are used, the key conversion procedure will not be compatible
 with the sunOS des(1) version but will use all the user supplied
 character to generate the des key.
-B<des>
+.B des
 command reads from standard input unless
-I<input-file>
+.I input-file
 is specified and writes to standard output unless
-I<output-file>
+.I output-file
 is given.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-b>
-
+.SH OPTIONS
+.TP
+.B \-b
 Select ECB
 (eight bytes at a time) encryption mode.
-
-=item B<-3>
-
+.TP
+.B \-3
 Encrypt using triple encryption.
 By default triple cbc encryption is used but if the
-B<-b>
-option is used then triple ECB encryption is performed.
+.B \-b
+option is used then triple ecb encryption is performed.
 If the key is less than 8 characters long, the flag has no effect.
-
-=item B<-e>
-
+.TP
+.B \-e
 Encrypt data using an 8 byte key in a manner compatible with sunOS
 des(1).
-
-=item B<-E>
-
+.TP
+.B \-E
 Encrypt data using a key of nearly unlimited length (1024 bytes).
 This will product a more secure encryption.
-
-=item B<-d>
-
-Decrypt data that was encrypted with the B<-e> option.
-
-=item B<-D>
-
-Decrypt data that was encrypted with the B<-E> option.
-
-=item B<-c>
-
+.TP
+.B \-d
+Decrypt data that was encrypted with the \-e option.
+.TP
+.B \-D
+Decrypt data that was encrypted with the \-E option.
+.TP
+.B \-c
 Generate a 16 character hexadecimal cbc checksum and output this to
 stderr.
 If a filename was specified after the
-B<-c>
+.B \-c
 option, the checksum is output to that file.
 The checksum is generated using a key generated in a sunOS compatible
 manner.
-
-=item B<-C>
-
+.TP
+.B \-C
 A cbc checksum is generated in the same manner as described for the
-B<-c>
+.B \-c
 option but the DES key is generated in the same manner as used for the
-B<-E>
+.B \-E
 and
-B<-D>
+.B \-D
 options
-
-=item B<-f>
-
+.TP
+.B \-f
 Does nothing - allowed for compatibility with sunOS des(1) command.
-
-=item B<-s>
-
+.TP
+.B \-s
 Does nothing - allowed for compatibility with sunOS des(1) command.
-
-=item B<-k> I<key>
-
+.TP
+.B "\-k \fIkey\fP"
 Use the encryption 
-I<key>
+.I key
 specified.
-
-=item B<-h>
-
+.TP
+.B "\-h"
 The
-I<key>
+.I key
 is assumed to be a 16 character hexadecimal number.
 If the
-B<-3>
+.B "\-3"
 option is used the key is assumed to be a 32 character hexadecimal
 number.
-
-=item B<-u>
-
+.TP
+.B \-u
 This flag is used to read and write uuencoded files.  If decrypting,
 the input file is assumed to contain uuencoded, DES encrypted data.
-If encrypting, the characters following the B<-u> are used as the name of
+If encrypting, the characters following the -u are used as the name of
 the uuencoded file to embed in the begin line of the uuencoded
-output.  If there is no name specified after the B<-u>, the name text.des
+output.  If there is no name specified after the -u, the name text.des
 will be embedded in the header.
-
-=head1 SEE ALSO
-
-ps(1),
-L<des_crypt(3)|des_crypt(3)>
-
-=head1 BUGS
-
+.SH SEE ALSO
+.B ps (1)
+.B des_crypt(3)
+.SH BUGS
+.LP
 The problem with using the
-B<-e>
+.B -e
 option is the short key length.
 It would be better to use a real 56-bit key rather than an
 ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
 radically reduces the time necessary for a brute-force cryptographic attack.
 My attempt to remove this problem is to add an alternative text-key to
 DES-key function.  This alternative function (accessed via
-B<-E>, B<-D>, B<-S>
+.B -E, -D, -S
 and
-B<-3>)
+.B -3
+)
 uses DES to help generate the key.
-
-Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
-not decrypt filename (the B<-u> option will gobble the B<-d> option).
-
+.LP
+Be carefully when using the -u option.  Doing des -ud <filename> will
+not decrypt filename (the -u option will gobble the d option).
+.LP
 The VMS operating system operates in a world where files are always a
 multiple of 512 bytes.  This causes problems when encrypted data is
-send from Unix to VMS since a 88 byte file will suddenly be padded
-with 424 null bytes.  To get around this problem, use the B<-u> option
+send from unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the -u option
 to uuencode the data before it is send to the VMS system.
-
-=head1 AUTHOR
-
+.SH AUTHOR
+.LP
 Eric Young (eay@cryptsoft.com)
-
-=cut

crypto/des/des.pl

@@ -0,0 +1,552 @@
+#!/usr/local/bin/perl
+# des.pl - eric young 22/11/1991 eay@cryptsoft.com
+#
+# Copyright (C) 1993 Eric Young
+#
+# 11 April 1996 - patched to circumvent Perl 5 (through 5.002) problem
+#                 with sign-extension on right shift operations.
+#                 Ed Kubaitis - ejk@uiuc.edu
+#
+# eay - 92/08/31 - I think I have fixed all problems for 64bit
+# versions of perl but I could be wrong since I have not tested it yet :-).
+#
+# This is an implementation of DES in perl.
+# The two routines (des_set_key and des_ecb_encrypt)
+# take 8 byte objects as arguments.
+#
+# des_set_key takes an 8 byte string as a key and returns a key schedule
+# for use in calls to des_ecb_encrypt.
+# des_ecb_encrypt takes three arguments, the first is a key schedule
+# (make sure to pass it by reference with the *), the second is 1
+# to encrypt, 0 to decrypt.  The third argument is an 8 byte object
+# to encrypt.  The function returns an 8 byte object that has been
+# DES encrypted.
+#
+# example:
+# require 'des.pl'
+#
+# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
+# @ks=  &des_set_key($key);
+#
+# $outbytes= &des_ecb_encrypt(*ks,1,$data);
+# @enc =unpack("C8",$outbytes);
+#
+                 
+package des;
+
+eval("use integer;") if (int($]) > 4);
+
+# The following 8 arrays are used in des_set_key
+@skb0=(
+# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 
+0x00000000,0x00000010,0x20000000,0x20000010,
+0x00010000,0x00010010,0x20010000,0x20010010,
+0x00000800,0x00000810,0x20000800,0x20000810,
+0x00010800,0x00010810,0x20010800,0x20010810,
+0x00000020,0x00000030,0x20000020,0x20000030,
+0x00010020,0x00010030,0x20010020,0x20010030,
+0x00000820,0x00000830,0x20000820,0x20000830,
+0x00010820,0x00010830,0x20010820,0x20010830,
+0x00080000,0x00080010,0x20080000,0x20080010,
+0x00090000,0x00090010,0x20090000,0x20090010,
+0x00080800,0x00080810,0x20080800,0x20080810,
+0x00090800,0x00090810,0x20090800,0x20090810,
+0x00080020,0x00080030,0x20080020,0x20080030,
+0x00090020,0x00090030,0x20090020,0x20090030,
+0x00080820,0x00080830,0x20080820,0x20080830,
+0x00090820,0x00090830,0x20090820,0x20090830,
+);
+@skb1=(
+# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 
+0x00000000,0x02000000,0x00002000,0x02002000,
+0x00200000,0x02200000,0x00202000,0x02202000,
+0x00000004,0x02000004,0x00002004,0x02002004,
+0x00200004,0x02200004,0x00202004,0x02202004,
+0x00000400,0x02000400,0x00002400,0x02002400,
+0x00200400,0x02200400,0x00202400,0x02202400,
+0x00000404,0x02000404,0x00002404,0x02002404,
+0x00200404,0x02200404,0x00202404,0x02202404,
+0x10000000,0x12000000,0x10002000,0x12002000,
+0x10200000,0x12200000,0x10202000,0x12202000,
+0x10000004,0x12000004,0x10002004,0x12002004,
+0x10200004,0x12200004,0x10202004,0x12202004,
+0x10000400,0x12000400,0x10002400,0x12002400,
+0x10200400,0x12200400,0x10202400,0x12202400,
+0x10000404,0x12000404,0x10002404,0x12002404,
+0x10200404,0x12200404,0x10202404,0x12202404,
+);
+@skb2=(
+# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 
+0x00000000,0x00000001,0x00040000,0x00040001,
+0x01000000,0x01000001,0x01040000,0x01040001,
+0x00000002,0x00000003,0x00040002,0x00040003,
+0x01000002,0x01000003,0x01040002,0x01040003,
+0x00000200,0x00000201,0x00040200,0x00040201,
+0x01000200,0x01000201,0x01040200,0x01040201,
+0x00000202,0x00000203,0x00040202,0x00040203,
+0x01000202,0x01000203,0x01040202,0x01040203,
+0x08000000,0x08000001,0x08040000,0x08040001,
+0x09000000,0x09000001,0x09040000,0x09040001,
+0x08000002,0x08000003,0x08040002,0x08040003,
+0x09000002,0x09000003,0x09040002,0x09040003,
+0x08000200,0x08000201,0x08040200,0x08040201,
+0x09000200,0x09000201,0x09040200,0x09040201,
+0x08000202,0x08000203,0x08040202,0x08040203,
+0x09000202,0x09000203,0x09040202,0x09040203,
+);
+@skb3=(
+# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 
+0x00000000,0x00100000,0x00000100,0x00100100,
+0x00000008,0x00100008,0x00000108,0x00100108,
+0x00001000,0x00101000,0x00001100,0x00101100,
+0x00001008,0x00101008,0x00001108,0x00101108,
+0x04000000,0x04100000,0x04000100,0x04100100,
+0x04000008,0x04100008,0x04000108,0x04100108,
+0x04001000,0x04101000,0x04001100,0x04101100,
+0x04001008,0x04101008,0x04001108,0x04101108,
+0x00020000,0x00120000,0x00020100,0x00120100,
+0x00020008,0x00120008,0x00020108,0x00120108,
+0x00021000,0x00121000,0x00021100,0x00121100,
+0x00021008,0x00121008,0x00021108,0x00121108,
+0x04020000,0x04120000,0x04020100,0x04120100,
+0x04020008,0x04120008,0x04020108,0x04120108,
+0x04021000,0x04121000,0x04021100,0x04121100,
+0x04021008,0x04121008,0x04021108,0x04121108,
+);
+@skb4=(
+# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 
+0x00000000,0x10000000,0x00010000,0x10010000,
+0x00000004,0x10000004,0x00010004,0x10010004,
+0x20000000,0x30000000,0x20010000,0x30010000,
+0x20000004,0x30000004,0x20010004,0x30010004,
+0x00100000,0x10100000,0x00110000,0x10110000,
+0x00100004,0x10100004,0x00110004,0x10110004,
+0x20100000,0x30100000,0x20110000,0x30110000,
+0x20100004,0x30100004,0x20110004,0x30110004,
+0x00001000,0x10001000,0x00011000,0x10011000,
+0x00001004,0x10001004,0x00011004,0x10011004,
+0x20001000,0x30001000,0x20011000,0x30011000,
+0x20001004,0x30001004,0x20011004,0x30011004,
+0x00101000,0x10101000,0x00111000,0x10111000,
+0x00101004,0x10101004,0x00111004,0x10111004,
+0x20101000,0x30101000,0x20111000,0x30111000,
+0x20101004,0x30101004,0x20111004,0x30111004,
+);
+@skb5=(
+# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 
+0x00000000,0x08000000,0x00000008,0x08000008,
+0x00000400,0x08000400,0x00000408,0x08000408,
+0x00020000,0x08020000,0x00020008,0x08020008,
+0x00020400,0x08020400,0x00020408,0x08020408,
+0x00000001,0x08000001,0x00000009,0x08000009,
+0x00000401,0x08000401,0x00000409,0x08000409,
+0x00020001,0x08020001,0x00020009,0x08020009,
+0x00020401,0x08020401,0x00020409,0x08020409,
+0x02000000,0x0A000000,0x02000008,0x0A000008,
+0x02000400,0x0A000400,0x02000408,0x0A000408,
+0x02020000,0x0A020000,0x02020008,0x0A020008,
+0x02020400,0x0A020400,0x02020408,0x0A020408,
+0x02000001,0x0A000001,0x02000009,0x0A000009,
+0x02000401,0x0A000401,0x02000409,0x0A000409,
+0x02020001,0x0A020001,0x02020009,0x0A020009,
+0x02020401,0x0A020401,0x02020409,0x0A020409,
+);
+@skb6=(
+# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 
+0x00000000,0x00000100,0x00080000,0x00080100,
+0x01000000,0x01000100,0x01080000,0x01080100,
+0x00000010,0x00000110,0x00080010,0x00080110,
+0x01000010,0x01000110,0x01080010,0x01080110,
+0x00200000,0x00200100,0x00280000,0x00280100,
+0x01200000,0x01200100,0x01280000,0x01280100,
+0x00200010,0x00200110,0x00280010,0x00280110,
+0x01200010,0x01200110,0x01280010,0x01280110,
+0x00000200,0x00000300,0x00080200,0x00080300,
+0x01000200,0x01000300,0x01080200,0x01080300,
+0x00000210,0x00000310,0x00080210,0x00080310,
+0x01000210,0x01000310,0x01080210,0x01080310,
+0x00200200,0x00200300,0x00280200,0x00280300,
+0x01200200,0x01200300,0x01280200,0x01280300,
+0x00200210,0x00200310,0x00280210,0x00280310,
+0x01200210,0x01200310,0x01280210,0x01280310,
+);
+@skb7=(
+# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 
+0x00000000,0x04000000,0x00040000,0x04040000,
+0x00000002,0x04000002,0x00040002,0x04040002,
+0x00002000,0x04002000,0x00042000,0x04042000,
+0x00002002,0x04002002,0x00042002,0x04042002,
+0x00000020,0x04000020,0x00040020,0x04040020,
+0x00000022,0x04000022,0x00040022,0x04040022,
+0x00002020,0x04002020,0x00042020,0x04042020,
+0x00002022,0x04002022,0x00042022,0x04042022,
+0x00000800,0x04000800,0x00040800,0x04040800,
+0x00000802,0x04000802,0x00040802,0x04040802,
+0x00002800,0x04002800,0x00042800,0x04042800,
+0x00002802,0x04002802,0x00042802,0x04042802,
+0x00000820,0x04000820,0x00040820,0x04040820,
+0x00000822,0x04000822,0x00040822,0x04040822,
+0x00002820,0x04002820,0x00042820,0x04042820,
+0x00002822,0x04002822,0x00042822,0x04042822,
+);
+
+@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0);
+
+# used in ecb_encrypt
+@SP0=(
+0x00410100, 0x00010000, 0x40400000, 0x40410100,
+0x00400000, 0x40010100, 0x40010000, 0x40400000,
+0x40010100, 0x00410100, 0x00410000, 0x40000100,
+0x40400100, 0x00400000, 0x00000000, 0x40010000,
+0x00010000, 0x40000000, 0x00400100, 0x00010100,
+0x40410100, 0x00410000, 0x40000100, 0x00400100,
+0x40000000, 0x00000100, 0x00010100, 0x40410000,
+0x00000100, 0x40400100, 0x40410000, 0x00000000,
+0x00000000, 0x40410100, 0x00400100, 0x40010000,
+0x00410100, 0x00010000, 0x40000100, 0x00400100,
+0x40410000, 0x00000100, 0x00010100, 0x40400000,
+0x40010100, 0x40000000, 0x40400000, 0x00410000,
+0x40410100, 0x00010100, 0x00410000, 0x40400100,
+0x00400000, 0x40000100, 0x40010000, 0x00000000,
+0x00010000, 0x00400000, 0x40400100, 0x00410100,
+0x40000000, 0x40410000, 0x00000100, 0x40010100,
+);
+@SP1=(
+0x08021002, 0x00000000, 0x00021000, 0x08020000,
+0x08000002, 0x00001002, 0x08001000, 0x00021000,
+0x00001000, 0x08020002, 0x00000002, 0x08001000,
+0x00020002, 0x08021000, 0x08020000, 0x00000002,
+0x00020000, 0x08001002, 0x08020002, 0x00001000,
+0x00021002, 0x08000000, 0x00000000, 0x00020002,
+0x08001002, 0x00021002, 0x08021000, 0x08000002,
+0x08000000, 0x00020000, 0x00001002, 0x08021002,
+0x00020002, 0x08021000, 0x08001000, 0x00021002,
+0x08021002, 0x00020002, 0x08000002, 0x00000000,
+0x08000000, 0x00001002, 0x00020000, 0x08020002,
+0x00001000, 0x08000000, 0x00021002, 0x08001002,
+0x08021000, 0x00001000, 0x00000000, 0x08000002,
+0x00000002, 0x08021002, 0x00021000, 0x08020000,
+0x08020002, 0x00020000, 0x00001002, 0x08001000,
+0x08001002, 0x00000002, 0x08020000, 0x00021000,
+);
+@SP2=(
+0x20800000, 0x00808020, 0x00000020, 0x20800020,
+0x20008000, 0x00800000, 0x20800020, 0x00008020,
+0x00800020, 0x00008000, 0x00808000, 0x20000000,
+0x20808020, 0x20000020, 0x20000000, 0x20808000,
+0x00000000, 0x20008000, 0x00808020, 0x00000020,
+0x20000020, 0x20808020, 0x00008000, 0x20800000,
+0x20808000, 0x00800020, 0x20008020, 0x00808000,
+0x00008020, 0x00000000, 0x00800000, 0x20008020,
+0x00808020, 0x00000020, 0x20000000, 0x00008000,
+0x20000020, 0x20008000, 0x00808000, 0x20800020,
+0x00000000, 0x00808020, 0x00008020, 0x20808000,
+0x20008000, 0x00800000, 0x20808020, 0x20000000,
+0x20008020, 0x20800000, 0x00800000, 0x20808020,
+0x00008000, 0x00800020, 0x20800020, 0x00008020,
+0x00800020, 0x00000000, 0x20808000, 0x20000020,
+0x20800000, 0x20008020, 0x00000020, 0x00808000,
+);
+@SP3=(
+0x00080201, 0x02000200, 0x00000001, 0x02080201,
+0x00000000, 0x02080000, 0x02000201, 0x00080001,
+0x02080200, 0x02000001, 0x02000000, 0x00000201,
+0x02000001, 0x00080201, 0x00080000, 0x02000000,
+0x02080001, 0x00080200, 0x00000200, 0x00000001,
+0x00080200, 0x02000201, 0x02080000, 0x00000200,
+0x00000201, 0x00000000, 0x00080001, 0x02080200,
+0x02000200, 0x02080001, 0x02080201, 0x00080000,
+0x02080001, 0x00000201, 0x00080000, 0x02000001,
+0x00080200, 0x02000200, 0x00000001, 0x02080000,
+0x02000201, 0x00000000, 0x00000200, 0x00080001,
+0x00000000, 0x02080001, 0x02080200, 0x00000200,
+0x02000000, 0x02080201, 0x00080201, 0x00080000,
+0x02080201, 0x00000001, 0x02000200, 0x00080201,
+0x00080001, 0x00080200, 0x02080000, 0x02000201,
+0x00000201, 0x02000000, 0x02000001, 0x02080200,
+);
+@SP4=(
+0x01000000, 0x00002000, 0x00000080, 0x01002084,
+0x01002004, 0x01000080, 0x00002084, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x00002080,
+0x01000084, 0x01002004, 0x01002080, 0x00000000,
+0x00002080, 0x01000000, 0x00002004, 0x00000084,
+0x01000080, 0x00002084, 0x00000000, 0x01000004,
+0x00000004, 0x01000084, 0x01002084, 0x00002004,
+0x01002000, 0x00000080, 0x00000084, 0x01002080,
+0x01002080, 0x01000084, 0x00002004, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x01000080,
+0x01000000, 0x00002080, 0x01002084, 0x00000000,
+0x00002084, 0x01000000, 0x00000080, 0x00002004,
+0x01000084, 0x00000080, 0x00000000, 0x01002084,
+0x01002004, 0x01002080, 0x00000084, 0x00002000,
+0x00002080, 0x01002004, 0x01000080, 0x00000084,
+0x00000004, 0x00002084, 0x01002000, 0x01000004,
+);
+@SP5=(
+0x10000008, 0x00040008, 0x00000000, 0x10040400,
+0x00040008, 0x00000400, 0x10000408, 0x00040000,
+0x00000408, 0x10040408, 0x00040400, 0x10000000,
+0x10000400, 0x10000008, 0x10040000, 0x00040408,
+0x00040000, 0x10000408, 0x10040008, 0x00000000,
+0x00000400, 0x00000008, 0x10040400, 0x10040008,
+0x10040408, 0x10040000, 0x10000000, 0x00000408,
+0x00000008, 0x00040400, 0x00040408, 0x10000400,
+0x00000408, 0x10000000, 0x10000400, 0x00040408,
+0x10040400, 0x00040008, 0x00000000, 0x10000400,
+0x10000000, 0x00000400, 0x10040008, 0x00040000,
+0x00040008, 0x10040408, 0x00040400, 0x00000008,
+0x10040408, 0x00040400, 0x00040000, 0x10000408,
+0x10000008, 0x10040000, 0x00040408, 0x00000000,
+0x00000400, 0x10000008, 0x10000408, 0x10040400,
+0x10040000, 0x00000408, 0x00000008, 0x10040008,
+);
+@SP6=(
+0x00000800, 0x00000040, 0x00200040, 0x80200000,
+0x80200840, 0x80000800, 0x00000840, 0x00000000,
+0x00200000, 0x80200040, 0x80000040, 0x00200800,
+0x80000000, 0x00200840, 0x00200800, 0x80000040,
+0x80200040, 0x00000800, 0x80000800, 0x80200840,
+0x00000000, 0x00200040, 0x80200000, 0x00000840,
+0x80200800, 0x80000840, 0x00200840, 0x80000000,
+0x80000840, 0x80200800, 0x00000040, 0x00200000,
+0x80000840, 0x00200800, 0x80200800, 0x80000040,
+0x00000800, 0x00000040, 0x00200000, 0x80200800,
+0x80200040, 0x80000840, 0x00000840, 0x00000000,
+0x00000040, 0x80200000, 0x80000000, 0x00200040,
+0x00000000, 0x80200040, 0x00200040, 0x00000840,
+0x80000040, 0x00000800, 0x80200840, 0x00200000,
+0x00200840, 0x80000000, 0x80000800, 0x80200840,
+0x80200000, 0x00200840, 0x00200800, 0x80000800,
+);
+@SP7=(
+0x04100010, 0x04104000, 0x00004010, 0x00000000,
+0x04004000, 0x00100010, 0x04100000, 0x04104010,
+0x00000010, 0x04000000, 0x00104000, 0x00004010,
+0x00104010, 0x04004010, 0x04000010, 0x04100000,
+0x00004000, 0x00104010, 0x00100010, 0x04004000,
+0x04104010, 0x04000010, 0x00000000, 0x00104000,
+0x04000000, 0x00100000, 0x04004010, 0x04100010,
+0x00100000, 0x00004000, 0x04104000, 0x00000010,
+0x00100000, 0x00004000, 0x04000010, 0x04104010,
+0x00004010, 0x04000000, 0x00000000, 0x00104000,
+0x04100010, 0x04004010, 0x04004000, 0x00100010,
+0x04104000, 0x00000010, 0x00100010, 0x04004000,
+0x04104010, 0x00100000, 0x04100000, 0x04000010,
+0x00104000, 0x00004010, 0x04004010, 0x04100000,
+0x00000010, 0x04104000, 0x00104010, 0x00000000,
+0x04000000, 0x04100010, 0x00004000, 0x00104010,
+);
+
+sub main'des_set_key
+	{
+	local($param)=@_;
+	local(@key);
+	local($c,$d,$i,$s,$t);
+	local(@ks)=();
+
+	# Get the bytes in the order we want.
+	@key=unpack("C8",$param);
+
+	$c=	($key[0]    )|
+		($key[1]<< 8)|
+		($key[2]<<16)|
+		($key[3]<<24);
+	$d=	($key[4]    )|
+		($key[5]<< 8)|
+		($key[6]<<16)|
+		($key[7]<<24);
+
+	&doPC1(*c,*d);
+
+	for $i (@shifts2)
+		{
+		if ($i)
+			{
+			$c=($c>>2)|($c<<26);
+			$d=($d>>2)|($d<<26);
+			}
+		else
+			{
+			$c=($c>>1)|($c<<27);
+			$d=($d>>1)|($d<<27);
+			}
+		$c&=0x0fffffff;
+		$d&=0x0fffffff;
+		$s=	$skb0[ ($c    )&0x3f                 ]|
+			$skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]|
+			$skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]|
+			$skb3[(($c>>20)&0x01)|(($c>>21)&0x06) |
+					     (($c>>22)&0x38)];
+		$t=     $skb4[ ($d    )&0x3f                ]|
+			$skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]|
+			$skb6[ ($d>>15)&0x3f                 ]|
+			$skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)];
+		push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff);
+		$s=      (($s>>16)&0x0000ffff)|($t&0xffff0000) ;
+		push(@ks,(($s<<4)|(($s>>28)&0xf))&0xffffffff);
+		}
+	@ks;
+	}
+
+sub doPC1
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>>4)^$a)&0x0f0f0f0f;
+	$b^=($t<<4); $a^=$t;
+	# do $a first 
+	$t=(($a<<18)^$a)&0xcccc0000;
+	$a=$a^$t^(($t>>18)&0x00003fff);
+	$t=(($a<<17)^$a)&0xaaaa0000;
+	$a=$a^$t^(($t>>17)&0x00007fff);
+	$t=(($a<< 8)^$a)&0x00ff0000;
+	$a=$a^$t^(($t>> 8)&0x00ffffff);
+	$t=(($a<<17)^$a)&0xaaaa0000;
+	$a=$a^$t^(($t>>17)&0x00007fff);
+
+	# now do $b
+	$t=(($b<<24)^$b)&0xff000000;
+	$b=$b^$t^(($t>>24)&0x000000ff);
+	$t=(($b<< 8)^$b)&0x00ff0000;
+	$b=$b^$t^(($t>> 8)&0x00ffffff);
+	$t=(($b<<14)^$b)&0x33330000;
+	$b=$b^$t^(($t>>14)&0x0003ffff);
+	$b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55);
+	$b=(($b>>8)&0x00ffffff)|((($a&0xf0000000)>>4)&0x0fffffff);
+	$a&=0x0fffffff;
+	}
+
+sub doIP
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>> 4)^$a)&0x0f0f0f0f;
+	$b^=($t<< 4); $a^=$t;
+	$t=(($a>>16)^$b)&0x0000ffff;
+	$a^=($t<<16); $b^=$t;
+	$t=(($b>> 2)^$a)&0x33333333;
+	$b^=($t<< 2); $a^=$t;
+	$t=(($a>> 8)^$b)&0x00ff00ff;
+	$a^=($t<< 8); $b^=$t;
+	$t=(($b>> 1)^$a)&0x55555555;
+	$b^=($t<< 1); $a^=$t;
+	$t=$a;
+	$a=$b&0xffffffff;
+	$b=$t&0xffffffff;
+	}
+
+sub doFP
+	{
+	local(*a,*b)=@_;
+	local($t);
+
+	$t=(($b>> 1)^$a)&0x55555555;
+	$b^=($t<< 1); $a^=$t;
+	$t=(($a>> 8)^$b)&0x00ff00ff;
+	$a^=($t<< 8); $b^=$t;
+	$t=(($b>> 2)^$a)&0x33333333;
+	$b^=($t<< 2); $a^=$t;
+	$t=(($a>>16)^$b)&0x0000ffff;
+	$a^=($t<<16); $b^=$t;
+	$t=(($b>> 4)^$a)&0x0f0f0f0f;
+	$b^=($t<< 4); $a^=$t;
+	$a&=0xffffffff;
+	$b&=0xffffffff;
+	}
+
+sub main'des_ecb_encrypt
+	{
+	local(*ks,$encrypt,$in)=@_;
+	local($l,$r,$i,$t,$u,@input);
+	
+	@input=unpack("C8",$in);
+	# Get the bytes in the order we want.
+	$l=	($input[0]    )|
+		($input[1]<< 8)|
+		($input[2]<<16)|
+		($input[3]<<24);
+	$r=	($input[4]    )|
+		($input[5]<< 8)|
+		($input[6]<<16)|
+		($input[7]<<24);
+
+	$l&=0xffffffff;
+	$r&=0xffffffff;
+	&doIP(*l,*r);
+	if ($encrypt)
+		{
+		for ($i=0; $i<32; $i+=4)
+			{
+			$t=((($r&0x7fffffff)<<1)|(($r>>31)&0x00000001));
+			$u=$t^$ks[$i  ];
+			$t=$t^$ks[$i+1];
+			$t2=(($t&0x0000000f)<<28);
+
+			$t=((($t>>4)&0x0fffffff)|(($t&0x0000000f)<<28));
+			$l^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+
+			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i+2];
+			$t=$t^$ks[$i+3];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$r^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+			}
+		}
+	else	
+		{
+		for ($i=30; $i>0; $i-=4)
+			{
+			$t=(($r<<1)|(($r>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i  ];
+			$t=$t^$ks[$i+1];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$l^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+
+			$t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+			$u=$t^$ks[$i-2];
+			$t=$t^$ks[$i-1];
+			$t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+			$r^=	$SP1[ $t     &0x3f]|
+				$SP3[($t>> 8)&0x3f]|
+				$SP5[($t>>16)&0x3f]|
+				$SP7[($t>>24)&0x3f]|
+				$SP0[ $u     &0x3f]|
+				$SP2[($u>> 8)&0x3f]|
+				$SP4[($u>>16)&0x3f]|
+				$SP6[($u>>24)&0x3f];
+			}
+		}
+	&doFP(*l,*r);
+	pack("C8",$l&0xff, 
+	          ($l>> 8)&0x00ffffff,
+	          ($l>>16)&0x0000ffff,
+		  ($l>>24)&0x000000ff,
+		  $r&0xff,
+	          ($r>> 8)&0x00ffffff,
+	          ($r>>16)&0x0000ffff,
+		  ($r>>24)&0x000000ff);
+	}

crypto/des/des_crypt.man

@@ -0,0 +1,508 @@
+.TH DES_CRYPT 3 
+.SH NAME
+des_read_password, des_read_2password,
+des_string_to_key, des_string_to_2key, des_read_pw_string,
+des_random_key, des_set_key,
+des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
+des_3cbc_encrypt,
+des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
+des_cbc_cksum, des_quad_cksum,
+des_enc_read, des_enc_write, des_set_odd_parity,
+des_is_weak_key, crypt \- (non USA) DES encryption
+.SH SYNOPSIS
+.nf
+.nj
+.ft B
+#include <des.h>
+.PP
+.B int des_read_password(key,prompt,verify)
+des_cblock *key;
+char *prompt;
+int verify;
+.PP
+.B int des_read_2password(key1,key2,prompt,verify)
+des_cblock *key1,*key2;
+char *prompt;
+int verify;
+.PP
+.B int des_string_to_key(str,key)
+char *str;
+des_cblock *key;
+.PP
+.B int des_string_to_2keys(str,key1,key2)
+char *str;
+des_cblock *key1,*key2;
+.PP
+.B int des_read_pw_string(buf,length,prompt,verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+.PP
+.B int des_random_key(key)
+des_cblock *key;
+.PP
+.B int des_set_key(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_key_sched(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_ecb_encrypt(input,output,schedule,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule schedule;
+int encrypt;
+.PP
+.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule ks1,ks2;
+int encrypt;
+.PP
+.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule sk1;
+des_key_schedule sk2;
+des_cblock *ivec1;
+des_cblock *ivec2;
+int encrypt;
+.PP
+.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
+unsigned char *input;
+unsigned char *output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
+unsigned char *input,*output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
+des_cblock *input;
+des_cblock *output;
+long length;
+int out_count;
+des_cblock *seed;
+.PP
+.B int des_check_key;
+.PP
+.B int des_enc_read(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B int des_enc_write(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B extern int des_rw_mode;
+.PP
+.B void des_set_odd_parity(key)
+des_cblock *key;
+.PP
+.B int des_is_weak_key(key)
+des_cblock *key;
+.PP
+.B char *crypt(passwd,salt)
+char *passwd;
+char *salt;
+.PP
+.fi
+.SH DESCRIPTION
+This library contains a fast implementation of the DES encryption
+algorithm.
+.PP
+There are two phases to the use of DES encryption.
+The first is the generation of a
+.I des_key_schedule
+from a key,
+the second is the actual encryption.
+A des key is of type
+.I des_cblock.
+This type is made from 8 characters with odd parity.
+The least significant bit in the character is the parity bit.
+The key schedule is an expanded form of the key; it is used to speed the
+encryption process.
+.PP
+.I des_read_password
+writes the string specified by prompt to the standard output,
+turns off echo and reads an input string from standard input
+until terminated with a newline.
+If verify is non-zero, it prompts and reads the input again and verifies
+that both entered passwords are the same.
+The entered string is converted into a des key by using the
+.I des_string_to_key
+routine.
+The new key is placed in the
+.I des_cblock
+that was passed (by reference) to the routine.
+If there were no errors,
+.I des_read_password
+returns 0,
+-1 is returned if there was a terminal error and 1 is returned for
+any other error.
+.PP
+.I des_read_2password
+operates in the same way as
+.I des_read_password
+except that it generates 2 keys by using the
+.I des_string_to_2key
+function.
+.PP
+.I des_read_pw_string
+is called by
+.I des_read_password
+to read and verify a string from a terminal device.
+The string is returned in
+.I buf.
+The size of
+.I buf
+is passed to the routine via the
+.I length
+parameter.
+.PP
+.I des_string_to_key
+converts a string into a valid des key.
+.PP
+.I des_string_to_2key
+converts a string into 2 valid des keys.
+This routine is best suited for used to generate keys for use with
+.I des_ecb3_encrypt.
+.PP
+.I des_random_key
+returns a random key that is made of a combination of process id,
+time and an increasing counter.
+.PP
+Before a des key can be used it is converted into a
+.I des_key_schedule
+via the
+.I des_set_key
+routine.
+If the
+.I des_check_key
+flag is non-zero,
+.I des_set_key
+will check that the key passed is of odd parity and is not a week or
+semi-weak key.
+If the parity is wrong,
+then -1 is returned.
+If the key is a weak key,
+then -2 is returned.
+If an error is returned,
+the key schedule is not generated.
+.PP
+.I des_key_sched
+is another name for the
+.I des_set_key
+function.
+.PP
+The following routines mostly operate on an input and output stream of
+.I des_cblock's.
+.PP
+.I des_ecb_encrypt
+is the basic DES encryption routine that encrypts or decrypts a single 8-byte
+.I des_cblock
+in
+.I electronic code book
+mode.
+It always transforms the input data, pointed to by
+.I input,
+into the output data,
+pointed to by the
+.I output
+argument.
+If the
+.I encrypt
+argument is non-zero (DES_ENCRYPT),
+the
+.I input
+(cleartext) is encrypted in to the
+.I output
+(ciphertext) using the key_schedule specified by the
+.I schedule
+argument,
+previously set via
+.I des_set_key.
+If
+.I encrypt
+is zero (DES_DECRYPT),
+the
+.I input
+(now ciphertext)
+is decrypted into the
+.I output
+(now cleartext).
+Input and output may overlap.
+No meaningful value is returned.
+.PP
+.I des_ecb3_encrypt
+encrypts/decrypts the
+.I input
+block by using triple ecb DES encryption.
+This involves encrypting the input with 
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using ecb mode and
+.I ks1
+as the key.
+.PP
+.I des_cbc_encrypt
+encrypts/decrypts using the
+.I cipher-block-chaining
+mode of DES.
+If the
+.I encrypt
+argument is non-zero,
+the routine cipher-block-chain encrypts the cleartext data pointed to by the
+.I input
+argument into the ciphertext pointed to by the
+.I output
+argument,
+using the key schedule provided by the
+.I schedule
+argument,
+and initialisation vector provided by the
+.I ivec
+argument.
+If the
+.I length
+argument is not an integral multiple of eight bytes, 
+the last block is copied to a temporary area and zero filled.
+The output is always
+an integral multiple of eight bytes.
+To make multiple cbc encrypt calls on a large amount of data appear to
+be one 
+.I des_cbc_encrypt
+call, the
+.I ivec
+of subsequent calls should be the last 8 bytes of the output.
+.PP
+.I des_3cbc_encrypt
+encrypts/decrypts the
+.I input
+block by using triple cbc DES encryption.
+This involves encrypting the input with key schedule
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+2 initialisation vectors are required,
+.I ivec1
+and
+.I ivec2.
+Unlike
+.I des_cbc_encrypt,
+these initialisation vectors are modified by the subroutine.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using cbc mode and
+.I ks1
+as the key.
+.PP
+.I des_pcbc_encrypt
+encrypt/decrypts using a modified block chaining mode.
+It provides better error propagation characteristics than cbc
+encryption.
+.PP
+.I des_cfb_encrypt
+encrypt/decrypts using cipher feedback mode.  This method takes an
+array of characters as input and outputs and array of characters.  It
+does not require any padding to 8 character groups.  Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function.  Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_ofb_encrypt
+encrypt using output feedback mode.  This method takes an
+array of characters as input and outputs and array of characters.  It
+does not require any padding to 8 character groups.  Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function.  Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_cbc_cksum
+produces an 8 byte checksum based on the input stream (via cbc encryption).
+The last 4 bytes of the checksum is returned and the complete 8 bytes is
+placed in
+.I output.
+.PP
+.I des_quad_cksum
+returns a 4 byte checksum from the input bytes.
+The algorithm can be iterated over the input,
+depending on
+.I out_count,
+1, 2, 3 or 4 times.
+If
+.I output
+is non-NULL,
+the 8 bytes generated by each pass are written into
+.I output.
+.PP
+.I des_enc_write
+is used to write
+.I len
+bytes
+to file descriptor
+.I fd
+from buffer
+.I buf.
+The data is encrypted via
+.I pcbc_encrypt
+(default) using
+.I sched
+for the key and
+.I iv
+as a starting vector.
+The actual data send down
+.I fd
+consists of 4 bytes (in network byte order) containing the length of the
+following encrypted data.  The encrypted data then follows, padded with random
+data out to a multiple of 8 bytes.
+.PP
+.I des_enc_read
+is used to read
+.I len
+bytes
+from file descriptor
+.I fd
+into buffer
+.I buf.
+The data being read from
+.I fd
+is assumed to have come from
+.I des_enc_write
+and is decrypted using
+.I sched
+for the key schedule and
+.I iv
+for the initial vector.
+The
+.I des_enc_read/des_enc_write
+pair can be used to read/write to files, pipes and sockets.
+I have used them in implementing a version of rlogin in which all
+data is encrypted.
+.PP
+.I des_rw_mode
+is used to specify the encryption mode to use with 
+.I des_enc_read
+and 
+.I des_end_write.
+If set to
+.I DES_PCBC_MODE
+(the default), des_pcbc_encrypt is used.
+If set to
+.I DES_CBC_MODE
+des_cbc_encrypt is used.
+These two routines and the variable are not part of the normal MIT library.
+.PP
+.I des_set_odd_parity
+sets the parity of the passed
+.I key
+to odd.  This routine is not part of the standard MIT library.
+.PP
+.I des_is_weak_key
+returns 1 is the passed key is a weak key (pick again :-),
+0 if it is ok.
+This routine is not part of the standard MIT library.
+.PP
+.I crypt
+is a replacement for the normal system crypt.
+It is much faster than the system crypt.
+.PP
+.SH FILES
+/usr/include/des.h
+.br
+/usr/lib/libdes.a
+.PP
+The encryption routines have been tested on 16bit, 32bit and 64bit
+machines of various endian and even works under VMS.
+.PP
+.SH BUGS
+.PP
+If you think this manual is sparse,
+read the des_crypt(3) manual from the MIT kerberos (or bones outside
+of the USA) distribution.
+.PP
+.I des_cfb_encrypt
+and
+.I des_ofb_encrypt
+operates on input of 8 bits.  What this means is that if you set
+numbits to 12, and length to 2, the first 12 bits will come from the 1st
+input byte and the low half of the second input byte.  The second 12
+bits will have the low 8 bits taken from the 3rd input byte and the
+top 4 bits taken from the 4th input byte.  The same holds for output.
+This function has been implemented this way because most people will
+be using a multiple of 8 and because once you get into pulling bytes input
+bytes apart things get ugly!
+.PP
+.I des_read_pw_string
+is the most machine/OS dependent function and normally generates the
+most problems when porting this code.
+.PP
+.I des_string_to_key
+is probably different from the MIT version since there are lots
+of fun ways to implement one-way encryption of a text string.
+.PP
+The routines are optimised for 32 bit machines and so are not efficient
+on IBM PCs.
+.PP
+NOTE: extensive work has been done on this library since this document
+was origionally written.  Please try to read des.doc from the libdes
+distribution since it is far more upto date and documents more of the
+functions.  Libdes is now also being shipped as part of SSLeay, a
+general cryptographic library that amonst other things implements
+netscapes SSL protocoll.  The most recent version can be found in
+SSLeay distributions.
+.SH AUTHOR
+Eric Young (eay@cryptsoft.com)

crypto/des/des_locl.h

@@ -155,7 +155,7 @@
 				} \
 			}
 
-#if defined(WIN32) && defined(_MSC_VER)
+#if defined(WIN32)
 #define	ROTATE(a,n)	(_lrotr(a,n))
 #else
 #define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))

crypto/des/destest.c

@@ -336,15 +336,8 @@ int main(int argc, char *argv[])
 	unsigned char cbc_in[40];
 	unsigned char cbc_out[40];
 	DES_LONG cs;
-	unsigned char cret[8];
-#ifdef _CRAY
-        struct {
-            int a:32;
-            int b:32;
-        } lqret[2];
-#else
-        DES_LONG lqret[4];
-#endif
+	unsigned char qret[4][4],cret[8];
+	DES_LONG lqret[4];
 	int num;
 	char *str;
 
@@ -708,40 +701,43 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
 		}
 
 	printf("Doing quad_cksum\n");
-	cs=quad_cksum(cbc_data,(des_cblock *)lqret,
-		(long)strlen((char *)cbc_data),2,(des_cblock *)cbc_iv);
+	/* This is obviously done this way especially to puzzle me. Although
+	   quad_cksum returns up to 4 groups of 8 bytes, this test gets it to
+	   produce 2 groups then treats them as 4 groups of 4 bytes.
+	   Ben 13 Feb 1999 */
+	cs=quad_cksum(cbc_data,(des_cblock *)qret,strlen((char *)cbc_data),2,
+		      &cbc_iv);
+
+	{ /* Big-endian fix */
+	static DES_LONG l=1;
+	static unsigned char *c=(unsigned char *)&l;
+	DES_LONG ll;
+
+	j=sizeof(lqret[0])-4;
+	for (i=0; i<4; i++)
+		{
+		lqret[i]=0;
+		memcpy(&(lqret[i]),&(qret[i][0]),4);
+		if (!c[0] && (j > 0))
+			lqret[i]=lqret[i]>>(j*8); /* For Cray */
+		}
+
+	if (!c[0])
+		{
+		ll=lqret[0]^lqret[3];
+		lqret[0]^=ll;
+		lqret[3]^=ll;
+		ll=lqret[1]^lqret[2];
+		lqret[1]^=ll;
+		lqret[2]^=ll;
+		}
+	}
 	if (cs != 0x70d7a63aL)
 		{
 		printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
 			(unsigned long)cs);
 		err=1;
 		}
-#ifdef _CRAY
-	if (lqret[0].a != 0x327eba8dL)
-		{
-		printf("quad_cksum error, out[0] %08lx is not %08lx\n",
-			(unsigned long)lqret[0].a,0x327eba8dUL);
-		err=1;
-		}
-	if (lqret[0].b != 0x201a49ccL)
-		{
-		printf("quad_cksum error, out[1] %08lx is not %08lx\n",
-			(unsigned long)lqret[0].b,0x201a49ccUL);
-		err=1;
-		}
-	if (lqret[1].a != 0x70d7a63aL)
-		{
-		printf("quad_cksum error, out[2] %08lx is not %08lx\n",
-			(unsigned long)lqret[1].a,0x70d7a63aUL);
-		err=1;
-		}
-	if (lqret[1].b != 0x501c2c26L)
-		{
-		printf("quad_cksum error, out[3] %08lx is not %08lx\n",
-			(unsigned long)lqret[1].b,0x501c2c26UL);
-		err=1;
-		}
-#else
 	if (lqret[0] != 0x327eba8dL)
 		{
 		printf("quad_cksum error, out[0] %08lx is not %08lx\n",
@@ -766,7 +762,6 @@ plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
 			(unsigned long)lqret[3],0x501c2c26UL);
 		err=1;
 		}
-#endif
 #endif
 
 	printf("input word alignment test");

crypto/des/doIP

@@ -0,0 +1,46 @@
+#!/usr/local/bin/perl
+
+@l=(
+	 0, 1, 2, 3, 4, 5, 6, 7,
+	 8, 9,10,11,12,13,14,15,
+	16,17,18,19,20,21,22,23,
+	24,25,26,27,28,29,30,31
+	);
+@r=(
+	32,33,34,35,36,37,38,39,
+	40,41,42,43,44,45,46,47,
+	48,49,50,51,52,53,54,55,
+	56,57,58,59,60,61,62,63
+	);
+
+require 'shifts.pl';
+
+sub PERM_OP
+	{
+	local(*a,*b,*t,$n,$m)=@_;
+
+	@z=&shift(*a,-$n);
+	@z=&xor(*b,*z);
+	@z=&and(*z,$m);
+	@b=&xor(*b,*z);
+	@z=&shift(*z,$n);
+	@a=&xor(*a,*z);
+	}
+
+
+@L=@l;
+@R=@r;
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+	&printit(@L);
+	&printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+	&printit(@L);
+	&printit(@R);