merge conflict

cyassl/openssl/ecdh.h

@@ -0,0 +1,3 @@
+/* ecdh.h for openssl */
+
+#include <wolfssl/openssl/ecdh.h>

cyassl/openssl/include.am

@@ -11,6 +11,7 @@ nobase_include_HEADERS+= \
                          cyassl/openssl/dh.h \
                          cyassl/openssl/dsa.h \
                          cyassl/openssl/ecdsa.h \
+                         cyassl/openssl/ecdh.h \
                          cyassl/openssl/ec.h \
                          cyassl/openssl/engine.h \
                          cyassl/openssl/err.h \

rpm/spec.in

@@ -134,6 +134,7 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_includedir}/cyassl/openssl/dsa.h
 %{_includedir}/cyassl/openssl/ec.h
 %{_includedir}/cyassl/openssl/ecdsa.h
+%{_includedir}/cyassl/openssl/ecdh.h
 %{_includedir}/cyassl/openssl/engine.h
 %{_includedir}/cyassl/openssl/err.h
 %{_includedir}/cyassl/openssl/evp.h
@@ -226,6 +227,7 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_includedir}/wolfssl/openssl/dsa.h
 %{_includedir}/wolfssl/openssl/ec.h
 %{_includedir}/wolfssl/openssl/ecdsa.h
+%{_includedir}/wolfssl/openssl/ecdh.h
 %{_includedir}/wolfssl/openssl/engine.h
 %{_includedir}/wolfssl/openssl/err.h
 %{_includedir}/wolfssl/openssl/evp.h

wolfcrypt/src/asn.c

@@ -1413,6 +1413,110 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
     return 0;
 }
 
+static mp_int* GetDsaInt(DsaKey* key, int idx)
+{
+	if (idx == 0)
+		return &key->p;
+	if (idx == 1)
+		return &key->q;
+	if (idx == 2)
+		return &key->g;
+	if (idx == 3)
+		return &key->x;
+	if (idx == 4)
+		return &key->y;
+
+	return NULL;
+}
+
+/* Release Tmp DSA resources */
+static INLINE void FreeTmpDsas(byte** tmps)
+{
+	int i;
+
+	for (i = 0; i < DSA_INTS; i++)
+		XFREE(tmps[i], NULL, DYNAMIC_TYPE_DSA);
+}
+
+/* Convert DsaKey key to DER format, write to output (inLen), return bytes
+ written */
+int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
+{
+	word32 seqSz, verSz, rawLen, intTotalLen = 0;
+	word32 sizes[DSA_INTS];
+	int    i, j, outLen, ret = 0;
+
+	byte  seq[MAX_SEQ_SZ];
+	byte  ver[MAX_VERSION_SZ];
+	byte* tmps[DSA_INTS];
+
+	if (!key || !output)
+		return BAD_FUNC_ARG;
+
+	if (key->type != DSA_PRIVATE)
+		return BAD_FUNC_ARG;
+
+	for (i = 0; i < DSA_INTS; i++)
+		tmps[i] = NULL;
+
+	/* write all big ints from key to DER tmps */
+	for (i = 0; i < DSA_INTS; i++) {
+		mp_int* keyInt = GetDsaInt(key, i);
+		rawLen = mp_unsigned_bin_size(keyInt);
+		tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
+		if (tmps[i] == NULL) {
+			ret = MEMORY_E;
+			break;
+		}
+
+		tmps[i][0] = ASN_INTEGER;
+		sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1;  /* int tag */
+
+		if (sizes[i] <= MAX_SEQ_SZ) {
+			int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
+			if (err == MP_OKAY) {
+				sizes[i] += rawLen;
+				intTotalLen += sizes[i];
+			}
+			else {
+				ret = err;
+				break;
+			}
+		}
+		else {
+			ret = ASN_INPUT_E;
+			break;
+		}
+	}
+
+	if (ret != 0) {
+		FreeTmpDsas(tmps);
+		return ret;
+	}
+
+	/* make headers */
+	verSz = SetMyVersion(0, ver, FALSE);
+	seqSz = SetSequence(verSz + intTotalLen, seq);
+
+	outLen = seqSz + verSz + intTotalLen;
+	if (outLen > (int)inLen)
+		return BAD_FUNC_ARG;
+
+	/* write to output */
+	XMEMCPY(output, seq, seqSz);
+	j = seqSz;
+	XMEMCPY(output + j, ver, verSz);
+	j += verSz;
+
+	for (i = 0; i < DSA_INTS; i++) {
+		XMEMCPY(output + j, tmps[i], sizes[i]);
+		j += sizes[i];
+	}
+	FreeTmpDsas(tmps);
+
+	return outLen;
+}
+
 #endif /* NO_DSA */
 
 
@@ -6609,8 +6713,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
     byte* priv;
     byte* pub;
 #else
-    byte priv[ECC_MAXSIZE];
+    byte priv[ECC_MAXSIZE+1];
-    byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */
+    byte pub[2*(ECC_MAXSIZE+1)]; /* public key has two parts plus header */
 #endif
 
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
@@ -6636,11 +6740,11 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
         return BUFFER_E;
 
 #ifdef WOLFSSL_SMALL_STACK
-    priv = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    priv = (byte*)XMALLOC(ECC_MAXSIZE+1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     if (priv == NULL)
         return MEMORY_E;
     
-    pub = (byte*)XMALLOC(ECC_MAXSIZE * 2 + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    pub = (byte*)XMALLOC(2*(ECC_MAXSIZE+1), NULL, DYNAMIC_TYPE_TMP_BUFFER);
     if (pub == NULL) {
         XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         return MEMORY_E;
@@ -6713,7 +6817,7 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
                 else {
                     /* pub key */
                     pubSz = length - 1;  /* null prefix */
-                    if (pubSz < (ECC_MAXSIZE*2 + 1)) {
+                    if (pubSz < 2*(ECC_MAXSIZE+1)) {
                         XMEMCPY(pub, &input[*inOutIdx], pubSz);
                         *inOutIdx += length;
                         ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,

wolfcrypt/src/integer.c

@@ -45,7 +45,23 @@
     #endif
 #endif
 
-static void bn_reverse (unsigned char *s, int len);
+/* reverse an array, used for radix code */
+static void
+bn_reverse (unsigned char *s, int len)
+{
+	int     ix, iy;
+	unsigned char t;
+
+	ix = 0;
+	iy = len - 1;
+	while (ix < iy) {
+		t     = s[ix];
+		s[ix] = s[iy];
+		s[iy] = t;
+		++ix;
+		--iy;
+	}
+}
 
 /* math settings check */
 word32 CheckRunTimeSettings(void)
@@ -327,25 +343,6 @@ int mp_grow (mp_int * a, int size)
 }
 
 
-/* reverse an array, used for radix code */
-void
-bn_reverse (unsigned char *s, int len)
-{
-  int     ix, iy;
-  unsigned char t;
-
-  ix = 0;
-  iy = len - 1;
-  while (ix < iy) {
-    t     = s[ix];
-    s[ix] = s[iy];
-    s[iy] = t;
-    ++ix;
-    --iy;
-  }
-}
-
-
 /* shift right by a certain bit count (store quotient in c, optional
    remainder in d) */
 int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
@@ -1251,6 +1248,14 @@ void mp_set (mp_int * a, mp_digit b)
   a->used  = (a->dp[0] != 0) ? 1 : 0;
 }
 
+/* chek if a bit is set */
+int mp_is_bit_set (mp_int *a, mp_digit b)
+{
+	if ((mp_digit)a->used < b/DIGIT_BIT)
+		return 0;
+
+	return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (mp_digit)1);
+}
 
 /* c = a mod b, 0 <= c < b */
 int
@@ -2514,6 +2519,25 @@ mp_2expt (mp_int * a, int b)
   return MP_OKAY;
 }
 
+/* set the b bit of a */
+int
+mp_set_bit (mp_int * a, int b)
+{
+	int i = b / DIGIT_BIT, res;
+
+	/* grow a to accomodate the single bit */
+	if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
+		return res;
+	}
+
+	/* set the used count of where the bit will go */
+	a->used = i + 1;
+
+	/* put the single bit in its place */
+	a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
+
+	return MP_OKAY;
+}
 
 /* multiply by a digit */
 int
@@ -3961,7 +3985,7 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
 #endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */
 
 
-#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
+#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC)
 
 static const int lnz[16] = {
    4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
@@ -4096,7 +4120,7 @@ int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
   return mp_div_d(a, b, NULL, c);
 }
 
-#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
+#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC) */
 
 #ifdef WOLFSSL_KEY_GEN
 
@@ -4514,6 +4538,115 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
   return MP_OKAY;
 }
 
+/* returns size of ASCII representation */
+int mp_radix_size (mp_int *a, int radix, int *size)
+{
+	int     res, digs;
+	mp_int  t;
+	mp_digit d;
+
+	*size = 0;
+
+	/* special case for binary */
+	if (radix == 2) {
+		*size = mp_count_bits (a) + (a->sign == MP_NEG ? 1 : 0) + 1;
+		return MP_OKAY;
+	}
+
+	/* make sure the radix is in range */
+	if (radix < 2 || radix > 64) {
+		return MP_VAL;
+	}
+
+	if (mp_iszero(a) == MP_YES) {
+		*size = 2;
+		return MP_OKAY;
+	}
+
+	/* digs is the digit count */
+	digs = 0;
+
+	/* if it's negative add one for the sign */
+	if (a->sign == MP_NEG) {
+		++digs;
+	}
+
+	/* init a copy of the input */
+	if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
+		return res;
+	}
+
+	/* force temp to positive */
+	t.sign = MP_ZPOS;
+
+	/* fetch out all of the digits */
+	while (mp_iszero (&t) == MP_NO) {
+		if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
+			mp_clear (&t);
+			return res;
+		}
+		++digs;
+	}
+	mp_clear (&t);
+
+	/* return digs + 1, the 1 is for the NULL byte that would be required. */
+	*size = digs + 1;
+	return MP_OKAY;
+}
+
+/* stores a bignum as a ASCII string in a given radix (2..64) */
+int mp_toradix (mp_int *a, char *str, int radix)
+{
+	int     res, digs;
+	mp_int  t;
+	mp_digit d;
+	char   *_s = str;
+
+	/* check range of the radix */
+	if (radix < 2 || radix > 64) {
+		return MP_VAL;
+	}
+
+	/* quick out if its zero */
+	if (mp_iszero(a) == 1) {
+		*str++ = '0';
+		*str = '\0';
+		return MP_OKAY;
+	}
+
+	if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
+		return res;
+	}
+
+	/* if it is negative output a - */
+	if (t.sign == MP_NEG) {
+		++_s;
+		*str++ = '-';
+		t.sign = MP_ZPOS;
+	}
+
+	digs = 0;
+	while (mp_iszero (&t) == 0) {
+		if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
+			mp_clear (&t);
+			return res;
+		}
+		*str++ = mp_s_rmap[d];
+		++digs;
+	}
+
+	/* reverse the digits of the string.  In this case _s points
+	 * to the first digit [exluding the sign] of the number]
+	 */
+	bn_reverse ((unsigned char *)_s, digs);
+
+	/* append a NULL so the string is properly terminated */
+	*str = '\0';
+
+	mp_clear (&t);
+	return MP_OKAY;
+}
+
 #endif /* HAVE_ECC */
 
 #endif /* USE_FAST_MATH */

wolfcrypt/src/tfm.c

@@ -97,7 +97,7 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c)
   y       = MAX(a->used, b->used);
   oldused = MIN(c->used, FP_SIZE);   /* help static analysis w/ largest size */
   c->used = y;
- 
+
   t = 0;
   for (x = 0; x < y; x++) {
       t         += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
@@ -192,9 +192,9 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
     }
 
     /* pick a comba (unrolled 4/8/16/32 x or rolled) based on the size
-       of the largest input.  We also want to avoid doing excess mults if the 
+       of the largest input.  We also want to avoid doing excess mults if the
        inputs are not close to the next power of two.  That is, for example,
-       if say y=17 then we would do (32-17)^2 = 225 unneeded multiplications 
+       if say y=17 then we would do (32-17)^2 = 225 unneeded multiplications
     */
 
 #ifdef TFM_MUL3
@@ -251,7 +251,7 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
            fp_mul_comba_small(A,B,C);
            return;
         }
-#endif        
+#endif
 #if defined(TFM_MUL20)
         if (y <= 20) {
            fp_mul_comba20(A,B,C);
@@ -281,7 +281,7 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
            fp_mul_comba48(A,B,C);
            return;
         }
-#endif        
+#endif
 #if defined(TFM_MUL64)
         if (yy >= 56 && y <= 64) {
            fp_mul_comba64(A,B,C);
@@ -294,7 +294,7 @@ void fp_mul(fp_int *A, fp_int *B, fp_int *C)
 void fp_mul_2(fp_int * a, fp_int * b)
 {
   int     x, oldused;
-   
+
   oldused = b->used;
   b->used = a->used;
 
@@ -303,24 +303,24 @@ void fp_mul_2(fp_int * a, fp_int * b)
 
     /* alias for source */
     tmpa = a->dp;
-    
+
     /* alias for dest */
     tmpb = b->dp;
 
     /* carry */
     r = 0;
     for (x = 0; x < a->used; x++) {
-    
+
-      /* get what will be the *next* carry bit from the 
+      /* get what will be the *next* carry bit from the
-       * MSB of the current digit 
+       * MSB of the current digit
        */
       rr = *tmpa >> ((fp_digit)(DIGIT_BIT - 1));
-      
+
       /* now shift up this digit, add in the carry [from the previous] */
       *tmpb++ = ((*tmpa++ << ((fp_digit)1)) | r);
-      
+
-      /* copy the carry that would be from the source 
+      /* copy the carry that would be from the source
-       * digit into the next iteration 
+       * digit into the next iteration
        */
       r = rr;
     }
@@ -332,8 +332,8 @@ void fp_mul_2(fp_int * a, fp_int * b)
       ++(b->used);
     }
 
-    /* now zero any excess digits on the destination 
+    /* now zero any excess digits on the destination
-     * that we didn't write to 
+     * that we didn't write to
      */
     tmpb = b->dp + b->used;
     for (x = b->used; x < oldused; x++) {
@@ -385,7 +385,7 @@ void fp_mul_2d(fp_int *a, int b, fp_int *c)
 
    /* shift the digits */
    if (b != 0) {
-      carry = 0;   
+      carry = 0;
       shift = DIGIT_BIT - b;
       for (x = 0; x < c->used; x++) {
           carrytmp = c->dp[x] >> shift;
@@ -405,7 +405,7 @@ void fp_mul_2d(fp_int *a, int b, fp_int *c)
 
 INLINE static void fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
 
-{     
+{
    int       ix, iy, iz, pa;
    fp_int    tmp, *dst;
 
@@ -414,7 +414,7 @@ INLINE static void fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
    if (pa >= FP_SIZE) {
       pa = FP_SIZE-1;
    }
- 
+
    if (A == C || B == C) {
       fp_init(&tmp);
       dst = &tmp;
@@ -428,7 +428,7 @@ INLINE static void fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
   dst->used = pa;
   dst->sign = A->sign ^ B->sign;
   fp_clamp(dst);
-  fp_copy(dst, C);  
+  fp_copy(dst, C);
 }
 #endif
 
@@ -442,7 +442,7 @@ void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
 
    COMBA_START;
    COMBA_CLEAR;
-   
+
    /* get size of output and trim */
    pa = A->used + B->used;
    if (pa >= FP_SIZE) {
@@ -466,7 +466,7 @@ void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
       tmpx = A->dp + tx;
       tmpy = B->dp + ty;
 
-      /* this is the number of times the loop will iterrate, essentially its 
+      /* this is the number of times the loop will iterrate, essentially its
          while (tx++ < a->used && ty-- >= 0) { ... }
        */
       iy = MIN(A->used-tx, ty+1);
@@ -504,7 +504,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
   if (fp_cmp_mag (a, b) == FP_LT) {
     if (d != NULL) {
       fp_copy (a, d);
-    } 
+    }
     if (c != NULL) {
       fp_zero (c);
     }
@@ -554,7 +554,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
       continue;
     }
 
-    /* step 3.1 if xi == yt then set q{i-t-1} to b-1, 
+    /* step 3.1 if xi == yt then set q{i-t-1} to b-1,
      * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
     if (x.dp[i] == y.dp[t]) {
       q.dp[i - t - 1] = (fp_digit) ((((fp_word)1) << DIGIT_BIT) - 1);
@@ -566,10 +566,10 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
       q.dp[i - t - 1] = (fp_digit) (tmp);
     }
 
-    /* while (q{i-t-1} * (yt * b + y{t-1})) > 
+    /* while (q{i-t-1} * (yt * b + y{t-1})) >
-             xi * b**2 + xi-1 * b + xi-2 
+             xi * b**2 + xi-1 * b + xi-2
-     
+
-       do q{i-t-1} -= 1; 
+       do q{i-t-1} -= 1;
     */
     q.dp[i - t - 1] = (q.dp[i - t - 1] + 1);
     do {
@@ -603,10 +603,10 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
     }
   }
 
-  /* now q is the quotient and x is the remainder 
+  /* now q is the quotient and x is the remainder
-   * [which we have to normalize] 
+   * [which we have to normalize]
    */
-  
+
   /* get sign before writing to c */
   x.sign = x.used == 0 ? FP_ZPOS : a->sign;
 
@@ -619,7 +619,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
   if (d != NULL) {
     fp_div_2d (&x, norm, &x, NULL);
 
-/* the following is a kludge, essentially we were seeing the right remainder but 
+/* the following is a kludge, essentially we were seeing the right remainder but
    with excess digits that should have been zero
  */
     for (i = b->used; i < x.used; i++) {
@@ -743,7 +743,7 @@ void fp_mod_2d(fp_int *a, int b, fp_int *c)
 
    /* get copy of input */
    fp_copy(a, c);
- 
+
    /* if 2**d is larger than we just return */
    if (b >= (DIGIT_BIT * a->used)) {
       return;
@@ -852,12 +852,12 @@ top:
   while (fp_cmp_d(&C, 0) == FP_LT) {
       fp_add(&C, b, &C);
   }
-  
+
   /* too big */
   while (fp_cmp_mag(&C, b) != FP_LT) {
       fp_sub(&C, b, &C);
   }
-  
+
   /* C is now the inverse */
   fp_copy(&C, c);
   return FP_OKAY;
@@ -965,7 +965,7 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
 
 #ifdef TFM_TIMING_RESISTANT
 
-/* timing resistant montgomery ladder based exptmod 
+/* timing resistant montgomery ladder based exptmod
 
    Based on work by Marc Joye, Sung-Ming Yen, "The Montgomery Powering Ladder", Cryptographic Hardware and Embedded Systems, CHES 2002
 */
@@ -980,9 +980,9 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
      return err;
   }
 
-  fp_init(&R[0]);   
+  fp_init(&R[0]);
-  fp_init(&R[1]);   
+  fp_init(&R[1]);
-   
+
   /* now we need R mod m */
   fp_montgomery_calc_normalization (&R[0], P);
 
@@ -998,7 +998,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
   /* for j = t-1 downto 0 do
         r_!k = R0*R1; r_k = r_k^2
   */
-  
+
   /* set initial mode and bit cnt */
   bitcnt = 1;
   buf    = 0;
@@ -1028,11 +1028,11 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
    fp_montgomery_reduce(&R[0], P, mp);
    fp_copy(&R[0], Y);
    return FP_OKAY;
-}   
+}
 
 #else
 
-/* y = g**x (mod b) 
+/* y = g**x (mod b)
  * Some restrictions... x must be positive and < b
  */
 static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
@@ -1053,10 +1053,10 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
     winsize = 5;
   } else {
     winsize = 6;
-  } 
+  }
 
   /* init M array */
-  XMEMSET(M, 0, sizeof(M)); 
+  XMEMSET(M, 0, sizeof(M));
 
   /* now setup montgomery  */
   if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
@@ -1218,7 +1218,7 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
       return err;
 #else
       return FP_VAL;
-#endif 
+#endif
    }
    else {
       /* Positive exponent so just exptmod */
@@ -1234,13 +1234,13 @@ void fp_2expt(fp_int *a, int b)
    /* zero a as per default */
    fp_zero (a);
 
-   if (b < 0) { 
+   if (b < 0) {
       return;
    }
 
    z = b / DIGIT_BIT;
    if (z >= FP_SIZE) {
-      return; 
+      return;
    }
 
   /* set the used count of where the bit will go */
@@ -1362,7 +1362,7 @@ void fp_sqr_comba(fp_int *A, fp_int *B)
   fp_int    tmp, *dst;
 #ifdef TFM_ISO
   fp_word   tt;
-#endif    
+#endif
 
   /* get size of output and trim */
   pa = A->used + A->used;
@@ -1382,7 +1382,7 @@ void fp_sqr_comba(fp_int *A, fp_int *B)
      dst = B;
   }
 
-  for (ix = 0; ix < pa; ix++) { 
+  for (ix = 0; ix < pa; ix++) {
       int      tx, ty, iy;
       fp_digit *tmpy, *tmpx;
 
@@ -1399,9 +1399,9 @@ void fp_sqr_comba(fp_int *A, fp_int *B)
        */
       iy = MIN(A->used-tx, ty+1);
 
-      /* now for squaring tx can never equal ty 
+      /* now for squaring tx can never equal ty
-       * we halve the distance since they approach 
+       * we halve the distance since they approach
-       * at a rate of 2x and we have to round because 
+       * at a rate of 2x and we have to round because
        * odd cases need to be executed
        */
       iy = MIN(iy, (ty-tx+1)>>1);
@@ -1562,14 +1562,14 @@ void fp_montgomery_calc_normalization(fp_int *a, fp_int *b)
 #endif
 
 #ifdef HAVE_INTEL_MULX
-static inline void innermul8_mulx(fp_digit *c_mulx, fp_digit *cy_mulx, fp_digit *tmpm, fp_digit mu) 
+static inline void innermul8_mulx(fp_digit *c_mulx, fp_digit *cy_mulx, fp_digit *tmpm, fp_digit mu)
 {
     fp_digit _c0, _c1, _c2, _c3, _c4, _c5, _c6, _c7, cy ;
 
     cy = *cy_mulx ;
-    _c0=c_mulx[0]; _c1=c_mulx[1]; _c2=c_mulx[2]; _c3=c_mulx[3]; _c4=c_mulx[4]; _c5=c_mulx[5]; _c6=c_mulx[6]; _c7=c_mulx[7];    
+    _c0=c_mulx[0]; _c1=c_mulx[1]; _c2=c_mulx[2]; _c3=c_mulx[3]; _c4=c_mulx[4]; _c5=c_mulx[5]; _c6=c_mulx[6]; _c7=c_mulx[7];
     INNERMUL8_MULX ;
-    c_mulx[0]=_c0; c_mulx[1]=_c1; c_mulx[2]=_c2; c_mulx[3]=_c3; c_mulx[4]=_c4; c_mulx[5]=_c5; c_mulx[6]=_c6; c_mulx[7]=_c7; 
+    c_mulx[0]=_c0; c_mulx[1]=_c1; c_mulx[2]=_c2; c_mulx[3]=_c3; c_mulx[4]=_c4; c_mulx[5]=_c5; c_mulx[6]=_c6; c_mulx[7]=_c7;
     *cy_mulx = cy ;
 }
 
@@ -1625,7 +1625,7 @@ static void fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp)
            PROPCARRY;
            ++_c;
        }
-  }         
+  }
 
   /* now copy out */
   _c   = c + pa;
@@ -1642,7 +1642,7 @@ static void fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp)
 
   a->used = pa+1;
   fp_clamp(a);
-  
+
   /* if A >= m then A = A - m */
   if (fp_cmp_mag (a, m) != FP_LT) {
     s_fp_sub (a, m, a);
@@ -1706,7 +1706,7 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
            PROPCARRY;
            ++_c;
        }
-  }         
+  }
 
   /* now copy out */
   _c   = c + pa;
@@ -1723,7 +1723,7 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
 
   a->used = pa+1;
   fp_clamp(a);
-  
+
   /* if A >= m then A = A - m */
   if (fp_cmp_mag (a, m) != FP_LT) {
     s_fp_sub (a, m, a);
@@ -1810,6 +1810,15 @@ void fp_set(fp_int *a, fp_digit b)
    a->used  = a->dp[0] ? 1 : 0;
 }
 
+/* chek if a bit is set */
+int fp_is_bit_set (fp_int *a, fp_digit b)
+{
+	if ((fp_digit)a->used < b/DIGIT_BIT)
+		return 0;
+
+	return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (fp_digit)1);
+}
+
 int fp_count_bits (fp_int * a)
 {
   int     r;
@@ -1865,7 +1874,7 @@ void fp_lshd(fp_int *a, int x)
    for (; y >= x; y--) {
        a->dp[y] = a->dp[y-x];
    }
- 
+
    /* zero lower digits */
    for (; y >= 0; y--) {
        a->dp[y] = 0;
@@ -1927,7 +1936,7 @@ void fp_rshd(fp_int *a, int x)
    for (; y < a->used; y++) {
       a->dp[y] = 0;
    }
-   
+
    /* decrement count */
    a->used -= x;
    fp_clamp(a);
@@ -2100,6 +2109,11 @@ int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
     return MP_OKAY;
 }
 
+int mp_mul_2d(fp_int *a, int b, fp_int *c)
+{
+	fp_mul_2d(a, b, c);
+	return MP_OKAY;
+}
 
 #ifdef ALT_ECC_SIZE
 void fp_copy(fp_int *a, fp_int* b)
@@ -2169,6 +2183,10 @@ int mp_set_int(fp_int *a, fp_digit b)
     return MP_OKAY;
 }
 
+int mp_is_bit_set (fp_int *a, fp_digit b)
+{
+	return fp_is_bit_set(a, b);
+}
 
 #if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
 
@@ -2288,13 +2306,13 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
 
   /* no easy answer [c'est la vie].  Just division */
   fp_init(&q);
-  
+
   q.used = a->used;
   q.sign = a->sign;
   w = 0;
   for (ix = a->used - 1; ix >= 0; ix--) {
      w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
-     
+
      if (w >= b) {
         t = (fp_digit)(w / b);
         w -= ((fp_word)t) * ((fp_word)b);
@@ -2303,16 +2321,16 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
       }
       q.dp[ix] = (fp_digit)t;
   }
-  
+
   if (d != NULL) {
      *d = (fp_digit)w;
   }
-  
+
   if (c != NULL) {
      fp_clamp(&q);
      fp_copy(&q, c);
   }
- 
+
   return FP_OKAY;
 }
 
@@ -2357,11 +2375,11 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
     return MP_OKAY;
 }
 
-/* Miller-Rabin test of "a" to the base of "b" as described in 
+/* Miller-Rabin test of "a" to the base of "b" as described in
  * HAC pp. 139 Algorithm 4.24
  *
  * Sets result to 0 if definitely composite or 1 if probably prime.
- * Randomly the chance of error is no more than 1/4 and often 
+ * Randomly the chance of error is no more than 1/4 and often
  * very much lower.
  */
 static void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
@@ -2375,7 +2393,7 @@ static void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
   /* ensure b > 1 */
   if (fp_cmp_d(b, 1) != FP_GT) {
      return;
-  }     
+  }
 
   /* get n1 = a - 1 */
   fp_init_copy(&n1, a);
@@ -2501,7 +2519,7 @@ void fp_lcm(fp_int *a, fp_int *b, fp_int *c)
    } else {
       fp_div(b, &t1, &t2, NULL);
       fp_mul(a, &t2, c);
-   }   
+   }
 }
 
 
@@ -2537,7 +2555,7 @@ void fp_gcd(fp_int *a, fp_int *b, fp_int *c)
       fp_init_copy(&u, b);
       fp_init_copy(&v, a);
    }
- 
+
    fp_init(&r);
    while (fp_iszero(&v) == FP_NO) {
       fp_mod(&u, &v, &r);
@@ -2649,7 +2667,7 @@ int mp_sqr(fp_int *A, fp_int *B)
     fp_sqr(A, B);
     return MP_OKAY;
 }
-  
+
 /* fast math conversion */
 int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
 {
@@ -2677,6 +2695,11 @@ int mp_init_copy(fp_int * a, fp_int * b)
     return MP_OKAY;
 }
 
+int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
+{
+    fp_div_2d(a, b, c, d);
+    return MP_OKAY;
+}
 
 #ifdef HAVE_COMP_KEY
 
@@ -2686,15 +2709,119 @@ int mp_cnt_lsb(fp_int* a)
     return MP_OKAY;
 }
 
-int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
-{
-    fp_div_2d(a, b, c, d);
-    return MP_OKAY;
-}
-
 #endif /* HAVE_COMP_KEY */
 
 
+#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
+
+/* returns size of ASCII reprensentation */
+int mp_radix_size (mp_int *a, int radix, int *size)
+{
+	int     res, digs;
+	fp_int  t;
+	fp_digit d;
+
+	*size = 0;
+
+	/* special case for binary */
+	if (radix == 2) {
+		*size = fp_count_bits (a) + (a->sign == FP_NEG ? 1 : 0) + 1;
+		return FP_YES;
+	}
+
+	/* make sure the radix is in range */
+	if (radix < 2 || radix > 64) {
+		return FP_VAL;
+	}
+
+	if (fp_iszero(a) == MP_YES) {
+		*size = 2;
+		return FP_YES;
+	}
+
+	/* digs is the digit count */
+	digs = 0;
+
+	/* if it's negative add one for the sign */
+	if (a->sign == FP_NEG) {
+		++digs;
+	}
+
+	/* init a copy of the input */
+	fp_init_copy (&t, a);
+
+	/* force temp to positive */
+	t.sign = FP_ZPOS;
+
+	/* fetch out all of the digits */
+	while (fp_iszero (&t) == FP_NO) {
+		if ((res = fp_div_d (&t, (mp_digit) radix, &t, &d)) != FP_OKAY) {
+			fp_zero (&t);
+			return res;
+		}
+		++digs;
+	}
+	fp_zero (&t);
+
+	/* return digs + 1, the 1 is for the NULL byte that would be required. */
+	*size = digs + 1;
+	return FP_OKAY;
+}
+
+/* stores a bignum as a ASCII string in a given radix (2..64) */
+int mp_toradix (mp_int *a, char *str, int radix)
+{
+	int     res, digs;
+	fp_int  t;
+	fp_digit d;
+	char   *_s = str;
+
+	/* check range of the radix */
+	if (radix < 2 || radix > 64) {
+		return FP_VAL;
+	}
+
+	/* quick out if its zero */
+	if (fp_iszero(a) == 1) {
+		*str++ = '0';
+		*str = '\0';
+		return FP_YES;
+	}
+
+	/* init a copy of the input */
+	fp_init_copy (&t, a);
+
+	/* if it is negative output a - */
+	if (t.sign == FP_NEG) {
+		++_s;
+		*str++ = '-';
+		t.sign = FP_ZPOS;
+	}
+
+	digs = 0;
+	while (fp_iszero (&t) == 0) {
+		if ((res = fp_div_d (&t, (fp_digit) radix, &t, &d)) != FP_OKAY) {
+			fp_zero (&t);
+			return res;
+		}
+		*str++ = fp_s_rmap[d];
+		++digs;
+	}
+
+	/* reverse the digits of the string.  In this case _s points
+	 * to the first digit [exluding the sign] of the number]
+	 */
+	fp_reverse ((unsigned char *)_s, digs);
+
+	/* append a NULL so the string is properly terminated */
+	*str = '\0';
+
+	fp_zero (&t);
+	return FP_OKAY;
+}
+
+#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
+
 #endif /* HAVE_ECC */
 
 #endif /* USE_FAST_MATH */

wolfssl/openssl/bn.h

@@ -5,6 +5,7 @@
 #define WOLFSSL_BN_H_
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/integer.h>
 
 #ifdef __cplusplus
     extern "C" {
@@ -16,8 +17,10 @@ typedef struct WOLFSSL_BIGNUM {
 } WOLFSSL_BIGNUM;
 
 
-typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
+#define WOLFSSL_BN_ULONG mp_digit
 
+typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
+typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
 
 WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
 WOLFSSL_API void           wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*);
@@ -58,14 +61,28 @@ WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str);
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*);
 WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
 
-WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, unsigned long w);
-
 WOLFSSL_API int   wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str);
 WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*);
 
+WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
+WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
+WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
+WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
+
+
+/* 2/6 */
+WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*);
+WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int, WOLFSSL_BN_CTX*, WOLFSSL_BN_GENCB*);
+WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
+WOLFSSL_API int wolfSSL_BN_print_fp(FILE*, const WOLFSSL_BIGNUM*);
+WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
+WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
 
 typedef WOLFSSL_BIGNUM BIGNUM;
 typedef WOLFSSL_BN_CTX BN_CTX;
+typedef WOLFSSL_BN_GENCB BN_GENCB;
 
 #define BN_CTX_new        wolfSSL_BN_CTX_new
 #define BN_CTX_init       wolfSSL_BN_CTX_init
@@ -104,10 +121,25 @@ typedef WOLFSSL_BN_CTX BN_CTX;
 
 #define BN_dec2bn wolfSSL_BN_dec2bn
 #define BN_bn2dec wolfSSL_BN_bn2dec
+#define BN_bn2hex wolfSSL_BN_bn2hex
 
+#define BN_lshift wolfSSL_BN_lshift
+#define BN_add_word wolfSSL_BN_add_word
+#define BN_add wolfSSL_BN_add
+#define BN_set_word wolfSSL_BN_set_word
+#define BN_set_bit wolfSSL_BN_set_bit
+
+
+#define BN_is_prime_ex wolfSSL_BN_is_prime_ex
+#define BN_print_fp wolfSSL_BN_print_fp
+#define BN_rshift wolfSSL_BN_rshift
+#define BN_mod_word wolfSSL_BN_mod_word
+
+#define BN_CTX_get wolfSSL_BN_CTX_get
+#define BN_CTX_start wolfSSL_BN_CTX_start
 
 #ifdef __cplusplus
-    }  /* extern "C" */ 
+    }  /* extern "C" */
 #endif
 
 

wolfssl/openssl/dsa.h

@@ -38,6 +38,8 @@ WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
 WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz);
 WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
                                   WOLFSSL_DSA* dsa);
+WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d, unsigned char* sig,
+								WOLFSSL_DSA* dsa, int *dsacheck);
 
 #define DSA_new wolfSSL_DSA_new
 #define DSA_free wolfSSL_DSA_free

wolfssl/openssl/ec.h

@@ -1,2 +1,123 @@
 /* ec.h for openssl */
 
+#ifndef WOLFSSL_EC_H_
+#define WOLFSSL_EC_H_
+
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/openssl/bn.h>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Map OpenSSL NID value */
+enum {
+	POINT_CONVERSION_UNCOMPRESSED = 4,
+	NID_secp111r1 = 0,
+	NID_secp128r1 = 1,
+	NID_secp160r1 = 2,
+	NID_cert192 = 3,
+	NID_cert224 = 4,
+	NID_X9_62_prime256v1 = 5,
+	NID_secp384r1 = 6,
+	NID_secp521r1 = 7,
+	NID_X9_62_prime_field = 100,
+	OPENSSL_EC_NAMED_CURVE  = 0x001
+};
+
+struct WOLFSSL_EC_POINT {
+	WOLFSSL_BIGNUM *X;
+	WOLFSSL_BIGNUM *Y;
+	WOLFSSL_BIGNUM *Z;
+
+	void*          internal;     /* our ECC point */
+	char           inSet;        /* internal set from external ? */
+	char           exSet;        /* external set from internal ? */
+};
+
+struct WOLFSSL_EC_GROUP {
+	int curve_idx; /* index of curve, used by WolfSSL as a curve reference */
+	int curve_nid; /* NID of curve, used by OpenSSL/OpenSSH as a curve reference */
+};
+
+struct WOLFSSL_EC_KEY {
+	WOLFSSL_EC_GROUP *group;
+	WOLFSSL_EC_POINT *pub_key;
+	WOLFSSL_BIGNUM *priv_key;
+
+	void*          internal;     /* our ECC Key */
+	char           inSet;        /* internal set from external ? */
+	char           exSet;        /* external set from internal ? */
+};
+
+WOLFSSL_API int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve, const WOLFSSL_EC_POINT *p, unsigned char *out, unsigned int *len);
+WOLFSSL_API int wolfSSL_ECPoint_d2i(unsigned char *in, unsigned int len, const WOLFSSL_EC_GROUP *curve, WOLFSSL_EC_POINT *p);
+WOLFSSL_API int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key, const unsigned char* der,  int derSz);
+
+WOLFSSL_API void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key);
+WOLFSSL_API WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key);
+WOLFSSL_API const WOLFSSL_EC_GROUP *wolfSSL_EC_KEY_get0_group(const WOLFSSL_EC_KEY *key);
+WOLFSSL_API int wolfSSL_EC_KEY_set_private_key(WOLFSSL_EC_KEY *key, const WOLFSSL_BIGNUM *priv_key);
+WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key);
+WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid);
+WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void);
+WOLFSSL_API int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
+WOLFSSL_API int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key);
+WOLFSSL_API void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag);
+WOLFSSL_API int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, const WOLFSSL_EC_POINT *pub);
+
+
+WOLFSSL_API void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag);
+WOLFSSL_API WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_new_by_curve_name(int nid);
+WOLFSSL_API int wolfSSL_EC_GROUP_cmp(const WOLFSSL_EC_GROUP *a, const WOLFSSL_EC_GROUP *b, WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API int wolfSSL_EC_GROUP_get_curve_name(const WOLFSSL_EC_GROUP *group);
+WOLFSSL_API int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group);
+WOLFSSL_API int wolfSSL_EC_GROUP_get_order(const WOLFSSL_EC_GROUP *group, WOLFSSL_BIGNUM *order, WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group);
+
+WOLFSSL_API void wolfssl_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p);
+WOLFSSL_API WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
+WOLFSSL_API int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *p,
+														WOLFSSL_BIGNUM *x, WOLFSSL_BIGNUM *y, WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r, const WOLFSSL_BIGNUM *n,
+									 const WOLFSSL_EC_POINT *q, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *point);
+WOLFSSL_API int wolfSSL_EC_POINT_cmp(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *a,
+									 const WOLFSSL_EC_POINT *b, WOLFSSL_BN_CTX *ctx);
+WOLFSSL_API void wolfSSL_EC_POINT_free(WOLFSSL_EC_POINT *point);
+WOLFSSL_API int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *a);
+
+#define EC_KEY_free wolfSSL_EC_KEY_free
+#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
+#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
+#define EC_KEY_set_private_key wolfSSL_EC_KEY_set_private_key
+#define EC_KEY_get0_private_key wolfSSL_EC_KEY_get0_private_key
+#define	EC_KEY_new_by_curve_name wolfSSL_EC_KEY_new_by_curve_name
+#define EC_KEY_set_group wolfSSL_EC_KEY_set_group
+#define EC_KEY_generate_key	wolfSSL_EC_KEY_generate_key
+#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
+#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
+#define EC_KEY_new wolfSSL_EC_KEY_new
+
+#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
+#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
+#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
+#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
+#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
+#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
+#define EC_GROUP_free wolfSSL_EC_GROUP_free
+
+#define EC_POINT_new wolfSSL_EC_POINT_new
+#define EC_POINT_get_affine_coordinates_GFp wolfSSL_EC_POINT_get_affine_coordinates_GFp
+#define EC_POINT_mul wolfSSL_EC_POINT_mul
+#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
+#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
+#define EC_POINT_free wolfSSL_EC_POINT_free
+#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* header */

wolfssl/openssl/ecdh.h

@@ -0,0 +1,23 @@
+/* ecdh.h for openssl */
+
+#ifndef WOLFSSL_ECDH_H_
+#define WOLFSSL_ECDH_H_
+
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/openssl/bn.h>
+
+#ifdef __cplusplus
+extern C {
+#endif
+
+
+WOLFSSL_API	int wolfSSL_ECDH_compute_key(void *out, size_t outlen, const WOLFSSL_EC_POINT *pub_key,
+								 WOLFSSL_EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
+
+#define ECDH_compute_key wolfSSL_ECDH_compute_key
+
+#ifdef __cplusplus
+}  /* extern C */
+#endif
+
+#endif /* header */

wolfssl/openssl/ecdsa.h

@@ -1,2 +1,38 @@
 /* ecdsa.h for openssl */
 
+#ifndef WOLFSSL_ECDSA_H_
+#define WOLFSSL_ECDSA_H_
+
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/openssl/bn.h>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct WOLFSSL_ECDSA_SIG {
+	WOLFSSL_BIGNUM *r;
+	WOLFSSL_BIGNUM *s;
+#if 0
+	void*          internal;     /* our EC DSA */
+	char           inSet;        /* internal set from external ? */
+	char           exSet;        /* external set from internal ? */
+#endif
+};
+
+WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig);
+WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void);
+WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst, int dgst_len, WOLFSSL_EC_KEY *eckey);
+WOLFSSL_API int wolfSSL_ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const WOLFSSL_ECDSA_SIG *sig, WOLFSSL_EC_KEY *eckey);
+
+#define	ECDSA_SIG_free wolfSSL_ECDSA_SIG_free
+#define	ECDSA_SIG_new wolfSSL_ECDSA_SIG_new
+#define	ECDSA_do_sign wolfSSL_ECDSA_do_sign
+#define	ECDSA_do_verify wolfSSL_ECDSA_do_verify
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* header */

wolfssl/openssl/evp.h

@@ -41,6 +41,7 @@
 #include <wolfssl/openssl/ripemd.h>
 #include <wolfssl/openssl/rsa.h>
 #include <wolfssl/openssl/dsa.h>
+#include <wolfssl/openssl/ec.h>
 
 #include <wolfssl/wolfcrypt/aes.h>
 #include <wolfssl/wolfcrypt/des3.h>
@@ -124,6 +125,7 @@ enum {
     NULL_CIPHER_TYPE  = 10,
     EVP_PKEY_RSA      = 11,
     EVP_PKEY_DSA      = 12,
+	EVP_PKEY_EC		  = 13,
     NID_sha1          = 64,
     NID_md5           =  4
 };
@@ -182,6 +184,7 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
 
 WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
 WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
+WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
 
 /* these next ones don't need real OpenSSL type, for OpenSSH compat only */
 WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx);
@@ -244,6 +247,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
 
 #define EVP_PKEY_get1_RSA   wolfSSL_EVP_PKEY_get1_RSA
 #define EVP_PKEY_get1_DSA   wolfSSL_EVP_PKEY_get1_DSA
+#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
+
 
 #ifndef EVP_MAX_MD_SIZE
     #define EVP_MAX_MD_SIZE   64     /* sha512 */

wolfssl/openssl/include.am

@@ -11,6 +11,7 @@ nobase_include_HEADERS+= \
                          wolfssl/openssl/dh.h \
                          wolfssl/openssl/dsa.h \
                          wolfssl/openssl/ecdsa.h \
+                         wolfssl/openssl/ecdh.h \
                          wolfssl/openssl/ec.h \
                          wolfssl/openssl/engine.h \
                          wolfssl/openssl/err.h \

wolfssl/openssl/opensslv.h

@@ -5,7 +5,7 @@
 
 
 /* api version compatibility */
-#define OPENSSL_VERSION_NUMBER 0x0090410fL
+#define OPENSSL_VERSION_NUMBER 0x0090810fL
 
 
 #endif /* header */

wolfssl/openssl/pem.h

@@ -14,23 +14,70 @@
 #endif
 
 
-WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
+WOLFSSL_API int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
+												   const EVP_CIPHER* cipher,
+												   unsigned char* passwd, int len,
+												   pem_password_cb cb, void* arg);
+
+WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
 	                                  const EVP_CIPHER* cipher,
 	                                  unsigned char* passwd, int len,
 	                                  pem_password_cb cb, void* arg);
 
-WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, DSA* rsa,
+WOLFSSL_API int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa, const EVP_CIPHER *enc,
+												unsigned char *kstr, int klen,
+												pem_password_cb *cb, void *u);
+
+WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa,
 	                                  const EVP_CIPHER* cipher,
 	                                  unsigned char* passwd, int len,
 	                                  pem_password_cb cb, void* arg);
 
+WOLFSSL_API int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa, const EVP_CIPHER *enc,
+											unsigned char *kstr, int klen,
+											pem_password_cb *cb, void *u);
+
 WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
-                        WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg); 
+                        WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg);
 
+WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
+
+WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+													  pem_password_cb *cb, void *u);
+
+WOLFSSL_API WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
+													   pem_password_cb *cb, void *u);
+
+WOLFSSL_API int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
+
+WOLFSSL_API int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
+
+WOLFSSL_API int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
+
+WOLFSSL_API int wolfSSL_PEM_write_buf_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
+												unsigned char* passwd, int len,
+													byte **pem, int *plen);
+
+WOLFSSL_API int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
+WOLFSSL_API int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key, const EVP_CIPHER *enc,
+														unsigned char *kstr, int klen,
+														pem_password_cb *cb, void *u);
+
+#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
 #define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
+#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
 #define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
+#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
 #define PEM_read_bio_PrivateKey     wolfSSL_PEM_read_bio_PrivateKey
-
+#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
+#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
+#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
+#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
+#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
+#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
+#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
+#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
+#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
 
 #ifdef __cplusplus
     }  /* extern "C" */ 

wolfssl/openssl/ssl.h

@@ -58,6 +58,10 @@ typedef WOLFSSL_X509_CHAIN X509_CHAIN;
 typedef WOLFSSL_EVP_PKEY       EVP_PKEY;
 typedef WOLFSSL_RSA            RSA;
 typedef WOLFSSL_DSA            DSA;
+typedef WOLFSSL_EC_KEY         EC_KEY;
+typedef WOLFSSL_EC_GROUP       EC_GROUP;
+typedef WOLFSSL_EC_POINT       EC_POINT;
+typedef WOLFSSL_ECDSA_SIG	   ECDSA_SIG;
 typedef WOLFSSL_BIO            BIO;
 typedef WOLFSSL_BIO_METHOD     BIO_METHOD;
 typedef WOLFSSL_CIPHER         SSL_CIPHER;

wolfssl/ssl.h

@@ -76,6 +76,10 @@ typedef struct WOLFSSL_SOCKADDR     WOLFSSL_SOCKADDR;
 
 typedef struct WOLFSSL_RSA            WOLFSSL_RSA;
 typedef struct WOLFSSL_DSA            WOLFSSL_DSA;
+typedef struct WOLFSSL_EC_KEY         WOLFSSL_EC_KEY;
+typedef struct WOLFSSL_EC_POINT       WOLFSSL_EC_POINT;
+typedef struct WOLFSSL_EC_GROUP       WOLFSSL_EC_GROUP;
+typedef struct WOLFSSL_ECDSA_SIG      WOLFSSL_ECDSA_SIG;
 typedef struct WOLFSSL_CIPHER         WOLFSSL_CIPHER;
 typedef struct WOLFSSL_X509_LOOKUP    WOLFSSL_X509_LOOKUP;
 typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;

wolfssl/wolfcrypt/asn.h

@@ -145,6 +145,7 @@ enum Misc_ASN {
     KEYID_SIZE          = SHA_DIGEST_SIZE,
 #endif
     RSA_INTS            =   8,     /* RSA ints in private key */
+	DSA_INTS            =   5,     /* DSA ints in private key */
     MIN_DATE_SIZE       =  13,
     MAX_DATE_SIZE       =  32,
     ASN_GEN_TIME_SZ     =  15,     /* 7 numbers * 2 + Zulu tag */

wolfssl/wolfcrypt/asn_public.h

@@ -43,7 +43,10 @@ enum CertType {
     CRL_TYPE,
     CA_TYPE,
     ECC_PRIVATEKEY_TYPE,
-    CERTREQ_TYPE
+    CERTREQ_TYPE,
+	DSA_TYPE,
+	ECC_TYPE,
+	RSA_TYPE
 };
 
 

wolfssl/wolfcrypt/dsa.h

@@ -36,6 +36,7 @@
 #define DsaVerify wc_DsaVerify
 #define DsaPublicKeyDecode wc_DsaPublicKeyDecode
 #define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode
+#define DsaKeyToDer wc_DsaKeyToDer
 
 #ifdef __cplusplus
     extern "C" {
@@ -66,6 +67,8 @@ WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKe
 WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
                                    word32);
 
+WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
+
 #ifdef __cplusplus
     } /* extern "C" */
 #endif

wolfssl/wolfcrypt/ecc.h

@@ -47,6 +47,7 @@ enum {
 /* ECC set type defined a NIST GF(p) curve */
 typedef struct {
     int size;       /* The size of the curve in octets */
+	int nid;			  /* id of this curve */
     const char* name;     /* name of this curve */
     const char* prime;    /* prime that defines the field, curve is in (hex) */
     const char* Af;       /* fields A param (hex) */
@@ -140,18 +141,38 @@ WOLFSSL_API
 int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
                       word32* outlen);
 WOLFSSL_API
-int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, 
+int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point, byte* out, word32 *outlen);
-                  RNG* rng, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
+					 RNG* rng, ecc_key* key);
+WOLFSSL_API
+int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
+						ecc_key* key, mp_int *r, mp_int *s);
 WOLFSSL_API
 int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
                     word32 hashlen, int* stat, ecc_key* key);
 WOLFSSL_API
+int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
+						  word32 hashlen, int* stat, ecc_key* key);
+WOLFSSL_API
 int wc_ecc_init(ecc_key* key);
 WOLFSSL_API
 void wc_ecc_free(ecc_key* key);
 WOLFSSL_API
 void wc_ecc_fp_free(void);
 
+WOLFSSL_API
+ecc_point* ecc_new_point(void);
+WOLFSSL_API
+void ecc_del_point(ecc_point* p);
+WOLFSSL_API
+int ecc_copy_point(ecc_point* p, ecc_point *r);
+WOLFSSL_API
+int ecc_cmp_point(ecc_point* a, ecc_point *b);
+WOLFSSL_API
+int ecc_point_is_at_infinity(ecc_point *p);
+WOLFSSL_API
+int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, int map);
 
 /* ASN key helpers */
 WOLFSSL_API
@@ -173,6 +194,10 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
 WOLFSSL_API
 int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
 
+WOLFSSL_API
+int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, word32* outLen);
+int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, ecc_point* point);
+
 /* size helper */
 WOLFSSL_API
 int wc_ecc_size(ecc_key* key);

wolfssl/wolfcrypt/integer.h

@@ -140,7 +140,8 @@ extern "C" {
 #define MP_OKAY       0   /* ok result */
 #define MP_MEM        -2  /* out of mem */
 #define MP_VAL        -3  /* invalid input */
-#define MP_RANGE      MP_VAL
+#define MP_NOT_INF	  -4  /* point not at infinity */
+#define MP_RANGE      MP_NOT_INF
 
 #define MP_YES        1   /* yes response */
 #define MP_NO         0   /* no response */
@@ -250,6 +251,7 @@ int  mp_cmp_mag (mp_int * a, mp_int * b);
 int  mp_cmp (mp_int * a, mp_int * b);
 int  mp_cmp_d(mp_int * a, mp_digit b);
 void mp_set (mp_int * a, mp_digit b);
+int  mp_is_bit_set (mp_int * a, mp_digit b);
 int  mp_mod (mp_int * a, mp_int * b, mp_int * c);
 int  mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
 int  mp_div_2(mp_int * a, mp_int * b);
@@ -287,6 +289,7 @@ int  mp_sqr (mp_int * a, mp_int * b);
 int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
 int  mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
 int  mp_2expt (mp_int * a, int b);
+int  mp_set_bit (mp_int * a, int b);
 int  mp_reduce_2k_setup(mp_int *a, mp_digit *d);
 int  mp_add_d (mp_int* a, mp_digit b, mp_int* c);
 int mp_set_int (mp_int * a, unsigned long b);
@@ -296,6 +299,8 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
 /* added */
 int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
                   mp_int* f);
+int mp_toradix (mp_int *a, char *str, int radix);
+int mp_radix_size (mp_int * a, int radix, int *size);
 
 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
     int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);

wolfssl/wolfcrypt/tfm.h

@@ -234,6 +234,10 @@
  *
  * It defaults to 4096-bits [allowing multiplications upto 2048x2048 bits ]
  */
+
+/* For DH with 3072 bits key size */
+//#define FP_MAX_BITS		  32768
+
 #ifndef FP_MAX_BITS
     #define FP_MAX_BITS           4096
 #endif
@@ -258,6 +262,7 @@
 #define FP_OKAY     0
 #define FP_VAL      1
 #define FP_MEM      2
+#define FP_NOT_INF	3
 
 /* equalities */
 #define FP_LT        -1   /* less than */
@@ -344,7 +349,7 @@ typedef struct {
 /* #define TFM_PRESCOTT */
 
 /* Do we want timing resistant fp_exptmod() ?
- * This makes it slower but also timing invariant with respect to the exponent 
+ * This makes it slower but also timing invariant with respect to the exponent
  */
 /* #define TFM_TIMING_RESISTANT */
 
@@ -372,6 +377,9 @@ typedef struct {
 /* set to a small digit */
 void fp_set(fp_int *a, fp_digit b);
 
+/* check if a bit is set */
+int fp_is_bit_set(fp_int *a, fp_digit b);
+
 /* copy from a to b */
 #ifndef ALT_ECC_SIZE
     #define fp_copy(a, b)  (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0)
@@ -645,6 +653,7 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
     #define MP_EQ   FP_EQ   /* equal to     */
     #define MP_GT   FP_GT   /* greater than */
     #define MP_VAL  FP_VAL  /* invalid */
+	#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
     #define MP_OKAY FP_OKAY /* ok result    */
     #define MP_NO   FP_NO   /* yes/no result */
     #define MP_YES  FP_YES  /* yes/no result */
@@ -665,6 +674,8 @@ int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
 int  mp_mod(mp_int *a, mp_int *b, mp_int *c);
 int  mp_invmod(mp_int *a, mp_int *b, mp_int *c);
 int  mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
+int  mp_mul_2d(mp_int *a, int b, mp_int *c);
+
 
 int  mp_cmp(mp_int *a, mp_int *b);
 int  mp_cmp_d(mp_int *a, mp_digit b);
@@ -680,7 +691,10 @@ int  mp_iszero(mp_int* a);
 int  mp_count_bits(mp_int *a);
 int  mp_leading_bit(mp_int *a);
 int  mp_set_int(fp_int *a, fp_digit b);
+int  mp_is_bit_set (fp_int * a, fp_digit b);
 void mp_rshb(mp_int *a, int x);
+int mp_toradix (mp_int *a, char *str, int radix);
+int mp_radix_size (mp_int * a, int radix, int *size);
 
 #ifdef HAVE_ECC
     int mp_read_radix(mp_int* a, const char* str, int radix);