add SetIssuer and SetSubject from buffers

Updates to autoconf

.gitignore

@@ -0,0 +1,45 @@
+*.lo
+*.la
+*.o
+*.deps
+*.libs
+*.cache
+.dirstamp
+*.user
+config*
+*Debug/
+ctc_config*
+stamp*
+libtool.m4
+aclocal.m4
+lt*.m4
+INSTALL
+Makefile.in
+Makefile
+depcomp
+missing
+libtool
+tags
+ctaocrypt/benchmark/benchmark
+ctaocrypt/test
+examples/client/client
+examples/echoclient/echoclient
+examples/echoserver/echoserver
+examples/server/server
+snifftest
+output
+testsuite/testsuite
+testsuite/*.der
+testsuite/*.pem
+testsuite/*.raw
+diff
+sslSniffer/sslSnifferTest/tracefile.txt
+*.gz
+*.zip
+*.bak
+*.dummy
+compile
+NTRU_algorithm/
+build-test/
+build/
+cyassl.xcodeproj/

INSTALL

@@ -1,234 +0,0 @@
-Installation Instructions
-*************************
-
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
-2006 Free Software Foundation, Inc.
-
-This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-Basic Installation
-==================
-
-Briefly, the shell commands `./configure; make; make install' should
-configure, build, and install this package.  The following
-more-detailed instructions are generic; see the `README' file for
-instructions specific to this package.
-
-   The `configure' shell script attempts to guess correct values for
-various system-dependent variables used during compilation.  It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions.  Finally, it creates a shell script `config.status' that
-you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
-
-   It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring.  Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.
-
-   If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
-be considered for the next release.  If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
-may remove or edit it.
-
-   The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'.  You need `configure.ac' if
-you want to change it or regenerate `configure' using a newer version
-of `autoconf'.
-
-The simplest way to compile this package is:
-
-  1. `cd' to the directory containing the package's source code and type
-     `./configure' to configure the package for your system.
-
-     Running `configure' might take a while.  While running, it prints
-     some messages telling which features it is checking for.
-
-  2. Type `make' to compile the package.
-
-  3. Optionally, type `make check' to run any self-tests that come with
-     the package.
-
-  4. Type `make install' to install the programs and any data files and
-     documentation.
-
-  5. You can remove the program binaries and object files from the
-     source code directory by typing `make clean'.  To also remove the
-     files that `configure' created (so you can compile the package for
-     a different kind of computer), type `make distclean'.  There is
-     also a `make maintainer-clean' target, but that is intended mainly
-     for the package's developers.  If you use it, you may have to get
-     all sorts of other programs in order to regenerate files that came
-     with the distribution.
-
-Compilers and Options
-=====================
-
-Some systems require unusual options for compilation or linking that the
-`configure' script does not know about.  Run `./configure --help' for
-details on some of the pertinent environment variables.
-
-   You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment.  Here
-is an example:
-
-     ./configure CC=c99 CFLAGS=-g LIBS=-lposix
-
-   *Note Defining Variables::, for more details.
-
-Compiling For Multiple Architectures
-====================================
-
-You can compile the package for more than one kind of computer at the
-same time, by placing the object files for each architecture in their
-own directory.  To do this, you can use GNU `make'.  `cd' to the
-directory where you want the object files and executables to go and run
-the `configure' script.  `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
-
-   With a non-GNU `make', it is safer to compile the package for one
-architecture at a time in the source code directory.  After you have
-installed the package for one architecture, use `make distclean' before
-reconfiguring for another architecture.
-
-Installation Names
-==================
-
-By default, `make install' installs the package's commands under
-`/usr/local/bin', include files under `/usr/local/include', etc.  You
-can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX'.
-
-   You can specify separate installation prefixes for
-architecture-specific files and architecture-independent files.  If you
-pass the option `--exec-prefix=PREFIX' to `configure', the package uses
-PREFIX as the prefix for installing programs and libraries.
-Documentation and other data files still use the regular prefix.
-
-   In addition, if you use an unusual directory layout you can give
-options like `--bindir=DIR' to specify different values for particular
-kinds of files.  Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
-
-   If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
-Optional Features
-=================
-
-Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System).  The
-`README' should mention any `--enable-' and `--with-' options that the
-package recognizes.
-
-   For packages that use the X Window System, `configure' can usually
-find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
-
-Specifying the System Type
-==========================
-
-There may be some features `configure' cannot figure out automatically,
-but needs to determine by the type of machine the package will run on.
-Usually, assuming the package is built to be run on the _same_
-architectures, `configure' can figure that out, but if it prints a
-message saying it cannot guess the machine type, give it the
-`--build=TYPE' option.  TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
-
-     CPU-COMPANY-SYSTEM
-
-where SYSTEM can have one of these forms:
-
-     OS KERNEL-OS
-
-   See the file `config.sub' for the possible values of each field.  If
-`config.sub' isn't included in this package, then this package doesn't
-need to know the machine type.
-
-   If you are _building_ compiler tools for cross-compiling, you should
-use the option `--target=TYPE' to select the type of system they will
-produce code for.
-
-   If you want to _use_ a cross compiler, that generates code for a
-platform different from the build platform, you should specify the
-"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
-
-Sharing Defaults
-================
-
-If you want to set default values for `configure' scripts to share, you
-can create a site shell script called `config.site' that gives default
-values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists.  Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
-
-Defining Variables
-==================
-
-Variables not defined in a site shell script can be set in the
-environment passed to `configure'.  However, some packages may run
-configure again during the build, and the customized values of these
-variables may be lost.  In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'.  For example:
-
-     ./configure CC=/usr/local2/bin/gcc
-
-causes the specified `gcc' to be used as the C compiler (unless it is
-overridden in the site shell script).
-
-Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf bug.  Until the bug is fixed you can use this workaround:
-
-     CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
-
-`configure' Invocation
-======================
-
-`configure' recognizes the following options to control how it operates.
-
-`--help'
-`-h'
-     Print a summary of the options to `configure', and exit.
-
-`--version'
-`-V'
-     Print the version of Autoconf used to generate the `configure'
-     script, and exit.
-
-`--cache-file=FILE'
-     Enable the cache: use and save the results of the tests in FILE,
-     traditionally `config.cache'.  FILE defaults to `/dev/null' to
-     disable caching.
-
-`--config-cache'
-`-C'
-     Alias for `--cache-file=config.cache'.
-
-`--quiet'
-`--silent'
-`-q'
-     Do not print messages saying which checks are being made.  To
-     suppress all normal output, redirect it to `/dev/null' (any error
-     messages will still be shown).
-
-`--srcdir=DIR'
-     Look for the package's source code in directory DIR.  Usually
-     `configure' can determine that directory automatically.
-
-`configure' also accepts some other, not widely useful, options.  Run
-`configure --help' for more details.
-

Makefile.am

@@ -1,14 +1,38 @@
-SUBDIRS = src ctaocrypt examples testsuite sslSniffer
 EXTRA_DIST = certs/*.pem certs/*.der certs/*.txt certs/*.raw \
     lib/dummy *.sln *.vcproj cyassl-iphone.xcodeproj/project.pbxproj \
-    doc/*.pdf swig/README swig/*.i swig/cyassl_adds.c swig/*.sh swig/runme.* \
+    doc/*.txt swig/README swig/*.i swig/cyassl_adds.c swig/*.sh swig/runme.* \
     swig/python_cyassl.vcproj swig/rsasign.py
 
 ACLOCAL_AMFLAGS = -I m4
 
+include src/include.am
+include ctaocrypt/test/include.am
+include ctaocrypt/benchmark/include.am
+include examples/client/include.am
+include examples/server/include.am
+include examples/echoclient/include.am
+include examples/echoserver/include.am
+include testsuite/include.am
+include sslSniffer/sslSnifferTest/include.am
+
+
 # !!!! first line of rule has to start with a hard (real) tab, not spaces
 basic:
-	cd src; $(MAKE); cd ../testsuite; $(MAKE); cd ../
+	$(MAKE) src/libcyassl.la; \
+	$(MAKE) testsuite/testsuite; \
+    cd testsuite; \
+    ./testsuite; \
+    cd ../;
+
+egs:
+	$(MAKE) examples/client/client; \
+	$(MAKE) examples/echoclient/echoclient;\
+	$(MAKE) examples/server/server; \
+	$(MAKE) examples/echoserver/echoserver;
+
+ctc:
+	$(MAKE) ctaocrypt/test/test; \
+	$(MAKE) ctaocrypt/benchmark/benchmark; 
 
 openssl-links:
 	cd lib; ln -s ../src/.libs/libcyassl.a libcrypto.a; \
@@ -18,9 +42,13 @@ openssl-links:
 #  !!! test -e with a .name like .libs then a * like *dylib fails so just
 #      look for the .dylib on OS X, and .so otherwise but copy all parts
 install:
-	$(mkinstalldirs) $(DESTDIR)$(includedir) $(DESTDIR)$(libdir); \
-    cp -fpR include/* $(DESTDIR)$(includedir); \
-    cp -fpR ctaocrypt/include/* $(DESTDIR)$(includedir); \
+	$(mkinstalldirs) $(DESTDIR)$(includedir)/openssl $(DESTDIR)$(libdir); \
+    cp -fpR include/openssl/* $(DESTDIR)$(includedir)/openssl; \
+    cp -fpR ctaocrypt/include/*.h $(DESTDIR)$(includedir); \
+    rm $(DESTDIR)$(includedir)/ctc_asn.h; \
+    rm $(DESTDIR)$(includedir)/ctc_coding.h; \
+    rm $(DESTDIR)$(includedir)/ctc_error.h; \
+    rm $(DESTDIR)$(includedir)/ctc_misc.h; \
     cp -fpR src/libcyassl.la $(DESTDIR)$(libdir); \
     if test -e src/.libs/libcyassl.a; then \
     cp -fp src/.libs/libcyassl.a $(DESTDIR)$(libdir); fi; \

README

@@ -13,7 +13,71 @@ before calling SSL_new();  Though it's not recommended.
 
 *** end Note ***
 
-CyaSSL Release 1.8.0 (12/23/2010)
+CyaSSL Release 2.0.0rc2 (6/6/2011)
+
+Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including:
+- bug fixes (Alerts, DTLS with DHE)
+- FreeRTOS support
+- lwIP support
+- Wshadow warnings removed
+- asn public header
+- CTaoCrypt public headers now all have ctc_ prefix (the manual is still being
+        updated to relfect this change)
+- and more.
+
+This is the 2nd and perhaps final release candidate for version 2.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+***********CyaSSL Release 2.0.0rc1 (5/2/2011)
+
+Release 2.0.0rc1 for CyaSSL has many new features including:
+- bug fixes
+- SHA-256 cipher suites 
+- Root Certificate Verification (instead of needing all certs in the chain) 
+- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 
+- Serial number retrieval for x509 
+- PBKDF2 and PKCS #12 PBKDF 
+- UID parsing for x509 
+- SHA-256 certificate signatures 
+- Client and server can send chains (SSL_CTX_use_certificate_chain_file) 
+- CA loading can now parse multiple certificates per file
+- Dynamic memory runtime hooks
+- Runtime hooks for logging
+- EDH on server side
+- More informative error codes
+- More informative logging messages
+- Version downgrade more robust (use SSL_v23*)
+- Shared build only by default through ./configure
+- Compiler visibility is now used, internal functions not polluting namespace
+- Single Makefile, no recursion, for faster and simpler building
+- Turn on all warnings possible build option, warning fixes
+- and more.
+
+Because of all the new features and the multiple OS, compiler, feature-set
+options that CyaSSL allows, there may be some configuration fixes needed.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+****************** CyaSSL Release 1.9.0 (3/2/2011)
+
+Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and
+better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server,
+improper AES key setup detection, user cert verify callback improvements, and
+more.
+
+The CyaSSL manual offering is included in the doc/ directory.  For build
+instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@yassl.com.
+
+****************** CyaSSL Release 1.8.0 (12/23/2010)
 
 Release 1.8.0 for CyaSSL adds bug fixes, x509 v3 CA signed certificate
 generation, a C standard library abstraction layer, lower memory use, increased

autogen.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# Create configure and makefile stuff...
+#
+
+set -e
+
+autoreconf -ivf
+aclocal -I m4
+autoheader
+autoconf
+automake --add-missing --copy

certs/server-cert.pem

@@ -37,3 +37,59 @@ Kp5+VqW2h58VxxhmfhZ34qcCAwEAATANBgkqhkiG9w0BAQQFAANBAFipmOcWUkxA
 5+FHkhkbOo+XbHu3sMsgba2100dY2OTyPjLp74d35VQ29I1QjQe0d0XqnaQzNpsL
 4HRYEcUBe00=
 -----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            8a:37:22:65:73:f5:aa:e8
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+        Validity
+            Not Before: Jun 30 18:47:10 2010 GMT
+            Not After : Mar 26 18:47:10 2013 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:97:30:b9:1a:92:ef:25:4f:ca:4c:11:31:95:1a:
+                    e1:c0:10:19:0a:20:b9:37:80:1a:57:38:02:4e:1b:
+                    c5:0f:28:4f:da:e3:c9:16:aa:50:bd:4a:fb:b7:71:
+                    c7:35:cc:63:81:c1:dd:9d:33:f9:38:16:88:32:a0:
+                    aa:56:23:03:a3
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
+            X509v3 Authority Key Identifier: 
+                keyid:3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
+                DirName:/C=US/ST=Montana/L=Bozeman/O=sawtooth/OU=consulting/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+                serial:8A:37:22:65:73:F5:AA:E8
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        32:65:a2:b1:dc:6d:e0:8d:8b:c8:58:29:8e:b8:18:4b:62:88:
+        13:67:f8:6c:75:46:75:8f:8a:19:a6:a3:d5:3c:fc:57:4e:7a:
+        68:a9:fc:93:dc:ae:29:7d:bb:4e:ec:ea:55:fa:a4:e3:00:61:
+        f4:b0:34:6d:d1:d5:a4:64:24:f8
+-----BEGIN CERTIFICATE-----
+MIIDQDCCAuqgAwIBAgIJAIo3ImVz9aroMA0GCSqGSIb3DQEBBAUAMIGeMQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
+A1UEChMIc2F3dG9vdGgxEzARBgNVBAsTCmNvbnN1bHRpbmcxJDAiBgNVBAMTG3d3
+dy5zYXd0b290aC1jb25zdWx0aW5nLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5
+YXNzbC5jb20wHhcNMTAwNjMwMTg0NzEwWhcNMTMwMzI2MTg0NzEwWjCBnjELMAkG
+A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
+BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
+d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
+eWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJcwuRqS7yVPykwRMZUa
+4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaqUL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYj
+A6MCAwEAAaOCAQcwggEDMB0GA1UdDgQWBBQ7Zv2gQMb04nDPIRoMT2f+t0tCCTCB
+0wYDVR0jBIHLMIHIgBQ7Zv2gQMb04nDPIRoMT2f+t0tCCaGBpKSBoTCBnjELMAkG
+A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
+BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
+d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
+eWFzc2wuY29tggkAijciZXP1qugwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
+AANBADJlorHcbeCNi8hYKY64GEtiiBNn+Gx1RnWPihmmo9U8/FdOemip/JPcril9
+u07s6lX6pOMAYfSwNG3R1aRkJPg=
+-----END CERTIFICATE-----

certs/server-keyPkcs8Enc.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBgTAbBgkqhkiG9w0BBQMwDgQIMbn/uK6tvZcCAggABIIBYK9oQl9uOmp/LC3j
+VxEoo+imbDLwS+ybpjbvcnfyWja4TRpRdCHCB/PLHRmVGCf/pBMG8UkobxbVbjpg
+DE5Mr69rOVOreNVIBkfAt0B8PgmLPRdKXtp6Y8IJ85R9Aic1g1+s5XeBcvEZRUHm
+ZvKd+oV4y8OUpnZkAZdN4In/8ZvWEfZf6ZPplGbcmoqM7eoLrCCiJ1zLvTt3CPm5
+yi/F8jJxPYM2iNj86y9hlpwk4lS+TvdAwmO/RGQQWverEQmX9MPob23s5ouBdHe5
+7TnBldo/Hq6YVtBYHuvOlx99kaMuumhYdhRONRnWbXedqymaMMG0xA4RgCljv0ud
+JrWK1YNGB7gl7/ANoqyy4ZODBUoH33qDR0NzkqwGXMIexlUZIjbwMmUPZZ/XBqMB
+tEDrOxAnauE12K3DbfviE40Py8uloXiZf94RnPWbttGp874EOpyiEYjUooo3ii6G
+jscqox0=
+-----END ENCRYPTED PRIVATE KEY-----

certs/server-keyPkcs8Enc12.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBgjAcBgoqhkiG9w0BDAEDMA4ECDkwZMQEXsc8AgIIAASCAWAswojJ2ac33Tak
+A8ol6daT+VLEtVwgh9AMO8NE/2xvPZFd3758j/9136k/dsci59ZbvnAVnOURf8Sa
+MW0jaE+JnrnEdGDZAuODONGCtKdBx3fntHw6qRYIY0t7yhLCCRdeoVH6XK60JUtS
+vzi+Hitvg5ObzV1RpiockVCxGJDAizDrXMgQO7N7doeb9fypoBx5IFgLztWONFAg
+A9rQrd5CnkgEbOygRYMduv6fX+uEXWrHEB3vDI6HY5k+VHjx2XLGmNOH1goiv+9p
+DA4n4YpN45xRQUDKmx2T6kyULnMoG7Tf/le2qtJ2nja7697yk8zeEkZnR+UD2IXh
+/A5eyhAquiM5qDbbV46ydOh2Aji6vI8E8/ZnYk2SJ2/VVlNro/tL0XELYdjBBFnI
+SfEtCp1QWWtQdCAPipWzgmsEHKkk4ihmHQqTjmoJ0Pl9XbhxvqHUUrKdHXVJtksZ
+TmvgXItk
+-----END ENCRYPTED PRIVATE KEY-----

certs/server-keyPkcs8Enc2.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIBI6Zodac3rQCAggA
+MBQGCCqGSIb3DQMHBAjJZP0y7jYpRwSCAWDKV70/DSueiztJHeMKow93Fd/KXDpU
+PGTtlz+lfmOUcGTTt5PwSI2rjHX+QeFTCeb2j9bekcWcaW2iIO8FDRJm1djdKVh0
+mO2kAxM0W2s+GoR7T6ByQSrqKp2NL6Ug/B6od2xZ6/0tvcB4Ig+10ljL3/pT3T9M
+EYCQ5gjaGhPlJIZhFIwmh6x+Pz+d2bkmXObasKEhwRMhJU9GYhKhWB2fOfl8zWlb
+tIDcWBf2rCZUfk3LFx/FrV0NOIY5Jmpm/xQt2gdBIos9LNV16HQOqHkhPBhGXP9D
+WZGTrpxgClpZhCUJ+LvqZbAp1dXbfrrElrux0y2zmSGxWP9z8cmfC1SHgBIxcD36
+CymYSD0s1hPMH4sFoCM6uyEFfK5KwRpYc3IKfEzvkk9+ZTBYpryzJNDqR1Xpfklp
+19m2qz9aJjkIgV4afydQWHYEKVm5IS/PcRVl0ZWkgxJXNHRmLd7HWysS
+-----END ENCRYPTED PRIVATE KEY-----

certs/taoCert.txt

@@ -69,6 +69,13 @@ openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub
 openssl pkcs8 -nocrypt -topk8 -in server-key.pem -out server-keyPkcs8.pem
 
 
+**** To convert to pkcs8 encrypted *******
+
+openssl pkcs8 -topk8 -in server-key.pem -out server-keyPkcs8Enc.pem
+
+passwd: yassl123
+
+
 **** To convert from pkcs8 to traditional ****
 
 openssl pkcs8 -nocrypt -in server-keyPkcs8.pem -out server-key.pem

configure.ac

@@ -1,23 +1,45 @@
-AC_INIT
-AC_CANONICAL_SYSTEM
-AM_INIT_AUTOMAKE(cyassl,1.8.8)
-AM_CONFIG_HEADER(ctaocrypt/include/config.h)
+# configure.ac
+#
+# Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+#
+# This file is part of CyaSSL.
+#
+#
 
-
-#dnl Include m4
-#sinclude(lib_socket_nsl.m4)
-#sinclude(acx_pthread.m4)
+AC_INIT(cyassl,2.0.0rc2,http://www.yassl.com)    # !!! also change in ssl.h !!!
+AC_CONFIG_AUX_DIR(config)
+AM_CONFIG_HEADER(ctaocrypt/include/ctc_config.h)
 AC_CONFIG_MACRO_DIR([m4])
+AC_CANONICAL_SYSTEM
+
+AM_INIT_AUTOMAKE(subdir-objects)
+
+#shared library versioning
+CYASSL_LIBRARY_VERSION=2:1:0
+#                      | | |
+#               +------+ | +---+
+#               |        |     |
+#              current:revision:age
+#               |        |     |
+#               |        |     +- increment if interfaces have been added
+#               |        |        set to zero if interfaces have been removed
+#                        |        or changed
+#               |        +- increment if source code has changed
+#               |           set to zero if current is incremented
+#               +- increment if interfaces have been added, removed or changed
+AC_SUBST(CYASSL_LIBRARY_VERSION)
 
 
 # make sure configure doesn't add to CFLAGS
 CFLAGS="$CFLAGS $C_EXTRA_FLAGS"    
 
 AC_PROG_CC
+AM_PROG_CC_C_O
 AC_PROG_CC_C_O
 AM_PROG_AS
 AC_PROG_INSTALL
 AC_LIBTOOL_WIN32_DLL
+AC_DISABLE_STATIC
 AC_PROG_LIBTOOL
 
 AC_PREFIX_DEFAULT(/usr/local/cyassl)
@@ -32,6 +54,7 @@ AC_CHECK_LIBM
 
 AC_CHECK_HEADERS(errno.h)
 
+
 OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
 OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer"
 OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET"
@@ -66,7 +89,7 @@ then
   # if you only want server or client you can define NO_CYASSL_SERVER or
   # NO_CYASSL_CLIENT but then some of the examples and testsuite won't build
   # note that TLS needs HMAC
-  CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_HC128 -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH $CFLAGS"
+  CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_HC128 -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH -DNO_PWDBASED $CFLAGS" 
 fi
 
 
@@ -105,6 +128,11 @@ then
   CFLAGS="-DOPENSSL_EXTRA $CFLAGS"
 fi
 
+if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([can't enable small and opensslExtra, only one or the other.]) 
+fi
+
 
 # IPv6 Test Apps
 AC_ARG_ENABLE(ipv6,
@@ -121,7 +149,7 @@ fi
 
 # fastmath
 AC_ARG_ENABLE(fastmath,
-    [  --enable-fastmath       Enable fast math for BigInts(default: disabled)],
+    [  --enable-fastmath       Enable fast math for BigInts (default: disabled)],
     [ ENABLED_FASTMATH=$enableval ],
     [ ENABLED_FASTMATH=no ]
     )
@@ -134,7 +162,7 @@ fi
 
 # fast HUGE math
 AC_ARG_ENABLE(fasthugemath,
-    [  --enable-fasthugemath   Enable fast math + huge code for BigInts(def: off)],
+    [  --enable-fasthugemath   Enable fast math + huge code (default: disabled)],
     [ ENABLED_FASTHUGEMATH=$enableval ],
     [ ENABLED_FASTHUGEMATH=no ]
     )
@@ -305,6 +333,47 @@ then
 fi
 
 
+# Web Server Build 
+AC_ARG_ENABLE(webServer,
+    [  --enable-webServer      Enable Web Server (default: disabled)],
+    [ ENABLED_WEBSERVER=$enableval ],
+    [ ENABLED_WEBSERVER=no ]
+    )
+
+if test "$ENABLED_WEBSERVER" = "yes"
+then
+    CFLAGS="$CFLAGS -DHAVE_WEBSERVER"
+fi
+
+
+# No Filesystem Build 
+AC_ARG_ENABLE(noFilesystem,
+    [  --enable-noFilesystem   Enable No Filesystem (default: disabled)],
+    [ ENABLED_NOFILESYSTEM=$enableval ],
+    [ ENABLED_NOFILESYSTEM=no ]
+    )
+
+if test "$ENABLED_NOFILESYSTEM" = "yes"
+then
+    CFLAGS="$CFLAGS -DNO_FILESYSTEM"
+fi
+
+
+# No inline Build 
+AC_ARG_ENABLE(noInline,
+    [  --enable-noInline       Enable No inline (default: disabled)],
+    [ ENABLED_NOINLINE=$enableval ],
+    [ ENABLED_NOINLINE=no ]
+    )
+
+if test "$ENABLED_NOINLINE" = "yes"
+then
+    CFLAGS="$CFLAGS -DNO_INLINE"
+fi
+
+AM_CONDITIONAL([BUILD_NOINLINE], [test "x$ENABLED_NOINLINE" = "xyes"])
+
+
 # ECC 
 AC_ARG_ENABLE(ecc,
     [  --enable-ecc            Enable ECC (default: disabled)],
@@ -320,6 +389,12 @@ fi
 AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
 
 
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([can't enable ecc and small, ecc requires TLS which small turns off.]) 
+fi
+
+
 # NTRU
 ntruHome=`pwd`/NTRU_algorithm
 ntruInclude=$ntruHome/cryptolib
@@ -339,6 +414,24 @@ fi
 
 AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
 
+if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([can't enable ntru and small, ntru requires TLS which small turns off.]) 
+fi
+
+
+# Test certs, use internal cert functions for extra testing 
+AC_ARG_ENABLE(testcert,
+    [  --enable-testcert       Enable Test Cert (default: disabled)],
+    [ ENABLED_TESTCERT=$enableval ],
+    [ ENABLED_TESTCERT=no ]
+    )
+
+if test "$ENABLED_TESTCERT" = "yes"
+then
+    CFLAGS="$CFLAGS -DCYASSL_TEST_CERT"
+fi
+
 
 # LIBZ
 trylibzdir=""
@@ -349,7 +442,7 @@ AC_ARG_WITH(libz,
         CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
         LIBS="$LIBS -lz"
 
-        AC_TRY_LINK([#include <zlib.h>], [ deflateInit(NULL, 8); ],
+        AC_TRY_LINK([#include <zlib.h>], [ deflateInit(0, 8); ],
             [ libz_linked=yes ], [ libz_linked=no ])
 
         if test "x$libz_linked" == "xno" ; then
@@ -363,7 +456,7 @@ AC_ARG_WITH(libz,
             LDFLAGS="$LDFLAGS -L$trylibzdir/lib"
             CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
 
-            AC_TRY_LINK([#include <zlib.h>], [ deflateInit(NULL, 8); ],
+            AC_TRY_LINK([#include <zlib.h>], [ deflateInit(0, 8); ],
                 [ libz_linked=yes ], [ libz_linked=no ])
 
             if test "x$libz_linked" == "xno" ; then
@@ -408,25 +501,51 @@ CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
 
 LIB_SOCKET_NSL
 
+dnl Various GCC warnings that should never fire for release quality code
+GCCWARNINGS="-Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef        \
+-Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes                \
+-Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment           \
+-Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls     \
+-Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self          \
+-Wmissing-field-initializers -Wdeclaration-after-statement              \
+-Wold-style-definition -Waddress -Wmissing-noreturn -Wnormalized=id     \
+-Woverride-init -Wstrict-overflow=1 -Wextra -Warray-bounds              \
+-Wstack-protector -Wformat -Wformat-security -Wpointer-sign -Wshadow    \
+-Wswitch-default"
+
+AC_ARG_ENABLE(gcc-lots-o-warnings,
+AS_HELP_STRING(--enable-gcc-lots-o-warnings, Enable lots of gcc warnings (default: disabled)),
+[if test x$enableval = xyes; then
+    CFLAGS="$CFLAGS $GCCWARNINGS"
+fi])
+
+AC_ARG_ENABLE(gcc-hardening,
+AS_HELP_STRING(--enable-gcc-hardening, Enable compiler security checks (default: disabled)),
+[if test x$enableval = xyes; then
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all"
+    CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector"
+    CFLAGS="$CFLAGS --param ssp-buffer-size=1"
+    LDFLAGS="$LDFLAGS -pie"
+fi])
+
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+AS_HELP_STRING(--enable-linker-hardening, Enable linker security fixups (default: disabled)),
+[if test x$enableval = xyes; then
+    LDFLAGS="$LDFLAGS -z relro -z now"
+fi])
+
+
+PANDORA_VISIBILITY
+CFLAGS="$CFLAGS $CFLAG_VISIBILITY"
+
 AC_SUBST(CFLAGS)
 AC_SUBST(LIBS)
 
 
 
 # FINAL
-AC_CONFIG_FILES(Makefile dnl
-        ctaocrypt/Makefile dnl
-        ctaocrypt/src/Makefile dnl
-        ctaocrypt/test/Makefile dnl
-        ctaocrypt/benchmark/Makefile dnl
-        src/Makefile dnl
-        examples/Makefile dnl
-        examples/client/Makefile dnl
-        examples/server/Makefile dnl
-        examples/echoclient/Makefile dnl
-        examples/echoserver/Makefile dnl
-        testsuite/Makefile dnl
-        sslSniffer/Makefile dnl
-        sslSniffer/sslSnifferTest/Makefile)
+AC_CONFIG_FILES([Makefile])
 AC_OUTPUT
 

ctaocrypt/Makefile.am

@@ -1,3 +0,0 @@
-SUBDIRS = src test benchmark
-EXTRA_DIST = ctaocrypt.sln ctaocrypt.vcproj
-

ctaocrypt/benchmark/Makefile.am

@@ -1,7 +0,0 @@
-INCLUDES = -I../include
-bin_PROGRAMS = benchmark
-benchmark_SOURCES = benchmark.c
-benchmark_LDFLAGS      = -L../src
-benchmark_LDADD        = ../../src/libcyassl.la
-benchmark_DEPENDENCIES = ../../src/libcyassl.la
-EXTRA_DIST =  *.der benchmark.sln benchmark.vcproj

ctaocrypt/benchmark/benchmark.c

@@ -1,20 +1,41 @@
-/* benchmark.c */
+/* benchmark.c
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
 /* CTaoCrypt benchmark */
 
+
 #include <string.h>
 #include <stdio.h>
 
-#include "des3.h"
-#include "arc4.h"
-#include "hc128.h"
-#include "rabbit.h"
+#include "ctc_des3.h"
+#include "ctc_arc4.h"
+#include "ctc_hc128.h"
+#include "ctc_rabbit.h"
 #include "ctc_aes.h"
 #include "ctc_md5.h"
 #include "ctc_sha.h"
-#include "sha256.h"
-#include "sha512.h"
+#include "ctc_sha256.h"
+#include "ctc_sha512.h"
 #include "ctc_rsa.h"
-#include "asn.h"
+#include "ctc_asn.h"
 #include "ctc_ripemd.h"
 
 #include "ctc_dh.h"

ctaocrypt/benchmark/include.am

@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+bin_PROGRAMS += ctaocrypt/benchmark/benchmark
+ctaocrypt_benchmark_benchmark_SOURCES      = ctaocrypt/benchmark/benchmark.c
+ctaocrypt_benchmark_benchmark_LDFLAGS      = -Lsrc
+ctaocrypt_benchmark_benchmark_LDADD        = src/libcyassl.la
+ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la
+EXTRA_DIST += ctaocrypt/benchmark/*.der \
+    ctaocrypt/benchmark/benchmark.sln ctaocrypt/benchmark/benchmark.vcproj

ctaocrypt/ctaocrypt.vcproj

@@ -100,7 +100,7 @@
 			<Tool
 				Name="VCCLCompilerTool"
 				AdditionalIncludeDirectories="include"
-				PreprocessorDefinitions="WIN32;NDEBUG;_LIB;"
+				PreprocessorDefinitions="WIN32;NDEBUG;_LIB;OPENSSL_EXTRA"
 				RuntimeLibrary="2"
 				UsePrecompiledHeader="0"
 				WarningLevel="3"

ctaocrypt/include/config.h

@@ -1,86 +0,0 @@
-/* ctaocrypt/include/config.h.  Generated from config.h.in by configure.  */
-/* ctaocrypt/include/config.h.in.  Generated from configure.in by autoheader.  */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#define HAVE_DLFCN_H 1
-
-/* Define to 1 if you have the <errno.h> header file. */
-#define HAVE_ERRNO_H 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#define HAVE_INTTYPES_H 1
-
-/* Define to 1 if you have the `network' library (-lnetwork). */
-/* #undef HAVE_LIBNETWORK */
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define if you have POSIX threads libraries and header files. */
-#define HAVE_PTHREAD 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#define HAVE_STDINT_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
-   */
-#define LT_OBJDIR ".libs/"
-
-/* Define to 1 if your C compiler doesn't accept -c and -o together. */
-/* #undef NO_MINUS_C_MINUS_O */
-
-/* Name of package */
-#define PACKAGE "cyassl"
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT ""
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME ""
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING ""
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME ""
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION ""
-
-/* Define to necessary symbol if this constant uses a non-standard name on
-   your system. */
-/* #undef PTHREAD_CREATE_JOINABLE */
-
-/* The size of `long', as computed by sizeof. */
-#define SIZEOF_LONG 8
-
-/* The size of `long long', as computed by sizeof. */
-#define SIZEOF_LONG_LONG 8
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Version number of package */
-#define VERSION "1.8.8"
-
-/* Define to 1 if your processor stores words with the most significant byte
-   first (like Motorola and SPARC, unlike Intel and VAX). */
-/* #undef WORDS_BIGENDIAN */

ctaocrypt/include/config.h.in

@@ -1,85 +0,0 @@
-/* ctaocrypt/include/config.h.in.  Generated from configure.in by autoheader.  */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#undef HAVE_DLFCN_H
-
-/* Define to 1 if you have the <errno.h> header file. */
-#undef HAVE_ERRNO_H
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `network' library (-lnetwork). */
-#undef HAVE_LIBNETWORK
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define if you have POSIX threads libraries and header files. */
-#undef HAVE_PTHREAD
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
-   */
-#undef LT_OBJDIR
-
-/* Define to 1 if your C compiler doesn't accept -c and -o together. */
-#undef NO_MINUS_C_MINUS_O
-
-/* Name of package */
-#undef PACKAGE
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to necessary symbol if this constant uses a non-standard name on
-   your system. */
-#undef PTHREAD_CREATE_JOINABLE
-
-/* The size of `long', as computed by sizeof. */
-#undef SIZEOF_LONG
-
-/* The size of `long long', as computed by sizeof. */
-#undef SIZEOF_LONG_LONG
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Version number of package */
-#undef VERSION
-
-/* Define to 1 if your processor stores words with the most significant byte
-   first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN

ctaocrypt/include/ctc_aes.h

@@ -19,13 +19,14 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_AES
 
 #ifndef CTAO_CRYPT_AES_H
 #define CTAO_CRYPT_AES_H
 
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef CYASSL_AESNI
 
@@ -69,9 +70,10 @@ typedef struct Aes {
 } Aes;
 
 
-int  AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir);
-void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
-void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+CYASSL_API int  AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
+                          int dir);
+CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_arc4.h

@@ -1,4 +1,4 @@
-/* arc4.h
+/* ctc_arc4.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -24,7 +24,7 @@
 #define CTAO_CRYPT_ARC4_H
 
 
-#include "types.h"
+#include "ctc_types.h"
 
 
 #ifdef __cplusplus
@@ -43,8 +43,8 @@ typedef struct Arc4 {
     byte state[ARC4_STATE_SIZE];
 } Arc4;
 
-void Arc4Process(Arc4*, byte*, const byte*, word32);
-void Arc4SetKey(Arc4*, const byte*, word32);
+CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32);
+CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_asn.h

@@ -1,4 +1,4 @@
-/* asn.h
+/* ctc_asn.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -23,11 +23,12 @@
 #ifndef CTAO_CRYPT_ASN_H
 #define CTAO_CRYPT_ASN_H
 
-#include "types.h"
+#include "ctc_types.h"
 #include "ctc_rsa.h"
 #include "ctc_dh.h"
 #include "ctc_dsa.h"
 #include "ctc_sha.h"
+#include "ctc_asn_public.h"   /* public interface */
 #ifdef HAVE_ECC
     #include "ctc_ecc.h"
 #endif
@@ -41,6 +42,8 @@ enum {
     ISSUER  = 0,
     SUBJECT = 1,
 
+    EXTERNAL_SERIAL_SIZE = 32,
+
     BEFORE  = 0,
     AFTER   = 1
 };
@@ -59,7 +62,6 @@ enum ASN_Tags {
     ASN_LONG_LENGTH       = 0x80
 };
 
-
 enum  ASN_Flags{
     ASN_CONSTRUCTED       = 0x20,
     ASN_CONTEXT_SPECIFIC  = 0x80
@@ -75,8 +77,29 @@ enum DN_Tags {
     ASN_ORGUNIT_NAME  = 0x0b    /* OU */
 };
 
+enum PBES {
+    PBE_MD5_DES      = 0,
+    PBE_SHA1_DES     = 1,
+    PBE_SHA1_DES3    = 2,
+    PBE_SHA1_RC4_128 = 3,
+    PBES2            = 13       /* algo ID */
+};
+
+enum ENCRYPTION_TYPES {
+    DES_TYPE  = 0,
+    DES3_TYPE = 1,
+    RC4_TYPE  = 2
+};
+
 enum Misc_ASN { 
-    ASN_NAME_MAX        = 256,    
+    ASN_NAME_MAX        = 256,
+    MAX_SALT_SIZE       =  64,     /* MAX PKCS Salt length */
+    MAX_IV_SIZE         =  64,     /* MAX PKCS Iv length */
+    MAX_KEY_SIZE        =  64,     /* MAX PKCS Key  length */
+    PKCS5               =   5,     /* PKCS oid tag */
+    PKCS5v2             =   6,     /* PKCS #5 v2.0 */
+    PKCS12              =  12,     /* PKCS #12 */
+    MAX_UNICODE_SZ      = 256,
     SHA_SIZE            =  20,
     RSA_INTS            =   8,     /* RSA ints in private key */
     MIN_DATE_SIZE       =  13,
@@ -88,7 +111,7 @@ enum Misc_ASN {
     MAX_SEQ_SZ          =   5,     /* enum(seq | con) + length(4) */  
     MAX_SET_SZ          =   5,     /* enum(set | con) + length(4) */  
     MAX_VERSION_SZ      =   5,     /* enum + id + version(byte) + (header(2))*/
-    MAX_ENCODED_DIG_SZ  =  25,     /* sha + enum(bit or octet) + legnth(4) */
+    MAX_ENCODED_DIG_SZ  =  73,     /* sha512 + enum(bit or octet) + legnth(4) */
     MAX_RSA_INT_SZ      = 517,     /* RSA raw sz 4096 for bits + tag + len(4) */
     MAX_NTRU_KEY_SZ     = 610,     /* NTRU 112 bit public key */
     MAX_NTRU_ENC_SZ     = 628,     /* NTRU 112 bit DER public encoding */
@@ -107,17 +130,20 @@ enum Oid_Types {
 
 
 enum Sig_Sum  {
-    SHAwDSA   = 517,
-    MD2wRSA   = 646,
-    MD5wRSA   = 648,
-    SHAwRSA   = 649,
-    SHAwECDSA = 520
+    SHAwDSA    = 517,
+    MD2wRSA    = 646,
+    MD5wRSA    = 648,
+    SHAwRSA    = 649,
+    SHAwECDSA  = 520,
+    SHA256wRSA   = 655,
+    SHA256wECDSA = 524
 };
 
 enum Hash_Sum  {
-    MD2h  = 646,
-    MD5h  = 649,
-    SHAh  =  88
+    MD2h    = 646,
+    MD5h    = 649,
+    SHAh    =  88,
+    SHA256h = 414
 };
 
 enum Key_Sum {
@@ -137,11 +163,8 @@ enum Ecc_Sum {
 };
 
 
-/* Certificate file Type */
-enum CertType {
-    CERT_TYPE       = 0, 
-    PRIVATEKEY_TYPE,
-    CA_TYPE
+enum KDF_Sum {
+    PBKDF2_OID = 660
 };
 
 
@@ -151,7 +174,11 @@ enum VerifyType {
 };
 
 
-typedef struct DecodedCert {
+typedef struct DecodedCert DecodedCert;
+typedef struct Signer      Signer;
+
+
+struct DecodedCert {
     byte*   publicKey;
     word32  pubKeySize;
     int     pubKeyStored;
@@ -170,9 +197,12 @@ typedef struct DecodedCert {
     int     verify;                  /* Default to yes, but could be off */
     byte*   source;                  /* byte buffer holder cert, NOT owner */
     word32  srcIdx;                  /* current offset into buffer       */
+    word32  maxIdx;                  /* max offset based on init size    */
     void*   heap;                    /* for user memory overrides        */
+    byte    serial[EXTERNAL_SERIAL_SIZE];  /* raw serial number          */
+    int     serialSz;                /* raw serial bytes stored */
 #ifdef CYASSL_CERT_GEN
-    /* easy access to sujbect info for other sign */
+    /* easy access to subject info for other sign */
     char*   subjectSN;
     int     subjectSNLen;
     char*   subjectC;
@@ -188,11 +218,9 @@ typedef struct DecodedCert {
     char*   subjectEmail;
     int     subjectEmailLen;
 #endif /* CYASSL_CERT_GEN */
-} DecodedCert;
+};
 
 
-typedef struct Signer Signer;
-
 /* CA Signers */
 struct Signer {
     byte*   publicKey;
@@ -204,54 +232,46 @@ struct Signer {
 };
 
 
-void InitDecodedCert(DecodedCert*, byte*, void*);
-void FreeDecodedCert(DecodedCert*);
-int  ParseCert(DecodedCert*, word32, int type, int verify, Signer* signer);
-int  ParseCertRelative(DecodedCert*, word32, int type, int verify,
-                       Signer* signer);
-
-word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,int hashOID);
-
-Signer* MakeSigner(void*);
-void    FreeSigners(Signer*, void*);
-
-
-int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
-int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
-int ToTraditional(byte* buffer, word32 length);
-
-#ifndef NO_DH
-int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32);
-int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz);
+/* not for public consumption but may use for testing sometimes */
+#ifdef CYASSL_TEST_CERT
+    #define CYASSL_TEST_API CYASSL_API
+#else
+    #define CYASSL_TEST_API CYASSL_LOCAL
 #endif
 
-#ifndef NO_DSA
-int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
-int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
-#endif
+CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
+CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
+CYASSL_TEST_API int  ParseCert(DecodedCert*, int type, int verify,
+                               Signer* signer);
+
+CYASSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify,
+                                   Signer* signer);
+
+CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
+                                    int hashOID);
+
+CYASSL_LOCAL Signer* MakeSigner(void*);
+CYASSL_LOCAL void    FreeSigners(Signer*, void*);
+
+
+CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
+CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
 
-#ifdef CYASSL_KEY_GEN
-int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
-#endif
 
 #ifdef HAVE_ECC
     /* ASN sig helpers */
-    int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s);
-    int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s);
+    CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
+                                      mp_int* s);
+    CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
+                                       mp_int* r, mp_int* s);
     /* private key helpers */
-    int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,ecc_key*,word32);
-#endif
-
-#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
-int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz,
-             int type);
+    CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
+                                         ecc_key*,word32);
 #endif
 
 #ifdef CYASSL_CERT_GEN
 
 enum cert_enums {
-    SERIAL_SIZE     =  8,
-    NAME_SIZE       = 64,
     NAME_ENTRIES    =  8,
     JOINT_LEN       =  2,
     EMAIL_JOINT_LEN =  9,
@@ -260,54 +280,6 @@ enum cert_enums {
 };
 
 
-typedef struct CertName {
-    char country[NAME_SIZE];
-    char state[NAME_SIZE];
-    char locality[NAME_SIZE];
-    char sur[NAME_SIZE];
-    char org[NAME_SIZE];
-    char unit[NAME_SIZE];
-    char commonName[NAME_SIZE];
-    char email[NAME_SIZE];  /* !!!! email has to be last !!!! */
-} CertName;
-
-
-/* for user to fill for certificate generation */
-typedef struct Cert {
-    int      version;                   /* x509 version  */
-    byte     serial[SERIAL_SIZE];       /* serial number */
-    int      sigType;                   /* signature algo type */
-    CertName issuer;                    /* issuer info */
-    int      daysValid;                 /* validity days */
-    int      selfSigned;                /* self signed flag */
-    CertName subject;                   /* subject info */
-    /* internal use only */
-    int      bodySz;                    /* pre sign total size */
-    int      keyType;                   /* public key type of subject */
-} Cert;
-
-
-/* Initialize and Set Certficate defaults:
-   version    = 3 (0x2)
-   serial     = 0 (Will be randomly generated)
-   sigType    = MD5_WITH_RSA
-   issuer     = blank
-   daysValid  = 500
-   selfSigned = 1 (true) use subject as issuer
-   subject    = blank
-   keyType    = RSA_KEY (default)
-*/
-void InitCert(Cert*);
-int  MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  SetIssuer(Cert*, const char*);
-#ifdef HAVE_NTRU
-int  MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, const byte* ntruKey,
-                  word16 keySz, RNG*);
-#endif
-
-
 #endif /* CYASSL_CERT_GEN */
 
 

ctaocrypt/include/ctc_asn_public.h

@@ -0,0 +1,119 @@
+/* ctc_asn_public.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#ifndef CTAO_CRYPT_ASN_PUBLIC_H
+#define CTAO_CRYPT_ASN_PUBLIC_H
+
+#include "ctc_types.h"
+#ifdef CYASSL_CERT_GEN
+    #include "ctc_rsa.h"
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* Certificate file Type */
+enum CertType {
+    CERT_TYPE       = 0, 
+    PRIVATEKEY_TYPE,
+    CA_TYPE
+};
+
+#ifdef CYASSL_CERT_GEN
+
+enum Ctc_Misc {
+    CTC_NAME_SIZE       = 64,
+    CTC_SERIAL_SIZE     =  8
+};
+
+typedef struct CertName {
+    char country[CTC_NAME_SIZE];
+    char state[CTC_NAME_SIZE];
+    char locality[CTC_NAME_SIZE];
+    char sur[CTC_NAME_SIZE];
+    char org[CTC_NAME_SIZE];
+    char unit[CTC_NAME_SIZE];
+    char commonName[CTC_NAME_SIZE];
+    char email[CTC_NAME_SIZE];  /* !!!! email has to be last !!!! */
+} CertName;
+
+
+/* for user to fill for certificate generation */
+typedef struct Cert {
+    int      version;                   /* x509 version  */
+    byte     serial[CTC_SERIAL_SIZE];   /* serial number */
+    int      sigType;                   /* signature algo type */
+    CertName issuer;                    /* issuer info */
+    int      daysValid;                 /* validity days */
+    int      selfSigned;                /* self signed flag */
+    CertName subject;                   /* subject info */
+    /* internal use only */
+    int      bodySz;                    /* pre sign total size */
+    int      keyType;                   /* public key type of subject */
+} Cert;
+
+
+
+
+/* Initialize and Set Certficate defaults:
+   version    = 3 (0x2)
+   serial     = 0 (Will be randomly generated)
+   sigType    = MD5_WITH_RSA
+   issuer     = blank
+   daysValid  = 500
+   selfSigned = 1 (true) use subject as issuer
+   subject    = blank
+   keyType    = RSA_KEY (default)
+*/
+CYASSL_API void InitCert(Cert*);
+CYASSL_API int  MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
+CYASSL_API int  SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
+CYASSL_API int  MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+                             RNG*);
+CYASSL_API int  SetIssuer(Cert*, const char*);
+CYASSL_API int  SetSubject(Cert*, const char*);
+CYASSL_API int  SetIssuerBuffer(Cert*, const byte*, int);
+CYASSL_API int  SetSubjectBuffer(Cert*, const byte*, int);
+
+    #ifdef HAVE_NTRU
+        CYASSL_API int  MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
+                                     const byte* ntruKey, word16 keySz, RNG*);
+    #endif
+
+#endif /* CYASSL_CERT_GEN */
+
+
+#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
+    CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
+                            word32 outputSz, int type);
+#endif
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
+

ctaocrypt/include/ctc_coding.h

@@ -1,4 +1,4 @@
-/* coding.h
+/* ctc_coding.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -23,7 +23,7 @@
 #ifndef CTAO_CRYPT_CODING_H
 #define CTAO_CRYPT_CODING_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -31,11 +31,15 @@
 
 
 /* decode needed by CyaSSL */
-int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
+CYASSL_LOCAL int Base64Decode(const byte* in, word32 inLen, byte* out,
+                              word32* outLen);
 
-#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN)  || defined(CYASSL_CERT_GEN)
+#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN)  || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER)
     /* encode isn't */
-    int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
+    CYASSL_LOCAL
+    int Base64Encode(const byte* in, word32 inLen, byte* out,
+                                  word32* outLen);
+    CYASSL_LOCAL 
     int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
 #endif
 

ctaocrypt/include/ctc_des3.h

@@ -1,4 +1,4 @@
-/* des3.h
+/* ctc_des3.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,13 +19,14 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DES3
 
 #ifndef CTAO_CRYPT_DES3_H
 #define CTAO_CRYPT_DES3_H
 
 
-#include "types.h"
+#include "ctc_types.h"
 
 
 #ifdef __cplusplus
@@ -57,13 +58,13 @@ typedef struct Des3 {
 } Des3;
 
 
-void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
-void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
-void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
+CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
 
-void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir);
-void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz);
-void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
+CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
+CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_dh.h

@@ -19,34 +19,40 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DH
 
 #ifndef CTAO_CRYPT_DH_H
 #define CTAO_CRYPT_DH_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include "ctc_types.h"
+#include "ctc_integer.h"
+#include "ctc_random.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* Diffie-Hellman Key */
 typedef struct DhKey {
     mp_int p, g;                            /* group parameters  */
 } DhKey;
 
 
-void InitDhKey(DhKey* key);
-void FreeDhKey(DhKey* key);
+CYASSL_API void InitDhKey(DhKey* key);
+CYASSL_API void FreeDhKey(DhKey* key);
 
-int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
-                      byte* pub, word32* pubSz);
-int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
-            word32 privSz, const byte* otherPub, word32 pubSz);
+CYASSL_API int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv,
+                                 word32* privSz, byte* pub, word32* pubSz);
+CYASSL_API int DhAgree(DhKey* key, byte* agree, word32* agreeSz,
+                       const byte* priv, word32 privSz, const byte* otherPub,
+                       word32 pubSz);
+
+CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
+                           word32);
+CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
+                        word32 gSz);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_dsa.h

@@ -19,14 +19,15 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DSA
 
 #ifndef CTAO_CRYPT_DSA_H
 #define CTAO_CRYPT_DSA_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include "ctc_types.h"
+#include "ctc_integer.h"
+#include "ctc_random.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -45,12 +46,17 @@ typedef struct DsaKey {
 } DsaKey;
 
 
-void InitDsaKey(DsaKey* key);
-void FreeDsaKey(DsaKey* key);
+CYASSL_API void InitDsaKey(DsaKey* key);
+CYASSL_API void FreeDsaKey(DsaKey* key);
 
-int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
-int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer);
+CYASSL_API int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
+CYASSL_API int DsaVerify(const byte* digest, const byte* sig, DsaKey* key,
+                         int* answer);
 
+CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                  word32);
+CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                   word32);
 
 #ifdef __cplusplus
     } /* extern "C" */

ctaocrypt/include/ctc_ecc.h

@@ -24,9 +24,9 @@
 #ifndef CTAO_CRYPT_ECC_H
 #define CTAO_CRYPT_ECC_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include "ctc_types.h"
+#include "ctc_integer.h"
+#include "ctc_random.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -46,12 +46,12 @@ enum {
 /* ECC set type defined a NIST GF(p) curve */
 typedef struct {
     int size;       /* The size of the curve in octets */
-    char* name;     /* name of this curve */
-    char* prime;    /* prime that defines the field the curve is in (hex) */
-    char* B;        /* fields B param (hex) */
-    char* order;    /* order of the curve (hex) */
-    char* Gx;       /* x coordinate of the base point on curve (hex) */
-    char* Gy;       /* y coordinate of the base point on curve (hex) */
+    const char* name;     /* name of this curve */
+    const char* prime;    /* prime that defines the field, curve is in (hex) */
+    const char* B;        /* fields B param (hex) */
+    const char* order;    /* order of the curve (hex) */
+    const char* Gx;       /* x coordinate of the base point on curve (hex) */
+    const char* Gy;       /* y coordinate of the base point on curve (hex) */
 } ecc_set_type;
 
 
@@ -63,6 +63,7 @@ typedef struct {
     mp_int z;        /* The z coordinate */
 } ecc_point;
 
+
 /* An ECC Key */
 typedef struct {
     int type;           /* Public or Private */
@@ -80,28 +81,36 @@ typedef struct {
 extern const ecc_set_type ecc_sets[];
 
 
+CYASSL_API
 int ecc_make_key(RNG* rng, int keysize, ecc_key* key);
+CYASSL_API
 int ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
                       word32* outlen);
-
+CYASSL_API
 int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, 
                   RNG* rng, ecc_key* key);
+CYASSL_API
 int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen, 
                     int* stat, ecc_key* key);
-
+CYASSL_API
 void ecc_init(ecc_key* key);
+CYASSL_API
 void ecc_free(ecc_key* key);
 
 
 /* ASN key helpers */
+CYASSL_API
 int ecc_export_x963(ecc_key*, byte* out, word32* outLen);
+CYASSL_API
 int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
-
+CYASSL_API
 int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
                            word32 pubSz, ecc_key* key);
 
 /* size helper */
+CYASSL_API
 int ecc_size(ecc_key* key);
+CYASSL_API
 int ecc_sig_size(ecc_key* key);
 
 /* TODO: fix mutex types */

ctaocrypt/include/ctc_error.h

@@ -1,4 +1,4 @@
-/* error.h
+/* ctc_error.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -23,7 +23,7 @@
 #ifndef CTAO_CRYPT_ERROR_H
 #define CTAO_CRYPT_ERROR_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 
 #ifdef __cplusplus
@@ -52,6 +52,7 @@ enum {
     MP_MOD_E           = -118,  /* mp_mod error state, can't mod */
     MP_INVMOD_E        = -119,  /* mp_invmod error state, can't inv mod */
     MP_CMP_E           = -120,  /* mp_cmp error state */
+    MP_ZERO_E          = -121,  /* got a mp zero result, not expected */
 
     MEMORY_E           = -125,  /* out of memory error */
 
@@ -78,18 +79,21 @@ enum {
     ASN_BEFORE_DATE_E  = -150,  /* ASN date error, current date before */
     ASN_AFTER_DATE_E   = -151,  /* ASN date error, current date after */
     ASN_SIG_OID_E      = -152,  /* ASN signature error, mismatched oid */
-    ASN_TIME_E         = -153,  /* ASN time error, unkown time type */
+    ASN_TIME_E         = -153,  /* ASN time error, unknown time type */
     ASN_INPUT_E        = -154,  /* ASN input error, not enough data */
     ASN_SIG_CONFIRM_E  = -155,  /* ASN sig error, confirm failure */
     ASN_SIG_HASH_E     = -156,  /* ASN sig error, unsupported hash type */
-    ASN_SIG_KEY_E      = -157,  /* ASN sig error, unsupported key  type */
+    ASN_SIG_KEY_E      = -157,  /* ASN sig error, unsupported key type */
     ASN_DH_KEY_E       = -158,  /* ASN key init error, invalid input */
     ASN_NTRU_KEY_E     = -159,  /* ASN ntru key decode error, invalid input */
 
-    /* TODO: TAO add ECC error strings to ErrorString() */
     ECC_BAD_ARG_E      = -170,  /* ECC input argument of wrong type */
     ASN_ECC_KEY_E      = -171,  /* ASN ECC bad input */
     ECC_CURVE_OID_E    = -172,  /* Unsupported ECC OID curve type */
+    BAD_FUNC_ARG       = -173,  /* Bad function argument provided */
+    NOT_COMPILED_IN    = -174,  /* Feature not compiled in */
+    UNICODE_SIZE_E     = -175,  /* Unicode password too big */
+    NO_PASSWORD        = -176,  /* no password provided by user */
 
     MIN_CODE_E         = -200   /* errors -101 - -199 */
 };

ctaocrypt/include/ctc_hc128.h

@@ -1,4 +1,4 @@
-/* hc128.h
+/* ctc_hc128.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -25,14 +25,13 @@
 #ifndef CTAO_CRYPT_HC128_H
 #define CTAO_CRYPT_HC128_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* HC-128 stream cipher */
 typedef struct HC128 {
     word32 T[1024];             /* P[i] = T[i];  Q[i] = T[1024 + i ]; */
@@ -44,8 +43,8 @@ typedef struct HC128 {
 } HC128;
 
 
-void Hc128_Process(HC128*, byte*, const byte*, word32);
-void Hc128_SetKey(HC128*, const byte* key, const byte* iv);
+CYASSL_API void Hc128_Process(HC128*, byte*, const byte*, word32);
+CYASSL_API void Hc128_SetKey(HC128*, const byte* key, const byte* iv);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_hmac.h

@@ -19,6 +19,7 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_HMAC
 
 #ifndef CTAO_CRYPT_HMAC_H
@@ -28,7 +29,7 @@
 #include "ctc_sha.h"
 
 #ifndef NO_SHA256
-    #include "sha256.h"
+    #include "ctc_sha256.h"
 #endif
 
 #ifdef __cplusplus
@@ -36,7 +37,6 @@
 #endif
 
 
-
 enum {
     IPAD    = 0x36,
     OPAD    = 0x5C,
@@ -70,9 +70,10 @@ typedef struct Hmac {
 } Hmac;
 
 
-void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); /* does init */
-void HmacUpdate(Hmac*, const byte*, word32);
-void HmacFinal(Hmac*, byte*);
+/* does init */
+CYASSL_API void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz);
+CYASSL_API void HmacUpdate(Hmac*, const byte*, word32);
+CYASSL_API void HmacFinal(Hmac*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_integer.h

@@ -1,4 +1,4 @@
-/* integer.h
+/* ctc_integer.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,8 +19,6 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
-
-
 /*
  * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
@@ -33,9 +31,9 @@
 /* may optionally use fast math instead, not yet supported on all platforms and
    may not be faster on all
 */
-#include "types.h"       /* will set MP_xxBIT if not default */
+#include "ctc_types.h"       /* will set MP_xxBIT if not default */
 #ifdef USE_FAST_MATH
-    #include "tfm.h"
+    #include "ctc_tfm.h"
 #else
 
 #ifndef CHAR_BIT
@@ -247,10 +245,8 @@ void mp_clamp (mp_int * a);
 void mp_exch (mp_int * a, mp_int * b);
 void mp_rshd (mp_int * a, int b);
 int  mp_mod_2d (mp_int * a, int b, mp_int * c);
-int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
 int  mp_mul_2d (mp_int * a, int b, mp_int * c);
 int  mp_lshd (mp_int * a, int b);
-int  mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
 int  mp_abs (mp_int * a, mp_int * b);
 int  mp_invmod (mp_int * a, mp_int * b, mp_int * c);
 int  fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
@@ -266,7 +262,6 @@ int  mp_add (mp_int * a, mp_int * b, mp_int * c);
 int  s_mp_add (mp_int * a, mp_int * b, mp_int * c);
 int  s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
 int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
-int  mp_init (mp_int * a);
 int  mp_reduce_is_2k_l(mp_int *a);
 int  mp_reduce_is_2k(mp_int *a);
 int  mp_dr_is_modulus(mp_int *a);
@@ -298,14 +293,17 @@ int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
 int  mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
 int  mp_2expt (mp_int * a, int b);
 int  mp_reduce_2k_setup(mp_int *a, mp_digit *d);
+int  mp_add_d (mp_int* a, mp_digit b, mp_int* c);
 /* end support added functions */
 
 /* added */
 int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
                   mp_int* f);
 
-#ifdef HAVE_ECC
+#if defined(HAVE_ECC) || defined(CYASSL_KEY_GEN)
     int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
+#endif
+#ifdef HAVE_ECC
     int mp_read_radix(mp_int* a, const char* str, int radix);
 #endif
 
@@ -314,9 +312,11 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
     int mp_set_int (mp_int * a, unsigned long b);
     int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
     int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
-    int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
 #endif
 
+#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
+    int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
+#endif
 
 #ifdef __cplusplus
    }

ctaocrypt/include/ctc_md4.h

@@ -25,7 +25,7 @@
 #ifndef CTAO_CRYPT_MD4_H
 #define CTAO_CRYPT_MD4_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -50,9 +50,9 @@ typedef struct Md4 {
 } Md4;
 
 
-void InitMd4(Md4*);
-void Md4Update(Md4*, const byte*, word32);
-void Md4Final(Md4*, byte*);
+CYASSL_API void InitMd4(Md4*);
+CYASSL_API void Md4Update(Md4*, const byte*, word32);
+CYASSL_API void Md4Final(Md4*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_md5.h

@@ -23,7 +23,7 @@
 #ifndef CTAO_CRYPT_MD5_H
 #define CTAO_CRYPT_MD5_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -49,9 +49,9 @@ typedef struct Md5 {
 } Md5;
 
 
-void InitMd5(Md5*);
-void Md5Update(Md5*, const byte*, word32);
-void Md5Final(Md5*, byte*);
+CYASSL_API void InitMd5(Md5*);
+CYASSL_API void Md5Update(Md5*, const byte*, word32);
+CYASSL_API void Md5Final(Md5*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_misc.h

@@ -1,4 +1,4 @@
-/* misc.h
+/* ctc_misc.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -24,8 +24,7 @@
 #define CTAO_CRYPT_MISC_H
 
 
-#include "types.h"
-
+#include "ctc_types.h"
 
 
 #ifdef __cplusplus
@@ -34,14 +33,21 @@
 
 
 #ifdef NO_INLINE
+CYASSL_LOCAL
 word32 rotlFixed(word32, word32);
+CYASSL_LOCAL
 word32 rotrFixed(word32, word32);
 
+CYASSL_LOCAL
 word32 ByteReverseWord32(word32);
+CYASSL_LOCAL
 void   ByteReverseWords(word32*, const word32*, word32);
+CYASSL_LOCAL
 void   ByteReverseBytes(byte*, const byte*, word32);
 
+CYASSL_LOCAL
 void XorWords(word*, const word*, word32);
+CYASSL_LOCAL
 void xorbuf(byte*, const byte*, word32);
 #endif /* NO_INLINE */
 

ctaocrypt/include/ctc_pwdbased.h

@@ -1,4 +1,4 @@
-/* pwdbased.h
+/* ctc_pwdbased.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -25,7 +25,7 @@
 #ifndef CTAO_CRYPT_PWDBASED_H
 #define CTAO_CRYPT_PWDBASED_H
 
-#include "types.h"
+#include "ctc_types.h"
 #include "ctc_md5.h"       /* for hash type */
 #include "ctc_sha.h"
 
@@ -34,9 +34,15 @@
 #endif
 
 
-int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
-           int sLen, int iterations, int kLen, int hashType);
-
+CYASSL_API int PBKDF1(byte* output, const byte* passwd, int pLen,
+                      const byte* salt, int sLen, int iterations, int kLen,
+                      int hashType);
+CYASSL_API int PBKDF2(byte* output, const byte* passwd, int pLen,
+                      const byte* salt, int sLen, int iterations, int kLen,
+                      int hashType);
+CYASSL_API int PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
+                            const byte* salt, int sLen, int iterations,
+                            int kLen, int hashType, int purpose);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_rabbit.h

@@ -1,4 +1,4 @@
-/* rabbit.h
+/* ctc_rabbit.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -25,7 +25,7 @@
 #ifndef CTAO_CRYPT_RABBIT_H
 #define CTAO_CRYPT_RABBIT_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -47,8 +47,8 @@ typedef struct Rabbit {
 } Rabbit;
 
 
-void RabbitProcess(Rabbit*, byte*, const byte*, word32);
-void RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
+CYASSL_API void RabbitProcess(Rabbit*, byte*, const byte*, word32);
+CYASSL_API void RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_random.h

@@ -1,4 +1,4 @@
-/* random.h
+/* ctc_random.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -23,7 +23,7 @@
 #ifndef CTAO_CRYPT_RANDOM_H
 #define CTAO_CRYPT_RANDOM_H
 
-#include "arc4.h"
+#include "ctc_arc4.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -49,6 +49,7 @@ typedef struct OS_Seed {
     #endif
 } OS_Seed;
 
+CYASSL_LOCAL
 int GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
 
 
@@ -59,9 +60,9 @@ typedef struct RNG {
 } RNG;
 
 
-int  InitRng(RNG*);
-void RNG_GenerateBlock(RNG*, byte*, word32 sz);
-byte RNG_GenerateByte(RNG*);
+CYASSL_API int  InitRng(RNG*);
+CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz);
+CYASSL_API byte RNG_GenerateByte(RNG*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_ripemd.h

@@ -25,14 +25,13 @@
 #ifndef CTAO_CRYPT_RIPEMD_H
 #define CTAO_CRYPT_RIPEME_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* in bytes */
 enum {
     RIPEMD             =  3,    /* hash type unique */
@@ -52,9 +51,9 @@ typedef struct RipeMd {
 } RipeMd;
 
 
-void InitRipeMd(RipeMd*);
-void RipeMdUpdate(RipeMd*, const byte*, word32);
-void RipeMdFinal(RipeMd*, byte*);
+CYASSL_API void InitRipeMd(RipeMd*);
+CYASSL_API void RipeMdUpdate(RipeMd*, const byte*, word32);
+CYASSL_API void RipeMdFinal(RipeMd*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_rsa.h

@@ -23,9 +23,9 @@
 #ifndef CTAO_CRYPT_RSA_H
 #define CTAO_CRYPT_RSA_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include "ctc_types.h"
+#include "ctc_integer.h"
+#include "ctc_random.h"
 
 #ifdef __cplusplus
     extern "C" {
@@ -45,27 +45,34 @@ typedef struct RsaKey {
 } RsaKey;
 
 
-void InitRsaKey(RsaKey* key, void*);
-void FreeRsaKey(RsaKey* key);
+CYASSL_API void InitRsaKey(RsaKey* key, void*);
+CYASSL_API void FreeRsaKey(RsaKey* key);
 
-int  RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
-                      RsaKey* key, RNG* rng);
-int  RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key);
-int  RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
-                       RsaKey* key);
-int  RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
-                 RsaKey* key, RNG* rng);
-int  RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key);
-int  RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
-                   RsaKey* key);
-
-int  RsaEncryptSize(RsaKey* key);
+CYASSL_API int  RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                 word32 outLen, RsaKey* key, RNG* rng);
+CYASSL_API int  RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+                                        RsaKey* key);
+CYASSL_API int  RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                  word32 outLen, RsaKey* key);
+CYASSL_API int  RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                            word32 outLen, RsaKey* key, RNG* rng);
+CYASSL_API int  RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
+                                    RsaKey* key);
+CYASSL_API int  RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                              word32 outLen, RsaKey* key);
+CYASSL_API int  RsaEncryptSize(RsaKey* key);
 
+CYASSL_API int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
+                                   word32);
+CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
+                                  word32);
 #ifdef CYASSL_KEY_GEN
-    int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
+    CYASSL_API int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
+    CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
 #endif
 
 
+
 #ifdef __cplusplus
     } /* extern "C" */
 #endif

ctaocrypt/include/ctc_settings.h

@@ -1,4 +1,4 @@
-/* os_settings.h
+/* ctc_settings.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -20,10 +20,11 @@
  */
 
 /* Place OS specific preprocessor flags, defines, includes here, will be
-   included into every file because types.h includes it */
+   included into every file because ctc_types.h includes it */
 
-#ifndef CTAO_CRYPT_OS_SETTINGS_H
-#define CTAO_CRYPT_OS_SETTINGS_H
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
 
 #ifdef __cplusplus
     extern "C" {
@@ -41,6 +42,20 @@
 /* Uncomment next line if using Mbed */
 /* #define MBED */
 
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+#if defined(USE_CYASSL_CONFIG) || defined(HAVE_CONFIG_H)
+    #include "ctc_config.h"   /* may not want global HAVE_CONFIG_H */
+#endif
+
+#include "ctc_visibility.h"
 
 #ifdef IPHONE
     #define SIZEOF_LONG_LONG 8
@@ -61,9 +76,25 @@
     #define NO_HC128
 #endif /* MBED */
 
+#ifdef FREERTOS 
+    #define SINGLE_THREADED
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+#endif
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
 
 #ifdef MICRIUM
 
+    #include "stdlib.h"
     #include "net_cfg.h"
     #include "ssl_cfg.h"
     #include "net_secure_os.h"
@@ -256,6 +287,11 @@
 
 #endif /* MICRIUM */
 
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC)
+    #define USE_CYASSL_MEMORY
+#endif
+
 /* Place any other flags or defines here */
 
 
@@ -264,5 +300,5 @@
 #endif
 
 
-#endif /* CTAO_CRYPT_OS_SETTINGS_H */
+#endif /* CTAO_CRYPT_SETTINGS_H */
 

ctaocrypt/include/ctc_sha.h

@@ -23,14 +23,13 @@
 #ifndef CTAO_CRYPT_SHA_H
 #define CTAO_CRYPT_SHA_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* in bytes */
 enum {
     SHA              =  1,    /* hash type unique */
@@ -50,9 +49,9 @@ typedef struct Sha {
 } Sha;
 
 
-void InitSha(Sha*);
-void ShaUpdate(Sha*, const byte*, word32);
-void ShaFinal(Sha*, byte*);
+CYASSL_API void InitSha(Sha*);
+CYASSL_API void ShaUpdate(Sha*, const byte*, word32);
+CYASSL_API void ShaFinal(Sha*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_sha256.h

@@ -1,4 +1,4 @@
-/* sha256.h
+/* ctc_sha256.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -28,14 +28,13 @@
 #ifndef CTAO_CRYPT_SHA256_H
 #define CTAO_CRYPT_SHA256_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* in bytes */
 enum {
     SHA256              =  2,   /* hash type unique */
@@ -55,9 +54,9 @@ typedef struct Sha256 {
 } Sha256;
 
 
-void InitSha256(Sha256*);
-void Sha256Update(Sha256*, const byte*, word32);
-void Sha256Final(Sha256*, byte*);
+CYASSL_API void InitSha256(Sha256*);
+CYASSL_API void Sha256Update(Sha256*, const byte*, word32);
+CYASSL_API void Sha256Final(Sha256*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_sha512.h

@@ -1,4 +1,4 @@
-/* sha512.h
+/* ctc_sha512.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -25,14 +25,13 @@
 #ifndef CTAO_CRYPT_SHA512_H
 #define CTAO_CRYPT_SHA512_H
 
-#include "types.h"
+#include "ctc_types.h"
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* in bytes */
 enum {
     SHA512              =   4,   /* hash type unique */
@@ -52,9 +51,9 @@ typedef struct Sha512 {
 } Sha512;
 
 
-void InitSha512(Sha512*);
-void Sha512Update(Sha512*, const byte*, word32);
-void Sha512Final(Sha512*, byte*);
+CYASSL_API void InitSha512(Sha512*);
+CYASSL_API void Sha512Update(Sha512*, const byte*, word32);
+CYASSL_API void Sha512Final(Sha512*, byte*);
 
 
 #ifdef __cplusplus

ctaocrypt/include/ctc_tfm.h

@@ -1,4 +1,4 @@
-/* tfm.h
+/* ctc_tfm.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -20,7 +20,6 @@
  */
 
 
-
 /*
  * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
@@ -36,7 +35,7 @@
 #ifndef CTAO_CRYPT_TFM_H
 #define CTAO_CRYPT_TFM_H
 
-#include "types.h"
+#include "ctc_types.h"
 #ifndef CHAR_BIT
     #include <limits.h>
 #endif
@@ -54,90 +53,6 @@
    #define MAX(x,y) ((x)>(y)?(x):(y))
 #endif
 
-/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
-#ifndef TFM_ALREADY_SET
-
-/* do we want the large set of small multiplications ? 
-   Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC
-   Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-)
- */
-/* need to refactor the function */
-/*#define TFM_SMALL_SET */
-
-/* do we want huge code 
-   Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA)
-   Less important on 64-bit machines as 32 digits == 2048 bits
- */
-#if 0
-#define TFM_MUL3
-#define TFM_MUL4
-#define TFM_MUL6
-#define TFM_MUL7
-#define TFM_MUL8
-#define TFM_MUL9
-#define TFM_MUL12
-#define TFM_MUL17
-#endif
-#ifdef TFM_SMALL_SET
-#define TFM_MUL20
-#define TFM_MUL24
-#define TFM_MUL28
-#define TFM_MUL32
-#define TFM_MUL48
-#define TFM_MUL64
-#endif
-
-#if 0
-#define TFM_SQR3
-#define TFM_SQR4
-#define TFM_SQR6
-#define TFM_SQR7
-#define TFM_SQR8
-#define TFM_SQR9
-#define TFM_SQR12
-#define TFM_SQR17
-#endif
-#ifdef TFM_SMALL_SET
-#define TFM_SQR20
-#define TFM_SQR24
-#define TFM_SQR28
-#define TFM_SQR32
-#define TFM_SQR48
-#define TFM_SQR64
-#endif
-
-/* do we want some overflow checks
-   Not required if you make sure your numbers are within range (e.g. by default a modulus for fp_exptmod() can only be upto 2048 bits long)
- */
-/* #define TFM_CHECK */
-
-/* Is the target a P4 Prescott
- */
-/* #define TFM_PRESCOTT */
-
-/* Do we want timing resistant fp_exptmod() ?
- * This makes it slower but also timing invariant with respect to the exponent 
- */
-/* #define TFM_TIMING_RESISTANT */
-
-#endif
-
-/* Max size of any number in bits.  Basically the largest size you will be multiplying
- * should be half [or smaller] of FP_MAX_SIZE-four_digit
- *
- * You can externally define this or it defaults to 4096-bits [allowing multiplications upto 2048x2048 bits ]
- */
-#ifndef FP_MAX_SIZE
-   #define FP_MAX_SIZE           (4096+(8*DIGIT_BIT))
-#endif
-
-/* will this lib work? */
-#if (CHAR_BIT & 7)
-   #error CHAR_BIT must be a multiple of eight.
-#endif
-#if FP_MAX_SIZE % CHAR_BIT
-   #error FP_MAX_SIZE must be a multiple of CHAR_BIT
-#endif
 
 /* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */
 #if defined(__x86_64__)
@@ -153,6 +68,10 @@
        #define FP_64BIT
     #endif
 #endif
+/* use 64-bit digit even if not using asm on x86_64 */
+#if defined(__x86_64__) && !defined(FP_64BIT)
+    #define FP_64BIT
+#endif
 
 /* try to detect x86-32 */
 #if defined(__i386__) && !defined(TFM_SSE2)
@@ -295,12 +214,29 @@
       typedef signed long long   long64;
    #endif
 #endif
-   typedef unsigned long      fp_digit;
+   typedef unsigned int       fp_digit;
    typedef ulong64            fp_word;
 #endif
 
 /* # of digits this is */
 #define DIGIT_BIT  (int)((CHAR_BIT) * sizeof(fp_digit))
+
+/* Max size of any number in bits.  Basically the largest size you will be
+ * multiplying should be half [or smaller] of FP_MAX_SIZE-four_digit
+ *
+ * It defaults to 4096-bits [allowing multiplications upto 2048x2048 bits ]
+ */
+#define FP_MAX_BITS           4096
+#define FP_MAX_SIZE           (FP_MAX_BITS+(8*DIGIT_BIT))
+
+/* will this lib work? */
+#if (CHAR_BIT & 7)
+   #error CHAR_BIT must be a multiple of eight.
+#endif
+#if FP_MAX_BITS % CHAR_BIT
+   #error FP_MAX_BITS must be a multiple of CHAR_BIT
+#endif
+
 #define FP_MASK    (fp_digit)(-1)
 #define FP_SIZE    (FP_MAX_SIZE/DIGIT_BIT)
 
@@ -329,6 +265,78 @@ typedef struct {
              sign;
 } fp_int;
 
+/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
+#ifndef TFM_ALREADY_SET
+
+/* do we want the large set of small multiplications ? 
+   Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC
+   Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-)
+ */
+/* need to refactor the function */
+/*#define TFM_SMALL_SET */
+
+/* do we want huge code 
+   Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA)
+   Less important on 64-bit machines as 32 digits == 2048 bits
+ */
+#if 0
+#define TFM_MUL3
+#define TFM_MUL4
+#define TFM_MUL6
+#define TFM_MUL7
+#define TFM_MUL8
+#define TFM_MUL9
+#define TFM_MUL12
+#define TFM_MUL17
+#endif
+#ifdef TFM_SMALL_SET
+#define TFM_MUL20
+#define TFM_MUL24
+#define TFM_MUL28
+#define TFM_MUL32
+#if (FP_MAX_BITS >= 6144) && defined(FP_64BIT)
+    #define TFM_MUL48
+#endif
+#if (FP_MAX_BITS >= 8192) && defined(FP_64BIT)
+    #define TFM_MUL64
+#endif
+#endif
+
+#if 0
+#define TFM_SQR3
+#define TFM_SQR4
+#define TFM_SQR6
+#define TFM_SQR7
+#define TFM_SQR8
+#define TFM_SQR9
+#define TFM_SQR12
+#define TFM_SQR17
+#endif
+#ifdef TFM_SMALL_SET
+#define TFM_SQR20
+#define TFM_SQR24
+#define TFM_SQR28
+#define TFM_SQR32
+#define TFM_SQR48
+#define TFM_SQR64
+#endif
+
+/* do we want some overflow checks
+   Not required if you make sure your numbers are within range (e.g. by default a modulus for fp_exptmod() can only be upto 2048 bits long)
+ */
+/* #define TFM_CHECK */
+
+/* Is the target a P4 Prescott
+ */
+/* #define TFM_PRESCOTT */
+
+/* Do we want timing resistant fp_exptmod() ?
+ * This makes it slower but also timing invariant with respect to the exponent 
+ */
+/* #define TFM_TIMING_RESISTANT */
+
+#endif /* TFM_ALREADY_SET */
+
 /* functions */
 
 /* returns a TFM ident string useful for debugging... */
@@ -402,7 +410,7 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c);
 int fp_cmp_d(fp_int *a, fp_digit b);
 
 /* c = a + b */
-/*void fp_add_d(fp_int *a, fp_digit b, fp_int *c);*/
+void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
 
 /* c = a - b */
 /*void fp_sub_d(fp_int *a, fp_digit b, fp_int *c);*/
@@ -427,7 +435,7 @@ void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
 int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
 
 /* c = a * a (mod b) */
-/*int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);*/
+int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
 
 /* c = 1/a (mod b) */
 int fp_invmod(fp_int *a, fp_int *b, fp_int *c);
@@ -620,6 +628,7 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, mp_int*
 
 int  mp_add (mp_int * a, mp_int * b, mp_int * c);
 int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
+int  mp_add_d (mp_int * a, mp_digit b, mp_int * c);
 
 int  mp_mul (mp_int * a, mp_int * b, mp_int * c);
 int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);

ctaocrypt/include/ctc_types.h

@@ -1,4 +1,4 @@
-/* types.h
+/* ctc_types.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -23,10 +23,10 @@
 #ifndef CTAO_CRYPT_TYPES_H
 #define CTAO_CRYPT_TYPES_H
 
-#include "os_settings.h"
+#include "ctc_settings.h"
 
 #ifdef HAVE_CONFIG_H
-    #include "config.h"
+    #include "ctc_config.h"
 #endif
 
 #ifdef __cplusplus
@@ -125,7 +125,7 @@ enum {
 
 /* idea to add global alloc override by Moisés Guimarães  */
 /* default to libc stuff */
-/* XREALLOC is used once in mormal math lib, not in fast math lib */
+/* XREALLOC is used once in normal math lib, not in fast math lib */
 /* XFREE on some embeded systems doesn't like free(0) so test  */
 #ifdef XMALLOC_USER
     /* prototypes for user heap override functions */
@@ -134,11 +134,11 @@ enum {
     extern void *XREALLOC(void *p, size_t n, void* heap, int type);
     extern void XFREE(void *p, void* heap, int type);
 #elif !defined(MICRIUM_MALLOC)
-    /* defaults to C runtime if user doesn't override and not Micrium */
-    #include <stdlib.h>
-    #define XMALLOC(s, h, t)     malloc((s))
-    #define XFREE(p, h, t)       {void* xp = (p); if((xp)) free((xp));}
-    #define XREALLOC(p, n, h, t) realloc((p), (n))
+    /* default C runtime, can install different routines at runtime */
+    #include "cyassl_memory.h"
+    #define XMALLOC(s, h, t)     CyaSSL_Malloc((s))
+    #define XFREE(p, h, t)       {void* xp = (p); if((xp)) CyaSSL_Free((xp));}
+    #define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n))
 #endif
 
 #ifndef STRING_USER
@@ -170,7 +170,7 @@ enum {
     DYNAMIC_TYPE_CERT       = 2,
     DYNAMIC_TYPE_KEY        = 3,
     DYNAMIC_TYPE_FILE       = 4,
-    DYNAMIC_TYPE_ISSUER_CN  = 5,
+    DYNAMIC_TYPE_SUBJECT_CN = 5,
     DYNAMIC_TYPE_PUBLIC_KEY = 6,
     DYNAMIC_TYPE_SIGNER     = 7,
     DYNAMIC_TYPE_NONE       = 8,
@@ -188,6 +188,11 @@ enum {
     DYNAMIC_TYPE_OPENSSL    = 20 
 };
 
+/* stack protection */
+enum {
+    MIN_STACK_BUFFER = 8
+};
+
 
 #ifdef __cplusplus
     }   /* extern "C" */

ctaocrypt/include/ctc_visibility.h

@@ -0,0 +1,69 @@
+/* ctc_visibility.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Visibility control macros */
+
+
+#ifndef CTAO_CRYPT_VISIBILITY_H
+#define CTAO_CRYPT_VISIBILITY_H
+
+
+/* CYASSL_API is used for the public API symbols.
+        It either imports or exports (or does nothing for static builds)
+
+   CYASSL_LOCAL is used for non-API symbols (private).
+*/
+
+#if defined(BUILDING_CYASSL)
+    #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
+        #define CYASSL_API   __attribute__ ((visibility("default")))
+        #define CYASSL_LOCAL __attribute__ ((visibility("hidden")))
+    #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
+        #define CYASSL_API   __global  
+        #define CYASSL_LOCAL __hidden
+    #elif defined(_MSC_VER)
+        #ifdef CYASSL_DLL
+            #define CYASSL_API extern __declspec(dllexport)
+        #else
+            #define CYASSL_API
+        #endif
+        #define CYASSL_LOCAL
+    #else
+        #define CYASSL_API
+        #define CYASSL_LOCAL
+    #endif /* HAVE_VISIBILITY */
+#else /* BUILDING_CYASSL */
+    #if defined(_MSC_VER)
+        #ifdef CYASSL_DLL
+            #define CYASSL_API extern __declspec(dllimport)
+        #else
+            #define CYASSL_API
+        #endif
+        #define CYASSL_LOCAL
+    #else
+        #define CYASSL_API
+        #define CYASSL_LOCAL
+    #endif
+#endif /* BUILDING_CYASSL */
+
+
+#endif /* CTAO_CRYPT_VISIBILITY_H */
+

ctaocrypt/include/cyassl_logging.h

@@ -0,0 +1,70 @@
+/* cyassl_logging.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef CYASSL_LOGGING_H
+#define CYASSL_LOGGING_H
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+enum  CYA_Log_Levels {
+    ERROR_LOG = 0,
+    INFO_LOG,
+    ENTER_LOG,
+    LEAVE_LOG,
+    OTHER_LOG
+};
+
+typedef void (*CyaSSL_Logging_cb)(const int logLevel,
+                                  const char *const logMessage);
+
+CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function);
+
+
+#ifdef DEBUG_CYASSL
+
+    void CYASSL_ENTER(const char* msg);
+    void CYASSL_LEAVE(const char* msg, int ret);
+
+    void CYASSL_ERROR(int);
+    void CYASSL_MSG(const char* msg);
+
+#else /* DEBUG_CYASSL   */
+
+    #define CYASSL_ENTER(m)
+    #define CYASSL_LEAVE(m, r)
+
+    #define CYASSL_ERROR(e) 
+    #define CYASSL_MSG(m)
+
+#endif /* DEBUG_CYASSL  */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* CYASSL_MEMORY_H */

ctaocrypt/include/cyassl_memory.h

@@ -0,0 +1,55 @@
+/* cyassl_memory.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* submitted by eof */
+
+
+#ifndef CYASSL_MEMORY_H
+#define CYASSL_MEMORY_H
+
+#include <stdlib.h>
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+typedef void *(*CyaSSL_Malloc_cb)(size_t size);
+typedef void (*CyaSSL_Free_cb)(void *ptr);
+typedef void *(*CyaSSL_Realloc_cb)(void *ptr, size_t size);
+
+
+/* Public set function */
+CYASSL_API int CyaSSL_SetAllocators(CyaSSL_Malloc_cb  malloc_function,
+                                    CyaSSL_Free_cb    free_function,
+                                    CyaSSL_Realloc_cb realloc_function);
+
+/* Public in case user app wants to use XMALLOC/XFREE */
+CYASSL_API void* CyaSSL_Malloc(size_t size);
+CYASSL_API void  CyaSSL_Free(void *ptr);
+CYASSL_API void* CyaSSL_Realloc(void *ptr, size_t size);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* CYASSL_MEMORY_H */

ctaocrypt/include/mpi_class.h

@@ -1,3 +1,25 @@
+/* mpi_class.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #if !(defined(LTM1) && defined(LTM2) && defined(LTM3))
 #if defined(LTM2)
 #define LTM3

ctaocrypt/include/mpi_superclass.h

@@ -1,3 +1,25 @@
+/* mpi_superclass.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 /* super class file for PK algos */
 
 /* default ... include all MPI */

ctaocrypt/src/Makefile.am

@@ -1,2 +0,0 @@
-EXTRA_DIST = ../include/*.h *.c *.i
-

ctaocrypt/src/aes.c

@@ -19,13 +19,16 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_AES
 
 #include "ctc_aes.h"
+#include "ctc_error.h"
+#include "cyassl_logging.h"
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include "ctc_misc.h"
 #else
-    #include "misc.c"
+    #include "ctc_misc.c"
 #endif
 
 
@@ -754,7 +757,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
                          Aes* aes)
 { 
     if (!userKey || !aes)
-        return -1;
+        return BAD_FUNC_ARG;
     
     if (bits == 128) {
        AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
@@ -768,7 +771,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
        AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
        return 0;
     }
-    return -1;
+    return BAD_FUNC_ARG;
 }
 
 
@@ -781,10 +784,10 @@ int AES_set_decrypt_key (const unsigned char* userKey, const int bits,
     __m128i *Temp_Key_Schedule = (__m128i*)temp_key.key;
     
     if (!userKey || !aes)
-        return -1;
+        return BAD_FUNC_ARG;
 
-    if (AES_set_encrypt_key(userKey,bits,&temp_key) == -1)
-        return -1;
+    if (AES_set_encrypt_key(userKey,bits,&temp_key) == BAD_FUNC_ARG)
+        return BAD_FUNC_ARG;
 
     nr = temp_key.rounds;
     aes->rounds = nr;
@@ -827,7 +830,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
     unsigned int i = 0;
 
     if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-        return -1;
+        return BAD_FUNC_ARG;
 
 #ifdef CYASSL_AESNI
     if (checkAESNI == 0) {
@@ -920,11 +923,14 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
             rk += 8;
         }
         break;
+
+    default:
+        return BAD_FUNC_ARG;
     }
 
     if (dir == AES_DECRYPTION)
     {
-        unsigned int i, j;
+        unsigned int j;
         rk = aes->key;
 
         /* invert the order of the round keys: */
@@ -966,13 +972,17 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
 }
 
 
-void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 {
     word32 s0, s1, s2, s3;
     word32 t0, t1, t2, t3;
     word32 r = aes->rounds >> 1;
 
     const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        CYASSL_MSG("AesEncrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
     /*
      * map byte array block to cipher state
      * and add initial round key:
@@ -1100,13 +1110,17 @@ void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 }
 
 
-void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 {
     word32 s0, s1, s2, s3;
     word32 t0, t1, t2, t3;
     word32 r = aes->rounds >> 1;
 
     const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        CYASSL_MSG("AesDecrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
     /*
      * map byte array block to cipher state
      * and add initial round key:
@@ -1282,7 +1296,7 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
             printf("sz = %d\n", sz);
         #endif
 
-        /* if input and output same will overwirte input iv */
+        /* if input and output same will overwrite input iv */
         XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
         AES_CBC_decrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
                         aes->rounds);

ctaocrypt/src/arc4.c

@@ -20,8 +20,7 @@
  */
 
 
-#include "arc4.h"
-
+#include "ctc_arc4.h"
 
 
 void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
@@ -33,14 +32,14 @@ void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
     arc4->y = 0;
 
     for (i = 0; i < ARC4_STATE_SIZE; i++)
-        arc4->state[i] = i;
+        arc4->state[i] = (byte)i;
 
     for (i = 0; i < ARC4_STATE_SIZE; i++) {
         word32 a = arc4->state[i];
         stateIndex += key[keyIndex] + a;
         stateIndex &= 0xFF;
         arc4->state[i] = arc4->state[stateIndex];
-        arc4->state[stateIndex] = a;
+        arc4->state[stateIndex] = (byte)a;
 
         if (++keyIndex >= length)
             keyIndex = 0;
@@ -48,14 +47,14 @@ void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
 }
 
 
-static INLINE word32 MakeByte(word32* x, word32* y, byte* s)
+static INLINE byte MakeByte(word32* x, word32* y, byte* s)
 {
     word32 a = s[*x], b;
     *y = (*y+a) & 0xff;
 
     b = s[*y];
-    s[*x] = b;
-    s[*y] = a;
+    s[*x] = (byte)b;
+    s[*y] = (byte)a;
     *x = (*x+1) & 0xff;
 
     return s[(a+b) & 0xff];
@@ -70,7 +69,7 @@ void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
     while(length--)
         *out++ = *in++ ^ MakeByte(&x, &y, arc4->state);
 
-    arc4->x = x;
-    arc4->y = y;
+    arc4->x = (byte)x;
+    arc4->y = (byte)y;
 }
 

ctaocrypt/src/coding.c

@@ -20,7 +20,9 @@
  */
 
 
-#include "coding.h"
+#include "ctc_coding.h"
+#include "ctc_error.h"
+#include "cyassl_logging.h"
 
 
 enum {
@@ -51,7 +53,7 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
 
     plainSz = (plainSz * 3 + 3) / 4;
-    if (plainSz > *outLen) return -1;
+    if (plainSz > *outLen) return BAD_FUNC_ARG;
 
     while (inLen > 3) {
         byte b1, b2, b3;
@@ -99,8 +101,10 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
                 endLine = in[j++];
                 inLen--;
             }
-            if (endLine != '\n')
-                return -1;
+            if (endLine != '\n') {
+                CYASSL_MSG("Bad end of line in Base64 Decode");
+                return ASN_INPUT_E;
+            }
         }
     }
     *outLen = i;
@@ -109,7 +113,7 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
 }
 
 
-#if defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
+#if defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER)
 
 static
 const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
@@ -133,7 +137,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 outSz = (inLen + 3 - 1) / 3 * 4;
     outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ;  /* new lines */
 
-    if (outSz > *outLen) return -1;
+    if (outSz > *outLen) return BAD_FUNC_ARG;
     
     while (inLen > 2) {
         byte b1 = in[j++];
@@ -177,7 +181,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
 
     out[i++] = '\n';
     if (i != outSz)
-        return -1;
+        return ASN_INPUT_E; 
     *outLen = outSz;
 
     return 0; 
@@ -196,10 +200,10 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 outIdx = 0;
 
     if (inLen % 2)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (*outLen < (inLen / 2))
-        return -1;
+        return BAD_FUNC_ARG;
 
     while (inLen) {
         byte b  = in[inIdx++] - 0x30;  /* 0 starts at 0x30 */
@@ -207,15 +211,15 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
 
         /* sanity checks */
         if (b >=  sizeof(hexDecode)/sizeof(hexDecode[0]))
-            return -1;
+            return ASN_INPUT_E;
         if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0]))
-            return -1;
+            return ASN_INPUT_E;
 
         b  = hexDecode[b];
         b2 = hexDecode[b2];
 
         if (b == BAD || b2 == BAD)
-            return -1;
+            return ASN_INPUT_E;
         
         out[outIdx++] = (b << 4) | b2;
         inLen -= 2;

ctaocrypt/src/ctc_asm.c

@@ -1,4 +1,4 @@
-/* asm.c
+/* ctc_asm.c
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,13 +19,13 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 /*
  * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
  */
 
 
-
 /******************************************************************/
 /* fp_montgomery_reduce.c asm or generic */
 #if defined(TFM_X86) && !defined(TFM_SSE2) 

ctaocrypt/src/ctc_misc.c

@@ -1,4 +1,4 @@
-/* misc.c
+/* ctc_misc.c
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -20,7 +20,7 @@
  */
 
 
-#include "misc.h"
+#include "ctc_misc.h"
 
 /* inlining these functions is a huge speed increase and a small size decrease, 
    because the functions are smaller than function call setup/cleanup, e.g.,
@@ -158,7 +158,7 @@ STATIC INLINE void XorWords(word* r, const word* a, word32 n)
 
 STATIC INLINE void xorbuf(byte* buf, const byte* mask, word32 count)
 {
-    if (((size_t)buf | (size_t)mask | count) % WORD_SIZE == 0)
+    if (((word)buf | (word)mask | count) % WORD_SIZE == 0)
         XorWords( (word*)buf, (const word*)mask, count / WORD_SIZE);
     else {
         word32 i;

ctaocrypt/src/cyassl_memory.c

@@ -0,0 +1,96 @@
+/* cyassl_memory.c 
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+/* submitted by eof */
+
+
+#include "ctc_settings.h"
+
+#ifdef USE_CYASSL_MEMORY
+
+#include "cyassl_memory.h"
+#include "ctc_error.h"
+
+
+/* Set these to default values initially. */
+static CyaSSL_Malloc_cb  malloc_function = 0;
+static CyaSSL_Free_cb    free_function = 0;
+static CyaSSL_Realloc_cb realloc_function = 0;
+
+int CyaSSL_SetAllocators(CyaSSL_Malloc_cb  mf,
+                         CyaSSL_Free_cb    ff,
+                         CyaSSL_Realloc_cb rf)
+{
+    int res = 0;
+
+    if (mf)
+        malloc_function = mf;
+	else
+        res = BAD_FUNC_ARG;
+
+    if (ff)
+        free_function = ff;
+    else
+        res = BAD_FUNC_ARG;
+
+    if (rf)
+        realloc_function = rf;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+}
+
+
+void* CyaSSL_Malloc(size_t size)
+{
+    void* res = 0;
+
+    if (malloc_function)
+        res = malloc_function(size);
+    else
+        res = malloc(size);
+
+    return res;
+}
+
+void CyaSSL_Free(void *ptr)
+{
+    if (free_function)
+        free_function(ptr);
+    else
+        free(ptr);
+}
+
+void* CyaSSL_Realloc(void *ptr, size_t size)
+{
+    void* res = 0;
+
+    if (realloc_function)
+        res = realloc_function(ptr, size);
+    else
+        res = realloc(ptr, size);
+
+    return res;
+}
+
+#endif /* USE_CYASSL_MEMORY */

ctaocrypt/src/des3.c

@@ -22,11 +22,11 @@
 
 #ifndef NO_DES3
 
-#include "des3.h"
+#include "ctc_des3.h"
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include "ctc_misc.h"
 #else
-    #include "misc.c"
+    #include "ctc_misc.c"
 #endif
 
 
@@ -341,7 +341,7 @@ void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
 }
 
 
-void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
+static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
 {
     word32 l = *lIn, r = *rIn, i;
 

ctaocrypt/src/dh.c

@@ -19,10 +19,11 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DH
 
 #include "ctc_dh.h"
-#include "error.h"
+#include "ctc_error.h"
 
 #ifndef USER_MATH_LIB
     #include <math.h>
@@ -33,7 +34,6 @@
 #endif
 
 
-
 #ifndef min
 
     static INLINE word32 min(word32 a, word32 b)
@@ -44,9 +44,9 @@
 #endif /* min */
 
 
-
 void InitDhKey(DhKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     key->p.dp = 0;
@@ -57,6 +57,7 @@ void InitDhKey(DhKey* key)
 
 void FreeDhKey(DhKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     mp_clear(&key->p);

ctaocrypt/src/dsa.c

@@ -19,17 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DSA
 
 #include "ctc_dsa.h"
 #include "ctc_sha.h"
-#include "random.h"
-#include "error.h"
+#include "ctc_random.h"
+#include "ctc_error.h"
 
 
 enum {
     DSA_HALF_SIZE = 20,   /* r and s size  */
-    DSA_SIG_SIZE  = 40    /* signaure size */
+    DSA_SIG_SIZE  = 40    /* signature size */
 };
 
 
@@ -45,7 +46,7 @@ enum {
 
 void InitDsaKey(DsaKey* key)
 {
-    key->type = -1;  /* haven't decdied yet */
+    key->type = -1;  /* haven't decided yet */
 
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
@@ -61,6 +62,7 @@ void InitDsaKey(DsaKey* key)
 
 void FreeDsaKey(DsaKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     if (key->type == DSA_PRIVATE)

ctaocrypt/src/ecc.c

@@ -0,0 +1 @@
+/* dummy ecc.c for dist */

ctaocrypt/src/ecc_fp.c

@@ -0,0 +1 @@
+/* dummy ecc_fp.c for dist */

ctaocrypt/src/fp_mont_small.i

@@ -1,3 +1,25 @@
+/* fp_mont_small.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SMALL_MONT_SET
 /* computes x/R == x (mod N) via Montgomery Reduction */
 void fp_montgomery_reduce_small(fp_int *a, fp_int *m, fp_digit mp)

ctaocrypt/src/fp_mul_comba_12.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_12.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL12
 void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_17.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_17.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL17
 void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_20.i

@@ -1,3 +1,24 @@
+/* fp_mul_comba_20.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
 #ifdef TFM_MUL20
 void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_24.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_24.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL24
 void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_28.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_28.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL28
 void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_3.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_3.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL3
 void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_32.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_32.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL32
 void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_4.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_4.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL4
 void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_48.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_48.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL48
 void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_6.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_6.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL6
 void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_64.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_64.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL64
 void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_7.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_7.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL7
 void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_8.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_8.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL8
 void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_9.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_9.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL9
 void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_small_set.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_small_set.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #if defined(TFM_SMALL_SET)
 void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_sqr_comba_12.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_12.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR12
 void fp_sqr_comba12(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_17.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_17.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR17
 void fp_sqr_comba17(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_20.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_20.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR20
 void fp_sqr_comba20(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_24.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_24.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR24
 void fp_sqr_comba24(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_28.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_28.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR28
 void fp_sqr_comba28(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_3.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_3.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR3
 void fp_sqr_comba3(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_32.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_32.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR32
 void fp_sqr_comba32(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_4.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_4.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR4
 void fp_sqr_comba4(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_48.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_48.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR48
 void fp_sqr_comba48(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_6.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_6.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR6
 void fp_sqr_comba6(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_64.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_64.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR64
 void fp_sqr_comba64(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_7.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_7.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR7
 void fp_sqr_comba7(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_8.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_8.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR8
 void fp_sqr_comba8(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_9.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_9.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR9
 void fp_sqr_comba9(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_small_set.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_small_set.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #if defined(TFM_SMALL_SET)
 void fp_sqr_comba_small(fp_int *A, fp_int *B)
 {

ctaocrypt/src/hc128.c

@@ -22,8 +22,12 @@
 
 #ifndef NO_HC128
 
-#include "hc128.h"
-#include "misc.c"
+#include "ctc_hc128.h"
+#ifdef NO_INLINE
+    #include "ctc_misc.h"
+#else
+    #include "ctc_misc.c"
+#endif
 
 
 #ifdef BIG_ENDIAN_ORDER

ctaocrypt/src/hmac.c

@@ -23,16 +23,16 @@
 #ifndef NO_HMAC
 
 #include "ctc_hmac.h"
-
+#include "ctc_error.h"
 
 
 static int InitHmac(Hmac* hmac, int type)
 {
     hmac->innerHashKeyed = 0;
-    hmac->macType = type;
+    hmac->macType = (byte)type;
 
     if (!(type == MD5 || type == SHA || type == SHA256))
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (type == MD5)
         InitMd5(&hmac->hash.md5);

ctaocrypt/src/integer.c

@@ -19,15 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 /*
  * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
  */
 
 
+#include "ctc_settings.h"     /* in case user set USE_FAST_MATH there */
+
 #ifndef USE_FAST_MATH
 
-#include "integer.h"
+#include "ctc_integer.h"
 
 
 /* handle up to 6 inits */
@@ -1245,7 +1248,7 @@ int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
   }
 	
   /* init our temps */
-  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0) != MP_OKAY)) {
+  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0)) != MP_OKAY) {
      return res;
   }
 
@@ -3610,8 +3613,10 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
   return res;
 }
 
+#endif
 
-int mp_sub_d (mp_int* a, mp_digit b, mp_int* c);
+
+#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
 
 /* single digit addition */
 int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
@@ -3799,7 +3804,7 @@ static int s_is_power_of_two(mp_digit b, int *p)
 }
 
 /* single digit division (based on routine from MPI) */
-int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
+static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
 {
   mp_int  q;
   mp_word w;
@@ -3874,7 +3879,7 @@ int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
 }
 
 
-int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
+static int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
 {
   return mp_div_d(a, b, NULL, c);
 }
@@ -3929,7 +3934,7 @@ const mp_digit ltm_prime_tab[] = {
  * Randomly the chance of error is no more than 1/4 and often 
  * very much lower.
  */
-int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
+static int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
 {
   mp_int  n1, y, r;
   int     s, j, err;
@@ -4010,7 +4015,7 @@ LBL_N1:mp_clear (&n1);
  *
  * sets result to 0 if not, 1 if yes
  */
-int mp_prime_is_divisible (mp_int * a, int *result)
+static int mp_prime_is_divisible (mp_int * a, int *result)
 {
   int     err, ix;
   mp_digit res;

ctaocrypt/src/logging.c

@@ -0,0 +1,143 @@
+/* logging.c
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+/* submitted by eof */
+
+#include "ctc_settings.h"
+#include "cyassl_logging.h"
+#include "ctc_error.h"
+
+
+CYASSL_API int  CyaSSL_Debugging_ON(void);
+CYASSL_API void CyaSSL_Debugging_OFF(void);
+
+#ifdef DEBUG_CYASSL
+
+/* Set these to default values initially. */
+static CyaSSL_Logging_cb log_function = 0;
+static int loggingEnabled = 0;
+
+#endif /* DEBUG_CYASSL */
+
+
+int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb f)
+{
+#ifdef DEBUG_CYASSL
+    int res = 0;
+
+    if (f)
+        log_function = f;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+#else
+    (void)f;
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+int CyaSSL_Debugging_ON(void)
+{
+#ifdef DEBUG_CYASSL
+    loggingEnabled = 1;
+    return 0;
+#else
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+void CyaSSL_Debugging_OFF(void)
+{
+#ifdef DEBUG_CYASSL
+    loggingEnabled = 0;
+#endif
+}
+
+
+#ifdef DEBUG_CYASSL
+
+#include <stdio.h>   /* for default printf stuff */
+
+#ifdef THREADX
+    int dc_log_printf(char*, ...);
+#endif
+
+static void cyassl_log(const int logLevel, const char *const logMessage)
+{
+    if (log_function)
+        log_function(logLevel, logMessage);
+    else {
+        if (loggingEnabled) {
+#ifdef THREADX
+            dc_log_printf("%s\n", logMessage);
+#elif defined(MICRIUM)
+        #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+            NetSecure_TraceOut((CPU_CHAR *)logMessage);
+        #endif
+#else
+            fprintf(stderr, "%s\n", logMessage);
+#endif
+        }
+    }
+}
+
+
+void CYASSL_MSG(const char* msg)
+{
+    if (loggingEnabled)
+        cyassl_log(INFO_LOG , msg);
+}
+
+
+void CYASSL_ENTER(const char* msg)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL Entering %s", msg);
+        cyassl_log(ENTER_LOG , buffer);
+    }
+}
+
+
+void CYASSL_LEAVE(const char* msg, int ret)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL Leaving %s, return %d", msg, ret);
+        cyassl_log(LEAVE_LOG , buffer);
+    }
+}
+
+
+void CYASSL_ERROR(int error)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL error occured, error = %d", error);
+        cyassl_log(ERROR_LOG , buffer);
+    }
+}
+
+#endif  /* DEBUG_CYASSL */ 

ctaocrypt/src/md4.c

@@ -24,13 +24,12 @@
 
 #include "ctc_md4.h"
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include "ctc_misc.h"
 #else
-    #include "misc.c"
+    #include "ctc_misc.c"
 #endif
 
 
-
 #ifndef min
 
     static INLINE word32 min(word32 a, word32 b)

ctaocrypt/src/md5.c

@@ -22,13 +22,12 @@
 
 #include "ctc_md5.h"
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include "ctc_misc.h"
 #else
-    #include "misc.c"
+    #include "ctc_misc.c"
 #endif
 
 
-
 #ifndef min
 
     static INLINE word32 min(word32 a, word32 b)