warning fixes

Updates to autoconf

.gitignore

@@ -0,0 +1,63 @@
+*.lo
+*.la
+*.o
+*.deps
+*.libs
+*.cache
+.dirstamp
+*.user
+config*
+*Debug/
+*Release/
+*.ncb
+*.suo
+stamp-h
+libtool.m4
+aclocal.m4
+lt*.m4
+INSTALL
+Makefile.in
+Makefile
+depcomp
+missing
+libtool
+tags
+ctaocrypt/benchmark/benchmark
+ctaocrypt/test/testctaocrypt
+examples/client/client
+examples/echoclient/echoclient
+examples/echoserver/echoserver
+examples/server/server
+snifftest
+output
+testsuite/testsuite
+testsuite/*.der
+testsuite/*.pem
+testsuite/*.raw
+cert.der
+cert.pem
+othercert.der
+othercert.pem
+key.der
+key.pem
+diff
+sslSniffer/sslSnifferTest/tracefile.txt
+*.gz
+*.zip
+*.bak
+*.dummy
+*.xcworkspace
+xcuserdata
+compile
+NTRU_algorithm/
+NTRU/
+build-test/
+build/
+cyassl.xcodeproj/
+cyassl*rc*
+autoscan.log
+TAGS
+support/libcyassl.pc
+cyassl/version.h
+cyassl/ctaocrypt/stamp-h1
+stamp-h1

INSTALL

@@ -1,234 +0,0 @@
-Installation Instructions
-*************************
-
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
-2006 Free Software Foundation, Inc.
-
-This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-Basic Installation
-==================
-
-Briefly, the shell commands `./configure; make; make install' should
-configure, build, and install this package.  The following
-more-detailed instructions are generic; see the `README' file for
-instructions specific to this package.
-
-   The `configure' shell script attempts to guess correct values for
-various system-dependent variables used during compilation.  It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions.  Finally, it creates a shell script `config.status' that
-you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
-
-   It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring.  Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.
-
-   If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
-be considered for the next release.  If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
-may remove or edit it.
-
-   The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'.  You need `configure.ac' if
-you want to change it or regenerate `configure' using a newer version
-of `autoconf'.
-
-The simplest way to compile this package is:
-
-  1. `cd' to the directory containing the package's source code and type
-     `./configure' to configure the package for your system.
-
-     Running `configure' might take a while.  While running, it prints
-     some messages telling which features it is checking for.
-
-  2. Type `make' to compile the package.
-
-  3. Optionally, type `make check' to run any self-tests that come with
-     the package.
-
-  4. Type `make install' to install the programs and any data files and
-     documentation.
-
-  5. You can remove the program binaries and object files from the
-     source code directory by typing `make clean'.  To also remove the
-     files that `configure' created (so you can compile the package for
-     a different kind of computer), type `make distclean'.  There is
-     also a `make maintainer-clean' target, but that is intended mainly
-     for the package's developers.  If you use it, you may have to get
-     all sorts of other programs in order to regenerate files that came
-     with the distribution.
-
-Compilers and Options
-=====================
-
-Some systems require unusual options for compilation or linking that the
-`configure' script does not know about.  Run `./configure --help' for
-details on some of the pertinent environment variables.
-
-   You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment.  Here
-is an example:
-
-     ./configure CC=c99 CFLAGS=-g LIBS=-lposix
-
-   *Note Defining Variables::, for more details.
-
-Compiling For Multiple Architectures
-====================================
-
-You can compile the package for more than one kind of computer at the
-same time, by placing the object files for each architecture in their
-own directory.  To do this, you can use GNU `make'.  `cd' to the
-directory where you want the object files and executables to go and run
-the `configure' script.  `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
-
-   With a non-GNU `make', it is safer to compile the package for one
-architecture at a time in the source code directory.  After you have
-installed the package for one architecture, use `make distclean' before
-reconfiguring for another architecture.
-
-Installation Names
-==================
-
-By default, `make install' installs the package's commands under
-`/usr/local/bin', include files under `/usr/local/include', etc.  You
-can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX'.
-
-   You can specify separate installation prefixes for
-architecture-specific files and architecture-independent files.  If you
-pass the option `--exec-prefix=PREFIX' to `configure', the package uses
-PREFIX as the prefix for installing programs and libraries.
-Documentation and other data files still use the regular prefix.
-
-   In addition, if you use an unusual directory layout you can give
-options like `--bindir=DIR' to specify different values for particular
-kinds of files.  Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
-
-   If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
-Optional Features
-=================
-
-Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System).  The
-`README' should mention any `--enable-' and `--with-' options that the
-package recognizes.
-
-   For packages that use the X Window System, `configure' can usually
-find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
-
-Specifying the System Type
-==========================
-
-There may be some features `configure' cannot figure out automatically,
-but needs to determine by the type of machine the package will run on.
-Usually, assuming the package is built to be run on the _same_
-architectures, `configure' can figure that out, but if it prints a
-message saying it cannot guess the machine type, give it the
-`--build=TYPE' option.  TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
-
-     CPU-COMPANY-SYSTEM
-
-where SYSTEM can have one of these forms:
-
-     OS KERNEL-OS
-
-   See the file `config.sub' for the possible values of each field.  If
-`config.sub' isn't included in this package, then this package doesn't
-need to know the machine type.
-
-   If you are _building_ compiler tools for cross-compiling, you should
-use the option `--target=TYPE' to select the type of system they will
-produce code for.
-
-   If you want to _use_ a cross compiler, that generates code for a
-platform different from the build platform, you should specify the
-"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
-
-Sharing Defaults
-================
-
-If you want to set default values for `configure' scripts to share, you
-can create a site shell script called `config.site' that gives default
-values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists.  Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
-
-Defining Variables
-==================
-
-Variables not defined in a site shell script can be set in the
-environment passed to `configure'.  However, some packages may run
-configure again during the build, and the customized values of these
-variables may be lost.  In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'.  For example:
-
-     ./configure CC=/usr/local2/bin/gcc
-
-causes the specified `gcc' to be used as the C compiler (unless it is
-overridden in the site shell script).
-
-Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf bug.  Until the bug is fixed you can use this workaround:
-
-     CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
-
-`configure' Invocation
-======================
-
-`configure' recognizes the following options to control how it operates.
-
-`--help'
-`-h'
-     Print a summary of the options to `configure', and exit.
-
-`--version'
-`-V'
-     Print the version of Autoconf used to generate the `configure'
-     script, and exit.
-
-`--cache-file=FILE'
-     Enable the cache: use and save the results of the tests in FILE,
-     traditionally `config.cache'.  FILE defaults to `/dev/null' to
-     disable caching.
-
-`--config-cache'
-`-C'
-     Alias for `--cache-file=config.cache'.
-
-`--quiet'
-`--silent'
-`-q'
-     Do not print messages saying which checks are being made.  To
-     suppress all normal output, redirect it to `/dev/null' (any error
-     messages will still be shown).
-
-`--srcdir=DIR'
-     Look for the package's source code in directory DIR.  Usually
-     `configure' can determine that directory automatically.
-
-`configure' also accepts some other, not widely useful, options.  Run
-`configure --help' for more details.
-

Makefile.am

@@ -1,30 +1,80 @@
-SUBDIRS = src ctaocrypt examples testsuite sslSniffer
-EXTRA_DIST = certs/*.pem certs/*.der certs/*.txt certs/*.raw \
-    lib/dummy *.sln *.vcproj cyassl-iphone.xcodeproj/project.pbxproj \
-    doc/*.pdf swig/README swig/*.i swig/cyassl_adds.c swig/*.sh swig/runme.* \
-    swig/python_cyassl.vcproj swig/rsasign.py
+# includes append to these:
+SUFFIXES =
+TESTS =
+CLEANFILES =
+DISTCLEANFILES =
+bin_PROGRAMS =
+noinst_HEADERS =
+lib_LTLIBRARIES =
+man_MANS =
+noinst_LTLIBRARIES =
+noinst_PROGRAMS =
+include_HEADERS =
+nobase_include_HEADERS =
+check_PROGRAMS =
+EXTRA_HEADERS =
+BUILT_SOURCES=
+EXTRA_DIST=
+doc_DATA=
 
-ACLOCAL_AMFLAGS = -I m4
+exampledir = $(docdir)/@PACKAGE@/example
+example_DATA=
+EXTRA_DIST+= $(example_DATA)
+
+certsdir = $(sysconfdir)/ssl/certs
+certs_DATA=
+EXTRA_DIST+= $(certs_DATA)
+
+EXTRA_DIST+= $(doc_DATA)
+
+ACLOCAL_AMFLAGS= -I m4 --install
+
+EXTRA_DIST+= lib/dummy
+
+EXTRA_DIST+= cyassl-ntru.vcproj
+EXTRA_DIST+= cyassl.vcproj
+EXTRA_DIST+= cyassl-iphone.xcodeproj/project.pbxproj
+EXTRA_DIST+= cyassl-ntru.sln
+EXTRA_DIST+= cyassl.sln
+
+include cyassl/include.am
+include certs/include.am
+include doc/include.am
+include swig/include.am
+
+include src/include.am
+include ctaocrypt/benchmark/include.am
+include ctaocrypt/src/include.am
+include ctaocrypt/test/include.am
+include examples/client/include.am
+include examples/server/include.am
+include examples/echoclient/include.am
+include examples/echoserver/include.am
+include testsuite/include.am
+include sslSniffer/sslSnifferTest/include.am
+
+TESTS += $(check_PROGRAMS)
+test: check
 
 # !!!! first line of rule has to start with a hard (real) tab, not spaces
-basic:
-	cd src; $(MAKE); cd ../testsuite; $(MAKE); cd ../
+egs:
+	$(MAKE) examples/client/client; \
+	$(MAKE) examples/echoclient/echoclient;\
+	$(MAKE) examples/server/server; \
+	$(MAKE) examples/echoserver/echoserver;
 
-openssl-links:
-	cd lib; ln -s ../src/.libs/libcyassl.a libcrypto.a; \
-    ln -s ../src/.libs/libcyassl.a libssl.a; \
-    ln -s ../src/.libs/libcyassl.a libcyassl.a; cd ../
+ctc:
+	$(MAKE) ctaocrypt/test/testctaocrypt; \
+	$(MAKE) ctaocrypt/benchmark/benchmark; 
 
-#  !!! test -e with a .name like .libs then a * like *dylib fails so just
-#      look for the .dylib on OS X, and .so otherwise but copy all parts
-install:
-	$(mkinstalldirs) $(DESTDIR)$(includedir) $(DESTDIR)$(libdir); \
-    cp -fpR include/* $(DESTDIR)$(includedir); \
-    cp -fpR ctaocrypt/include/* $(DESTDIR)$(includedir); \
-    cp -fpR src/libcyassl.la $(DESTDIR)$(libdir); \
-    if test -e src/.libs/libcyassl.a; then \
-    cp -fp src/.libs/libcyassl.a $(DESTDIR)$(libdir); fi; \
-    if test -e src/.libs/libcyassl.so; then \
-    cp -fpR src/.libs/libcyassl.so* $(DESTDIR)$(libdir); fi; \
-    if test -e src/.libs/libcyassl.dylib; then \
-    cp -fpR src/.libs/libcyassl.*dylib $(DESTDIR)$(libdir); fi;
+merge-clean:
+	@find ./ | $(GREP) \.gcda | xargs rm -f
+	@find ./ | $(GREP) \.gcno | xargs rm -f
+	@find ./ | $(GREP) \.gz | xargs rm -f
+	@find ./ | $(GREP) \.orig | xargs rm -f
+	@find ./ | $(GREP) \.rej | xargs rm -f
+	@find ./ | $(GREP) \.rpm | xargs rm -f
+	@find ./ | $(GREP) \.THIS | xargs rm -f
+	@find ./ | $(GREP) \.OTHER | xargs rm -f
+	@find ./ | $(GREP) \.BASE | xargs rm -f
+	@find ./ | $(GREP) \~$$ | xargs rm -f

README

@@ -1,5 +1,26 @@
 *** Note, Please read ***
 
+Note 1)
+CyaSSL now needs all examples and tests to be run from the CyaSSL home
+directory.  This is because it finds certs and keys from ./certs/.  Trying to
+maintain the ability to run each program from its own directory, the testsuite
+directory, the main directory (for make check/test), and for the various
+different project layouts (with or without config) was becoming harder and 
+harder.  Now to run testsuite just do:
+
+./testsuite/testsuite
+
+or 
+
+make test    (when using autoconf)
+
+On *nix or Windows the examples and testsuite will check to see if the current
+directory is the source directory and if so, attempt to change to the CyaSSL
+home directory.  This should work in most setup cases, if not, just follow the
+beginning of the note and specify the full path.
+
+
+Note 2)
 CyaSSL takes a different approach to certificate verification than OpenSSL does.
 The default policy for the client is to verify the server, this means that if
 you don't load CAs to verify the server you'll get a connect error, unable to 
@@ -13,7 +34,93 @@ before calling SSL_new();  Though it's not recommended.
 
 *** end Note ***
 
-CyaSSL Release 1.8.0 (12/23/2010)
+CyaSSL Release 2.0.0rc3 (9/28/2011)
+
+Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including:
+- updated autoconf support
+- better make install and uninstall  (uses system directories)
+- make test / make check
+- CyaSSL headers now in <cyassl/*.h>
+- CTaocrypt headers now in <cyassl/ctaocrypt/*.h>
+- OpenSSL compatibility headers now in <cyassl/openssl/*.h>
+- examples and tests all run from home diretory so can use certs in ./certs
+        (see note 1)
+
+So previous applications that used the OpenSSL compatibility header
+<openssl/ssl.h> now need to include <cyassl/openssl/ssl.h> instead, no other
+changes are required.
+
+Special Thanks to Brian Aker for his autoconf, install, and header patches.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+************CyaSSL Release 2.0.0rc2 (6/6/2011)
+
+Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including:
+- bug fixes (Alerts, DTLS with DHE)
+- FreeRTOS support
+- lwIP support
+- Wshadow warnings removed
+- asn public header
+- CTaoCrypt public headers now all have ctc_ prefix (the manual is still being
+        updated to relfect this change)
+- and more.
+
+This is the 2nd and perhaps final release candidate for version 2.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+***********CyaSSL Release 2.0.0rc1 (5/2/2011)
+
+Release 2.0.0rc1 for CyaSSL has many new features including:
+- bug fixes
+- SHA-256 cipher suites 
+- Root Certificate Verification (instead of needing all certs in the chain) 
+- PKCS #8 private key encryption (supports PKCS #5 v1-v2 and PKCS #12) 
+- Serial number retrieval for x509 
+- PBKDF2 and PKCS #12 PBKDF 
+- UID parsing for x509 
+- SHA-256 certificate signatures 
+- Client and server can send chains (SSL_CTX_use_certificate_chain_file) 
+- CA loading can now parse multiple certificates per file
+- Dynamic memory runtime hooks
+- Runtime hooks for logging
+- EDH on server side
+- More informative error codes
+- More informative logging messages
+- Version downgrade more robust (use SSL_v23*)
+- Shared build only by default through ./configure
+- Compiler visibility is now used, internal functions not polluting namespace
+- Single Makefile, no recursion, for faster and simpler building
+- Turn on all warnings possible build option, warning fixes
+- and more.
+
+Because of all the new features and the multiple OS, compiler, feature-set
+options that CyaSSL allows, there may be some configuration fixes needed.
+Please send any comments or questions to support@yassl.com.
+
+The CyaSSL manual is available at:
+http://www.yassl.com/documentation/CyaSSL-Manual.pdf.  For build instructions 
+and comments about the new features please check the manual.
+
+****************** CyaSSL Release 1.9.0 (3/2/2011)
+
+Release 1.9.0 for CyaSSL adds bug fixes, improved TLSv1.2 through testing and
+better hash/sig algo ids, --enable-webServer for the yaSSL embedded web server,
+improper AES key setup detection, user cert verify callback improvements, and
+more.
+
+The CyaSSL manual offering is included in the doc/ directory.  For build
+instructions and comments about the new features please check the manual.
+
+Please send any comments or questions to support@yassl.com.
+
+****************** CyaSSL Release 1.8.0 (12/23/2010)
 
 Release 1.8.0 for CyaSSL adds bug fixes, x509 v3 CA signed certificate
 generation, a C standard library abstraction layer, lower memory use, increased

autogen.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+#
+# Create configure and makefile stuff...
+#
+
+autoreconf -ivf -Wall

certs/include.am

@@ -0,0 +1,38 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+certs_DATA+= \
+	     certs/ca-cert.pem \
+	     certs/ca-key.pem \
+	     certs/client-cert.pem \
+	     certs/client-keyEnc.pem \
+	     certs/client-key.pem \
+	     certs/dsa512.pem \
+	     certs/dsa-cert.pem \
+	     certs/ecc-key.pem \
+	     certs/ntru-cert.pem \
+	     certs/server-cert.pem \
+	     certs/server-ecc.pem \
+	     certs/server-keyEnc.pem \
+	     certs/server-key.pem \
+	     certs/server-keyPkcs8Enc12.pem \
+	     certs/server-keyPkcs8Enc2.pem \
+	     certs/server-keyPkcs8Enc.pem \
+	     certs/server-keyPkcs8.pem
+
+certs_DATA+= \
+	     certs/ca-key.der \
+	     certs/client-cert.der \
+	     certs/client-key.der \
+	     certs/dh1024.der \
+	     certs/rsa1024.der \
+	     certs/dsa512.der \
+	     certs/ecc-key.der
+
+EXTRA_DIST+= ${certs_DATA}
+
+doc_DATA+= certs/taoCert.txt
+
+EXTRA_DIST+= certs/ntru-key.raw
+

certs/server-cert.pem

@@ -37,3 +37,59 @@ Kp5+VqW2h58VxxhmfhZ34qcCAwEAATANBgkqhkiG9w0BAQQFAANBAFipmOcWUkxA
 5+FHkhkbOo+XbHu3sMsgba2100dY2OTyPjLp74d35VQ29I1QjQe0d0XqnaQzNpsL
 4HRYEcUBe00=
 -----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            8a:37:22:65:73:f5:aa:e8
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+        Validity
+            Not Before: Jun 30 18:47:10 2010 GMT
+            Not After : Mar 26 18:47:10 2013 GMT
+        Subject: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:97:30:b9:1a:92:ef:25:4f:ca:4c:11:31:95:1a:
+                    e1:c0:10:19:0a:20:b9:37:80:1a:57:38:02:4e:1b:
+                    c5:0f:28:4f:da:e3:c9:16:aa:50:bd:4a:fb:b7:71:
+                    c7:35:cc:63:81:c1:dd:9d:33:f9:38:16:88:32:a0:
+                    aa:56:23:03:a3
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
+            X509v3 Authority Key Identifier: 
+                keyid:3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
+                DirName:/C=US/ST=Montana/L=Bozeman/O=sawtooth/OU=consulting/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+                serial:8A:37:22:65:73:F5:AA:E8
+
+            X509v3 Basic Constraints: 
+                CA:TRUE
+    Signature Algorithm: md5WithRSAEncryption
+        32:65:a2:b1:dc:6d:e0:8d:8b:c8:58:29:8e:b8:18:4b:62:88:
+        13:67:f8:6c:75:46:75:8f:8a:19:a6:a3:d5:3c:fc:57:4e:7a:
+        68:a9:fc:93:dc:ae:29:7d:bb:4e:ec:ea:55:fa:a4:e3:00:61:
+        f4:b0:34:6d:d1:d5:a4:64:24:f8
+-----BEGIN CERTIFICATE-----
+MIIDQDCCAuqgAwIBAgIJAIo3ImVz9aroMA0GCSqGSIb3DQEBBAUAMIGeMQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
+A1UEChMIc2F3dG9vdGgxEzARBgNVBAsTCmNvbnN1bHRpbmcxJDAiBgNVBAMTG3d3
+dy5zYXd0b290aC1jb25zdWx0aW5nLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5
+YXNzbC5jb20wHhcNMTAwNjMwMTg0NzEwWhcNMTMwMzI2MTg0NzEwWjCBnjELMAkG
+A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
+BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
+d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
+eWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJcwuRqS7yVPykwRMZUa
+4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaqUL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYj
+A6MCAwEAAaOCAQcwggEDMB0GA1UdDgQWBBQ7Zv2gQMb04nDPIRoMT2f+t0tCCTCB
+0wYDVR0jBIHLMIHIgBQ7Zv2gQMb04nDPIRoMT2f+t0tCCaGBpKSBoTCBnjELMAkG
+A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
+BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
+d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
+eWFzc2wuY29tggkAijciZXP1qugwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
+AANBADJlorHcbeCNi8hYKY64GEtiiBNn+Gx1RnWPihmmo9U8/FdOemip/JPcril9
+u07s6lX6pOMAYfSwNG3R1aRkJPg=
+-----END CERTIFICATE-----

certs/server-keyPkcs8Enc.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBgTAbBgkqhkiG9w0BBQMwDgQIMbn/uK6tvZcCAggABIIBYK9oQl9uOmp/LC3j
+VxEoo+imbDLwS+ybpjbvcnfyWja4TRpRdCHCB/PLHRmVGCf/pBMG8UkobxbVbjpg
+DE5Mr69rOVOreNVIBkfAt0B8PgmLPRdKXtp6Y8IJ85R9Aic1g1+s5XeBcvEZRUHm
+ZvKd+oV4y8OUpnZkAZdN4In/8ZvWEfZf6ZPplGbcmoqM7eoLrCCiJ1zLvTt3CPm5
+yi/F8jJxPYM2iNj86y9hlpwk4lS+TvdAwmO/RGQQWverEQmX9MPob23s5ouBdHe5
+7TnBldo/Hq6YVtBYHuvOlx99kaMuumhYdhRONRnWbXedqymaMMG0xA4RgCljv0ud
+JrWK1YNGB7gl7/ANoqyy4ZODBUoH33qDR0NzkqwGXMIexlUZIjbwMmUPZZ/XBqMB
+tEDrOxAnauE12K3DbfviE40Py8uloXiZf94RnPWbttGp874EOpyiEYjUooo3ii6G
+jscqox0=
+-----END ENCRYPTED PRIVATE KEY-----

certs/server-keyPkcs8Enc12.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBgjAcBgoqhkiG9w0BDAEDMA4ECDkwZMQEXsc8AgIIAASCAWAswojJ2ac33Tak
+A8ol6daT+VLEtVwgh9AMO8NE/2xvPZFd3758j/9136k/dsci59ZbvnAVnOURf8Sa
+MW0jaE+JnrnEdGDZAuODONGCtKdBx3fntHw6qRYIY0t7yhLCCRdeoVH6XK60JUtS
+vzi+Hitvg5ObzV1RpiockVCxGJDAizDrXMgQO7N7doeb9fypoBx5IFgLztWONFAg
+A9rQrd5CnkgEbOygRYMduv6fX+uEXWrHEB3vDI6HY5k+VHjx2XLGmNOH1goiv+9p
+DA4n4YpN45xRQUDKmx2T6kyULnMoG7Tf/le2qtJ2nja7697yk8zeEkZnR+UD2IXh
+/A5eyhAquiM5qDbbV46ydOh2Aji6vI8E8/ZnYk2SJ2/VVlNro/tL0XELYdjBBFnI
+SfEtCp1QWWtQdCAPipWzgmsEHKkk4ihmHQqTjmoJ0Pl9XbhxvqHUUrKdHXVJtksZ
+TmvgXItk
+-----END ENCRYPTED PRIVATE KEY-----

certs/server-keyPkcs8Enc2.pem

@@ -0,0 +1,11 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIBI6Zodac3rQCAggA
+MBQGCCqGSIb3DQMHBAjJZP0y7jYpRwSCAWDKV70/DSueiztJHeMKow93Fd/KXDpU
+PGTtlz+lfmOUcGTTt5PwSI2rjHX+QeFTCeb2j9bekcWcaW2iIO8FDRJm1djdKVh0
+mO2kAxM0W2s+GoR7T6ByQSrqKp2NL6Ug/B6od2xZ6/0tvcB4Ig+10ljL3/pT3T9M
+EYCQ5gjaGhPlJIZhFIwmh6x+Pz+d2bkmXObasKEhwRMhJU9GYhKhWB2fOfl8zWlb
+tIDcWBf2rCZUfk3LFx/FrV0NOIY5Jmpm/xQt2gdBIos9LNV16HQOqHkhPBhGXP9D
+WZGTrpxgClpZhCUJ+LvqZbAp1dXbfrrElrux0y2zmSGxWP9z8cmfC1SHgBIxcD36
+CymYSD0s1hPMH4sFoCM6uyEFfK5KwRpYc3IKfEzvkk9+ZTBYpryzJNDqR1Xpfklp
+19m2qz9aJjkIgV4afydQWHYEKVm5IS/PcRVl0ZWkgxJXNHRmLd7HWysS
+-----END ENCRYPTED PRIVATE KEY-----

certs/taoCert.txt

@@ -69,6 +69,13 @@ openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub
 openssl pkcs8 -nocrypt -topk8 -in server-key.pem -out server-keyPkcs8.pem
 
 
+**** To convert to pkcs8 encrypted *******
+
+openssl pkcs8 -topk8 -in server-key.pem -out server-keyPkcs8Enc.pem
+
+passwd: yassl123
+
+
 **** To convert from pkcs8 to traditional ****
 
 openssl pkcs8 -nocrypt -in server-keyPkcs8.pem -out server-key.pem

configure.ac

@@ -0,0 +1,610 @@
+# configure.ac
+#
+# Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+#
+# This file is part of CyaSSL.
+#
+#
+
+AC_INIT([cyassl],[2.0.0rc3],[http://www.yassl.com])
+
+AC_CONFIG_AUX_DIR(config)
+
+AC_CANONICAL_TARGET
+
+AM_INIT_AUTOMAKE(-Wall -Werror -Wno-portability foreign tar-ustar subdir-objects)
+
+AC_CANONICAL_HOST
+AC_CANONICAL_BUILD
+
+AC_PREREQ([2.61])
+
+AC_CONFIG_MACRO_DIR(m4)
+
+AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
+
+
+#shared library versioning
+CYASSL_LIBRARY_VERSION=3:0:0
+#                      | | |
+#               +------+ | +---+
+#               |        |     |
+#              current:revision:age
+#               |        |     |
+#               |        |     +- increment if interfaces have been added
+#               |        |        set to zero if interfaces have been removed
+#                        |        or changed
+#               |        +- increment if source code has changed
+#               |           set to zero if current is incremented
+#               +- increment if interfaces have been added, removed or changed
+AC_SUBST(CYASSL_LIBRARY_VERSION)
+
+# Make sure configure doesn't add to CFLAGS
+CFLAGS="$CFLAGS $C_EXTRA_FLAGS"
+
+LT_INIT([win32-dll])
+LT_LANG([C++])
+LT_LANG([C])
+gl_VISIBILITY
+
+m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
+
+AC_CHECK_FUNCS([gethostbyname])
+AC_CHECK_FUNCS([gettimeofday])
+AC_CHECK_FUNCS([inet_ntoa])
+AC_CHECK_FUNCS([memset])
+AC_CHECK_FUNCS([socket])
+AC_CHECK_HEADERS([arpa/inet.h])
+AC_CHECK_HEADERS([fcntl.h])
+AC_CHECK_HEADERS([limits.h])
+AC_CHECK_HEADERS([netdb.h])
+AC_CHECK_HEADERS([netinet/in.h])
+AC_CHECK_HEADERS([stddef.h])
+AC_CHECK_HEADERS([sys/ioctl.h])
+AC_CHECK_HEADERS([sys/socket.h])
+AC_CHECK_HEADERS([sys/time.h])
+AC_CHECK_HEADERS(errno.h)
+AC_CHECK_LIB(network,socket)
+AC_CHECK_SIZEOF(long long, 8)
+AC_CHECK_SIZEOF(long, 4)
+AC_C_BIGENDIAN
+AC_DISABLE_STATIC
+AC_DISABLE_STATIC
+AC_FUNC_MALLOC
+AC_FUNC_MKTIME
+AC_FUNC_REALLOC
+
+AC_PROG_CC
+AC_PROG_CC_C_O
+AC_PROG_CXX
+AC_PROG_INSTALL
+LT_INIT
+AC_TYPE_SIZE_T
+AC_TYPE_UINT8_T
+AM_PROG_AS
+AM_PROG_CC_C_O
+LT_LIB_M
+
+OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
+OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer"
+OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET"
+DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL"
+
+
+# DEBUG
+AC_ARG_ENABLE(debug,
+    [  --enable-debug          Enable CyaSSL debugging support (default: disabled)],
+    [ ENABLED_DEBUG=$enableval ],
+    [ ENABLED_DEBUG=no ]
+    )
+if test "$ENABLED_DEBUG" = "yes"
+then
+  # Full debug. Very slow in some cases
+  AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"
+else
+  # Optimized version. No debug
+  AM_CFLAGS="$AM_CFLAGS -DNDEBUG"
+fi
+
+
+# SMALL BUILD
+AC_ARG_ENABLE(small,
+    [  --enable-small          Enable smallest build (default: disabled)],
+    [ ENABLED_SMALL=$enableval ],
+    [ ENABLED_SMALL=no ]
+    )
+if test "$ENABLED_SMALL" = "yes"
+then
+  # make small no tls build with smallest cipher
+  # if you only want server or client you can define NO_CYASSL_SERVER or
+  # NO_CYASSL_CLIENT but then some of the examples and testsuite won't build
+  # note that TLS needs HMAC
+  AM_CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH -DNO_PWDBASED $AM_CFLAGS" 
+fi
+
+
+# SINGLE THREADED
+AC_ARG_ENABLE(singleThreaded,
+    [  --enable-singleThreaded Enable CyaSSL single threaded (default: disabled)],
+    [ ENABLED_SINGLETHREADED=$enableval ],
+    [ ENABLED_SINGLETHREADED=no ]
+    )
+if test "$ENABLED_SINGLETHREADED" = "yes"
+then
+  AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS"
+fi
+
+
+# DTLS
+AC_ARG_ENABLE(dtls,
+    [  --enable-dtls           Enable CyaSSL DTLS (default: disabled)],
+    [ ENABLED_DTLS=$enableval ],
+    [ ENABLED_DTLS=no ]
+    )
+if test "$ENABLED_DTLS" = "yes"
+then
+  AM_CFLAGS="-DCYASSL_DTLS $AM_CFLAGS"
+fi
+
+
+# OPENSSL Extra Compatibility
+AC_ARG_ENABLE(opensslExtra,
+    [  --enable-opensslExtra   Enable extra OpenSSL API, size+ (default: disabled)],
+    [ ENABLED_OPENSSLEXTRA=$enableval ],
+    [ ENABLED_OPENSSLEXTRA=no ]
+    )
+if test "$ENABLED_OPENSSLEXTRA" = "yes"
+then
+  AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS"
+fi
+
+if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable small and opensslExtra, only one or the other.])
+fi
+
+
+# IPv6 Test Apps
+AC_ARG_ENABLE(ipv6,
+    [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],
+    [ ENABLED_IPV6=$enableval ],
+    [ ENABLED_IPV6=no ]
+    )
+
+if test "$ENABLED_IPV6" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6"
+fi
+
+
+# ssl bump build 
+AC_ARG_ENABLE(bump,
+    [  --enable-bump           Enable SSL Bump build (default: disabled)],
+    [ ENABLED_BUMP=$enableval ],
+    [ ENABLED_BUMP=no ]
+    )
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192"
+fi
+
+# fastmath
+AC_ARG_ENABLE(fastmath,
+    [  --enable-fastmath       Enable fast math for BigInts (default: disabled)],
+    [ ENABLED_FASTMATH=$enableval ],
+    [ ENABLED_FASTMATH=no ]
+    )
+
+if test "x$ENABLED_FASTMATH" = "xyes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+fi
+
+
+# fast HUGE math
+AC_ARG_ENABLE(fasthugemath,
+    [  --enable-fasthugemath   Enable fast math + huge code (default: disabled)],
+    [ ENABLED_FASTHUGEMATH=$enableval ],
+    [ ENABLED_FASTHUGEMATH=no ]
+    )
+
+if test "$ENABLED_BUMP" = "yes"
+then
+    ENABLED_FASTHUGEMATH="yes"
+fi
+
+if test "$ENABLED_FASTHUGEMATH" = "yes"
+then
+    ENABLED_FASTMATH="yes"
+    AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH"
+fi
+
+AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"])
+
+
+# big cache
+AC_ARG_ENABLE(bigcache,
+    [  --enable-bigcache       Enable big session cache (default: disabled)],
+    [ ENABLED_BIGCACHE=$enableval ],
+    [ ENABLED_BIGCACHE=no ]
+    )
+
+if test "$ENABLED_BIGCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE"
+fi
+
+
+# HUGE cache
+AC_ARG_ENABLE(hugecache,
+    [  --enable-hugecache      Enable huge session cache (default: disabled)],
+    [ ENABLED_HUGECACHE=$enableval ],
+    [ ENABLED_HUGECACHE=no ]
+    )
+
+if test "$ENABLED_HUGECACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE"
+fi
+
+
+# SMALL cache
+AC_ARG_ENABLE(smallcache,
+    [  --enable-smallcache     Enable small session cache (default: disabled)],
+    [ ENABLED_SMALLCACHE=$enableval ],
+    [ ENABLED_SMALLCACHE=no ]
+    )
+
+if test "$ENABLED_SMALLCACHE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE"
+fi
+
+
+# SNIFFER
+AC_ARG_ENABLE(sniffer,
+    [  --enable-sniffer        Enable CyaSSL sniffer support (default: disabled)],
+    [ ENABLED_SNIFFER=$enableval ],
+    [ ENABLED_SNIFFER=no ]
+    )
+
+if test "$ENABLED_SNIFFER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
+fi
+
+AM_CONDITIONAL([BUILD_SNIFFER], [test "x$ENABLED_SNIFFER" = "xyes"])
+
+# AES-NI
+AC_ARG_ENABLE(aesni,
+    [  --enable-aesni          Enable CyaSSL AES-NI support (default: disabled)],
+    [ ENABLED_AESNI=$enableval ],
+    [ ENABLED_AESNI=no ]
+    )
+
+if test "$ENABLED_AESNI" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_AESNI"
+    if test "$GCC" = "yes"
+    then
+        # GCC needs these flags, icc doesn't
+        AM_CFLAGS="$AM_CFLAGS -maes -msse4"
+    fi
+fi
+
+AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"])
+
+
+# RIPEMD
+AC_ARG_ENABLE(ripemd,
+    [  --enable-ripemd         Enable CyaSSL RIPEMD-160 support (default: disabled)],
+    [ ENABLED_RIPEMD=$enableval ],
+    [ ENABLED_RIPEMD=no ]
+    )
+
+if test "$ENABLED_RIPEMD" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_RIPEMD"
+fi
+
+AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"])
+
+
+# SHA512
+AC_ARG_ENABLE(sha512,
+    [  --enable-sha512         Enable CyaSSL SHA-160 support (default: disabled)],
+    [ ENABLED_SHA512=$enableval ],
+    [ ENABLED_SHA512=no ]
+    )
+
+if test "$ENABLED_SHA512" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512"
+fi
+
+AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
+
+
+# SESSION CERTS
+AC_ARG_ENABLE(sessioncerts,
+    [  --enable-sessioncerts   Enable session cert storing (default: disabled)],
+    [ ENABLED_SESSIONCERTS=$enableval ],
+    [ ENABLED_SESSIONCERTS=no ]
+    )
+
+if test "$ENABLED_SESSIONCERTS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
+fi
+
+
+# KEY GENERATION
+AC_ARG_ENABLE(keygen,
+    [  --enable-keygen         Enable key generation (default: disabled)],
+    [ ENABLED_KEYGEN=$enableval ],
+    [ ENABLED_KEYGEN=no ]
+    )
+
+if test "$ENABLED_KEYGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN"
+fi
+
+
+# CERT GENERATION
+AC_ARG_ENABLE(certgen,
+    [  --enable-certgen        Enable cert generation (default: disabled)],
+    [ ENABLED_CERTGEN=$enableval ],
+    [ ENABLED_CERTGEN=no ]
+    )
+
+if test "$ENABLED_CERTGEN" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN"
+fi
+
+
+# HC128 
+AC_ARG_ENABLE(hc128,
+    [  --enable-hc128          Enable HC-128 (default: disabled)],
+    [ ENABLED_HC128=$enableval ],
+    [ ENABLED_HC128=no ]
+    )
+
+if test "$ENABLED_HC128" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_HC128"
+else
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128"
+fi
+
+AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
+
+
+# PSK 
+AC_ARG_ENABLE(psk,
+    [  --enable-psk            Enable PSK (default: disabled)],
+    [ ENABLED_PSK=$enableval ],
+    [ ENABLED_PSK=no ]
+    )
+
+if test "$ENABLED_PSK" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_PSK"
+fi
+
+
+# Web Server Build 
+AC_ARG_ENABLE(webServer,
+    [  --enable-webServer      Enable Web Server (default: disabled)],
+    [ ENABLED_WEBSERVER=$enableval ],
+    [ ENABLED_WEBSERVER=no ]
+    )
+
+if test "$ENABLED_WEBSERVER" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER"
+fi
+
+
+# No Filesystem Build 
+AC_ARG_ENABLE(noFilesystem,
+    [  --enable-noFilesystem   Enable No Filesystem (default: disabled)],
+    [ ENABLED_NOFILESYSTEM=$enableval ],
+    [ ENABLED_NOFILESYSTEM=no ]
+    )
+
+if test "$ENABLED_NOFILESYSTEM" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM"
+fi
+
+
+# No inline Build 
+AC_ARG_ENABLE(noInline,
+    [  --enable-noInline       Enable No inline (default: disabled)],
+    [ ENABLED_NOINLINE=$enableval ],
+    [ ENABLED_NOINLINE=no ]
+    )
+
+if test "$ENABLED_NOINLINE" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DNO_INLINE"
+fi
+
+AM_CONDITIONAL([BUILD_NOINLINE], [test "x$ENABLED_NOINLINE" = "xyes"])
+
+
+# ECC 
+AC_ARG_ENABLE(ecc,
+    [  --enable-ecc            Enable ECC (default: disabled)],
+    [ ENABLED_ECC=$enableval ],
+    [ ENABLED_ECC=no ]
+    )
+
+if test "$ENABLED_ECC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC"
+fi
+
+AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
+
+
+if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable ecc and small, ecc requires TLS which small turns off.]) 
+fi
+
+
+# NTRU
+ntruHome=`pwd`/NTRU_algorithm
+ntruInclude=$ntruHome/cryptolib
+ntruLib=$ntruHome
+AC_ARG_ENABLE(ntru,
+    [  --enable-ntru           Enable NTRU (default: disabled)],
+    [ ENABLED_NTRU=$enableval ],
+    [ ENABLED_NTRU=no ]
+    )
+
+if test "$ENABLED_NTRU" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -I$ntruInclude"
+    AM_LDFLAGS="$AM_LDFLAGS -L$ntruLib"
+    LIBS="$LIBS -lntru_encrypt"
+fi
+
+AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
+
+if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes"
+then
+    AC_MSG_ERROR([cannot enable ntru and small, ntru requires TLS which small turns off.]) 
+fi
+
+
+# Test certs, use internal cert functions for extra testing 
+AC_ARG_ENABLE(testcert,
+    [  --enable-testcert       Enable Test Cert (default: disabled)],
+    [ ENABLED_TESTCERT=$enableval ],
+    [ ENABLED_TESTCERT=no ]
+    )
+
+if test "$ENABLED_TESTCERT" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DCYASSL_TEST_CERT"
+fi
+
+
+# LIBZ
+trylibzdir=""
+AC_ARG_WITH(libz,
+    [  --with-libz=PATH        PATH to libz install (default /usr/) ],
+    [
+        AC_MSG_CHECKING([for libz])
+        CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
+        LIBS="$LIBS -lz"
+
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
+
+        if test "x$libz_linked" == "xno" ; then
+            if test "x$withval" != "xno" ; then
+                trylibzdir=$withval
+            fi
+            if test "x$withval" == "xyes" ; then
+                trylibzdir="/usr"
+            fi
+
+            AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib"
+            CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
+
+            AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <zlib.h>]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ])
+
+            if test "x$libz_linked" == "xno" ; then
+                AC_MSG_ERROR([libz isn't found.
+                If it's already installed, specify its path using --with-libz=/dir/])
+            fi
+            AC_MSG_RESULT([yes])
+        else
+            AC_MSG_RESULT([yes])
+        fi
+
+    ]
+)
+
+
+# OPTIMIZE FLAGS
+if test "$GCC" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused"
+    if test "$ENABLED_DEBUG" = "no"
+    then
+        if test "$ENABLED_FASTMATH" = "yes"
+        then
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS"
+            if test "$ENABLED_FASTHUGEMATH" = "yes"
+            then
+                AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS"
+            fi
+        else
+            AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS"
+        fi
+    fi
+fi
+
+AX_PTHREAD([
+            AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.])
+            ],
+            [
+             AC_DEFINE([HAVE_PTHREAD], [0], [Define if you have POSIX threads libraries and header files.])
+             ])
+
+LIB_SOCKET_NSL
+
+dnl Various GCC warnings that should never fire for release quality code
+GCCWARNINGS="-Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef        \
+  -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes                \
+  -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment           \
+  -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls     \
+  -Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self          \
+  -Wmissing-field-initializers -Wdeclaration-after-statement              \
+  -Wold-style-definition -Waddress -Wmissing-noreturn -Wnormalized=id     \
+  -Woverride-init -Wstrict-overflow=1 -Wextra -Warray-bounds              \
+  -Wstack-protector -Wformat -Wformat-security -Wpointer-sign -Wshadow    \
+  -Wswitch-default"
+
+AC_ARG_ENABLE(gcc-lots-o-warnings,
+AS_HELP_STRING(--enable-gcc-lots-o-warnings, Enable lots of gcc warnings (default: disabled)),
+[if test x$enableval = xyes; then
+    AM_CFLAGS="$AM_CFLAGS $GCCWARNINGS"
+fi])
+
+AC_ARG_ENABLE(gcc-hardening,
+AS_HELP_STRING(--enable-gcc-hardening, Enable compiler security checks (default: disabled)),
+[if test x$enableval = xyes; then
+    AM_CFLAGS="$AM_CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all"
+    AM_CFLAGS="$AM_CFLAGS -fwrapv -fPIE -Wstack-protector"
+    AM_CFLAGS="$AM_CFLAGS --param ssp-buffer-size=1"
+    LDFLAGS="$LDFLAGS -pie"
+fi])
+
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+AS_HELP_STRING(--enable-linker-hardening, Enable linker security fixups (default: disabled)),
+[if test x$enableval = xyes; then
+    LDFLAGS="$LDFLAGS -z relro -z now"
+fi])
+
+CREATE_HEX_VERSION
+AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY"
+AC_SUBST(AM_CFLAGS)
+AC_SUBST(AM_LDFLAGS)
+
+# FINAL
+AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
+AC_CONFIG_FILES([Makefile])
+AC_CONFIG_FILES([cyassl/version.h])
+AC_CONFIG_FILES([support/libcyassl.pc])
+
+AC_OUTPUT
+

configure.in

@@ -1,432 +0,0 @@
-AC_INIT
-AC_CANONICAL_SYSTEM
-AM_INIT_AUTOMAKE(cyassl,1.8.8)
-AM_CONFIG_HEADER(ctaocrypt/include/config.h)
-
-
-#dnl Include m4
-#sinclude(lib_socket_nsl.m4)
-#sinclude(acx_pthread.m4)
-AC_CONFIG_MACRO_DIR([m4])
-
-
-# make sure configure doesn't add to CFLAGS
-CFLAGS="$CFLAGS $C_EXTRA_FLAGS"    
-
-AC_PROG_CC
-AC_PROG_CC_C_O
-AM_PROG_AS
-AC_PROG_INSTALL
-AC_LIBTOOL_WIN32_DLL
-AC_PROG_LIBTOOL
-
-AC_PREFIX_DEFAULT(/usr/local/cyassl)
-
-AC_C_BIGENDIAN
-
-AC_CHECK_SIZEOF(long, 4)
-AC_CHECK_SIZEOF(long long, 8)
-
-AC_CHECK_LIB(network,socket)
-AC_CHECK_LIBM
-
-AC_CHECK_HEADERS(errno.h)
-
-OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
-OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer"
-OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET"
-DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL"
-
-
-# DEBUG
-AC_ARG_ENABLE(debug,
-    [  --enable-debug          Enable CyaSSL debugging support (default: disabled)],
-    [ ENABLED_DEBUG=$enableval ],
-    [ ENABLED_DEBUG=no ]
-    )
-if test "$ENABLED_DEBUG" = "yes"
-then
-  # Full debug. Very slow in some cases
-  CFLAGS="$DEBUG_CFLAGS $CFLAGS"
-else
-  # Optimized version. No debug
-  CFLAGS="$CFLAGS -DNDEBUG"
-fi
-
-
-# SMALL BUILD
-AC_ARG_ENABLE(small,
-    [  --enable-small          Enable smallest build (default: disabled)],
-    [ ENABLED_SMALL=$enableval ],
-    [ ENABLED_SMALL=no ]
-    )
-if test "$ENABLED_SMALL" = "yes"
-then
-  # make small no tls build with smallest cipher
-  # if you only want server or client you can define NO_CYASSL_SERVER or
-  # NO_CYASSL_CLIENT but then some of the examples and testsuite won't build
-  # note that TLS needs HMAC
-  CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_HC128 -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH $CFLAGS"
-fi
-
-
-# SINGLE THREADED
-AC_ARG_ENABLE(singleThreaded,
-    [  --enable-singleThreaded Enable CyaSSL single threaded (default: disabled)],
-    [ ENABLED_SINGLETHREADED=$enableval ],
-    [ ENABLED_SINGLETHREADED=no ]
-    )
-if test "$ENABLED_SINGLETHREADED" = "yes"
-then
-  CFLAGS="-DSINGLE_THREADED $CFLAGS"
-fi
-
-
-# DTLS
-AC_ARG_ENABLE(dtls,
-    [  --enable-dtls           Enable CyaSSL DTLS (default: disabled)],
-    [ ENABLED_DTLS=$enableval ],
-    [ ENABLED_DTLS=no ]
-    )
-if test "$ENABLED_DTLS" = "yes"
-then
-  CFLAGS="-DCYASSL_DTLS $CFLAGS"
-fi
-
-
-# OPENSSL Extra Compatibility
-AC_ARG_ENABLE(opensslExtra,
-    [  --enable-opensslExtra   Enable extra OpenSSL API, size+ (default: disabled)],
-    [ ENABLED_OPENSSLEXTRA=$enableval ],
-    [ ENABLED_OPENSSLEXTRA=no ]
-    )
-if test "$ENABLED_OPENSSLEXTRA" = "yes"
-then
-  CFLAGS="-DOPENSSL_EXTRA $CFLAGS"
-fi
-
-
-# IPv6 Test Apps
-AC_ARG_ENABLE(ipv6,
-    [  --enable-ipv6           Enable testing of IPV6 (default: disabled)],
-    [ ENABLED_IPV6=$enableval ],
-    [ ENABLED_IPV6=no ]
-    )
-
-if test "$ENABLED_IPV6" = "yes"
-then
-    CFLAGS="$CFLAGS -DTEST_IPV6"
-fi
-
-
-# fastmath
-AC_ARG_ENABLE(fastmath,
-    [  --enable-fastmath       Enable fast math for BigInts(default: disabled)],
-    [ ENABLED_FASTMATH=$enableval ],
-    [ ENABLED_FASTMATH=no ]
-    )
-
-if test "$ENABLED_FASTMATH" = "yes"
-then
-    CFLAGS="$CFLAGS -DUSE_FAST_MATH"
-fi
-
-
-# fast HUGE math
-AC_ARG_ENABLE(fasthugemath,
-    [  --enable-fasthugemath   Enable fast math + huge code for BigInts(def: off)],
-    [ ENABLED_FASTHUGEMATH=$enableval ],
-    [ ENABLED_FASTHUGEMATH=no ]
-    )
-
-if test "$ENABLED_FASTHUGEMATH" = "yes"
-then
-    ENABLED_FASTMATH="yes"
-    CFLAGS="$CFLAGS -DUSE_FAST_MATH"
-fi
-
-AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"])
-
-
-# big cache
-AC_ARG_ENABLE(bigcache,
-    [  --enable-bigcache       Enable big session cache (default: disabled)],
-    [ ENABLED_BIGCACHE=$enableval ],
-    [ ENABLED_BIGCACHE=no ]
-    )
-
-if test "$ENABLED_BIGCACHE" = "yes"
-then
-    CFLAGS="$CFLAGS -DBIG_SESSION_CACHE"
-fi
-
-
-# HUGE cache
-AC_ARG_ENABLE(hugecache,
-    [  --enable-hugecache      Enable huge session cache (default: disabled)],
-    [ ENABLED_HUGECACHE=$enableval ],
-    [ ENABLED_HUGECACHE=no ]
-    )
-
-if test "$ENABLED_HUGECACHE" = "yes"
-then
-    CFLAGS="$CFLAGS -DHUGE_SESSION_CACHE"
-fi
-
-
-# SNIFFER
-AC_ARG_ENABLE(sniffer,
-    [  --enable-sniffer        Enable CyaSSL sniffer support (default: disabled)],
-    [ ENABLED_SNIFFER=$enableval ],
-    [ ENABLED_SNIFFER=no ]
-    )
-
-if test "$ENABLED_SNIFFER" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA"
-fi
-
-AM_CONDITIONAL([BUILD_SNIFFER], [test "x$ENABLED_SNIFFER" = "xyes"])
-
-# AES-NI
-AC_ARG_ENABLE(aesni,
-    [  --enable-aesni          Enable CyaSSL AES-NI support (default: disabled)],
-    [ ENABLED_AESNI=$enableval ],
-    [ ENABLED_AESNI=no ]
-    )
-
-if test "$ENABLED_AESNI" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_AESNI"
-    if test "$GCC" = "yes"
-    then
-        # GCC needs these flags, icc doesn't
-        CFLAGS="$CFLAGS -maes -msse4"
-    fi
-fi
-
-AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"])
-
-
-# RIPEMD
-AC_ARG_ENABLE(ripemd,
-    [  --enable-ripemd         Enable CyaSSL RIPEMD-160 support (default: disabled)],
-    [ ENABLED_RIPEMD=$enableval ],
-    [ ENABLED_RIPEMD=no ]
-    )
-
-if test "$ENABLED_RIPEMD" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_RIPEMD"
-fi
-
-AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"])
-
-
-# SHA512
-AC_ARG_ENABLE(sha512,
-    [  --enable-sha512         Enable CyaSSL SHA-160 support (default: disabled)],
-    [ ENABLED_SHA512=$enableval ],
-    [ ENABLED_SHA512=no ]
-    )
-
-if test "$ENABLED_SHA512" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_SHA512"
-fi
-
-AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"])
-
-
-# SESSION CERTS
-AC_ARG_ENABLE(sessioncerts,
-    [  --enable-sessioncerts   Enable session cert storing (default: disabled)],
-    [ ENABLED_SESSIONCERTS=$enableval ],
-    [ ENABLED_SESSIONCERTS=no ]
-    )
-
-if test "$ENABLED_SESSIONCERTS" = "yes"
-then
-    CFLAGS="$CFLAGS -DSESSION_CERTS"
-fi
-
-
-# KEY GENERATION
-AC_ARG_ENABLE(keygen,
-    [  --enable-keygen         Enable key generation (default: disabled)],
-    [ ENABLED_KEYGEN=$enableval ],
-    [ ENABLED_KEYGEN=no ]
-    )
-
-if test "$ENABLED_KEYGEN" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_KEY_GEN"
-fi
-
-
-# CERT GENERATION
-AC_ARG_ENABLE(certgen,
-    [  --enable-certgen        Enable cert generation (default: disabled)],
-    [ ENABLED_CERTGEN=$enableval ],
-    [ ENABLED_CERTGEN=no ]
-    )
-
-if test "$ENABLED_CERTGEN" = "yes"
-then
-    CFLAGS="$CFLAGS -DCYASSL_CERT_GEN"
-fi
-
-
-# HC128
-AC_ARG_ENABLE(hc128,
-    [  --enable-hc128          Enable HC-128 (default: disabled)],
-    [ ENABLED_HC128=$enableval ],
-    [ ENABLED_HC128=no ]
-    )
-
-if test "$ENABLED_HC128" = "no"
-then
-    CFLAGS="$CFLAGS -DNO_HC128"
-fi
-
-AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"])
-
-
-# PSK 
-AC_ARG_ENABLE(psk,
-    [  --enable-psk            Enable PSK (default: disabled)],
-    [ ENABLED_PSK=$enableval ],
-    [ ENABLED_PSK=no ]
-    )
-
-if test "$ENABLED_PSK" = "no"
-then
-    CFLAGS="$CFLAGS -DNO_PSK"
-fi
-
-
-# ECC 
-AC_ARG_ENABLE(ecc,
-    [  --enable-ecc            Enable ECC (default: disabled)],
-    [ ENABLED_ECC=$enableval ],
-    [ ENABLED_ECC=no ]
-    )
-
-if test "$ENABLED_ECC" = "yes"
-then
-    CFLAGS="$CFLAGS -DHAVE_ECC"
-fi
-
-AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"])
-
-
-# NTRU
-ntruHome=`pwd`/NTRU_algorithm
-ntruInclude=$ntruHome/cryptolib
-ntruLib=$ntruHome
-AC_ARG_ENABLE(ntru,
-    [  --enable-ntru           Enable NTRU (default: disabled)],
-    [ ENABLED_NTRU=$enableval ],
-    [ ENABLED_NTRU=no ]
-    )
-
-if test "$ENABLED_NTRU" = "yes"
-then
-    CFLAGS="$CFLAGS -DHAVE_NTRU -I$ntruInclude"
-    LDFLAGS="$LDFLAGS -L$ntruLib"
-    LIBS="$LIBS -lntru_encrypt"
-fi
-
-AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"])
-
-
-# LIBZ
-trylibzdir=""
-AC_ARG_WITH(libz,
-    [  --with-libz=PATH        PATH to libz install (default /usr/) ],
-    [
-        AC_MSG_CHECKING([for libz])
-        CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ"
-        LIBS="$LIBS -lz"
-
-        AC_TRY_LINK([#include <zlib.h>], [ deflateInit(NULL, 8); ],
-            [ libz_linked=yes ], [ libz_linked=no ])
-
-        if test "x$libz_linked" == "xno" ; then
-            if test "x$withval" != "xno" ; then
-                trylibzdir=$withval
-            fi
-            if test "x$withval" == "xyes" ; then
-                trylibzdir="/usr"
-            fi
-
-            LDFLAGS="$LDFLAGS -L$trylibzdir/lib"
-            CPPFLAGS="$CPPFLAGS -I$trylibzdir/include"
-
-            AC_TRY_LINK([#include <zlib.h>], [ deflateInit(NULL, 8); ],
-                [ libz_linked=yes ], [ libz_linked=no ])
-
-            if test "x$libz_linked" == "xno" ; then
-                AC_MSG_ERROR([libz isn't found.
-                If it's already installed, specify its path using --with-libz=/dir/])
-            fi
-            AC_MSG_RESULT([yes])
-        else
-            AC_MSG_RESULT([yes])
-        fi
-
-    ]
-)
-
-
-# OPTIMIZE FLAGS
-if test "$GCC" = "yes"
-then
-    CFLAGS="$CFLAGS -Wall -Wno-unused"
-    if test "$ENABLED_DEBUG" = "no"
-    then
-        if test "$ENABLED_FASTMATH" = "yes"
-        then
-            CFLAGS="$CFLAGS $OPTIMIZE_FAST_CFLAGS"
-            if test "$ENABLED_FASTHUGEMATH" = "yes"
-            then
-                CFLAGS="$CFLAGS $OPTIMIZE_HUGE_CFLAGS"
-            fi
-        else
-            CFLAGS="$CFLAGS $OPTIMIZE_CFLAGS"
-        fi
-    fi
-fi
-
-
-
-
-ACX_PTHREAD
-
-LIBS="$PTHREAD_LIBS $LIBM $LIBS"
-CFLAGS="$CFLAGS $PTHREAD_CFLAGS"
-
-LIB_SOCKET_NSL
-
-AC_SUBST(CFLAGS)
-AC_SUBST(LIBS)
-
-
-
-# FINAL
-AC_CONFIG_FILES(Makefile dnl
-        ctaocrypt/Makefile dnl
-        ctaocrypt/src/Makefile dnl
-        ctaocrypt/test/Makefile dnl
-        ctaocrypt/benchmark/Makefile dnl
-        src/Makefile dnl
-        examples/Makefile dnl
-        examples/client/Makefile dnl
-        examples/server/Makefile dnl
-        examples/echoclient/Makefile dnl
-        examples/echoserver/Makefile dnl
-        testsuite/Makefile dnl
-        sslSniffer/Makefile dnl
-        sslSniffer/sslSnifferTest/Makefile)
-AC_OUTPUT
-

ctaocrypt/Makefile.am

@@ -1,3 +0,0 @@
-SUBDIRS = src test benchmark
-EXTRA_DIST = ctaocrypt.sln ctaocrypt.vcproj
-

ctaocrypt/benchmark/Makefile.am

@@ -1,7 +0,0 @@
-INCLUDES = -I../include
-bin_PROGRAMS = benchmark
-benchmark_SOURCES = benchmark.c
-benchmark_LDFLAGS      = -L../src
-benchmark_LDADD        = ../../src/libcyassl.la
-benchmark_DEPENDENCIES = ../../src/libcyassl.la
-EXTRA_DIST =  *.der benchmark.sln benchmark.vcproj

ctaocrypt/benchmark/benchmark.c

@@ -1,24 +1,47 @@
-/* benchmark.c */
+/* benchmark.c
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
 /* CTaoCrypt benchmark */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 #include <string.h>
 #include <stdio.h>
 
-#include "des3.h"
-#include "arc4.h"
-#include "hc128.h"
-#include "rabbit.h"
-#include "ctc_aes.h"
-#include "ctc_md5.h"
-#include "ctc_sha.h"
-#include "sha256.h"
-#include "sha512.h"
-#include "ctc_rsa.h"
-#include "asn.h"
-#include "ctc_ripemd.h"
-
-#include "ctc_dh.h"
+#include <cyassl/ctaocrypt/des3.h>
+#include <cyassl/ctaocrypt/arc4.h>
+#include <cyassl/ctaocrypt/hc128.h>
+#include <cyassl/ctaocrypt/rabbit.h>
+#include <cyassl/ctaocrypt/aes.h>
+#include <cyassl/ctaocrypt/md5.h>
+#include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/sha256.h>
+#include <cyassl/ctaocrypt/sha512.h>
+#include <cyassl/ctaocrypt/rsa.h>
+#include <cyassl/ctaocrypt/asn.h>
+#include <cyassl/ctaocrypt/ripemd.h>
 
+#include <cyassl/ctaocrypt/dh.h>
 
 #ifdef _MSC_VER
     /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
@@ -52,7 +75,7 @@ int main(int argc, char** argv)
     bench_aes(1);
 #endif
     bench_arc4();
-#ifndef NO_HC128
+#ifdef HAVE_HC128
     bench_hc128();
 #endif
 #ifndef NO_RABBIT
@@ -181,7 +204,7 @@ void bench_arc4()
 }
 
 
-#ifndef NO_HC128
+#ifdef HAVE_HC128
 void bench_hc128()
 {
     HC128  enc;
@@ -200,7 +223,7 @@ void bench_hc128()
     printf("HC128    %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
                                                              persec);
 }
-#endif /* NO_HC128 */
+#endif /* HAVE_HC128 */
 
 
 #ifndef NO_RABBIT
@@ -360,10 +383,11 @@ void bench_rsa()
     double    start, total, each, milliEach;
     
     RsaKey key;
-    FILE*  file = fopen("./rsa1024.der", "rb");
+    FILE*  file = fopen("./certs/rsa1024.der", "rb");
 
     if (!file) {
-        printf("can't find ./rsa1024.der\n");
+        printf("can't find ./certs/rsa1024.der, "
+               "Please run from CyaSSL home dir\n");
         return;
     }
 
@@ -417,10 +441,11 @@ void bench_dh()
     
     double start, total, each, milliEach;
     DhKey  key;
-    FILE*  file = fopen("./dh1024.der", "rb");
+    FILE*  file = fopen("./certs/dh1024.der", "rb");
 
     if (!file) {
-        printf("can't find ./dh1024.der\n");
+        printf("can't find ./certs/dh1024.der, "
+               "Please run from CyaSSL home dir\n");
         return;
     }
 

ctaocrypt/benchmark/include.am

@@ -0,0 +1,9 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+noinst_PROGRAMS += ctaocrypt/benchmark/benchmark
+ctaocrypt_benchmark_benchmark_SOURCES      = ctaocrypt/benchmark/benchmark.c
+ctaocrypt_benchmark_benchmark_LDADD        = src/libcyassl.la
+ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la
+EXTRA_DIST += ctaocrypt/benchmark/benchmark.sln 
+EXTRA_DIST += ctaocrypt/benchmark/benchmark.vcproj

ctaocrypt/ctaocrypt.vcproj

@@ -100,7 +100,7 @@
 			<Tool
 				Name="VCCLCompilerTool"
 				AdditionalIncludeDirectories="include"
-				PreprocessorDefinitions="WIN32;NDEBUG;_LIB;"
+				PreprocessorDefinitions="WIN32;NDEBUG;_LIB;OPENSSL_EXTRA"
 				RuntimeLibrary="2"
 				UsePrecompiledHeader="0"
 				WarningLevel="3"

ctaocrypt/include/config.h

@@ -1,86 +0,0 @@
-/* ctaocrypt/include/config.h.  Generated from config.h.in by configure.  */
-/* ctaocrypt/include/config.h.in.  Generated from configure.in by autoheader.  */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#define HAVE_DLFCN_H 1
-
-/* Define to 1 if you have the <errno.h> header file. */
-#define HAVE_ERRNO_H 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#define HAVE_INTTYPES_H 1
-
-/* Define to 1 if you have the `network' library (-lnetwork). */
-/* #undef HAVE_LIBNETWORK */
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define if you have POSIX threads libraries and header files. */
-#define HAVE_PTHREAD 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#define HAVE_STDINT_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
-   */
-#define LT_OBJDIR ".libs/"
-
-/* Define to 1 if your C compiler doesn't accept -c and -o together. */
-/* #undef NO_MINUS_C_MINUS_O */
-
-/* Name of package */
-#define PACKAGE "cyassl"
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT ""
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME ""
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING ""
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME ""
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION ""
-
-/* Define to necessary symbol if this constant uses a non-standard name on
-   your system. */
-/* #undef PTHREAD_CREATE_JOINABLE */
-
-/* The size of `long', as computed by sizeof. */
-#define SIZEOF_LONG 8
-
-/* The size of `long long', as computed by sizeof. */
-#define SIZEOF_LONG_LONG 8
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Version number of package */
-#define VERSION "1.8.8"
-
-/* Define to 1 if your processor stores words with the most significant byte
-   first (like Motorola and SPARC, unlike Intel and VAX). */
-/* #undef WORDS_BIGENDIAN */

ctaocrypt/include/config.h.in

@@ -1,85 +0,0 @@
-/* ctaocrypt/include/config.h.in.  Generated from configure.in by autoheader.  */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#undef HAVE_DLFCN_H
-
-/* Define to 1 if you have the <errno.h> header file. */
-#undef HAVE_ERRNO_H
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `network' library (-lnetwork). */
-#undef HAVE_LIBNETWORK
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define if you have POSIX threads libraries and header files. */
-#undef HAVE_PTHREAD
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
-   */
-#undef LT_OBJDIR
-
-/* Define to 1 if your C compiler doesn't accept -c and -o together. */
-#undef NO_MINUS_C_MINUS_O
-
-/* Name of package */
-#undef PACKAGE
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to necessary symbol if this constant uses a non-standard name on
-   your system. */
-#undef PTHREAD_CREATE_JOINABLE
-
-/* The size of `long', as computed by sizeof. */
-#undef SIZEOF_LONG
-
-/* The size of `long long', as computed by sizeof. */
-#undef SIZEOF_LONG_LONG
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Version number of package */
-#undef VERSION
-
-/* Define to 1 if your processor stores words with the most significant byte
-   first (like Motorola and SPARC, unlike Intel and VAX). */
-#undef WORDS_BIGENDIAN

ctaocrypt/include/ctc_rsa.h

@@ -1,74 +0,0 @@
-/* ctc_rsa.h
- *
- * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
- *
- * This file is part of CyaSSL.
- *
- * CyaSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * CyaSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
-
-
-#ifndef CTAO_CRYPT_RSA_H
-#define CTAO_CRYPT_RSA_H
-
-#include "types.h"
-#include "integer.h"
-#include "random.h"
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-
-enum {
-    RSA_PUBLIC   = 0,
-    RSA_PRIVATE  = 1
-};
-
-/* RSA */
-typedef struct RsaKey {
-    mp_int n, e, d, p, q, dP, dQ, u;
-    int   type;                               /* public or private */
-    void* heap;                               /* for user memory overrides */
-} RsaKey;
-
-
-void InitRsaKey(RsaKey* key, void*);
-void FreeRsaKey(RsaKey* key);
-
-int  RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
-                      RsaKey* key, RNG* rng);
-int  RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key);
-int  RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
-                       RsaKey* key);
-int  RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
-                 RsaKey* key, RNG* rng);
-int  RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key);
-int  RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
-                   RsaKey* key);
-
-int  RsaEncryptSize(RsaKey* key);
-
-#ifdef CYASSL_KEY_GEN
-    int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
-#endif
-
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* CTAO_CRYPT_RSA_H */
-

ctaocrypt/src/Makefile.am

@@ -1,2 +0,0 @@
-EXTRA_DIST = ../include/*.h *.c *.i
-

ctaocrypt/src/aes.c

@@ -19,13 +19,25 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 #ifndef NO_AES
 
-#include "ctc_aes.h"
+#include <cyassl/ctaocrypt/aes.h>
+#include <cyassl/ctaocrypt/error.h>
+#include <cyassl/ctaocrypt/logging.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
+#endif
+
+
+#ifdef _MSC_VER
+    /* 4127 warning constant while(1)  */
+    #pragma warning(disable: 4127)
 #endif
 
 
@@ -754,7 +766,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
                          Aes* aes)
 { 
     if (!userKey || !aes)
-        return -1;
+        return BAD_FUNC_ARG;
     
     if (bits == 128) {
        AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
@@ -768,7 +780,7 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits,
        AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
        return 0;
     }
-    return -1;
+    return BAD_FUNC_ARG;
 }
 
 
@@ -781,10 +793,10 @@ int AES_set_decrypt_key (const unsigned char* userKey, const int bits,
     __m128i *Temp_Key_Schedule = (__m128i*)temp_key.key;
     
     if (!userKey || !aes)
-        return -1;
+        return BAD_FUNC_ARG;
 
-    if (AES_set_encrypt_key(userKey,bits,&temp_key) == -1)
-        return -1;
+    if (AES_set_encrypt_key(userKey,bits,&temp_key) == BAD_FUNC_ARG)
+        return BAD_FUNC_ARG;
 
     nr = temp_key.rounds;
     aes->rounds = nr;
@@ -827,7 +839,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
     unsigned int i = 0;
 
     if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-        return -1;
+        return BAD_FUNC_ARG;
 
 #ifdef CYASSL_AESNI
     if (checkAESNI == 0) {
@@ -920,11 +932,14 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
             rk += 8;
         }
         break;
+
+    default:
+        return BAD_FUNC_ARG;
     }
 
     if (dir == AES_DECRYPTION)
     {
-        unsigned int i, j;
+        unsigned int j;
         rk = aes->key;
 
         /* invert the order of the round keys: */
@@ -966,13 +981,17 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
 }
 
 
-void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 {
     word32 s0, s1, s2, s3;
     word32 t0, t1, t2, t3;
     word32 r = aes->rounds >> 1;
 
     const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        CYASSL_MSG("AesEncrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
     /*
      * map byte array block to cipher state
      * and add initial round key:
@@ -1100,13 +1119,17 @@ void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 }
 
 
-void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
+static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
 {
     word32 s0, s1, s2, s3;
     word32 t0, t1, t2, t3;
     word32 r = aes->rounds >> 1;
 
     const word32* rk = aes->key;
+    if (r > 7 || r == 0) {
+        CYASSL_MSG("AesDecrypt encountered improper key, set it up");
+        return;  /* stop instead of segfaulting, set up your keys! */
+    }
     /*
      * map byte array block to cipher state
      * and add initial round key:
@@ -1282,7 +1305,7 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
             printf("sz = %d\n", sz);
         #endif
 
-        /* if input and output same will overwirte input iv */
+        /* if input and output same will overwrite input iv */
         XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
         AES_CBC_decrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
                         aes->rounds);

ctaocrypt/src/arc4.c

@@ -19,9 +19,11 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#include "arc4.h"
-
+#include <cyassl/ctaocrypt/arc4.h>
 
 
 void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
@@ -33,14 +35,14 @@ void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
     arc4->y = 0;
 
     for (i = 0; i < ARC4_STATE_SIZE; i++)
-        arc4->state[i] = i;
+        arc4->state[i] = (byte)i;
 
     for (i = 0; i < ARC4_STATE_SIZE; i++) {
         word32 a = arc4->state[i];
         stateIndex += key[keyIndex] + a;
         stateIndex &= 0xFF;
         arc4->state[i] = arc4->state[stateIndex];
-        arc4->state[stateIndex] = a;
+        arc4->state[stateIndex] = (byte)a;
 
         if (++keyIndex >= length)
             keyIndex = 0;
@@ -48,14 +50,14 @@ void Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
 }
 
 
-static INLINE word32 MakeByte(word32* x, word32* y, byte* s)
+static INLINE byte MakeByte(word32* x, word32* y, byte* s)
 {
     word32 a = s[*x], b;
     *y = (*y+a) & 0xff;
 
     b = s[*y];
-    s[*x] = b;
-    s[*y] = a;
+    s[*x] = (byte)b;
+    s[*y] = (byte)a;
     *x = (*x+1) & 0xff;
 
     return s[(a+b) & 0xff];
@@ -70,7 +72,7 @@ void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
     while(length--)
         *out++ = *in++ ^ MakeByte(&x, &y, arc4->state);
 
-    arc4->x = x;
-    arc4->y = y;
+    arc4->x = (byte)x;
+    arc4->y = (byte)y;
 }
 

ctaocrypt/src/asm.c

@@ -19,13 +19,16 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 /*
  * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
  */
 
 
-
 /******************************************************************/
 /* fp_montgomery_reduce.c asm or generic */
 #if defined(TFM_X86) && !defined(TFM_SSE2) 

ctaocrypt/src/coding.c

@@ -19,8 +19,13 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#include "coding.h"
+#include <cyassl/ctaocrypt/coding.h>
+#include <cyassl/ctaocrypt/error.h>
+#include <cyassl/ctaocrypt/logging.h>
 
 
 enum {
@@ -51,7 +56,7 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
 
     plainSz = (plainSz * 3 + 3) / 4;
-    if (plainSz > *outLen) return -1;
+    if (plainSz > *outLen) return BAD_FUNC_ARG;
 
     while (inLen > 3) {
         byte b1, b2, b3;
@@ -99,8 +104,10 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
                 endLine = in[j++];
                 inLen--;
             }
-            if (endLine != '\n')
-                return -1;
+            if (endLine != '\n') {
+                CYASSL_MSG("Bad end of line in Base64 Decode");
+                return ASN_INPUT_E;
+            }
         }
     }
     *outLen = i;
@@ -109,7 +116,7 @@ int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
 }
 
 
-#if defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
+#if defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER)
 
 static
 const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
@@ -133,7 +140,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 outSz = (inLen + 3 - 1) / 3 * 4;
     outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ;  /* new lines */
 
-    if (outSz > *outLen) return -1;
+    if (outSz > *outLen) return BAD_FUNC_ARG;
     
     while (inLen > 2) {
         byte b1 = in[j++];
@@ -177,7 +184,7 @@ int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
 
     out[i++] = '\n';
     if (i != outSz)
-        return -1;
+        return ASN_INPUT_E; 
     *outLen = outSz;
 
     return 0; 
@@ -196,10 +203,10 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
     word32 outIdx = 0;
 
     if (inLen % 2)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (*outLen < (inLen / 2))
-        return -1;
+        return BAD_FUNC_ARG;
 
     while (inLen) {
         byte b  = in[inIdx++] - 0x30;  /* 0 starts at 0x30 */
@@ -207,15 +214,15 @@ int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
 
         /* sanity checks */
         if (b >=  sizeof(hexDecode)/sizeof(hexDecode[0]))
-            return -1;
+            return ASN_INPUT_E;
         if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0]))
-            return -1;
+            return ASN_INPUT_E;
 
         b  = hexDecode[b];
         b2 = hexDecode[b2];
 
         if (b == BAD || b2 == BAD)
-            return -1;
+            return ASN_INPUT_E;
         
         out[outIdx++] = (b << 4) | b2;
         inLen -= 2;

ctaocrypt/src/des3.c

@@ -19,14 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #ifndef NO_DES3
 
-#include "des3.h"
+#include <cyassl/ctaocrypt/des3.h>
+
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 
@@ -341,7 +345,7 @@ void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
 }
 
 
-void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
+static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
 {
     word32 l = *lIn, r = *rIn, i;
 

ctaocrypt/src/dh.c

@@ -19,10 +19,14 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 #ifndef NO_DH
 
-#include "ctc_dh.h"
-#include "error.h"
+#include <cyassl/ctaocrypt/dh.h>
+#include <cyassl/ctaocrypt/error.h>
 
 #ifndef USER_MATH_LIB
     #include <math.h>
@@ -33,7 +37,6 @@
 #endif
 
 
-
 #ifndef min
 
     static INLINE word32 min(word32 a, word32 b)
@@ -44,9 +47,9 @@
 #endif /* min */
 
 
-
 void InitDhKey(DhKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     key->p.dp = 0;
@@ -57,6 +60,7 @@ void InitDhKey(DhKey* key)
 
 void FreeDhKey(DhKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     mp_clear(&key->p);

ctaocrypt/src/dsa.c

@@ -19,17 +19,21 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 #ifndef NO_DSA
 
-#include "ctc_dsa.h"
-#include "ctc_sha.h"
-#include "random.h"
-#include "error.h"
+#include <cyassl/ctaocrypt/dsa.h>
+#include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/random.h>
+#include <cyassl/ctaocrypt/error.h>
 
 
 enum {
     DSA_HALF_SIZE = 20,   /* r and s size  */
-    DSA_SIG_SIZE  = 40    /* signaure size */
+    DSA_SIG_SIZE  = 40    /* signature size */
 };
 
 
@@ -45,7 +49,7 @@ enum {
 
 void InitDsaKey(DsaKey* key)
 {
-    key->type = -1;  /* haven't decdied yet */
+    key->type = -1;  /* haven't decided yet */
 
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
@@ -61,6 +65,7 @@ void InitDsaKey(DsaKey* key)
 
 void FreeDsaKey(DsaKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     if (key->type == DSA_PRIVATE)

ctaocrypt/src/ecc.c

@@ -0,0 +1 @@
+/* dummy ecc.c for dist */

ctaocrypt/src/ecc_fp.c

@@ -0,0 +1 @@
+/* dummy ecc_fp.c for dist */

ctaocrypt/src/fp_mont_small.i

@@ -1,3 +1,25 @@
+/* fp_mont_small.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SMALL_MONT_SET
 /* computes x/R == x (mod N) via Montgomery Reduction */
 void fp_montgomery_reduce_small(fp_int *a, fp_int *m, fp_digit mp)

ctaocrypt/src/fp_mul_comba_12.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_12.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL12
 void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_17.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_17.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL17
 void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_20.i

@@ -1,3 +1,24 @@
+/* fp_mul_comba_20.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
 #ifdef TFM_MUL20
 void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_24.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_24.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL24
 void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_28.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_28.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL28
 void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_3.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_3.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL3
 void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_32.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_32.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL32
 void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_4.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_4.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL4
 void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_48.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_48.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL48
 void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_6.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_6.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL6
 void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_64.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_64.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL64
 void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_7.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_7.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL7
 void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_8.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_8.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL8
 void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_9.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_9.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_MUL9
 void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C)
 {

ctaocrypt/src/fp_mul_comba_small_set.i

@@ -1,3 +1,25 @@
+/* fp_mul_comba_small_set.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #if defined(TFM_SMALL_SET)
 void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C)
 {
@@ -1219,6 +1241,9 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C)
       fp_clamp(C);
       COMBA_FINI;
       break;
+
+   default:
+      break;
    }
 }
 

ctaocrypt/src/fp_sqr_comba_12.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_12.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR12
 void fp_sqr_comba12(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_17.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_17.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR17
 void fp_sqr_comba17(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_20.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_20.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR20
 void fp_sqr_comba20(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_24.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_24.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR24
 void fp_sqr_comba24(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_28.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_28.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR28
 void fp_sqr_comba28(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_3.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_3.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR3
 void fp_sqr_comba3(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_32.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_32.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR32
 void fp_sqr_comba32(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_4.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_4.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR4
 void fp_sqr_comba4(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_48.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_48.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR48
 void fp_sqr_comba48(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_6.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_6.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR6
 void fp_sqr_comba6(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_64.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_64.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR64
 void fp_sqr_comba64(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_7.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_7.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR7
 void fp_sqr_comba7(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_8.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_8.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR8
 void fp_sqr_comba8(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_9.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_9.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #ifdef TFM_SQR9
 void fp_sqr_comba9(fp_int *A, fp_int *B)
 {

ctaocrypt/src/fp_sqr_comba_small_set.i

@@ -1,3 +1,25 @@
+/* fp_sqr_comba_small_set.i
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
 #if defined(TFM_SMALL_SET)
 void fp_sqr_comba_small(fp_int *A, fp_int *B)
 {
@@ -1509,6 +1531,9 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B)
       memcpy(B->dp, b, 32 * sizeof(fp_digit));
       fp_clamp(B);
       break;
+
+   default:
+      break;
 }
 }
 

ctaocrypt/src/hc128.c

@@ -19,11 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#ifndef NO_HC128
+#ifdef HAVE_HC128
 
-#include "hc128.h"
-#include "misc.c"
+#include <cyassl/ctaocrypt/hc128.h>
+#ifdef NO_INLINE
+    #include <cyassl/ctaocrypt/hc128.h>
+#else
+    #include <ctaocrypt/src/misc.c>
+#endif
 
 
 #ifdef BIG_ENDIAN_ORDER
@@ -314,4 +321,13 @@ void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
 }
 
 
-#endif /* NO_HC128 */
+#else  /* HAVE_HC128 */
+
+
+#ifdef _MSC_VER
+    /* 4206 warning for blank file */
+    #pragma warning(disable: 4206)
+#endif
+
+
+#endif /* HAVE_HC128 */

ctaocrypt/src/hmac.c

@@ -19,20 +19,23 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #ifndef NO_HMAC
 
-#include "ctc_hmac.h"
-
+#include <cyassl/ctaocrypt/hmac.h>
+#include <cyassl/ctaocrypt/error.h>
 
 
 static int InitHmac(Hmac* hmac, int type)
 {
     hmac->innerHashKeyed = 0;
-    hmac->macType = type;
+    hmac->macType = (byte)type;
 
     if (!(type == MD5 || type == SHA || type == SHA256))
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (type == MD5)
         InitMd5(&hmac->hash.md5);

ctaocrypt/src/include.am

@@ -0,0 +1,39 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+EXTRA_DIST += ctaocrypt/src/misc.c
+EXTRA_DIST += ctaocrypt/src/asm.c 
+
+EXTRA_DIST += \
+              ctaocrypt/src/ecc_fp.c \
+              ctaocrypt/src/fp_mont_small.i \
+              ctaocrypt/src/fp_mul_comba_12.i \
+              ctaocrypt/src/fp_mul_comba_17.i \
+              ctaocrypt/src/fp_mul_comba_20.i \
+              ctaocrypt/src/fp_mul_comba_24.i \
+              ctaocrypt/src/fp_mul_comba_28.i \
+              ctaocrypt/src/fp_mul_comba_32.i \
+              ctaocrypt/src/fp_mul_comba_3.i \
+              ctaocrypt/src/fp_mul_comba_48.i \
+              ctaocrypt/src/fp_mul_comba_4.i \
+              ctaocrypt/src/fp_mul_comba_64.i \
+              ctaocrypt/src/fp_mul_comba_6.i \
+              ctaocrypt/src/fp_mul_comba_7.i \
+              ctaocrypt/src/fp_mul_comba_8.i \
+              ctaocrypt/src/fp_mul_comba_9.i \
+              ctaocrypt/src/fp_mul_comba_small_set.i \
+              ctaocrypt/src/fp_sqr_comba_12.i \
+              ctaocrypt/src/fp_sqr_comba_17.i \
+              ctaocrypt/src/fp_sqr_comba_20.i \
+              ctaocrypt/src/fp_sqr_comba_24.i \
+              ctaocrypt/src/fp_sqr_comba_28.i \
+              ctaocrypt/src/fp_sqr_comba_32.i \
+              ctaocrypt/src/fp_sqr_comba_3.i \
+              ctaocrypt/src/fp_sqr_comba_48.i \
+              ctaocrypt/src/fp_sqr_comba_4.i \
+              ctaocrypt/src/fp_sqr_comba_64.i \
+              ctaocrypt/src/fp_sqr_comba_6.i \
+              ctaocrypt/src/fp_sqr_comba_7.i \
+              ctaocrypt/src/fp_sqr_comba_8.i \
+              ctaocrypt/src/fp_sqr_comba_9.i \
+              ctaocrypt/src/fp_sqr_comba_small_set.i

ctaocrypt/src/integer.c

@@ -19,15 +19,30 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 /*
  * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
  */
 
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+/* in case user set USE_FAST_MATH there */
+#include <cyassl/ctaocrypt/settings.h>
+
 #ifndef USE_FAST_MATH
 
-#include "integer.h"
+#include <cyassl/ctaocrypt/integer.h>
+
+
+/* math settings check */
+word32 CheckRunTimeSettings(void)
+{
+    return CTC_SETTINGS;
+}
 
 
 /* handle up to 6 inits */
@@ -1245,7 +1260,7 @@ int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
   }
 	
   /* init our temps */
-  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0) != MP_OKAY)) {
+  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0)) != MP_OKAY) {
      return res;
   }
 
@@ -1997,7 +2012,11 @@ mp_montgomery_setup (mp_int * n, mp_digit * rho)
 int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
 {
   int     ix, res, olduse;
+#ifdef CYASSL_SMALL_STACK
+  mp_word* W;    /* uses dynamic memory and slower */
+#else
   mp_word W[MP_WARRAY];
+#endif
 
   /* get old used count */
   olduse = x->used;
@@ -2009,6 +2028,12 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
     }
   }
 
+#ifdef CYASSL_SMALL_STACK
+  W = (mp_word*)XMALLOC(sizeof(mp_word) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
   /* first we have to get the digits of the input into
    * an array of double precision words W[...]
    */
@@ -2130,6 +2155,10 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
   x->used = n->used + 1;
   mp_clamp (x);
 
+#ifdef CYASSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
   /* if A >= m then A = A - m */
   if (mp_cmp_mag (x, n) != MP_LT) {
     return s_mp_sub (x, n, x);
@@ -2717,7 +2746,12 @@ After that loop you do the squares and add them in.
 int fast_s_mp_sqr (mp_int * a, mp_int * b)
 {
   int       olduse, res, pa, ix, iz;
-  mp_digit   W[MP_WARRAY], *tmpx;
+#ifdef CYASSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
+  mp_digit W[MP_WARRAY];
+#endif
+  mp_digit  *tmpx;
   mp_word   W1;
 
   /* grow the destination as required */
@@ -2728,6 +2762,12 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
     }
   }
 
+#ifdef CYASSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
   /* number of output digits to produce */
   W1 = 0;
   for (ix = 0; ix < pa; ix++) { 
@@ -2794,6 +2834,11 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
     }
   }
   mp_clamp (b);
+
+#ifdef CYASSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
   return MP_OKAY;
 }
 
@@ -2817,7 +2862,11 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b)
 int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
 {
   int     olduse, res, pa, ix, iz;
+#ifdef CYASSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
   mp_digit W[MP_WARRAY];
+#endif
   register mp_word  _W;
 
   /* grow the destination as required */
@@ -2830,6 +2879,12 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
   /* number of output digits to produce */
   pa = MIN(digs, a->used + b->used);
 
+#ifdef CYASSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
   /* clear the carry */
   _W = 0;
   for (ix = 0; ix < pa; ix++) { 
@@ -2881,6 +2936,11 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
     }
   }
   mp_clamp (c);
+
+#ifdef CYASSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
   return MP_OKAY;
 }
 
@@ -3523,7 +3583,11 @@ s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
 int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
 {
   int     olduse, res, pa, ix, iz;
+#ifdef CYASSL_SMALL_STACK
+  mp_digit* W;    /* uses dynamic memory and slower */
+#else
   mp_digit W[MP_WARRAY];
+#endif
   mp_word  _W;
 
   /* grow the destination as required */
@@ -3534,6 +3598,12 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
     }
   }
 
+#ifdef CYASSL_SMALL_STACK
+  W = (mp_digit*)XMALLOC(sizeof(mp_digit) * MP_WARRAY, 0, DYNAMIC_TYPE_BIGINT);
+  if (W == NULL)    
+    return MP_MEM;
+#endif
+
   /* number of output digits to produce */
   pa = a->used + b->used;
   _W = 0;
@@ -3585,6 +3655,11 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
     }
   }
   mp_clamp (c);
+
+#ifdef CYASSL_SMALL_STACK
+  XFREE(W, 0, DYNAMIC_TYPE_BIGINT);
+#endif
+
   return MP_OKAY;
 }
 
@@ -3610,8 +3685,10 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
   return res;
 }
 
+#endif
 
-int mp_sub_d (mp_int* a, mp_digit b, mp_int* c);
+
+#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED)
 
 /* single digit addition */
 int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
@@ -3799,7 +3876,7 @@ static int s_is_power_of_two(mp_digit b, int *p)
 }
 
 /* single digit division (based on routine from MPI) */
-int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
+static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
 {
   mp_int  q;
   mp_word w;
@@ -3874,7 +3951,7 @@ int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
 }
 
 
-int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
+static int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
 {
   return mp_div_d(a, b, NULL, c);
 }
@@ -3929,7 +4006,7 @@ const mp_digit ltm_prime_tab[] = {
  * Randomly the chance of error is no more than 1/4 and often 
  * very much lower.
  */
-int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
+static int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
 {
   mp_int  n1, y, r;
   int     s, j, err;
@@ -4010,7 +4087,7 @@ LBL_N1:mp_clear (&n1);
  *
  * sets result to 0 if not, 1 if yes
  */
-int mp_prime_is_divisible (mp_int * a, int *result)
+static int mp_prime_is_divisible (mp_int * a, int *result)
 {
   int     err, ix;
   mp_digit res;

ctaocrypt/src/logging.c

@@ -0,0 +1,146 @@
+/* logging.c
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+/* submitted by eof */
+
+#include <cyassl/ctaocrypt/settings.h>
+#include <cyassl/ctaocrypt/logging.h>
+#include <cyassl/ctaocrypt/error.h>
+
+
+CYASSL_API int  CyaSSL_Debugging_ON(void);
+CYASSL_API void CyaSSL_Debugging_OFF(void);
+
+#ifdef DEBUG_CYASSL
+
+/* Set these to default values initially. */
+static CyaSSL_Logging_cb log_function = 0;
+static int loggingEnabled = 0;
+
+#endif /* DEBUG_CYASSL */
+
+
+int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb f)
+{
+#ifdef DEBUG_CYASSL
+    int res = 0;
+
+    if (f)
+        log_function = f;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+#else
+    (void)f;
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+int CyaSSL_Debugging_ON(void)
+{
+#ifdef DEBUG_CYASSL
+    loggingEnabled = 1;
+    return 0;
+#else
+    return NOT_COMPILED_IN;
+#endif
+}
+
+
+void CyaSSL_Debugging_OFF(void)
+{
+#ifdef DEBUG_CYASSL
+    loggingEnabled = 0;
+#endif
+}
+
+
+#ifdef DEBUG_CYASSL
+
+#include <stdio.h>   /* for default printf stuff */
+
+#ifdef THREADX
+    int dc_log_printf(char*, ...);
+#endif
+
+static void cyassl_log(const int logLevel, const char *const logMessage)
+{
+    if (log_function)
+        log_function(logLevel, logMessage);
+    else {
+        if (loggingEnabled) {
+#ifdef THREADX
+            dc_log_printf("%s\n", logMessage);
+#elif defined(MICRIUM)
+        #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+            NetSecure_TraceOut((CPU_CHAR *)logMessage);
+        #endif
+#else
+            fprintf(stderr, "%s\n", logMessage);
+#endif
+        }
+    }
+}
+
+
+void CYASSL_MSG(const char* msg)
+{
+    if (loggingEnabled)
+        cyassl_log(INFO_LOG , msg);
+}
+
+
+void CYASSL_ENTER(const char* msg)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL Entering %s", msg);
+        cyassl_log(ENTER_LOG , buffer);
+    }
+}
+
+
+void CYASSL_LEAVE(const char* msg, int ret)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL Leaving %s, return %d", msg, ret);
+        cyassl_log(LEAVE_LOG , buffer);
+    }
+}
+
+
+void CYASSL_ERROR(int error)
+{
+    if (loggingEnabled) {
+        char buffer[80];
+        sprintf(buffer, "CyaSSL error occured, error = %d", error);
+        cyassl_log(ERROR_LOG , buffer);
+    }
+}
+
+#endif  /* DEBUG_CYASSL */ 

ctaocrypt/src/md4.c

@@ -19,18 +19,21 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 
 #ifndef NO_MD4
 
-#include "ctc_md4.h"
+#include <cyassl/ctaocrypt/md4.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 
-
 #ifndef min
 
     static INLINE word32 min(word32 a, word32 b)

ctaocrypt/src/md5.c

@@ -20,13 +20,17 @@
  */
 
 
-#include "ctc_md5.h"
-#ifdef NO_INLINE
-    #include "misc.h"
-#else
-    #include "misc.c"
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
 #endif
 
+#include <cyassl/ctaocrypt/md5.h>
+
+#ifdef NO_INLINE
+    #include <cyassl/ctaocrypt/misc.h>
+#else
+    #include <ctaocrypt/src/misc.c>
+#endif
 
 
 #ifndef min

ctaocrypt/src/memory.c

@@ -0,0 +1,99 @@
+/* memory.c 
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+/* submitted by eof */
+
+
+#include <cyassl/ctaocrypt/settings.h>
+
+#ifdef USE_CYASSL_MEMORY
+
+#include <cyassl/ctaocrypt/memory.h>
+#include <cyassl/ctaocrypt/error.h>
+
+
+/* Set these to default values initially. */
+static CyaSSL_Malloc_cb  malloc_function = 0;
+static CyaSSL_Free_cb    free_function = 0;
+static CyaSSL_Realloc_cb realloc_function = 0;
+
+int CyaSSL_SetAllocators(CyaSSL_Malloc_cb  mf,
+                         CyaSSL_Free_cb    ff,
+                         CyaSSL_Realloc_cb rf)
+{
+    int res = 0;
+
+    if (mf)
+        malloc_function = mf;
+	else
+        res = BAD_FUNC_ARG;
+
+    if (ff)
+        free_function = ff;
+    else
+        res = BAD_FUNC_ARG;
+
+    if (rf)
+        realloc_function = rf;
+    else
+        res = BAD_FUNC_ARG;
+
+    return res;
+}
+
+
+void* CyaSSL_Malloc(size_t size)
+{
+    void* res = 0;
+
+    if (malloc_function)
+        res = malloc_function(size);
+    else
+        res = malloc(size);
+
+    return res;
+}
+
+void CyaSSL_Free(void *ptr)
+{
+    if (free_function)
+        free_function(ptr);
+    else
+        free(ptr);
+}
+
+void* CyaSSL_Realloc(void *ptr, size_t size)
+{
+    void* res = 0;
+
+    if (realloc_function)
+        res = realloc_function(ptr, size);
+    else
+        res = realloc(ptr, size);
+
+    return res;
+}
+
+#endif /* USE_CYASSL_MEMORY */

ctaocrypt/src/misc.c

@@ -19,8 +19,11 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#include "misc.h"
+#include <cyassl/ctaocrypt/misc.h>
 
 /* inlining these functions is a huge speed increase and a small size decrease, 
    because the functions are smaller than function call setup/cleanup, e.g.,
@@ -158,7 +161,7 @@ STATIC INLINE void XorWords(word* r, const word* a, word32 n)
 
 STATIC INLINE void xorbuf(byte* buf, const byte* mask, word32 count)
 {
-    if (((size_t)buf | (size_t)mask | count) % WORD_SIZE == 0)
+    if (((word)buf | (word)mask | count) % WORD_SIZE == 0)
         XorWords( (word*)buf, (const word*)mask, count / WORD_SIZE);
     else {
         word32 i;

ctaocrypt/src/pwdbased.c

@@ -19,10 +19,34 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #ifndef NO_PWDBASED
 
-#include "pwdbased.h"
+#include <cyassl/ctaocrypt/pwdbased.h>
+#include <cyassl/ctaocrypt/hmac.h>
+#include <cyassl/ctaocrypt/integer.h>
+#include <cyassl/ctaocrypt/error.h>
+#ifdef CYASSL_SHA512
+    #include <cyassl/ctaocrypt/sha512.h>
+#endif
+#ifdef NO_INLINE
+    #include <cyassl/ctaocrypt/misc.h>
+#else
+    #include <ctaocrypt/src/misc.c>
+#endif
+
+
+#ifndef min
+
+    static INLINE word32 min(word32 a, word32 b)
+    {
+        return a > b ? b : a;
+    }
+
+#endif /* min */
 
 
 int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
@@ -35,13 +59,13 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
     byte buffer[SHA_DIGEST_SIZE];  /* max size */
 
     if (hashType != MD5 && hashType != SHA)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (kLen > hLen)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (iterations < 1)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (hashType == MD5) {
         InitMd5(&md5);
@@ -72,5 +96,224 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
 }
 
 
+int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
+           int sLen, int iterations, int kLen, int hashType)
+{
+    word32 i = 1;
+    int    hLen;
+    int    j;
+    Hmac   hmac;
+    byte   buffer[INNER_HASH_SIZE];  /* max size */
+
+    if (hashType == MD5) {
+        hLen = MD5_DIGEST_SIZE;
+    }
+    else if (hashType == SHA) {
+        hLen = SHA_DIGEST_SIZE;
+    }
+#ifndef NO_SHA256
+    else if (hashType == SHA256) {
+        hLen = SHA256_DIGEST_SIZE;
+    }
+#endif
+#ifdef CYASSL_SHA512
+    else if (hashType == SHA512) {
+        hLen = SHA512_DIGEST_SIZE;
+    }
+#endif
+    else
+        return BAD_FUNC_ARG;
+
+    HmacSetKey(&hmac, hashType, passwd, pLen);
+
+    while (kLen) {
+        int currentLen;
+        HmacUpdate(&hmac, salt, sLen);
+
+        /* encode i */
+        for (j = 0; j < 4; j++) {
+            byte b = (byte)(i >> ((3-j) * 8));
+            HmacUpdate(&hmac, &b, 1);
+        }
+        HmacFinal(&hmac, buffer);
+
+        currentLen = min(kLen, hLen);
+        XMEMCPY(output, buffer, currentLen);
+
+        for (j = 1; j < iterations; j++) {
+            HmacUpdate(&hmac, buffer, hLen);
+            HmacFinal(&hmac, buffer);
+            xorbuf(output, buffer, currentLen);
+        }
+
+        output += currentLen;
+        kLen   -= currentLen;
+        i++;
+    }
+
+    return 0;
+}
+
+
+int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
+                 int saltLen, int iterations, int kLen, int hashType, int id)
+{
+    /* all in bytes instead of bits */
+    word32 u, v, dLen, pLen, iLen, sLen, totalLen;
+    int    dynamic = 0;
+    int    ret = 0;
+    int    i;
+    byte   *D, *S, *P, *I;
+    byte   staticBuffer[1024];
+    byte*  buffer = staticBuffer;
+#ifdef CYASSL_SHA512
+    byte   Ai[SHA512_DIGEST_SIZE];
+    byte   B[SHA512_BLOCK_SIZE];
+#elif !defined(NO_SHA256)
+    byte   Ai[SHA256_DIGEST_SIZE];
+    byte   B[SHA256_BLOCK_SIZE];
+#else
+    byte   Ai[SHA_DIGEST_SIZE];
+    byte   B[SHA_BLOCK_SIZE];
+#endif
+
+    if (!iterations)
+        iterations = 1;
+
+    if (hashType == MD5) {
+        v = MD5_BLOCK_SIZE;
+        u = MD5_DIGEST_SIZE;
+    }
+    else if (hashType == SHA) {
+        v = SHA_BLOCK_SIZE;
+        u = SHA_DIGEST_SIZE;
+    }
+#ifndef NO_SHA256
+    else if (hashType == SHA256) {
+        v = SHA256_BLOCK_SIZE;
+        u = SHA256_DIGEST_SIZE;
+    }
+#endif
+#ifdef CYASSL_SHA512
+    else if (hashType == SHA512) {
+        v = SHA512_BLOCK_SIZE;
+        u = SHA512_DIGEST_SIZE;
+    }
+#endif
+    else
+        return BAD_FUNC_ARG; 
+
+    dLen = v;
+    sLen =  v * ((saltLen + v - 1) / v);
+    if (passLen)
+        pLen = v * ((passLen + v - 1) / v);
+    else
+        pLen = 0;
+    iLen = sLen + pLen;
+
+    totalLen = dLen + sLen + pLen;
+
+    if (totalLen > sizeof(staticBuffer)) {
+        buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY);
+        if (buffer == NULL) return MEMORY_E;
+        dynamic = 1;
+    } 
+
+    D = buffer;
+    S = D + dLen;
+    P = S + sLen;
+    I = S;
+
+    XMEMSET(D, id, dLen);
+
+    for (i = 0; i < (int)sLen; i++)
+        S[i] = salt[i % saltLen];
+    for (i = 0; i < (int)pLen; i++)
+        P[i] = passwd[i % passLen];
+
+    while (kLen > 0) {
+        word32 currentLen;
+        mp_int B1;
+
+        if (hashType == MD5) {
+        }
+        else if (hashType == SHA) {
+            Sha sha;
+
+            InitSha(&sha);
+            ShaUpdate(&sha, buffer, totalLen);
+            ShaFinal(&sha, Ai);
+
+            for (i = 1; i < iterations; i++) {
+                ShaUpdate(&sha, Ai, u);
+                ShaFinal(&sha, Ai);
+            }
+        }
+#ifndef NO_SHA256
+        else if (hashType == SHA256) {
+        }
+#endif
+#ifdef CYASSL_SHA512
+        else if (hashType == SHA512) {
+        }
+#endif
+
+        for (i = 0; i < (int)v; i++)
+            B[i] = Ai[i % u];
+
+        mp_init(&B1);
+        if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY)
+            ret = MP_READ_E;
+        else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) {
+            ret = MP_ADD_E;
+            mp_clear(&B1);
+            break;
+        }
+
+        for (i = 0; i < (int)iLen; i += v) {
+            int    outSz;
+            mp_int i1;
+            mp_int res;
+
+            mp_init(&i1);
+            mp_init(&res);
+
+            if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY)
+                ret = MP_READ_E;
+            else if (mp_add(&i1, &B1, &res) != MP_OKAY)
+                ret = MP_ADD_E;
+            else if ( (outSz = mp_unsigned_bin_size(&res)) < 0)
+                ret = MP_TO_E;
+            else {
+                if (outSz > (int)v) {
+                    /* take off MSB */
+                    byte  tmp[129];
+                    mp_to_unsigned_bin(&res, tmp);
+                    XMEMCPY(I + i, tmp + 1, v);
+                }
+                else if (outSz < (int)v) {
+                    XMEMSET(I + i, 0, v - outSz);
+                    mp_to_unsigned_bin(&res, I + i + v - outSz);
+                }
+                else
+                    mp_to_unsigned_bin(&res, I + i);
+            }
+
+            mp_clear(&i1);
+            mp_clear(&res);
+            if (ret < 0) break;
+        }
+
+        currentLen = min(kLen, (int)u);
+        XMEMCPY(output, Ai, currentLen);
+        output += currentLen;
+        kLen   -= currentLen;
+        mp_clear(&B1);
+    }
+
+    if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY);
+    return ret;
+}
+
 #endif /* NO_PWDBASED */
 

ctaocrypt/src/rabbit.c

@@ -19,11 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #ifndef NO_RABBIT
 
-#include "rabbit.h"
-#include "misc.c"
+#include <cyassl/ctaocrypt/rabbit.h>
+#ifdef NO_INLINE
+    #include <cyassl/ctaocrypt/misc.h>
+#else
+    #include <ctaocrypt/src/misc.c>
+#endif
 
 
 #ifdef BIG_ENDIAN_ORDER

ctaocrypt/src/random.c

@@ -19,14 +19,17 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 /* on HPUX 11 you may need to install /dev/random see
    http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
 
 */
 
-#include "random.h"
-#include "error.h"
+#include <cyassl/ctaocrypt/random.h>
+#include <cyassl/ctaocrypt/error.h>
 
 
 #if defined(USE_WINDOWS_API)
@@ -150,6 +153,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 /* may block */
 int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 {
+    int ret = 0;
+
     os->fd = open("/dev/urandom",O_RDONLY);
     if (os->fd == -1) {
         /* may still have /dev/random */
@@ -160,22 +165,26 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 
     while (sz) {
         int len = read(os->fd, output, sz);
-        if (len == -1) 
-            return READ_RAN_E;
+        if (len == -1) { 
+            ret = READ_RAN_E;
+            break;
+        }
 
         sz     -= len;
         output += len;
 
-        if (sz)
+        if (sz) {
 #ifdef BLOCKING
             sleep(0);             /* context switch */
 #else
-            return RAN_BLOCK_E;
+            ret = RAN_BLOCK_E;
+            break;
 #endif
+        }
     }
     close(os->fd);
 
-    return 0;
+    return ret;
 }
 
 #endif /* USE_WINDOWS_API */

ctaocrypt/src/ripemd.c

@@ -20,13 +20,17 @@
  */
 
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 #ifdef CYASSL_RIPEMD
 
-#include "ctc_ripemd.h"
+#include <cyassl/ctaocrypt/ripemd.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 

ctaocrypt/src/rsa.c

@@ -20,10 +20,14 @@
  */
 
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#include "ctc_rsa.h"
-#include "random.h"
-#include "error.h"
+#include <cyassl/ctaocrypt/rsa.h>
+#include <cyassl/ctaocrypt/random.h>
+#include <cyassl/ctaocrypt/error.h>
+#include <cyassl/ctaocrypt/logging.h>
 
 #ifdef SHOW_GEN
     #include <stdio.h>
@@ -48,7 +52,7 @@ enum {
 
 void InitRsaKey(RsaKey* key, void* heap)
 {
-    key->type = -1;  /* haven't decdied yet */
+    key->type = -1;  /* haven't decided yet */
     key->heap = heap;
 
 /* TomsFastMath doesn't use memory allocation */
@@ -64,6 +68,7 @@ void InitRsaKey(RsaKey* key, void* heap)
 
 void FreeRsaKey(RsaKey* key)
 {
+    (void)key;
 /* TomsFastMath doesn't use memory allocation */
 #ifndef USE_FAST_MATH
     if (key->type == RSA_PRIVATE) {
@@ -124,14 +129,18 @@ static word32 RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
     /* skip past the padding until we find the separator */
     while (i<pkcsBlockLen && pkcsBlock[i++]) { /* null body */
         }
-    if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0))
+    if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) {
+        CYASSL_MSG("RsaUnPad error, bad formatting");
         return 0;
+    }
 
     outputLen = pkcsBlockLen - i;
     invalid = (outputLen > maxOutputLen) || invalid;
 
-    if (invalid)
+    if (invalid) {
+        CYASSL_MSG("RsaUnPad error, bad formatting");
         return 0;
+    }
 
     *output = (byte *)(pkcsBlock + i);
     return outputLen;
@@ -231,7 +240,6 @@ done:
 }
 
 
-
 int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
                      RsaKey* key, RNG* rng)
 {
@@ -266,6 +274,7 @@ int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
     return plainLen;
 }
 
+
 int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
                      RsaKey* key)
 {
@@ -273,8 +282,10 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
     byte*  tmp;
     byte*  pad = 0;
 
-    if ( !(tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA)) )
+    tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
+    if (tmp == NULL) {
         return MEMORY_E;
+    }
 
     XMEMCPY(tmp, in, inLen);
 
@@ -283,7 +294,10 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
         XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
         return ret;
     }
-    XMEMCPY(out, pad, plainLen);
+    if (plainLen > (int)outLen)
+        plainLen = BAD_FUNC_ARG;
+    else
+        XMEMCPY(out, pad, plainLen);
     XMEMSET(tmp, 0x00, inLen); 
 
     XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
@@ -306,6 +320,7 @@ int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
     return plainLen;
 }
 
+
 int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
                      RsaKey* key)
 {
@@ -313,8 +328,10 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
     byte*  tmp;
     byte*  pad = 0;
 
-    if ( !(tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA)) )
+    tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
+    if (tmp == NULL) {
         return MEMORY_E;
+    }
 
     XMEMCPY(tmp, in, inLen);
 
@@ -323,8 +340,11 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
         XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
         return ret;
     }
-  
-    XMEMCPY(out, pad, plainLen);
+
+    if (plainLen > (int)outLen)
+        plainLen = BAD_FUNC_ARG;
+    else 
+        XMEMCPY(out, pad, plainLen);
     XMEMSET(tmp, 0x00, inLen); 
 
     XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
@@ -368,8 +388,9 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
     int   err, res, type;
     byte* buf;
 
+    (void)heap;
     if (N == NULL || rng == NULL)
-       return -1; 
+       return BAD_FUNC_ARG; 
 
     /* get type */
     if (len < 0) {
@@ -381,13 +402,13 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
 
     /* allow sizes between 2 and 512 bytes for a prime size */
     if (len < 2 || len > 512) { 
-        return -1;
+        return BAD_FUNC_ARG;
     }
    
     /* allocate buffer to work with */
     buf = XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
     if (buf == NULL) {
-        return -1;
+        return MEMORY_E;
     }
     XMEMSET(buf, 0, len);
 
@@ -432,13 +453,13 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
     int    err;
 
     if (key == NULL || rng == NULL)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if (e < 3 || (e & 1) == 0)
-        return -1;
+        return BAD_FUNC_ARG;
 
     if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY)
         return err;

ctaocrypt/src/sha.c

@@ -19,12 +19,15 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
-#include "ctc_sha.h"
+#include <cyassl/ctaocrypt/sha.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 

ctaocrypt/src/sha256.c

@@ -19,17 +19,20 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 /* code submitted by raphael.huck@efixo.com */
 
-
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #ifndef NO_SHA256
 
-#include "sha256.h"
+#include <cyassl/ctaocrypt/sha256.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 

ctaocrypt/src/sha512.c

@@ -19,14 +19,18 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
 
 #ifdef CYASSL_SHA512
 
-#include "sha512.h"
+#include <cyassl/ctaocrypt/sha512.h>
 #ifdef NO_INLINE
-    #include "misc.h"
+    #include <cyassl/ctaocrypt/misc.h>
 #else
-    #include "misc.c"
+    #include <ctaocrypt/src/misc.c>
 #endif
 
 

ctaocrypt/src/tfm.c

@@ -19,6 +19,7 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 /*
  * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
  * http://math.libtomcrypt.com
@@ -29,13 +30,32 @@
  *  to fit CyaSSL's needs.
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+/* in case user set USE_FAST_MATH there */
+#include <cyassl/ctaocrypt/settings.h>
 
 #ifdef USE_FAST_MATH
 
-#include "tfm.h"
-#include "asm.c"  /* will define asm MACROS or C ones */
+#include <cyassl/ctaocrypt/tfm.h>
+#include <ctaocrypt/src/asm.c>  /* will define asm MACROS or C ones */
 
 
+/* math settings check */
+word32 CheckRunTimeSettings(void)
+{
+    return CTC_SETTINGS;
+}
+
+
+/* math settings size check */
+word32 CheckRunTimeFastMath(void)
+{
+    return FP_SIZE;
+}
+
 
 /* Functions */
 
@@ -1971,6 +1991,7 @@ int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
 
 int mp_prime_is_prime(mp_int* a, int t, int* result)
 {
+    (void)t;
     *result = fp_isprime(a);
     return MP_OKAY;
 }
@@ -2005,7 +2026,7 @@ static int s_is_power_of_two(fp_digit b, int *p)
 }
 
 /* a/b => cb + d == a */
-int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
+static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
 {
   fp_int   q;
   fp_word  w;
@@ -2071,7 +2092,7 @@ int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
 
 
 /* c = a mod b, 0 <= c < b  */
-int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
+static int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
 {
    return fp_div_d(a, b, NULL, c);
 }
@@ -2084,7 +2105,7 @@ int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
  * Randomly the chance of error is no more than 1/4 and often 
  * very much lower.
  */
-void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
+static void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result)
 {
   fp_int  n1, y, r;
   int     s, j;
@@ -2183,7 +2204,7 @@ static const fp_digit primes[256] = {
 int fp_isprime(fp_int *a)
 {
    fp_int   b;
-   fp_digit d;
+   fp_digit d = 0;
    int      r, res;
 
    /* do trial division */
@@ -2301,11 +2322,7 @@ void fp_gcd(fp_int *a, fp_int *b, fp_int *c)
 #endif /* CYASSL_KEY_GEN */
 
 
-#ifdef HAVE_ECC
-
-/* chars used in radix conversions */
-const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
-
+#if defined(HAVE_ECC) || !defined(NO_PWDBASED)
 /* c = a + b */
 void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
 {
@@ -2314,8 +2331,22 @@ void fp_add_d(fp_int *a, fp_digit b, fp_int *c)
    fp_add(a,&tmp,c);
 }
 
+/* external compatibility */
+int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
+{
+    fp_add_d(a, b, c);
+    return MP_OKAY;
+}
 
-int fp_read_radix(fp_int *a, const char *str, int radix)
+#endif  /* HAVE_ECC || !NO_PWDBASED */
+
+
+#ifdef HAVE_ECC
+
+/* chars used in radix conversions */
+const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
+
+static int fp_read_radix(fp_int *a, const char *str, int radix)
 {
   int     y, neg;
   char    ch;

ctaocrypt/test/Makefile.am

@@ -1,7 +0,0 @@
-INCLUDES = -I../include -I../../include -I../../include/openssl
-bin_PROGRAMS = test
-test_SOURCES = test.c
-test_LDFLAGS = -L../src
-test_LDADD        = ../../src/libcyassl.la
-test_DEPENDENCIES = ../../src/libcyassl.la
-EXTRA_DIST =  test.sln test.vcproj

ctaocrypt/test/include.am

@@ -0,0 +1,9 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+noinst_PROGRAMS+= ctaocrypt/test/testctaocrypt
+ctaocrypt_test_testctaocrypt_SOURCES      = ctaocrypt/test/test.c
+ctaocrypt_test_testctaocrypt_LDADD        = src/libcyassl.la
+ctaocrypt_test_testctaocrypt_DEPENDENCIES = src/libcyassl.la
+EXTRA_DIST += ctaocrypt/test/test.sln
+EXTRA_DIST += ctaocrypt/test/test.vcproj

ctaocrypt/test/test.c

@@ -1,30 +1,57 @@
-/* test.c */
+/* test.c
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
 
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
 
-#include "ctc_md5.h"
-#include "ctc_md4.h"
-#include "ctc_sha.h"
-#include "sha256.h"
-#include "sha512.h"
-#include "arc4.h"
-#include "random.h"
-#include "coding.h"
-#include "asn.h"
-#include "des3.h"
-#include "ctc_aes.h"
-#include "ctc_hmac.h"
-#include "ctc_dh.h"
-#include "ctc_dsa.h"
-#include "hc128.h"
-#include "rabbit.h"
-#include "pwdbased.h"
-#include "ctc_ripemd.h"
+#ifdef CYASSL_TEST_CERT
+    #include <cyassl/ctaocrypt/asn.h>
+#else
+    #include <cyassl/ctaocrypt/asn_public.h>
+#endif
+#include <cyassl/ctaocrypt/md5.h>
+#include <cyassl/ctaocrypt/md4.h>
+#include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/sha256.h>
+#include <cyassl/ctaocrypt/sha512.h>
+#include <cyassl/ctaocrypt/arc4.h>
+#include <cyassl/ctaocrypt/random.h>
+#include <cyassl/ctaocrypt/coding.h>
+#include <cyassl/ctaocrypt/rsa.h>
+#include <cyassl/ctaocrypt/des3.h>
+#include <cyassl/ctaocrypt/aes.h>
+#include <cyassl/ctaocrypt/hmac.h>
+#include <cyassl/ctaocrypt/dh.h>
+#include <cyassl/ctaocrypt/dsa.h>
+#include <cyassl/ctaocrypt/hc128.h>
+#include <cyassl/ctaocrypt/rabbit.h>
+#include <cyassl/ctaocrypt/pwdbased.h>
+#include <cyassl/ctaocrypt/ripemd.h>
 #ifdef HAVE_ECC
-    #include "ctc_ecc.h"
+    #include <cyassl/ctaocrypt/ecc.h>
 #endif    
 
 #ifdef _MSC_VER
@@ -33,10 +60,10 @@
 #endif
 
 #ifdef OPENSSL_EXTRA
-    #include "evp.h"
-    #include "rand.h"
-    #include "hmac.h"
-    #include "des.h"
+    #include <cyassl/openssl/evp.h>
+    #include <cyassl/openssl/rand.h>
+    #include <cyassl/openssl/hmac.h>
+    #include <cyassl/openssl/des.h>
 #endif
 
 #ifdef HAVE_NTRU
@@ -93,7 +120,7 @@ void err_sys(const char* msg, int es)
 #endif
 }
 
-/* func_args from cyassl_test.h, so don't have to pull in other junk */
+/* func_args from test.h, so don't have to pull in other junk */
 typedef struct func_args {
     int    argc;
     char** argv;
@@ -106,6 +133,14 @@ void ctaocrypt_test(void* args)
     int ret = 0;
 
     ((func_args*)args)->return_code = -1; /* error state */
+
+    if (CheckCtcSettings() != 1)
+        err_sys("Build vs runtime math mismatch\n", -1234);
+
+#ifdef USE_FAST_MATH
+    if (CheckFastMathSettings() != 1)
+        err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235);
+#endif
     
     if ( (ret = md5_test()) ) 
         err_sys("MD5      test failed!\n", ret);
@@ -720,9 +755,9 @@ int arc4_test()
 }
 
 
-#ifndef NO_HC128
 int hc128_test()
 {
+#ifdef HAVE_HC128
     byte cipher[16];
     byte plain[16];
 
@@ -791,9 +826,9 @@ int hc128_test()
             return -120 - 5 - i;
     }
 
+#endif /* HAVE_HC128 */
     return 0;
 }
-#endif /* NO_HC128 */
 
 
 #ifndef NO_RABBIT
@@ -1020,20 +1055,11 @@ int random_test()
 }
 
 
-#ifndef NO_MAIN_DRIVER
-    static const char* clientKey  = "../../certs/client-key.der";
-    static const char* clientCert = "../../certs/client-cert.der";
-    #ifdef CYASSL_CERT_GEN
-        static const char* caKeyFile  = "../../certs/ca-key.der";
-        static const char* caCertFile = "../../certs/ca-cert.pem";
-    #endif
-#else
-    static const char* clientKey  = "../certs/client-key.der";
-    static const char* clientCert = "../certs/client-cert.der";
-    #ifdef CYASSL_CERT_GEN
-        static const char* caKeyFile  = "../certs/ca-key.der";
-        static const char* caCertFile = "../certs/ca-cert.pem";
-    #endif
+static const char* clientKey  = "./certs/client-key.der";
+static const char* clientCert = "./certs/client-cert.der";
+#ifdef CYASSL_CERT_GEN
+    static const char* caKeyFile  = "./certs/ca-key.der";
+    static const char* caCertFile = "./certs/ca-cert.pem";
 #endif
 
 
@@ -1081,12 +1107,15 @@ int rsa_test()
     word32 inLen = (word32)strlen((char*)in);
     byte   out[256];
     byte   plain[256];
+#ifdef CYASSL_TEST_CERT
     DecodedCert cert;
+#endif
 
     FILE*  file = fopen(clientKey, "rb"), * file2;
 
     if (!file)
-        return -40;
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -40);
 
     bytes = fread(tmp, 1, sizeof(tmp), file);
   
@@ -1115,12 +1144,14 @@ int rsa_test()
 
     bytes2 = fread(tmp2, 1, sizeof(tmp2), file2);
 
-    InitDecodedCert(&cert, (byte*)&tmp2, 0);
+#ifdef CYASSL_TEST_CERT
+    InitDecodedCert(&cert, (byte*)&tmp2, (word32)bytes2, 0);
 
-    ret = ParseCert(&cert, (word32)bytes2, CERT_TYPE, NO_VERIFY, 0);
+    ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
     if (ret != 0) return -48;
 
     FreeDecodedCert(&cert);
+#endif
 
     fclose(file2);
     fclose(file);
@@ -1145,7 +1176,7 @@ int rsa_test()
         if (derSz < 0)
             return -302;
 
-        keyFile = fopen("./ker.der", "wb");
+        keyFile = fopen("./key.der", "wb");
         if (!keyFile)
             return -303;
         ret = fwrite(der, derSz, 1, keyFile);
@@ -1179,31 +1210,36 @@ int rsa_test()
         Cert        myCert;
         byte        derCert[4096];
         byte        pem[4096];
-        DecodedCert decode;
         FILE*       derFile;
         FILE*       pemFile;
         int         certSz;
         int         pemSz;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
 
         InitCert(&myCert);
 
-        strncpy(myCert.subject.country, "US", NAME_SIZE);
-        strncpy(myCert.subject.state, "OR", NAME_SIZE);
-        strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
-        strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
-        strncpy(myCert.subject.unit, "Development", NAME_SIZE);
-        strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
-        strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        myCert.isCA = 1;
 
         certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng); 
         if (certSz < 0)
             return -401;
 
-        InitDecodedCert(&decode, derCert, 0);
-        ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
         if (ret != 0)
             return -402;
-
+        FreeDecodedCert(&decode);
+#endif
         derFile = fopen("./cert.der", "wb");
         if (!derFile)
             return -403;
@@ -1220,7 +1256,6 @@ int rsa_test()
         ret = fwrite(pem, pemSz, 1, pemFile);
         fclose(pemFile);
 
-        FreeDecodedCert(&decode);
 
     }
     /* CA style */
@@ -1229,7 +1264,6 @@ int rsa_test()
         Cert        myCert;
         byte        derCert[4096];
         byte        pem[4096];
-        DecodedCert decode;
         FILE*       derFile;
         FILE*       pemFile;
         int         certSz;
@@ -1237,6 +1271,9 @@ int rsa_test()
         byte        tmp[2048];
         size_t      bytes;
         word32      idx = 0;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
 
         FILE*  file = fopen(caKeyFile, "rb");
 
@@ -1251,17 +1288,17 @@ int rsa_test()
 
         InitCert(&myCert);
 
-        strncpy(myCert.subject.country, "US", NAME_SIZE);
-        strncpy(myCert.subject.state, "OR", NAME_SIZE);
-        strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
-        strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
-        strncpy(myCert.subject.unit, "Development", NAME_SIZE);
-        strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
-        strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
 
         ret = SetIssuer(&myCert, caCertFile);
         if (ret < 0)
-            return -406;
+            return -405;
 
         certSz = MakeCert(&myCert, derCert, sizeof(derCert), &key, &rng); 
         if (certSz < 0)
@@ -1272,10 +1309,13 @@ int rsa_test()
             return -408;
 
 
-        InitDecodedCert(&decode, derCert, 0);
-        ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
         if (ret != 0)
             return -409;
+        FreeDecodedCert(&decode);
+#endif
 
         derFile = fopen("./othercert.der", "wb");
         if (!derFile)
@@ -1292,9 +1332,6 @@ int rsa_test()
             return -412;
         ret = fwrite(pem, pemSz, 1, pemFile);
         fclose(pemFile);
-
-        FreeDecodedCert(&decode);
-
     }
 #ifdef HAVE_NTRU
     {
@@ -1302,7 +1339,6 @@ int rsa_test()
         Cert        myCert;
         byte        derCert[4096];
         byte        pem[4096];
-        DecodedCert decode;
         FILE*       derFile;
         FILE*       pemFile;
         FILE*       caFile;
@@ -1312,6 +1348,9 @@ int rsa_test()
         byte        tmp[2048];
         size_t      bytes;
         word32      idx = 0;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
 
         byte   public_key[557];          /* sized for EES401EP2 */
         word16 public_key_len;           /* no. of octets in public key */
@@ -1352,13 +1391,13 @@ int rsa_test()
 
         InitCert(&myCert);
 
-        strncpy(myCert.subject.country, "US", NAME_SIZE);
-        strncpy(myCert.subject.state, "OR", NAME_SIZE);
-        strncpy(myCert.subject.locality, "Portland", NAME_SIZE);
-        strncpy(myCert.subject.org, "yaSSL", NAME_SIZE);
-        strncpy(myCert.subject.unit, "Development", NAME_SIZE);
-        strncpy(myCert.subject.commonName, "www.yassl.com", NAME_SIZE);
-        strncpy(myCert.subject.email, "info@yassl.com", NAME_SIZE);
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
 
         ret = SetIssuer(&myCert, caCertFile);
         if (ret < 0)
@@ -1374,11 +1413,13 @@ int rsa_test()
             return -457;
 
 
-        InitDecodedCert(&decode, derCert, 0);
-        ret = ParseCert(&decode, certSz, CERT_TYPE, NO_VERIFY, 0);
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
         if (ret != 0)
             return -458;
-
+        FreeDecodedCert(&decode);
+#endif
         derFile = fopen("./ntru-cert.der", "wb");
         if (!derFile)
             return -459;
@@ -1400,10 +1441,6 @@ int rsa_test()
             return -462;
         ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
         fclose(ntruPrivFile);
-
-
-
-        FreeDecodedCert(&decode);
     }
 #endif /* HAVE_NTRU */
 #endif /* CYASSL_CERT_GEN */
@@ -1414,11 +1451,7 @@ int rsa_test()
 }
 
 
-#ifndef NO_MAIN_DRIVER
-    static const char* dhKey = "../../certs/dh1024.der";
-#else
-    static const char* dhKey = "../certs/dh1024.der";
-#endif
+static const char* dhKey = "./certs/dh1024.der";
 
 #ifndef NO_DH
 
@@ -1482,11 +1515,7 @@ int dh_test()
 #endif /* NO_DH */
 
 
-#ifndef NO_MAIN_DRIVER
-    static const char* dsaKey = "../../certs/dsa512.der";
-#else
-    static const char* dsaKey = "../certs/dsa512.der";
-#endif
+static const char* dsaKey = "./certs/dsa512.der";
 
 #ifndef NO_DSA
 
@@ -1647,12 +1676,55 @@ int openssl_test()
 
 #ifndef NO_PWDBASED
 
+int pkcs12_test()
+{
+    const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
+                            0x00, 0x00 }; 
+    const byte salt[] =   { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
+
+    const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
+                             0x00, 0x67, 0x00, 0x00 }; 
+    const byte salt2[] =   { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
+    byte  derived[64];
+
+    const byte verify[] = {
+        0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
+        0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
+        0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
+    };
+
+    const byte verify2[] = {
+        0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
+        0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
+        0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
+    };
+
+    int id         =  1;
+    int kLen       = 24;
+    int iterations =  1;
+    int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
+                           kLen, SHA, id);
+
+    if ( (ret = memcmp(derived, verify, kLen)) != 0)
+        return -103;
+
+    iterations = 1000;
+    ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, 
+                       kLen, SHA, id);
+    if ( (ret = memcmp(derived, verify2, 24)) != 0)
+        return -104;
+
+    return 0;
+}
+
+
 int pbkdf2_test()
 {
     char passwd[] = "password";
     const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
     int   iterations = 2048;
     int   kLen = 24;
+    byte  derived[64];
 
     const byte verify[] = {
         0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
@@ -1660,6 +1732,12 @@ int pbkdf2_test()
 
     };
 
+    PBKDF2(derived, (byte*)passwd, strlen(passwd), salt, 8, iterations, kLen,
+           SHA);
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -102;
+
     return 0;
 }
 
@@ -1689,7 +1767,10 @@ int pbkdf1_test()
 
 int pwdbased_test()
 {
-   return pbkdf1_test(); 
+   int ret =  pbkdf1_test();
+   ret += pbkdf2_test();
+
+   return ret + pkcs12_test();
 }
 
 #endif /* NO_PWDBASED */

cyassl-iphone.xcodeproj/project.pbxproj

@@ -9,8 +9,14 @@
 /* Begin PBXBuildFile section */
 		43809E9B0FB7AD1C0050922E /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 43809E9A0FB7AD1C0050922E /* md4.c */; };
 		43962ADF0DE7ED48003C5E5B /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2790DDF984100F2D488 /* ssl.c */; };
-		43AC92CA0EB154210049F588 /* cyassl_io.c in Sources */ = {isa = PBXBuildFile; fileRef = 43AC92C90EB154210049F588 /* cyassl_io.c */; };
-		43C6C27B0DDF984100F2D488 /* cyassl_int.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2770DDF984100F2D488 /* cyassl_int.c */; };
+		439B3820136B391E004C965E /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 439B381F136B391E004C965E /* logging.c */; };
+		43B89CBD142FEB5E00284CC6 /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CBC142FEB5E00284CC6 /* internal.c */; };
+		43B89CBF142FEB6C00284CC6 /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CBE142FEB6C00284CC6 /* io.c */; };
+		43B89CC5142FEBBD00284CC6 /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC0142FEBBD00284CC6 /* memory.c */; };
+		43B89CC6142FEBBD00284CC6 /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC1142FEBBD00284CC6 /* tfm.c */; };
+		43B89CC7142FEBBD00284CC6 /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC2142FEBBD00284CC6 /* ripemd.c */; };
+		43B89CC8142FEBBD00284CC6 /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC3142FEBBD00284CC6 /* sha512.c */; };
+		43B89CC9142FEBBD00284CC6 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 43B89CC4142FEBBD00284CC6 /* pwdbased.c */; };
 		43C6C27C0DDF984100F2D488 /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2780DDF984100F2D488 /* keys.c */; };
 		43C6C27E0DDF984100F2D488 /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C27A0DDF984100F2D488 /* tls.c */; };
 		43C6C2920DDF98D400F2D488 /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2830DDF98D400F2D488 /* aes.c */; };
@@ -23,24 +29,12 @@
 		43C6C2990DDF98D400F2D488 /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28A0DDF98D400F2D488 /* hmac.c */; };
 		43C6C29A0DDF98D400F2D488 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28B0DDF98D400F2D488 /* integer.c */; };
 		43C6C29B0DDF98D400F2D488 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28C0DDF98D400F2D488 /* md5.c */; };
-		43C6C29C0DDF98D400F2D488 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28D0DDF98D400F2D488 /* misc.c */; };
 		43C6C29D0DDF98D400F2D488 /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28E0DDF98D400F2D488 /* random.c */; };
 		43C6C29E0DDF98D400F2D488 /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C28F0DDF98D400F2D488 /* rsa.c */; };
 		43C6C29F0DDF98D400F2D488 /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2900DDF98D400F2D488 /* sha.c */; };
 		43C6C2A00DDF98D400F2D488 /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 43C6C2910DDF98D400F2D488 /* sha256.c */; };
-		43CA4B3F12C14EAE0001AF79 /* ctc_hmac.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3612C14EAE0001AF79 /* ctc_hmac.h */; };
-		43CA4B4012C14EAE0001AF79 /* ctc_sha.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3712C14EAE0001AF79 /* ctc_sha.h */; };
-		43CA4B4112C14EAE0001AF79 /* ctc_rsa.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3812C14EAE0001AF79 /* ctc_rsa.h */; };
-		43CA4B4212C14EAE0001AF79 /* ctc_ripemd.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3912C14EAE0001AF79 /* ctc_ripemd.h */; };
-		43CA4B4312C14EAE0001AF79 /* ctc_md5.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3A12C14EAE0001AF79 /* ctc_md5.h */; };
-		43CA4B4412C14EAE0001AF79 /* ctc_md4.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3B12C14EAE0001AF79 /* ctc_md4.h */; };
-		43CA4B4512C14EAE0001AF79 /* ctc_dsa.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3C12C14EAE0001AF79 /* ctc_dsa.h */; };
-		43CA4B4612C14EAE0001AF79 /* ctc_dh.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3D12C14EAE0001AF79 /* ctc_dh.h */; };
-		43CA4B4712C14EAE0001AF79 /* ctc_aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 43CA4B3E12C14EAE0001AF79 /* ctc_aes.h */; };
 		43D565650F1EC9A600550C88 /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 43D565640F1EC9A600550C88 /* hc128.c */; };
 		43D565670F1EC9CC00550C88 /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 43D565660F1EC9CC00550C88 /* rabbit.c */; };
-		43D565A40F29040000550C88 /* rabbit.h in Headers */ = {isa = PBXBuildFile; fileRef = 43D565A30F29040000550C88 /* rabbit.h */; };
-		43D565A60F29041C00550C88 /* hc128.h in Headers */ = {isa = PBXBuildFile; fileRef = 43D565A50F29041C00550C88 /* hc128.h */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXCopyFilesBuildPhase section */
@@ -76,8 +70,14 @@
 /* Begin PBXFileReference section */
 		4368F6E40E9EA1140002A123 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = test.c; path = ctaocrypt/test/test.c; sourceTree = "<group>"; };
 		43809E9A0FB7AD1C0050922E /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = ctaocrypt/src/md4.c; sourceTree = "<group>"; };
-		43AC92C90EB154210049F588 /* cyassl_io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = cyassl_io.c; path = src/cyassl_io.c; sourceTree = "<group>"; };
-		43C6C2770DDF984100F2D488 /* cyassl_int.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = cyassl_int.c; path = src/cyassl_int.c; sourceTree = "<group>"; };
+		439B381F136B391E004C965E /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = ctaocrypt/src/logging.c; sourceTree = "<group>"; };
+		43B89CBC142FEB5E00284CC6 /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = src/internal.c; sourceTree = "<group>"; };
+		43B89CBE142FEB6C00284CC6 /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = src/io.c; sourceTree = "<group>"; };
+		43B89CC0142FEBBD00284CC6 /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = ctaocrypt/src/memory.c; sourceTree = "<group>"; };
+		43B89CC1142FEBBD00284CC6 /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = ctaocrypt/src/tfm.c; sourceTree = "<group>"; };
+		43B89CC2142FEBBD00284CC6 /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = ctaocrypt/src/ripemd.c; sourceTree = "<group>"; };
+		43B89CC3142FEBBD00284CC6 /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = ctaocrypt/src/sha512.c; sourceTree = "<group>"; };
+		43B89CC4142FEBBD00284CC6 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ctaocrypt/src/pwdbased.c; sourceTree = "<group>"; };
 		43C6C2780DDF984100F2D488 /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = keys.c; path = src/keys.c; sourceTree = "<group>"; };
 		43C6C2790DDF984100F2D488 /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = ssl.c; path = src/ssl.c; sourceTree = "<group>"; };
 		43C6C27A0DDF984100F2D488 /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = tls.c; path = src/tls.c; sourceTree = "<group>"; };
@@ -91,43 +91,13 @@
 		43C6C28A0DDF98D400F2D488 /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = hmac.c; path = ctaocrypt/src/hmac.c; sourceTree = "<group>"; };
 		43C6C28B0DDF98D400F2D488 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = integer.c; path = ctaocrypt/src/integer.c; sourceTree = "<group>"; };
 		43C6C28C0DDF98D400F2D488 /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = md5.c; path = ctaocrypt/src/md5.c; sourceTree = "<group>"; };
-		43C6C28D0DDF98D400F2D488 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = misc.c; path = ctaocrypt/src/misc.c; sourceTree = "<group>"; };
 		43C6C28E0DDF98D400F2D488 /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = random.c; path = ctaocrypt/src/random.c; sourceTree = "<group>"; };
 		43C6C28F0DDF98D400F2D488 /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = rsa.c; path = ctaocrypt/src/rsa.c; sourceTree = "<group>"; };
 		43C6C2900DDF98D400F2D488 /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = sha.c; path = ctaocrypt/src/sha.c; sourceTree = "<group>"; };
 		43C6C2910DDF98D400F2D488 /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 0; name = sha256.c; path = ctaocrypt/src/sha256.c; sourceTree = "<group>"; };
-		43CA25BA0EA400BE0011ECA2 /* cyassl_error.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = cyassl_error.h; path = include/cyassl_error.h; sourceTree = "<group>"; };
-		43CA25BB0EA400BE0011ECA2 /* cyassl_int.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = cyassl_int.h; path = include/cyassl_int.h; sourceTree = "<group>"; };
-		43CA25BC0EA400DC0011ECA2 /* test.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = test.h; path = examples/test.h; sourceTree = "<group>"; };
-		43CA25BE0EA4010C0011ECA2 /* arc4.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = arc4.h; path = ctaocrypt/include/arc4.h; sourceTree = "<group>"; };
-		43CA25C10EA4010C0011ECA2 /* mpi_superclass.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 0; name = mpi_superclass.h; path = ctaocrypt/include/mpi_superclass.h; sourceTree = "<group>"; };
-		43CA25C20EA4010C0011ECA2 /* random.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = random.h; path = ctaocrypt/include/random.h; sourceTree = "<group>"; };
-		43CA25C40EA4010C0011ECA2 /* sha256.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 0; name = sha256.h; path = ctaocrypt/include/sha256.h; sourceTree = "<group>"; };
-		43CA25C50EA4010C0011ECA2 /* coding.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = coding.h; path = ctaocrypt/include/coding.h; sourceTree = "<group>"; };
-		43CA25C60EA4010C0011ECA2 /* des3.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = des3.h; path = ctaocrypt/include/des3.h; sourceTree = "<group>"; };
-		43CA25C70EA4010C0011ECA2 /* error.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = error.h; path = ctaocrypt/include/error.h; sourceTree = "<group>"; };
-		43CA25C80EA4010C0011ECA2 /* misc.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = misc.h; path = ctaocrypt/include/misc.h; sourceTree = "<group>"; };
-		43CA25C90EA4010C0011ECA2 /* integer.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = integer.h; path = ctaocrypt/include/integer.h; sourceTree = "<group>"; };
-		43CA25CA0EA4010C0011ECA2 /* tfm.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 0; name = tfm.h; path = ctaocrypt/include/tfm.h; sourceTree = "<group>"; };
-		43CA25CB0EA4010C0011ECA2 /* asn.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = asn.h; path = ctaocrypt/include/asn.h; sourceTree = "<group>"; };
-		43CA25CD0EA4010C0011ECA2 /* mpi_class.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 0; name = mpi_class.h; path = ctaocrypt/include/mpi_class.h; sourceTree = "<group>"; };
-		43CA25CE0EA4010C0011ECA2 /* types.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = types.h; path = ctaocrypt/include/types.h; sourceTree = "<group>"; };
-		43CA25D10EA401550011ECA2 /* cyassl_callbacks.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = cyassl_callbacks.h; path = include/openssl/cyassl_callbacks.h; sourceTree = "<group>"; };
-		43CA25D20EA401550011ECA2 /* ssl.h */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.h; fileEncoding = 4; lineEnding = 2; name = ssl.h; path = include/openssl/ssl.h; sourceTree = "<group>"; };
-		43CA4B3612C14EAE0001AF79 /* ctc_hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 0; name = ctc_hmac.h; path = ctaocrypt/include/ctc_hmac.h; sourceTree = "<group>"; };
-		43CA4B3712C14EAE0001AF79 /* ctc_sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_sha.h; path = ctaocrypt/include/ctc_sha.h; sourceTree = "<group>"; };
-		43CA4B3812C14EAE0001AF79 /* ctc_rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_rsa.h; path = ctaocrypt/include/ctc_rsa.h; sourceTree = "<group>"; };
-		43CA4B3912C14EAE0001AF79 /* ctc_ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_ripemd.h; path = ctaocrypt/include/ctc_ripemd.h; sourceTree = "<group>"; };
-		43CA4B3A12C14EAE0001AF79 /* ctc_md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_md5.h; path = ctaocrypt/include/ctc_md5.h; sourceTree = "<group>"; };
-		43CA4B3B12C14EAE0001AF79 /* ctc_md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_md4.h; path = ctaocrypt/include/ctc_md4.h; sourceTree = "<group>"; };
-		43CA4B3C12C14EAE0001AF79 /* ctc_dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_dsa.h; path = ctaocrypt/include/ctc_dsa.h; sourceTree = "<group>"; };
-		43CA4B3D12C14EAE0001AF79 /* ctc_dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_dh.h; path = ctaocrypt/include/ctc_dh.h; sourceTree = "<group>"; };
-		43CA4B3E12C14EAE0001AF79 /* ctc_aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = ctc_aes.h; path = ctaocrypt/include/ctc_aes.h; sourceTree = "<group>"; };
 		43CB530D116E9FD5000A264B /* iphone-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "iphone-Info.plist"; sourceTree = "<group>"; };
 		43D565640F1EC9A600550C88 /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = hc128.c; path = ctaocrypt/src/hc128.c; sourceTree = "<group>"; };
 		43D565660F1EC9CC00550C88 /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; lineEnding = 2; name = rabbit.c; path = ctaocrypt/src/rabbit.c; sourceTree = "<group>"; };
-		43D565A30F29040000550C88 /* rabbit.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = rabbit.h; path = ctaocrypt/include/rabbit.h; sourceTree = "<group>"; };
-		43D565A50F29041C00550C88 /* hc128.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; lineEnding = 2; name = hc128.h; path = ctaocrypt/include/hc128.h; sourceTree = "<group>"; };
 		D2AAC046055464E500DB518D /* libcyassl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcyassl.a; sourceTree = BUILT_PRODUCTS_DIR; };
 /* End PBXFileReference section */
 
@@ -173,10 +143,17 @@
 		43CA25720EA3F9B20011ECA2 /* src */ = {
 			isa = PBXGroup;
 			children = (
+				43B89CC0142FEBBD00284CC6 /* memory.c */,
+				43B89CC1142FEBBD00284CC6 /* tfm.c */,
+				43B89CC2142FEBBD00284CC6 /* ripemd.c */,
+				43B89CC3142FEBBD00284CC6 /* sha512.c */,
+				43B89CC4142FEBBD00284CC6 /* pwdbased.c */,
+				43B89CBE142FEB6C00284CC6 /* io.c */,
+				43B89CBC142FEB5E00284CC6 /* internal.c */,
+				439B381F136B391E004C965E /* logging.c */,
 				43809E9A0FB7AD1C0050922E /* md4.c */,
 				43D565660F1EC9CC00550C88 /* rabbit.c */,
 				43D565640F1EC9A600550C88 /* hc128.c */,
-				43AC92C90EB154210049F588 /* cyassl_io.c */,
 				43C6C2830DDF98D400F2D488 /* aes.c */,
 				43C6C2840DDF98D400F2D488 /* arc4.c */,
 				43C6C2850DDF98D400F2D488 /* asn.c */,
@@ -188,12 +165,10 @@
 				43C6C28A0DDF98D400F2D488 /* hmac.c */,
 				43C6C28B0DDF98D400F2D488 /* integer.c */,
 				43C6C28C0DDF98D400F2D488 /* md5.c */,
-				43C6C28D0DDF98D400F2D488 /* misc.c */,
 				43C6C28E0DDF98D400F2D488 /* random.c */,
 				43C6C28F0DDF98D400F2D488 /* rsa.c */,
 				43C6C2900DDF98D400F2D488 /* sha.c */,
 				43C6C2910DDF98D400F2D488 /* sha256.c */,
-				43C6C2770DDF984100F2D488 /* cyassl_int.c */,
 				43C6C2780DDF984100F2D488 /* keys.c */,
 				43C6C2790DDF984100F2D488 /* ssl.c */,
 				43C6C27A0DDF984100F2D488 /* tls.c */,
@@ -204,35 +179,6 @@
 		43CA25B90EA400A60011ECA2 /* headers */ = {
 			isa = PBXGroup;
 			children = (
-				43CA4B3612C14EAE0001AF79 /* ctc_hmac.h */,
-				43CA4B3712C14EAE0001AF79 /* ctc_sha.h */,
-				43CA4B3812C14EAE0001AF79 /* ctc_rsa.h */,
-				43CA4B3912C14EAE0001AF79 /* ctc_ripemd.h */,
-				43CA4B3A12C14EAE0001AF79 /* ctc_md5.h */,
-				43CA4B3B12C14EAE0001AF79 /* ctc_md4.h */,
-				43CA4B3C12C14EAE0001AF79 /* ctc_dsa.h */,
-				43CA4B3D12C14EAE0001AF79 /* ctc_dh.h */,
-				43CA4B3E12C14EAE0001AF79 /* ctc_aes.h */,
-				43D565A50F29041C00550C88 /* hc128.h */,
-				43D565A30F29040000550C88 /* rabbit.h */,
-				43CA25D10EA401550011ECA2 /* cyassl_callbacks.h */,
-				43CA25D20EA401550011ECA2 /* ssl.h */,
-				43CA25BE0EA4010C0011ECA2 /* arc4.h */,
-				43CA25C10EA4010C0011ECA2 /* mpi_superclass.h */,
-				43CA25C20EA4010C0011ECA2 /* random.h */,
-				43CA25C40EA4010C0011ECA2 /* sha256.h */,
-				43CA25C50EA4010C0011ECA2 /* coding.h */,
-				43CA25C60EA4010C0011ECA2 /* des3.h */,
-				43CA25C70EA4010C0011ECA2 /* error.h */,
-				43CA25C80EA4010C0011ECA2 /* misc.h */,
-				43CA25C90EA4010C0011ECA2 /* integer.h */,
-				43CA25CA0EA4010C0011ECA2 /* tfm.h */,
-				43CA25CB0EA4010C0011ECA2 /* asn.h */,
-				43CA25CD0EA4010C0011ECA2 /* mpi_class.h */,
-				43CA25CE0EA4010C0011ECA2 /* types.h */,
-				43CA25BC0EA400DC0011ECA2 /* test.h */,
-				43CA25BA0EA400BE0011ECA2 /* cyassl_error.h */,
-				43CA25BB0EA400BE0011ECA2 /* cyassl_int.h */,
 			);
 			name = headers;
 			sourceTree = "<group>";
@@ -251,17 +197,6 @@
 			isa = PBXHeadersBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				43D565A40F29040000550C88 /* rabbit.h in Headers */,
-				43D565A60F29041C00550C88 /* hc128.h in Headers */,
-				43CA4B3F12C14EAE0001AF79 /* ctc_hmac.h in Headers */,
-				43CA4B4012C14EAE0001AF79 /* ctc_sha.h in Headers */,
-				43CA4B4112C14EAE0001AF79 /* ctc_rsa.h in Headers */,
-				43CA4B4212C14EAE0001AF79 /* ctc_ripemd.h in Headers */,
-				43CA4B4312C14EAE0001AF79 /* ctc_md5.h in Headers */,
-				43CA4B4412C14EAE0001AF79 /* ctc_md4.h in Headers */,
-				43CA4B4512C14EAE0001AF79 /* ctc_dsa.h in Headers */,
-				43CA4B4612C14EAE0001AF79 /* ctc_dh.h in Headers */,
-				43CA4B4712C14EAE0001AF79 /* ctc_aes.h in Headers */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -298,7 +233,14 @@
 			};
 			buildConfigurationList = 1DEB91EF08733DB70010E9CD /* Build configuration list for PBXProject "cyassl-iphone" */;
 			compatibilityVersion = "Xcode 3.1";
+			developmentRegion = English;
 			hasScannedForEncodings = 1;
+			knownRegions = (
+				English,
+				Japanese,
+				French,
+				German,
+			);
 			mainGroup = 08FB7794FE84155DC02AAC07 /* cyassl */;
 			projectDirPath = "";
 			projectRoot = "";
@@ -313,7 +255,6 @@
 			isa = PBXSourcesBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
-				43C6C27B0DDF984100F2D488 /* cyassl_int.c in Sources */,
 				43C6C27C0DDF984100F2D488 /* keys.c in Sources */,
 				43C6C27E0DDF984100F2D488 /* tls.c in Sources */,
 				43C6C2920DDF98D400F2D488 /* aes.c in Sources */,
@@ -326,16 +267,22 @@
 				43C6C2990DDF98D400F2D488 /* hmac.c in Sources */,
 				43C6C29A0DDF98D400F2D488 /* integer.c in Sources */,
 				43C6C29B0DDF98D400F2D488 /* md5.c in Sources */,
-				43C6C29C0DDF98D400F2D488 /* misc.c in Sources */,
 				43C6C29D0DDF98D400F2D488 /* random.c in Sources */,
 				43C6C29E0DDF98D400F2D488 /* rsa.c in Sources */,
 				43C6C29F0DDF98D400F2D488 /* sha.c in Sources */,
 				43C6C2A00DDF98D400F2D488 /* sha256.c in Sources */,
 				43962ADF0DE7ED48003C5E5B /* ssl.c in Sources */,
-				43AC92CA0EB154210049F588 /* cyassl_io.c in Sources */,
 				43D565650F1EC9A600550C88 /* hc128.c in Sources */,
 				43D565670F1EC9CC00550C88 /* rabbit.c in Sources */,
 				43809E9B0FB7AD1C0050922E /* md4.c in Sources */,
+				439B3820136B391E004C965E /* logging.c in Sources */,
+				43B89CBD142FEB5E00284CC6 /* internal.c in Sources */,
+				43B89CBF142FEB6C00284CC6 /* io.c in Sources */,
+				43B89CC5142FEBBD00284CC6 /* memory.c in Sources */,
+				43B89CC6142FEBBD00284CC6 /* tfm.c in Sources */,
+				43B89CC7142FEBBD00284CC6 /* ripemd.c in Sources */,
+				43B89CC8142FEBBD00284CC6 /* sha512.c in Sources */,
+				43B89CC9142FEBBD00284CC6 /* pwdbased.c in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
@@ -352,10 +299,11 @@
 				GCC_MODEL_TUNING = G5;
 				GCC_OPTIMIZATION_LEVEL = 0;
 				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				HEADER_SEARCH_PATHS = $SRCROOT;
 				INSTALL_PATH = /usr/local/lib;
 				PRODUCT_NAME = cyassl;
-				SDKROOT = iphonesimulator3.1.2;
-				USER_HEADER_SEARCH_PATHS = "include/openssl include ctaocrypt/include";
+				SDKROOT = iphoneos;
+				USER_HEADER_SEARCH_PATHS = "";
 				WARNING_CFLAGS = "-Wall";
 				ZERO_LINK = YES;
 			};
@@ -368,9 +316,10 @@
 				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
 				GCC_MODEL_TUNING = G5;
 				GCC_PREPROCESSOR_DEFINITIONS = IPHONE;
+				HEADER_SEARCH_PATHS = $SRCROOT;
 				INSTALL_PATH = /usr/local/lib;
 				PRODUCT_NAME = cyassl;
-				USER_HEADER_SEARCH_PATHS = "include/openssl include ctaocrypt/include";
+				USER_HEADER_SEARCH_PATHS = "";
 				WARNING_CFLAGS = "-Wall";
 			};
 			name = Release;
@@ -384,7 +333,7 @@
 				GCC_WARN_ABOUT_RETURN_TYPE = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
 				PREBINDING = NO;
-				SDKROOT = iphonesimulator2.2;
+				SDKROOT = iphoneos;
 				USER_HEADER_SEARCH_PATHS = "include ctaocrypt/include";
 			};
 			name = Debug;

cyassl-ntru.sln

@@ -1,65 +1,65 @@
-
-Microsoft Visual Studio Solution File, Format Version 10.00
-# Visual C++ Express 2008
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cyassl", "cyassl-ntru.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite-ntru.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver-ntru.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient-ntru.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client-ntru.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server-ntru.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Global
-	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|Win32 = Debug|Win32
-		Release|Win32 = Release|Win32
-	EndGlobalSection
-	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
-	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
-EndGlobal
+
+Microsoft Visual Studio Solution File, Format Version 10.00
+# Visual C++ Express 2008
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cyassl", "cyassl-ntru.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite-ntru.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver-ntru.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient-ntru.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client-ntru.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server-ntru.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

cyassl-ntru.vcproj

@@ -1,377 +1,285 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
-	ProjectType="Visual C++"
-	Version="9.00"
-	Name="cyassl"
-	ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
-	RootNamespace="cyassl"
-	Keyword="Win32Proj"
-	TargetFrameworkVersion="196613"
-	>
-	<Platforms>
-		<Platform
-			Name="Win32"
-		/>
-	</Platforms>
-	<ToolFiles>
-	</ToolFiles>
-	<Configurations>
-		<Configuration
-			Name="Debug|Win32"
-			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
-			IntermediateDirectory="$(ConfigurationName)"
-			ConfigurationType="4"
-			CharacterSet="1"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				Optimization="0"
-				AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
-				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;WIN32"
-				MinimalRebuild="true"
-				BasicRuntimeChecks="3"
-				RuntimeLibrary="3"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				DebugInformationFormat="4"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-		<Configuration
-			Name="Release|Win32"
-			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
-			IntermediateDirectory="$(ConfigurationName)"
-			ConfigurationType="4"
-			CharacterSet="1"
-			WholeProgramOptimization="1"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				Optimization="2"
-				EnableIntrinsicFunctions="true"
-				AdditionalIncludeDirectories="ctaocrypt/include;include;NTRU/include;include/openssl"
-				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;WIN32"
-				RuntimeLibrary="2"
-				EnableFunctionLevelLinking="true"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				DebugInformationFormat="3"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-	</Configurations>
-	<References>
-	</References>
-	<Files>
-		<Filter
-			Name="Source Files"
-			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
-			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
-			>
-			<File
-				RelativePath=".\ctaocrypt\src\aes.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\arc4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\asm.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\asn.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\coding.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\cyassl_int.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\cyassl_io.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\des3.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\dh.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\dsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\hc128.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\hmac.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\integer.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\keys.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\md4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\md5.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\misc.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\pwdbased.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\rabbit.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\random.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\ripemd.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\rsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha256.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha512.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\ssl.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\tls.c"
-				>
-			</File>
-		</Filter>
-		<Filter
-			Name="Header Files"
-			Filter="h;hpp;hxx;hm;inl;inc;xsd"
-			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
-			>
-			<File
-				RelativePath=".\ctaocrypt\include\arc4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\asn.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\coding.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_aes.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_dh.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_dsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_hmac.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_md4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_md5.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_rsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_sha.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\cyassl_error.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\cyassl_int.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\des3.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\error.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\hc128.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\integer.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\misc.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\pwdbased.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\rabbit.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\random.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\sha256.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\tfm.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\types.h"
-				>
-			</File>
-		</Filter>
-		<Filter
-			Name="Resource Files"
-			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
-			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
-			>
-		</Filter>
-	</Files>
-	<Globals>
-	</Globals>
-</VisualStudioProject>
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="9.00"
+	Name="cyassl"
+	ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+	RootNamespace="cyassl"
+	Keyword="Win32Proj"
+	TargetFrameworkVersion="196613"
+	>
+	<Platforms>
+		<Platform
+			Name="Win32"
+		/>
+	</Platforms>
+	<ToolFiles>
+	</ToolFiles>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="4"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="./;NTRU/include"
+				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;NO_PSK;WIN32"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="4"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLibrarianTool"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="4"
+			CharacterSet="1"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="2"
+				EnableIntrinsicFunctions="true"
+				AdditionalIncludeDirectories="./;NTRU/include"
+				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;HAVE_NTRU;NO_PSK;WIN32"
+				RuntimeLibrary="2"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLibrarianTool"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+			>
+			<File
+				RelativePath=".\ctaocrypt\src\aes.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\arc4.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\asm.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\asn.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\coding.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\des3.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\dh.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\dsa.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\hc128.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\hmac.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\integer.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\internal.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\io.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\keys.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\logging.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\md4.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\md5.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\memory.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\misc.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\pwdbased.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\rabbit.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\random.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\ripemd.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\rsa.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha256.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha512.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\ssl.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\tls.c"
+				>
+			</File>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+			>
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+			>
+		</Filter>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>

cyassl.sln

@@ -1,74 +1,74 @@
-
-Microsoft Visual Studio Solution File, Format Version 10.00
-# Visual C++ Express 2008
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cyassl", "cyassl.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sslSniffer", "sslSniffer\sslSniffer.vcproj", "{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
-	ProjectSection(ProjectDependencies) = postProject
-		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
-	EndProjectSection
-EndProject
-Global
-	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|Win32 = Debug|Win32
-		Release|Win32 = Release|Win32
-	EndGlobalSection
-	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
-		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
-		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
-		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.ActiveCfg = Debug|Win32
-		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.Build.0 = Debug|Win32
-		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.ActiveCfg = Release|Win32
-		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.Build.0 = Release|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
-		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
-		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
-		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
-		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
-	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
-EndGlobal
+
+Microsoft Visual Studio Solution File, Format Version 10.00
+# Visual C++ Express 2008
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cyassl", "cyassl.vcproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite.vcproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sslSniffer", "sslSniffer\sslSniffer.vcproj", "{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver.vcproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient.vcproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client.vcproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server.vcproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}"
+	ProjectSection(ProjectDependencies) = postProject
+		{73973223-5EE8-41CA-8E88-1D60E89A237B} = {73973223-5EE8-41CA-8E88-1D60E89A237B}
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Win32 = Debug|Win32
+		Release|Win32 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32
+		{73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32
+		{611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.ActiveCfg = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.Build.0 = Debug|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.ActiveCfg = Release|Win32
+		{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.Build.0 = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32
+		{07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32
+		{8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32
+		{3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32
+		{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

cyassl.vcproj

@@ -1,377 +1,277 @@
-<?xml version="1.0" encoding="Windows-1252"?>
-<VisualStudioProject
-	ProjectType="Visual C++"
-	Version="9.00"
-	Name="cyassl"
-	ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
-	RootNamespace="cyassl"
-	Keyword="Win32Proj"
-	TargetFrameworkVersion="196613"
-	>
-	<Platforms>
-		<Platform
-			Name="Win32"
-		/>
-	</Platforms>
-	<ToolFiles>
-	</ToolFiles>
-	<Configurations>
-		<Configuration
-			Name="Debug|Win32"
-			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
-			IntermediateDirectory="$(ConfigurationName)"
-			ConfigurationType="4"
-			CharacterSet="1"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				Optimization="0"
-				AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
-				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
-				MinimalRebuild="true"
-				BasicRuntimeChecks="3"
-				RuntimeLibrary="3"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				DebugInformationFormat="4"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-		<Configuration
-			Name="Release|Win32"
-			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
-			IntermediateDirectory="$(ConfigurationName)"
-			ConfigurationType="4"
-			CharacterSet="1"
-			WholeProgramOptimization="1"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				Optimization="2"
-				EnableIntrinsicFunctions="true"
-				AdditionalIncludeDirectories="ctaocrypt/include;include;include/openssl"
-				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512"
-				RuntimeLibrary="2"
-				EnableFunctionLevelLinking="true"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				DebugInformationFormat="3"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-	</Configurations>
-	<References>
-	</References>
-	<Files>
-		<Filter
-			Name="Source Files"
-			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
-			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
-			>
-			<File
-				RelativePath=".\ctaocrypt\src\aes.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\arc4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\asm.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\asn.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\coding.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\cyassl_int.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\cyassl_io.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\des3.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\dh.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\dsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\hc128.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\hmac.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\integer.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\keys.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\md4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\md5.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\misc.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\pwdbased.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\rabbit.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\random.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\ripemd.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\rsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha256.c"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\src\sha512.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\ssl.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\tls.c"
-				>
-			</File>
-		</Filter>
-		<Filter
-			Name="Header Files"
-			Filter="h;hpp;hxx;hm;inl;inc;xsd"
-			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
-			>
-			<File
-				RelativePath=".\ctaocrypt\include\arc4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\asn.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\coding.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_aes.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_dh.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_dsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_hmac.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_md4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_md5.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_ripemd.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_rsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\ctc_sha.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\cyassl_error.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\cyassl_int.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\des3.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\error.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\hc128.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\integer.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\misc.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\pwdbased.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\rabbit.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\random.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\sha256.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\tfm.h"
-				>
-			</File>
-			<File
-				RelativePath=".\ctaocrypt\include\types.h"
-				>
-			</File>
-		</Filter>
-		<Filter
-			Name="Resource Files"
-			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
-			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
-			>
-		</Filter>
-	</Files>
-	<Globals>
-	</Globals>
-</VisualStudioProject>
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="9.00"
+	Name="cyassl"
+	ProjectGUID="{73973223-5EE8-41CA-8E88-1D60E89A237B}"
+	RootNamespace="cyassl"
+	Keyword="Win32Proj"
+	TargetFrameworkVersion="196613"
+	>
+	<Platforms>
+		<Platform
+			Name="Win32"
+		/>
+	</Platforms>
+	<ToolFiles>
+	</ToolFiles>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="4"
+			CharacterSet="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="./"
+				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK"
+				MinimalRebuild="true"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="3"
+				UsePrecompiledHeader="0"
+				WarningLevel="4"
+				DebugInformationFormat="4"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLibrarianTool"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+			IntermediateDirectory="$(ConfigurationName)"
+			ConfigurationType="4"
+			CharacterSet="1"
+			WholeProgramOptimization="1"
+			>
+			<Tool
+				Name="VCPreBuildEventTool"
+			/>
+			<Tool
+				Name="VCCustomBuildTool"
+			/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"
+			/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"
+			/>
+			<Tool
+				Name="VCMIDLTool"
+			/>
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="2"
+				EnableIntrinsicFunctions="true"
+				AdditionalIncludeDirectories="./"
+				PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK"
+				RuntimeLibrary="2"
+				EnableFunctionLevelLinking="true"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				DebugInformationFormat="3"
+			/>
+			<Tool
+				Name="VCManagedResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCResourceCompilerTool"
+			/>
+			<Tool
+				Name="VCPreLinkEventTool"
+			/>
+			<Tool
+				Name="VCLibrarianTool"
+			/>
+			<Tool
+				Name="VCALinkTool"
+			/>
+			<Tool
+				Name="VCXDCMakeTool"
+			/>
+			<Tool
+				Name="VCBscMakeTool"
+			/>
+			<Tool
+				Name="VCFxCopTool"
+			/>
+			<Tool
+				Name="VCPostBuildEventTool"
+			/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+			>
+			<File
+				RelativePath=".\ctaocrypt\src\aes.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\arc4.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\asn.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\coding.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\des3.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\dh.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\dsa.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\hc128.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\hmac.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\integer.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\internal.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\io.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\keys.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\logging.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\md4.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\md5.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\memory.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\pwdbased.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\rabbit.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\random.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\ripemd.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\rsa.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha256.c"
+				>
+			</File>
+			<File
+				RelativePath=".\ctaocrypt\src\sha512.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\ssl.c"
+				>
+			</File>
+			<File
+				RelativePath=".\src\tls.c"
+				>
+			</File>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+			>
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+			>
+		</Filter>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>

cyassl/callbacks.h

@@ -20,7 +20,6 @@
  */
 
 
-
 #ifndef CYASSL_CALLBACKS_H
 #define CYASSL_CALLBACKS_H
 

cyassl/ctaocrypt/aes.h

@@ -1,4 +1,4 @@
-/* ctc_aes.h
+/* aes.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,13 +19,14 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_AES
 
 #ifndef CTAO_CRYPT_AES_H
 #define CTAO_CRYPT_AES_H
 
 
-#include "types.h"
+#include <cyassl/ctaocrypt/types.h>
 
 #ifdef CYASSL_AESNI
 
@@ -69,9 +70,10 @@ typedef struct Aes {
 } Aes;
 
 
-int  AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir);
-void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
-void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+CYASSL_API int  AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
+                          int dir);
+CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
+CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
 
 
 #ifdef __cplusplus

cyassl/ctaocrypt/arc4.h

@@ -24,7 +24,7 @@
 #define CTAO_CRYPT_ARC4_H
 
 
-#include "types.h"
+#include <cyassl/ctaocrypt/types.h>
 
 
 #ifdef __cplusplus
@@ -43,8 +43,8 @@ typedef struct Arc4 {
     byte state[ARC4_STATE_SIZE];
 } Arc4;
 
-void Arc4Process(Arc4*, byte*, const byte*, word32);
-void Arc4SetKey(Arc4*, const byte*, word32);
+CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32);
+CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32);
 
 
 #ifdef __cplusplus

cyassl/ctaocrypt/asn.h

@@ -23,13 +23,14 @@
 #ifndef CTAO_CRYPT_ASN_H
 #define CTAO_CRYPT_ASN_H
 
-#include "types.h"
-#include "ctc_rsa.h"
-#include "ctc_dh.h"
-#include "ctc_dsa.h"
-#include "ctc_sha.h"
+#include <cyassl/ctaocrypt/types.h>
+#include <cyassl/ctaocrypt/rsa.h>
+#include <cyassl/ctaocrypt/dh.h>
+#include <cyassl/ctaocrypt/dsa.h>
+#include <cyassl/ctaocrypt/sha.h>
+#include <cyassl/ctaocrypt/asn_public.h>   /* public interface */
 #ifdef HAVE_ECC
-    #include "ctc_ecc.h"
+    #include <cyassl/ctaocrypt/ecc.h>
 #endif
 
 #ifdef __cplusplus
@@ -41,6 +42,8 @@ enum {
     ISSUER  = 0,
     SUBJECT = 1,
 
+    EXTERNAL_SERIAL_SIZE = 32,
+
     BEFORE  = 0,
     AFTER   = 1
 };
@@ -56,10 +59,10 @@ enum ASN_Tags {
     ASN_SET               = 0x11,
     ASN_UTC_TIME          = 0x17,
     ASN_GENERALIZED_TIME  = 0x18,
+    ASN_EXTENSIONS        = 0xa3,
     ASN_LONG_LENGTH       = 0x80
 };
 
-
 enum  ASN_Flags{
     ASN_CONSTRUCTED       = 0x20,
     ASN_CONTEXT_SPECIFIC  = 0x80
@@ -75,8 +78,29 @@ enum DN_Tags {
     ASN_ORGUNIT_NAME  = 0x0b    /* OU */
 };
 
+enum PBES {
+    PBE_MD5_DES      = 0,
+    PBE_SHA1_DES     = 1,
+    PBE_SHA1_DES3    = 2,
+    PBE_SHA1_RC4_128 = 3,
+    PBES2            = 13       /* algo ID */
+};
+
+enum ENCRYPTION_TYPES {
+    DES_TYPE  = 0,
+    DES3_TYPE = 1,
+    RC4_TYPE  = 2
+};
+
 enum Misc_ASN { 
-    ASN_NAME_MAX        = 256,    
+    ASN_NAME_MAX        = 256,
+    MAX_SALT_SIZE       =  64,     /* MAX PKCS Salt length */
+    MAX_IV_SIZE         =  64,     /* MAX PKCS Iv length */
+    MAX_KEY_SIZE        =  64,     /* MAX PKCS Key  length */
+    PKCS5               =   5,     /* PKCS oid tag */
+    PKCS5v2             =   6,     /* PKCS #5 v2.0 */
+    PKCS12              =  12,     /* PKCS #12 */
+    MAX_UNICODE_SZ      = 256,
     SHA_SIZE            =  20,
     RSA_INTS            =   8,     /* RSA ints in private key */
     MIN_DATE_SIZE       =  13,
@@ -88,14 +112,19 @@ enum Misc_ASN {
     MAX_SEQ_SZ          =   5,     /* enum(seq | con) + length(4) */  
     MAX_SET_SZ          =   5,     /* enum(set | con) + length(4) */  
     MAX_VERSION_SZ      =   5,     /* enum + id + version(byte) + (header(2))*/
-    MAX_ENCODED_DIG_SZ  =  25,     /* sha + enum(bit or octet) + legnth(4) */
+    MAX_ENCODED_DIG_SZ  =  73,     /* sha512 + enum(bit or octet) + legnth(4) */
     MAX_RSA_INT_SZ      = 517,     /* RSA raw sz 4096 for bits + tag + len(4) */
     MAX_NTRU_KEY_SZ     = 610,     /* NTRU 112 bit public key */
     MAX_NTRU_ENC_SZ     = 628,     /* NTRU 112 bit DER public encoding */
+    MAX_LENGTH_SZ       =   4,     /* Max length size for DER encoding */
     MAX_RSA_E_SZ        =  16,     /* Max RSA public e size */
-    MAX_PUBLIC_KEY_SZ   = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2, 
+    MAX_CA_SZ           =  32,     /* Max encoded CA basic constraint length */
+#ifdef CYASSL_CERT_GEN
+    MAX_EXTENSIONS_SZ   = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
+                                   /* Max total extensions, id + len + others */
+#endif
+    MAX_PUBLIC_KEY_SZ   = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
                                    /* use bigger NTRU size */
-    MAX_LENGTH_SZ       =   4 
 };
 
 
@@ -107,17 +136,20 @@ enum Oid_Types {
 
 
 enum Sig_Sum  {
-    SHAwDSA   = 517,
-    MD2wRSA   = 646,
-    MD5wRSA   = 648,
-    SHAwRSA   = 649,
-    SHAwECDSA = 520
+    SHAwDSA    = 517,
+    MD2wRSA    = 646,
+    MD5wRSA    = 648,
+    SHAwRSA    = 649,
+    SHAwECDSA  = 520,
+    SHA256wRSA   = 655,
+    SHA256wECDSA = 524
 };
 
 enum Hash_Sum  {
-    MD2h  = 646,
-    MD5h  = 649,
-    SHAh  =  88
+    MD2h    = 646,
+    MD5h    = 649,
+    SHAh    =  88,
+    SHA256h = 414
 };
 
 enum Key_Sum {
@@ -137,11 +169,13 @@ enum Ecc_Sum {
 };
 
 
-/* Certificate file Type */
-enum CertType {
-    CERT_TYPE       = 0, 
-    PRIVATEKEY_TYPE,
-    CA_TYPE
+enum KDF_Sum {
+    PBKDF2_OID = 660
+};
+
+
+enum Extensions_Sum {
+    ALT_NAMES_OID = 131 
 };
 
 
@@ -151,7 +185,11 @@ enum VerifyType {
 };
 
 
-typedef struct DecodedCert {
+typedef struct DecodedCert DecodedCert;
+typedef struct Signer      Signer;
+
+
+struct DecodedCert {
     byte*   publicKey;
     word32  pubKeySize;
     int     pubKeyStored;
@@ -170,9 +208,15 @@ typedef struct DecodedCert {
     int     verify;                  /* Default to yes, but could be off */
     byte*   source;                  /* byte buffer holder cert, NOT owner */
     word32  srcIdx;                  /* current offset into buffer       */
+    word32  maxIdx;                  /* max offset based on init size    */
     void*   heap;                    /* for user memory overrides        */
+    byte    serial[EXTERNAL_SERIAL_SIZE];  /* raw serial number          */
+    int     serialSz;                /* raw serial bytes stored */
+    byte*   extensions;              /* not owned, points into raw cert  */
+    int     extensionsSz;            /* length of cert extensions */
+    word32  extensionsIdx;           /* if want to go back and parse later */
 #ifdef CYASSL_CERT_GEN
-    /* easy access to sujbect info for other sign */
+    /* easy access to subject info for other sign */
     char*   subjectSN;
     int     subjectSNLen;
     char*   subjectC;
@@ -188,11 +232,9 @@ typedef struct DecodedCert {
     char*   subjectEmail;
     int     subjectEmailLen;
 #endif /* CYASSL_CERT_GEN */
-} DecodedCert;
+};
 
 
-typedef struct Signer Signer;
-
 /* CA Signers */
 struct Signer {
     byte*   publicKey;
@@ -204,54 +246,46 @@ struct Signer {
 };
 
 
-void InitDecodedCert(DecodedCert*, byte*, void*);
-void FreeDecodedCert(DecodedCert*);
-int  ParseCert(DecodedCert*, word32, int type, int verify, Signer* signer);
-int  ParseCertRelative(DecodedCert*, word32, int type, int verify,
-                       Signer* signer);
-
-word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,int hashOID);
-
-Signer* MakeSigner(void*);
-void    FreeSigners(Signer*, void*);
-
-
-int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
-int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32);
-int ToTraditional(byte* buffer, word32 length);
-
-#ifndef NO_DH
-int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32);
-int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz);
+/* not for public consumption but may use for testing sometimes */
+#ifdef CYASSL_TEST_CERT
+    #define CYASSL_TEST_API CYASSL_API
+#else
+    #define CYASSL_TEST_API CYASSL_LOCAL
 #endif
 
-#ifndef NO_DSA
-int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
-int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32);
-#endif
+CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*);
+CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
+CYASSL_TEST_API int  ParseCert(DecodedCert*, int type, int verify,
+                               Signer* signer);
+
+CYASSL_LOCAL int ParseCertRelative(DecodedCert*, int type, int verify,
+                                   Signer* signer);
+
+CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
+                                    int hashOID);
+
+CYASSL_LOCAL Signer* MakeSigner(void*);
+CYASSL_LOCAL void    FreeSigners(Signer*, void*);
+
+
+CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
+CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
 
-#ifdef CYASSL_KEY_GEN
-int RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
-#endif
 
 #ifdef HAVE_ECC
     /* ASN sig helpers */
-    int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s);
-    int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s);
+    CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
+                                      mp_int* s);
+    CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
+                                       mp_int* r, mp_int* s);
     /* private key helpers */
-    int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,ecc_key*,word32);
-#endif
-
-#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
-int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz,
-             int type);
+    CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
+                                         ecc_key*,word32);
 #endif
 
 #ifdef CYASSL_CERT_GEN
 
 enum cert_enums {
-    SERIAL_SIZE     =  8,
-    NAME_SIZE       = 64,
     NAME_ENTRIES    =  8,
     JOINT_LEN       =  2,
     EMAIL_JOINT_LEN =  9,
@@ -260,54 +294,6 @@ enum cert_enums {
 };
 
 
-typedef struct CertName {
-    char country[NAME_SIZE];
-    char state[NAME_SIZE];
-    char locality[NAME_SIZE];
-    char sur[NAME_SIZE];
-    char org[NAME_SIZE];
-    char unit[NAME_SIZE];
-    char commonName[NAME_SIZE];
-    char email[NAME_SIZE];  /* !!!! email has to be last !!!! */
-} CertName;
-
-
-/* for user to fill for certificate generation */
-typedef struct Cert {
-    int      version;                   /* x509 version  */
-    byte     serial[SERIAL_SIZE];       /* serial number */
-    int      sigType;                   /* signature algo type */
-    CertName issuer;                    /* issuer info */
-    int      daysValid;                 /* validity days */
-    int      selfSigned;                /* self signed flag */
-    CertName subject;                   /* subject info */
-    /* internal use only */
-    int      bodySz;                    /* pre sign total size */
-    int      keyType;                   /* public key type of subject */
-} Cert;
-
-
-/* Initialize and Set Certficate defaults:
-   version    = 3 (0x2)
-   serial     = 0 (Will be randomly generated)
-   sigType    = MD5_WITH_RSA
-   issuer     = blank
-   daysValid  = 500
-   selfSigned = 1 (true) use subject as issuer
-   subject    = blank
-   keyType    = RSA_KEY (default)
-*/
-void InitCert(Cert*);
-int  MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
-int  SetIssuer(Cert*, const char*);
-#ifdef HAVE_NTRU
-int  MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, const byte* ntruKey,
-                  word16 keySz, RNG*);
-#endif
-
-
 #endif /* CYASSL_CERT_GEN */
 
 

cyassl/ctaocrypt/asn_public.h

@@ -0,0 +1,126 @@
+/* asn_public.h
+ *
+ * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#ifndef CTAO_CRYPT_ASN_PUBLIC_H
+#define CTAO_CRYPT_ASN_PUBLIC_H
+
+#include <cyassl/ctaocrypt/types.h>
+#ifdef CYASSL_CERT_GEN
+    #include <cyassl/ctaocrypt/rsa.h>
+#endif
+
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+
+/* Certificate file Type */
+enum CertType {
+    CERT_TYPE       = 0, 
+    PRIVATEKEY_TYPE,
+    CA_TYPE
+};
+
+#ifdef CYASSL_CERT_GEN
+
+enum Ctc_Misc {
+    CTC_NAME_SIZE       =  64,
+    CTC_MAX_ALT_SIZE    = 512,
+    CTC_SERIAL_SIZE     =   8
+};
+
+typedef struct CertName {
+    char country[CTC_NAME_SIZE];
+    char state[CTC_NAME_SIZE];
+    char locality[CTC_NAME_SIZE];
+    char sur[CTC_NAME_SIZE];
+    char org[CTC_NAME_SIZE];
+    char unit[CTC_NAME_SIZE];
+    char commonName[CTC_NAME_SIZE];
+    char email[CTC_NAME_SIZE];  /* !!!! email has to be last !!!! */
+} CertName;
+
+
+/* for user to fill for certificate generation */
+typedef struct Cert {
+    int      version;                   /* x509 version  */
+    byte     serial[CTC_SERIAL_SIZE];   /* serial number */
+    int      sigType;                   /* signature algo type */
+    CertName issuer;                    /* issuer info */
+    int      daysValid;                 /* validity days */
+    int      selfSigned;                /* self signed flag */
+    CertName subject;                   /* subject info */
+    int      isCA;                      /* is this going to be a CA */
+    /* internal use only */
+    int      bodySz;                    /* pre sign total size */
+    int      keyType;                   /* public key type of subject */
+    byte     altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
+    int      altNamesSz;                 /* altNames size in bytes */
+} Cert;
+
+
+
+
+/* Initialize and Set Certficate defaults:
+   version    = 3 (0x2)
+   serial     = 0 (Will be randomly generated)
+   sigType    = MD5_WITH_RSA
+   issuer     = blank
+   daysValid  = 500
+   selfSigned = 1 (true) use subject as issuer
+   subject    = blank
+   isCA       = 0 (false)
+   keyType    = RSA_KEY (default)
+*/
+CYASSL_API void InitCert(Cert*);
+CYASSL_API int  MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
+CYASSL_API int  SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*);
+CYASSL_API int  MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
+                             RNG*);
+CYASSL_API int  SetIssuer(Cert*, const char*);
+CYASSL_API int  SetSubject(Cert*, const char*);
+CYASSL_API int  SetAltNames(Cert*, const char*);
+CYASSL_API int  SetIssuerBuffer(Cert*, const byte*, int);
+CYASSL_API int  SetSubjectBuffer(Cert*, const byte*, int);
+CYASSL_API int  SetAltNamesBuffer(Cert*, const byte*, int);
+
+    #ifdef HAVE_NTRU
+        CYASSL_API int  MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
+                                     const byte* ntruKey, word16 keySz, RNG*);
+    #endif
+
+#endif /* CYASSL_CERT_GEN */
+
+
+#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
+    CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output,
+                            word32 outputSz, int type);
+#endif
+
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
+

cyassl/ctaocrypt/coding.h

@@ -23,7 +23,7 @@
 #ifndef CTAO_CRYPT_CODING_H
 #define CTAO_CRYPT_CODING_H
 
-#include "types.h"
+#include <cyassl/ctaocrypt/types.h>
 
 #ifdef __cplusplus
     extern "C" {
@@ -31,11 +31,15 @@
 
 
 /* decode needed by CyaSSL */
-int Base64Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
+CYASSL_LOCAL int Base64Decode(const byte* in, word32 inLen, byte* out,
+                              word32* outLen);
 
-#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN)  || defined(CYASSL_CERT_GEN)
+#if defined(OPENSSL_EXTRA) || defined(SESSION_CERTS) || defined(CYASSL_KEY_GEN)  || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER)
     /* encode isn't */
-    int Base64Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
+    CYASSL_LOCAL
+    int Base64Encode(const byte* in, word32 inLen, byte* out,
+                                  word32* outLen);
+    CYASSL_LOCAL 
     int Base16Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
 #endif
 

cyassl/ctaocrypt/des3.h

@@ -19,13 +19,14 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DES3
 
 #ifndef CTAO_CRYPT_DES3_H
 #define CTAO_CRYPT_DES3_H
 
 
-#include "types.h"
+#include <cyassl/ctaocrypt/types.h>
 
 
 #ifdef __cplusplus
@@ -57,13 +58,13 @@ typedef struct Des3 {
 } Des3;
 
 
-void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
-void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
-void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
+CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
 
-void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir);
-void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz);
-void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz);
+CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
+CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
+CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
 
 
 #ifdef __cplusplus

cyassl/ctaocrypt/dh.h

@@ -1,4 +1,4 @@
-/* ctc_dh.h
+/* dh.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,34 +19,40 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DH
 
 #ifndef CTAO_CRYPT_DH_H
 #define CTAO_CRYPT_DH_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include <cyassl/ctaocrypt/types.h>
+#include <cyassl/ctaocrypt/integer.h>
+#include <cyassl/ctaocrypt/random.h>
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
 
-
 /* Diffie-Hellman Key */
 typedef struct DhKey {
     mp_int p, g;                            /* group parameters  */
 } DhKey;
 
 
-void InitDhKey(DhKey* key);
-void FreeDhKey(DhKey* key);
+CYASSL_API void InitDhKey(DhKey* key);
+CYASSL_API void FreeDhKey(DhKey* key);
 
-int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
-                      byte* pub, word32* pubSz);
-int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
-            word32 privSz, const byte* otherPub, word32 pubSz);
+CYASSL_API int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv,
+                                 word32* privSz, byte* pub, word32* pubSz);
+CYASSL_API int DhAgree(DhKey* key, byte* agree, word32* agreeSz,
+                       const byte* priv, word32 privSz, const byte* otherPub,
+                       word32 pubSz);
+
+CYASSL_API int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key,
+                           word32);
+CYASSL_API int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
+                        word32 gSz);
 
 
 #ifdef __cplusplus

cyassl/ctaocrypt/dsa.h

@@ -1,4 +1,4 @@
-/* ctc_dsa.h
+/* dsa.h
  *
  * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
  *
@@ -19,14 +19,15 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+
 #ifndef NO_DSA
 
 #ifndef CTAO_CRYPT_DSA_H
 #define CTAO_CRYPT_DSA_H
 
-#include "types.h"
-#include "integer.h"
-#include "random.h"
+#include <cyassl/ctaocrypt/types.h>
+#include <cyassl/ctaocrypt/integer.h>
+#include <cyassl/ctaocrypt/random.h>
 
 #ifdef __cplusplus
     extern "C" {
@@ -45,12 +46,17 @@ typedef struct DsaKey {
 } DsaKey;
 
 
-void InitDsaKey(DsaKey* key);
-void FreeDsaKey(DsaKey* key);
+CYASSL_API void InitDsaKey(DsaKey* key);
+CYASSL_API void FreeDsaKey(DsaKey* key);
 
-int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
-int DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer);
+CYASSL_API int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng);
+CYASSL_API int DsaVerify(const byte* digest, const byte* sig, DsaKey* key,
+                         int* answer);
 
+CYASSL_API int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                  word32);
+CYASSL_API int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
+                                   word32);
 
 #ifdef __cplusplus
     } /* extern "C" */