changeset 209:39d5d58461d6 libtomcrypt-orig LTC_1.05

Import of libtomcrypt 1.05
author Matt Johnston <matt@ucc.asn.au>
date Wed, 06 Jul 2005 03:53:40 +0000
parents 1c15b283127b
children 4768b55c5240
files Doxyfile TODO build.sh changes crypt.tex demos/encrypt.c demos/hashsum.c demos/multi.c demos/small.c demos/test.c demos/timing.c demos/tv_gen.c doc/crypt.pdf doc/footer.html doc/header.html genlist.sh makefile makefile.icc makefile.msvc makefile.shared mess.sh notes/etc/saferp_optimizer.c notes/etc/whirlgen.c notes/etc/whirltest.c notes/tech0005.txt notes/tech0006.txt parsenames.pl run.sh src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c src/ciphers/anubis.c src/ciphers/blowfish.c src/ciphers/cast5.c src/ciphers/des.c src/ciphers/khazad.c src/ciphers/noekeon.c src/ciphers/rc2.c src/ciphers/rc5.c src/ciphers/rc6.c src/ciphers/safer/safer.c src/ciphers/safer/safer_tab.c src/ciphers/safer/saferp.c src/ciphers/skipjack.c src/ciphers/twofish/twofish.c src/ciphers/twofish/twofish_tab.c src/ciphers/xtea.c src/encauth/ccm/ccm_memory.c src/encauth/ccm/ccm_test.c src/encauth/eax/eax_addheader.c src/encauth/eax/eax_decrypt.c src/encauth/eax/eax_decrypt_verify_memory.c src/encauth/eax/eax_done.c src/encauth/eax/eax_encrypt.c src/encauth/eax/eax_encrypt_authenticate_memory.c src/encauth/eax/eax_init.c src/encauth/eax/eax_test.c src/encauth/gcm/gcm_add_aad.c src/encauth/gcm/gcm_add_iv.c src/encauth/gcm/gcm_done.c src/encauth/gcm/gcm_gf_mult.c src/encauth/gcm/gcm_init.c src/encauth/gcm/gcm_memory.c src/encauth/gcm/gcm_process.c src/encauth/gcm/gcm_reset.c src/encauth/gcm/gcm_test.c src/encauth/ocb/ocb_decrypt.c src/encauth/ocb/ocb_decrypt_verify_memory.c src/encauth/ocb/ocb_done_decrypt.c src/encauth/ocb/ocb_done_encrypt.c src/encauth/ocb/ocb_encrypt.c src/encauth/ocb/ocb_encrypt_authenticate_memory.c src/encauth/ocb/ocb_init.c src/encauth/ocb/ocb_ntz.c src/encauth/ocb/ocb_shift_xor.c src/encauth/ocb/ocb_test.c src/encauth/ocb/s_ocb_done.c src/hashes/chc/chc.c src/hashes/helper/hash_file.c src/hashes/helper/hash_filehandle.c src/hashes/helper/hash_memory.c src/hashes/helper/hash_memory_multi.c src/hashes/md2.c src/hashes/md4.c src/hashes/md5.c src/hashes/rmd128.c src/hashes/rmd160.c src/hashes/sha1.c src/hashes/sha2/sha224.c src/hashes/sha2/sha256.c src/hashes/sha2/sha384.c src/hashes/sha2/sha512.c src/hashes/tiger.c src/hashes/whirl/whirl.c src/hashes/whirl/whirltab.c src/headers/ltc_tommath.h src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h src/headers/tomcrypt_misc.h src/headers/tomcrypt_pk.h src/headers/tomcrypt_pkcs.h src/headers/tomcrypt_prng.h src/headers/tommath_class.h src/headers/tommath_superclass.h src/mac/hmac/hmac_done.c src/mac/hmac/hmac_file.c src/mac/hmac/hmac_init.c src/mac/hmac/hmac_memory.c src/mac/hmac/hmac_memory_multi.c src/mac/hmac/hmac_process.c src/mac/hmac/hmac_test.c src/mac/omac/omac_done.c src/mac/omac/omac_file.c src/mac/omac/omac_init.c src/mac/omac/omac_memory.c src/mac/omac/omac_memory_multi.c src/mac/omac/omac_process.c src/mac/omac/omac_test.c src/mac/pelican/pelican.c src/mac/pelican/pelican_memory.c src/mac/pelican/pelican_test.c src/mac/pmac/pmac_done.c src/mac/pmac/pmac_file.c src/mac/pmac/pmac_init.c src/mac/pmac/pmac_memory.c src/mac/pmac/pmac_memory_multi.c src/mac/pmac/pmac_ntz.c src/mac/pmac/pmac_process.c src/mac/pmac/pmac_shift_xor.c src/mac/pmac/pmac_test.c src/misc/base64/base64_decode.c src/misc/base64/base64_encode.c src/misc/burn_stack.c src/misc/crypt/crypt.c src/misc/crypt/crypt_argchk.c src/misc/crypt/crypt_cipher_descriptor.c src/misc/crypt/crypt_cipher_is_valid.c src/misc/crypt/crypt_find_cipher.c src/misc/crypt/crypt_find_cipher_any.c src/misc/crypt/crypt_find_cipher_id.c src/misc/crypt/crypt_find_hash.c src/misc/crypt/crypt_find_hash_any.c src/misc/crypt/crypt_find_hash_id.c src/misc/crypt/crypt_find_prng.c src/misc/crypt/crypt_hash_descriptor.c src/misc/crypt/crypt_hash_is_valid.c src/misc/crypt/crypt_prng_descriptor.c src/misc/crypt/crypt_prng_is_valid.c src/misc/crypt/crypt_register_cipher.c src/misc/crypt/crypt_register_hash.c src/misc/crypt/crypt_register_prng.c src/misc/crypt/crypt_unregister_cipher.c src/misc/crypt/crypt_unregister_hash.c src/misc/crypt/crypt_unregister_prng.c src/misc/error_to_string.c src/misc/mpi/is_prime.c src/misc/mpi/mpi.c src/misc/mpi/mpi_to_ltc_error.c src/misc/mpi/rand_prime.c src/misc/pkcs5/pkcs_5_1.c src/misc/pkcs5/pkcs_5_2.c src/misc/zeromem.c src/modes/cbc/cbc_decrypt.c src/modes/cbc/cbc_done.c src/modes/cbc/cbc_encrypt.c src/modes/cbc/cbc_getiv.c src/modes/cbc/cbc_setiv.c src/modes/cbc/cbc_start.c src/modes/cfb/cfb_decrypt.c src/modes/cfb/cfb_done.c src/modes/cfb/cfb_encrypt.c src/modes/cfb/cfb_getiv.c src/modes/cfb/cfb_setiv.c src/modes/cfb/cfb_start.c src/modes/ctr/ctr_decrypt.c src/modes/ctr/ctr_done.c src/modes/ctr/ctr_encrypt.c src/modes/ctr/ctr_getiv.c src/modes/ctr/ctr_setiv.c src/modes/ctr/ctr_start.c src/modes/ecb/ecb_decrypt.c src/modes/ecb/ecb_done.c src/modes/ecb/ecb_encrypt.c src/modes/ecb/ecb_start.c src/modes/ofb/ofb_decrypt.c src/modes/ofb/ofb_done.c src/modes/ofb/ofb_encrypt.c src/modes/ofb/ofb_getiv.c src/modes/ofb/ofb_setiv.c src/modes/ofb/ofb_start.c src/pk/asn1/der/bit/der_decode_bit_string.c src/pk/asn1/der/bit/der_encode_bit_string.c src/pk/asn1/der/bit/der_length_bit_string.c src/pk/asn1/der/choice/der_decode_choice.c src/pk/asn1/der/der_decode_integer.c src/pk/asn1/der/der_encode_integer.c src/pk/asn1/der/der_get_multi_integer.c src/pk/asn1/der/der_length_integer.c src/pk/asn1/der/der_put_multi_integer.c src/pk/asn1/der/ia5/der_decode_ia5_string.c src/pk/asn1/der/ia5/der_encode_ia5_string.c src/pk/asn1/der/ia5/der_length_ia5_string.c src/pk/asn1/der/integer/der_decode_integer.c src/pk/asn1/der/integer/der_encode_integer.c src/pk/asn1/der/integer/der_length_integer.c src/pk/asn1/der/object_identifier/der_decode_object_identifier.c src/pk/asn1/der/object_identifier/der_encode_object_identifier.c src/pk/asn1/der/object_identifier/der_length_object_identifier.c src/pk/asn1/der/octet/der_decode_octet_string.c src/pk/asn1/der/octet/der_encode_octet_string.c src/pk/asn1/der/octet/der_length_octet_string.c src/pk/asn1/der/printable_string/der_decode_printable_string.c src/pk/asn1/der/printable_string/der_encode_printable_string.c src/pk/asn1/der/printable_string/der_length_printable_string.c src/pk/asn1/der/sequence/der_decode_sequence.c src/pk/asn1/der/sequence/der_decode_sequence_multi.c src/pk/asn1/der/sequence/der_encode_sequence.c src/pk/asn1/der/sequence/der_encode_sequence_multi.c src/pk/asn1/der/sequence/der_length_sequence.c src/pk/asn1/der/short_integer/der_decode_short_integer.c src/pk/asn1/der/short_integer/der_encode_short_integer.c src/pk/asn1/der/short_integer/der_length_short_integer.c src/pk/asn1/der/utctime/der_decode_utctime.c src/pk/asn1/der/utctime/der_encode_utctime.c src/pk/asn1/der/utctime/der_length_utctime.c src/pk/dh/dh.c src/pk/dh/dh_sys.c src/pk/dsa/dsa_export.c src/pk/dsa/dsa_free.c src/pk/dsa/dsa_import.c src/pk/dsa/dsa_make_key.c src/pk/dsa/dsa_sign_hash.c src/pk/dsa/dsa_verify_hash.c src/pk/dsa/dsa_verify_key.c src/pk/ecc/ecc.c src/pk/ecc/ecc_sys.c src/pk/packet_store_header.c src/pk/packet_valid_header.c src/pk/pkcs1/pkcs_1_i2osp.c src/pk/pkcs1/pkcs_1_mgf1.c src/pk/pkcs1/pkcs_1_oaep_decode.c src/pk/pkcs1/pkcs_1_oaep_encode.c src/pk/pkcs1/pkcs_1_os2ip.c src/pk/pkcs1/pkcs_1_pss_decode.c src/pk/pkcs1/pkcs_1_pss_encode.c src/pk/pkcs1/pkcs_1_v15_es_decode.c src/pk/pkcs1/pkcs_1_v15_es_encode.c src/pk/pkcs1/pkcs_1_v15_sa_decode.c src/pk/pkcs1/pkcs_1_v15_sa_encode.c src/pk/rsa/rsa_decrypt_key.c src/pk/rsa/rsa_encrypt_key.c src/pk/rsa/rsa_export.c src/pk/rsa/rsa_exptmod.c src/pk/rsa/rsa_free.c src/pk/rsa/rsa_import.c src/pk/rsa/rsa_make_key.c src/pk/rsa/rsa_sign_hash.c src/pk/rsa/rsa_v15_decrypt_key.c src/pk/rsa/rsa_v15_encrypt_key.c src/pk/rsa/rsa_v15_sign_hash.c src/pk/rsa/rsa_v15_verify_hash.c src/pk/rsa/rsa_verify_hash.c src/prngs/fortuna.c src/prngs/rc4.c src/prngs/rng_get_bytes.c src/prngs/rng_make_prng.c src/prngs/sober128.c src/prngs/sober128tab.c src/prngs/sprng.c src/prngs/yarrow.c testbuild.sh testme.sh testprof/base64_test.c testprof/cipher_hash_test.c testprof/der_tests.c testprof/dh_tests.c testprof/dsa_test.c testprof/ecc_test.c testprof/mac_test.c testprof/makefile.icc testprof/modes_test.c testprof/pkcs_1_test.c testprof/rsa_test.c testprof/store_test.c testprof/test.c testprof/test.key testprof/tomcrypt_test.h testprof/x86_prof.c
diffstat 293 files changed, 7071 insertions(+), 2620 deletions(-) [+]
line wrap: on
line diff
--- a/Doxyfile	Fri May 06 13:23:02 2005 +0000
+++ b/Doxyfile	Wed Jul 06 03:53:40 2005 +0000
@@ -23,7 +23,7 @@
 # This could be handy for archiving the generated documentation or 
 # if some version control system is used.
 
-PROJECT_NUMBER         = 1.02
+PROJECT_NUMBER         = 1.05
 
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) 
 # base path where the generated documentation will be put. 
--- a/TODO	Fri May 06 13:23:02 2005 +0000
+++ b/TODO	Wed Jul 06 03:53:40 2005 +0000
@@ -1,1 +1,10 @@
+For 1.06
 
+1. export ECC functions globally [e.g. mulmod and the sets]
+   - goal is tv_gen module and test vectors
+2. ASN.1 SET and T61String
+3. phase out DH code [RSA/ECC/DSA is enough]
+4. Some ASN.1 demo programs [for now read the source code!]
+5. Start working towards making the bignum code plugable
+6. Look into other ECC point muls and consider a "precomp" interface 
+7. Add OID for ciphers and PRNGs to their descriptors
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/build.sh	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,20 @@
+#!/bin/bash
+echo "$1 ($2, $3)..."
+make clean 1>/dev/null 2>/dev/null
+echo -n "building..."
+CFLAGS="$2 $CFLAGS" make -j3 -f $3 test tv_gen 1>gcc_1.txt 2>gcc_2.txt || (echo "build $1 failed see gcc_2.txt for more information" && cat gcc_2.txt && exit 1)
+echo -n "testing..."
+if [ -a test ] && [ -f test ] && [ -x test ]; then
+   ((./test >test_std.txt 2>test_err.txt && ./tv_gen > tv.txt) && echo "$1 test passed." && echo "y" > testok.txt) || (echo "$1 test failed" && cat test_err.txt && exit 1)
+   if find *_tv.txt -type f 1>/dev/null 2>/dev/null ; then
+      for f in *_tv.txt; do if (diff $f notes/$f) then true; else (echo "tv_gen $f failed" && rm -f testok.txt && exit 1); fi; done
+   fi
+fi
+if [ -a testok.txt ] && [ -f testok.txt ]; then
+   exit 0
+fi
+exit 1
+
+# $Source: /cvs/libtom/libtomcrypt/build.sh,v $   
+# $Revision: 1.5 $   
+# $Date: 2005/06/27 13:04:05 $ 
--- a/changes	Fri May 06 13:23:02 2005 +0000
+++ b/changes	Wed Jul 06 03:53:40 2005 +0000
@@ -1,3 +1,79 @@
+June 27th, 2005
+v1.05
+      -- Added Technote #6 which covers the current PK compliance.  
+      -- Fixed buffer overflow in OAEP decoder
+      -- Added CHOICE to the list of ASN.1 types
+      -- Added UTCTIME to the list of ASN.1 types
+      -- Added MUTEX locks around descriptor table functions [but not on the functions that are dependent on them]
+         All functions call *_is_valid() before using a descriptor index which means the respective table must be unlocked before 
+         it can be accessed.  However, during the operation [e.g. CCM] if the descriptor has been altered the results will be 
+         undefined.  
+      -- Minor updates to the manual to reflect recent changes
+      -- Added a catch to for an error that should never come up in rsa_exptmod().  Just being thorough.
+
+June 15th, 2005
+v1.04
+      -- Fixed off by one [bit] error in dsa_make_key() it was too high by one bit [not a security problem just inconsistent]
+      -- ECC-224 curve was wrong [it was an ok curve just not NIST, so no security flaw just interoperability].
+      -- Removed point compression since it slows down ECC ops to save a measly couple bytes.
+         This makes the ecc export format incompatible with 1.03 [it shouldn't change in the future]
+      -- Removed ECC-160 from timing and added the other curves
+
+June 9th, 2005
+v1.03
+      -- Users may want to note that on a P4/GCC3.4 platform "-fno-regmove" greatly accelerates the ciphers/hashes.
+      --------------------------------------------------------------------------------------------------------------
+      -- Made it install the testing library in the icc/static makefiles
+      -- Found bug in ccm_memory.c which would fail to compile when LTC_CLEAN_STACK was enabled
+      -- Simon Johnson proposed I do a fully automated test suite.  Hence "testme.sh" was born
+      -- Added LTC_NO_TEST which forces test vectors off (regardless of what tomcrypt_custom.h has)
+      -- Added LTC_NO_TABLES which disables large tables (where possible, regardless of what tomcrypt_custom.h has)
+      -- New test script found a bug in twofish.c when TABLES was disabled.  Yeah testing!
+      -- Added a LTC_FAST specific test to the testing software.
+      -- Updated test driver to actually halt on errors and just print them out (useful for say... automated testing...)
+      -- Added bounds checking to Pelican MAC
+      -- Added BIT and OCTET STRING to the ASN.1 side of things.  
+      -- Pekka Riikonen pointed out that my ctr_start() function should accept the counter mode. 
+      -- Cleaned up warnings in testprof
+      -- Removed redundant mu and point mapping in ecc_verify_hash() so it should be a bit faster now
+      -- Pekka pointed out that the AES key structure was using 32 bytes more than it ought to.
+      -- Added quick defines to remove entire classes of algorithms.  This makes it easier if you want to build with just 
+         one algorithm (say AES or SHA-256).  Defines are LTC_NO_CIPHERS, LTC_NO_MODES, LTC_NO_HASHES, LTC_NO_MACS,
+         LTC_NO_PRNGS, LTC_NO_PK, LTC_NO_PKCS
+      -- As part of the move for ECC to X9.62 I've changed the signature algorithm to EC DSA.  No API changes.
+      -- Pekka helped me clean up the PKCS #1 v2.1 [OAEP/PSS] code
+      -- Wrote new DER SEQUENCE coder/decoder
+      -- RSA, DSA and ECDSA now use the DER SEQUENCE code (saves a lot of code!)
+      -- DSA output is now a DER SEQUENCE (so not compatible with previous releases).  
+      -- Added Technote #5 which shows how to build LTC on an AMD64 to have a variety of algorithms in only ~80KB of code.
+      -- Changed temp variable in LOAD/STORE macros to "ulong32" for 32-bit ops.  Makes it safer on Big endian platforms
+      -- Added INSTALL_GROUP and INSTALL_USER which you can specify on the build to override the default USER/GROUP the library 
+         is to be installed as
+      -- Removed "testprof" from the default build.  
+      -- Added IA5, NULL and Object Identifier to the list of ASN.1 DER supported types
+      -- The "no_oops" target (part of zipup) now scans for non-cvs files.  This helps prevent temp/scratch files from appearing in releases ;-)
+      -- Added DERs for missing hashes, but just the OID not the PKCS #1 v1.5 additions. 
+      -- Removed PKCS #1 v1.5 from the tree since it's taking up space and you ought to use v2.1 anyways
+      -- Kevin Kenny pointed out a few stray // comments
+      -- INTEGER code properly supports negatives and zero padding [Pekka!]
+      -- Sorted asn1/der/ directory ... less of a mess now ;-)
+      -- Added PRINTABLE STRING type
+      -- Removed ECC-160 as it wasn't a standard curve
+      -- Made ecc_shared_secret() ANSI X9.63 compliant
+      -- Changed "printf" to "fprintf(stderr, " in the testbench... ;-)
+      -- Optimized the GCM table creation.  On 1KB packets [with key switching] the new GCM is 12.7x faster than before.
+      -- Changed OID representation for hashes to be just a list of unsigned longs (so you can compare against them nicely after decoding a sequence)
+      -- ECC code now uses Montgomery reduction ... it's even faster [ECC-256 make key down from 37.4M to 4.6M cycles on an Athlon64]
+      -- Added SHORT_INTEGER so users can easily store DER encoded INTEGER types without using the bignum math library
+      -- Fixed OMAC code so that with LTC_FAST it doesn't require that LTC_FAST_TYPE divides 16 [it has to divide the block size instead]
+      -- ECC key export is now a simple [and documented] SEQUENCE, the "encrypt_key" also uses a new SEQUENCE format.
+      -- Thanks goes to the following testers
+            Michael Brown             - Solaris 10/uSPARCII
+            Richard Outerbridge       - MacOS
+            Martin Carpenter          - Solaris 8/uSPARCII [Thanks for cleaning up the scripts]
+            Greg Rose                 -  ... SunOS 5.8/SPARC [... what's with the SPARCS?]
+            Matt Johnston             - MacOS X  [Thanks for pointing out GCC 4 problems with -Os]
+
 April 19th, 2005
 v1.02
       -- Added LTC_TEST support to gcm_test()
@@ -1243,3 +1319,8 @@
        -- Added more to the manual.
 
 v0.01  -- We will call this the first version.
+
+/* $Source: /cvs/libtom/libtomcrypt/changes,v $ */
+/* $Revision: 1.106 $ */
+/* $Date: 2005/06/27 12:37:06 $ */
+
--- a/crypt.tex	Fri May 06 13:23:02 2005 +0000
+++ b/crypt.tex	Wed Jul 06 03:53:40 2005 +0000
@@ -47,7 +47,7 @@
 \def\gap{\vspace{0.5ex}}
 \makeindex
 \begin{document}
-\title{LibTomCrypt \\ Version 1.02}
+\title{LibTomCrypt \\ Version 1.05}
 \author{Tom St Denis \\
 \\
 [email protected] \\
@@ -57,7 +57,7 @@
 This text and source code library are both hereby placed in the public domain.  This book has been 
 formatted for A4 paper using the \LaTeX{} {\em book} macro package.
 
-\vspace{10cm}
+\vspace{15cm}
 
 \begin{flushright}Open Source.  Open Academia.  Open Minds.
 
@@ -771,13 +771,19 @@
 \index{OFB Mode} \index{CFB Mode}
 The library provides simple support routines for handling CBC, CTR, CFB, OFB and ECB encoded messages.  Assuming the mode 
 you want is XXX there is a structure called ``symmetric\_XXX'' that will contain the information required to
-use that mode.  They have identical setup routines (except ECB mode for obvious reasons):
+use that mode.  They have identical setup routines (except CTR and ECB mode):
 \index{ecb\_start()} \index{cfb\_start()} \index{cbc\_start()} \index{ofb\_start()} \index{ctr\_start()}
 \begin{verbatim}
 int XXX_start(int cipher, const unsigned char *IV, 
               const unsigned char *key, int keylen, 
               int num_rounds, symmetric_XXX *XXX);
 
+int ctr_start(               int   cipher,
+              const unsigned char *IV,
+              const unsigned char *key,       int keylen,
+                             int  num_rounds, int ctr_mode,
+                   symmetric_CTR *ctr);
+
 int ecb_start(int cipher, const unsigned char *key, int keylen, 
               int num_rounds, symmetric_ECB *ecb);
 \end{verbatim}
@@ -789,7 +795,12 @@
 parameters ``key'', ``keylen'' and ``num\_rounds'' are the same as in the XXX\_setup() function call.  The final parameter 
 is a pointer to the structure you want to hold the information for the mode of operation.
 
-Both routines return {\bf CRYPT\_OK} if the cipher initialized correctly, otherwise they return an error code.  
+
+In the case of CTR mode there is an additional parameter ``ctr\_mode'' which specifies the mode that the counter is to be used in.
+If \textbf{CTR\_COUNTER\_LITTLE\_ENDIAN} was specified then the counter will be treated as a little endian value.  Otherwise, if 
+\textbf{CTR\_COUNTER\_BIG\_ENDIAN} was specified the counter will be treated as a big endian value.
+
+The routines return {\bf CRYPT\_OK} if the cipher initialized correctly, otherwise they return an error code.  
 
 \subsection{Encryption and Decryption}
 To actually encrypt or decrypt the following routines are provided:
@@ -867,6 +878,7 @@
                            key, /* the secret key */
                             16, /* length of secret key (16 bytes, 128 bits) */
                              0, /* 0 == default # of rounds */
+     CTR_COUNTER_LITTLE_ENDIAN, /* Little endian counter */
                          &ctr)  /* where to store initialized CTR state */
       ) != CRYPT_OK) {
       printf("ctr_start error: %s\n", error_to_string(err));
@@ -1349,7 +1361,7 @@
    }
 
    /* process the plaintext */
-   if ((err = gcm_add_process(gcm, pt, ptlen, pt, GCM_ENCRYPT)) != CRYPT_OK) {
+   if ((err = gcm_process(gcm, pt, ptlen, pt, GCM_ENCRYPT)) != CRYPT_OK) {
       return err;
    }
 
@@ -1359,6 +1371,8 @@
       return err;
    }
 
+   /* ... send a header describing the lengths ... */
+
    /* depending on the protocol and how IV is generated you may have to send it too... */
    send(socket, iv, ivlen, 0);
 
@@ -2452,8 +2466,8 @@
 
 \section{Introduction}
 RSA wrote the PKCS \#1 specifications which detail RSA Public Key Cryptography.  In the specifications are
-padding algorithms for encryption and signatures.  The standard includes ``v1.5'' and ``v2.0'' algorithms.
-To simplify matters a little the v2.0 encryption and signature padding algorithms are called OAEP and PSS 
+padding algorithms for encryption and signatures.  The standard includes the ``v2.1'' algorithms.
+To simplify matters a little the v2.1 encryption and signature padding algorithms are called OAEP and PSS 
 respectively.  
 
 \section{PKCS \#1 Encryption}
@@ -2509,33 +2523,6 @@
 $1$ in ``res''.  If the packet is invalid it stores $0$ in ``res'' and if the function fails for another reason
 it returns an error code.  
 
-\subsection{PKCS \#1 v1.5 Encoding}
-
-\index{pkcs\_1\_v15\_es\_encode()}
-\begin{verbatim}
-int pkcs_1_v15_es_encode(const unsigned char *msg,    unsigned long msglen,
-                               unsigned long  modulus_bitlen, 
-                               prng_state    *prng,   int           prng_idx,
-                               unsigned char *out,    unsigned long *outlen);
-\end{verbatim}
-
-This will PKCS v1.5 encode the data in ``msg'' of length ``msglen''.  Pass the length (in bits) of your
-RSA modulus in ``modulus\_bitlen''.  The encoded data will be stored in ``out'' of length ``outlen''.
-
-\subsection{PKCS \#1 v1.5 Decoding}
-\index{pkcs\_1\_v15\_es\_decode()}
-\begin{verbatim}
-int pkcs_1_v15_es_decode(const unsigned char *msg,  unsigned long msglen,
-                               unsigned long modulus_bitlen,
-                               unsigned char *out,  unsigned long outlen,
-                               int           *res);
-\end{verbatim}
-
-This will PKCS v1.5 decode the message in ``msg'' of length ``msglen''.  It will store the output in ``out''. Note
-that the length of the output ``outlen'' is a constant.  This decoder cannot determine the original message 
-length.  If the data in ``msg'' is a valid packet then a $1$ is stored in ``res'', otherwise a $0$ is 
-stored.
-
 \section{PKCS \#1 Digital Signatures}
 
 \subsection{PSS Encoding}
@@ -2577,34 +2564,6 @@
 
 It's important to use the same ``saltlen'' and hash for both encoding and decoding as otherwise the procedure will not work.
 
-\subsection{PKCS \#1 v1.5 Encoding}
-
-\index{pkcs\_1\_v15\_sa\_encode()}
-\begin{verbatim}
-int pkcs_1_v15_sa_encode(const unsigned char *msghash,  unsigned long msghashlen,
-                               int            hash_idx, unsigned long modulus_bitlen,
-                               unsigned char *out,      unsigned long *outlen);
-\end{verbatim}
-
-This will PKCS \#1 v1.5 signature encode the message hash ``msghash''  of length ``msghashlen''.  You have
-to tell this routine which hash produced the message hash in ``hash\_idx''.  The encoded hash is stored
-in ``out'' of length ``outlen''.
-
-\subsection{PKCS \#1 v1.5 Decoding}
-
-\index{pkcs\_1\_v15\_sa\_decode()}
-\begin{verbatim}
-int pkcs_1_v15_sa_decode(const unsigned char *msghash, unsigned long msghashlen,
-                         const unsigned char *sig,     unsigned long siglen,
-                               int           hash_idx, unsigned long modulus_bitlen, 
-                               int          *res);
-\end{verbatim}
-
-This will PKCS \#1 v1.5 signature decode the data in ``sig'' of length ``siglen'' and compare the extracted
-hash against ``msghash'' of length ``msghashlen''.  You have to tell this routine which hash produced the
-message digest in ``hash\_idx''.  If the packet is valid and the hashes match ``res'' is set to $1$.  Otherwise,
-it is set to $0$.
-
 \section{RSA Operations}
 \subsection{Background}
 
@@ -2698,15 +2657,14 @@
 int rsa_decrypt_key(const unsigned char *in,  unsigned long inlen,
                           unsigned char *out, unsigned long *outlen, 
                     const unsigned char *lparam, unsigned long lparamlen,
-                          prng_state    *prng,   int           prng_idx,
-                          int            hash_idx, int *res,
+                          int            hash_idx, int *stat,
                           rsa_key       *key);
 \end{verbatim}
 This function will RSA decrypt ``in'' of length ``inlen'' then OAEP depad the resulting data and store it in
 ``out'' of length ``outlen''.  The ``lparam'' and ``lparamlen'' are the same parameters you would pass
 to pkcs\_1\_oaep\_decode().
 
-If the RSA decrypted data isn't a valid OAEP packet then ``res'' is set to $0$.  Otherwise, it is set to $1$.
+If the RSA decrypted data isn't a valid OAEP packet then ``stat'' is set to $0$.  Otherwise, it is set to $1$.
 
 \subsection{RSA Hash Signatures}
 Similar to RSA key encryption RSA is also used to ``digitally sign'' message digests (hashes).  To facilitate this
@@ -2729,7 +2687,6 @@
 \begin{verbatim}
 int rsa_verify_hash(const unsigned char *sig,      unsigned long siglen,
                     const unsigned char *msghash,  unsigned long msghashlen,
-                          prng_state    *prng,     int           prng_idx,
                           int            hash_idx, unsigned long saltlen,
                           int           *stat,     rsa_key      *key);
 \end{verbatim}
@@ -2799,8 +2756,6 @@
                               &l2, /* plaintext length */
                         "TestApp", /* lparam for this program */
                                 7, /* lparam is 7 bytes long */
-                             NULL, /* PRNG state */
-                         prng_idx, /* prng idx */
                          hash_idx, /* hash idx */
                              &res, /* validity of data */
                              &key) /* our RSA key */ 
@@ -3060,6 +3015,33 @@
 range in order from $\approx 2^{192}$ points to $\approx 2^{521}$.  According to the source document any key size greater
 than or equal to 256-bits is sufficient for long term security.  
 
+\section{Key Format}
+LibTomCrypt uses it's own format for ECC public and private keys.  While ANSI X9.62 partially specifies key formats (it covers public keys) it does it in a less
+than ideally simple manner.  In the case of LibTomCrypt it is meant \textbf{solely} for NIST $GF(p)$ curves.  The format of the keys is as follows:
+
+\begin{small}
+\begin{verbatim}
+ECCPublicKey ::= SEQUENCE {
+    flags       BIT STRING(1), -- public/private flag (always zero), 
+    keySize     INTEGER,       -- Curve size (in bits) divided by eight 
+                               -- and rounded down, e.g. 521 => 65
+    pubkey.x    INTEGER,       -- The X co-ordinate of the public key point
+    pubkey.y    INTEGER,       -- The Y co-ordinate of the public key point
+}
+
+ECCPrivateKey ::= SEQUENCE {
+    flags       BIT STRING(1), -- public/private flag (always one), 
+    keySize     INTEGER,       -- Curve size (in bits) divided by eight 
+                               -- and rounded down, e.g. 521 => 65
+    pubkey.x    INTEGER,       -- The X co-ordinate of the public key point
+    pubkey.y    INTEGER,       -- The Y co-ordinate of the public key point
+    secret.k    INTEGER,       -- The secret key scalar
+}
+\end{verbatim}
+\end{small}
+
+The first flags bit denotes whether the key is public (zero) or private (one).  
+
 \section{Core Functions}
 
 Like the DH routines there is a key structure ``ecc\_key'' used by the functions.  There is a function to make a key:
@@ -3069,8 +3051,8 @@
                  int keysize, ecc_key *key);
 \end{verbatim}
 
-The ``keysize'' is the size of the modulus in bytes desired.  Currently directly supported values are 20, 24, 28, 32, 48 and 65 bytes which
-correspond to key sizes of 160, 192, 224, 256, 384 and 521 bits respectively.  If you pass a key size that is between any key size
+The ``keysize'' is the size of the modulus in bytes desired.  Currently directly supported values are 24, 28, 32, 48 and 65 bytes which
+correspond to key sizes of 192, 224, 256, 384 and 521 bits respectively.  If you pass a key size that is between any key size
 it will round the keysize up to the next available one.  The rest of the parameters work like they do in the ``dh\_make\_key()'' function.  
 To free the ram allocated by a key call:
 \index{ecc\_free()}
@@ -3129,11 +3111,23 @@
                           ecc_key *key);
 \end{verbatim}
 
-Where ``in'' is an input symmetric key of no more than 32 bytes.  Essentially these routines created a random public key
+Where ``in'' is an input symmetric key of no more than 64 bytes.  Essentially these routines created a random public key
 and find the hash of the shared secret.  The message digest is than XOR'ed against the symmetric key.  All of the required
 data is placed in ``out'' by ``ecc\_encrypt\_key()''.   The hash chosen must produce a message digest at least as large
 as the symmetric key you are trying to share.
 
+\subsection{Encrypt Packet Format}
+
+The packet format for the encrypted keys is the following ASN.1 SEQUENCE:
+
+\begin{verbatim}
+ECCEncrypt ::= SEQUENCE {
+   hashID        OBJECT IDENTIFIER, -- OID of hash used
+   pubkey        OCTET STRING     , -- Encapsulated ECCPublicKey (see above)
+   skey          OCTET STRING       -- xor of plaintext and "hash of shared secret"
+}
+\end{verbatim}
+
 There are also functions to sign and verify the hash of a message.
 \index{ecc\_sign\_hash()} \index{ecc\_verify\_hash()}
 \begin{verbatim}
@@ -3150,12 +3144,14 @@
 The ``ecc\_verify\_hash'' function verifies the ECC signature in ``sig'' against the hash in ``hash''.  It sets ``stat''
 to non-zero if the signature passes or zero if it fails.
 
+\subsection{Signature Format}
+The signature code is an implementation of X9.62 EC-DSA and the output is comformant for GF(p) curves.
 
 \section{ECC Keysizes}
 With ECC if you try and sign a hash that is bigger than your ECC key you can run into problems.  The math will still work
 and in effect the signature will still work.  With ECC keys the strength of the signature is limited by the size of
-the hash or the size of they key, whichever is smaller.  For example, if you sign with SHA256 and a ECC-160 key in effect
-you have 160-bits of security (e.g. as if you signed with SHA-1).  
+the hash or the size of they key, whichever is smaller.  For example, if you sign with SHA256 and an ECC-192 key in effect
+you have 192-bits of security.  
 
 The library will not warn you if you make this mistake so it is important to check yourself before using the 
 signatures.
@@ -3170,6 +3166,38 @@
 The API for the DSA is essentially the same as the other PK algorithms.  Except in the case of DSA no encryption or
 decryption routines are provided.  
 
+\section{Key Format}
+Since no useful public standard for DSA key storage was presented to me during the course of this development I made my own ASN.1 SEQUENCE which I document
+now so that others can interoperate with this library.
+
+\begin{verbatim}
+DSAPublicKey ::= SEQUENCE {
+    publicFlags    BIT STRING(1), -- must be 0
+    g              INTEGER      , -- base generator, check that g^q mod p == 1
+                                  -- and that 1 < g < p - 1
+    p              INTEGER      , -- prime modulus 
+    q              INTEGER      , -- order of sub-group (must be prime)
+    y              INTEGER      , -- public key, specifically, g^x mod p, 
+                                  -- check that y^q mod p == 1
+                                  -- and that 1 < y < p - 1
+}
+
+DSAPrivateKey ::= SEQUENCE {
+    publicFlags    BIT STRING(1), -- must be 1
+    g              INTEGER      , -- base generator, check that g^q mod p == 1
+                                  -- and that 1 < g < p - 1
+    p              INTEGER      , -- prime modulus 
+    q              INTEGER      , -- order of sub-group (must be prime)
+    y              INTEGER      , -- public key, specifically, g^x mod p, 
+                                  -- check that y^q mod p == 1
+                                  -- and that 1 < y < p - 1
+    x              INTEGER        -- private key
+}
+\end{verbatim}
+
+The leading BIT STRING has a single bit in it which is zero for public keys and one for private keys.  This makes the structure uniquely decodable and easy
+to work with.
+
 \section{Key Generation}
 To make a DSA key you must call the following function
 \begin{verbatim}
@@ -3291,79 +3319,351 @@
 will automatically free all of the heap allocated in the process (you don't have to call dsa\_free()).  
 
 \chapter{Standards Support}
-\section{DER Support}
-DER or ``Distinguished Encoding Rules'' is a subset of the ASN.1 encoding rules that is fully deterministic and
-ideal for cryptography.  In particular ASN.1 specifies an INTEGER type for storing arbitrary sized integers.  DER
-further limits the ASN.1 specifications to a deterministic encoding.
-
-\subsection{Storing INTEGER types}
-\index{der\_encode\_integer()}
-\begin{alltt}
-int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen);
-\end{alltt}
-
-This will store the integer in ``num'' to the output buffer ``out'' of length ``outlen''.  It only stores
-non--negative numbers.  It stores the number of octets used back in ``outlen''.
-
-\subsection{Reading INTEGER types}
-\index{der\_decode\_integer()}
-\begin{alltt}
-int der_decode_integer(const unsigned char *in, unsigned long *inlen, mp_int *num);
-\end{alltt}
-This will decode the DER encoded INTEGER in ``in'' of length ``inlen'' and store the resulting integer
-in ``num''.  It will store the bytes read in ``inlen'' which is handy if you have to parse multiple
-data items out of a binary packet.
-
-\subsection{INTEGER length}
-\index{der\_length\_integer()}
-\begin{alltt}
-int der_length_integer(mp_int *num, unsigned long *len);
-\end{alltt}
-This will determine the length of the DER encoding of the integer ``num'' and store it in ``len''.
-
-\subsection{Multiple INTEGER types}
-To simplify the DER encoding/decoding there are two functions two handle multple types at once.
-
-\index{der\_put\_multi\_integer()}
-\index{der\_get\_multi\_integer()}
-\begin{alltt}
-int der_put_multi_integer(unsigned char *dst, unsigned long *outlen, mp_int *num, ...);
-int der_get_multi_integer(const unsigned char *src, unsigned long *inlen,  mp_int *num, ...);
-\end{alltt}
-
-These will handle multiple encodings/decodings at once.  They work like their single operand counterparts
-except they handle a \textbf{NULL} terminated list of operands.
+\section{ASN.1 Formats}
+LibTomCrypt supports a variety of ASN.1 data types encoded with the Distinguished Encoding Rules (DER) suitable for various cryptographic protocols.  The data types
+are all provided with three basic functions with \textit{similar} prototypes.  One function has been dedicated to calculate the length in octets of a given
+format and two functions have been dedicated to encoding and decoding the format.  
+
+On top of the basic data types are the SEQUENCE and\footnote{Planned for LTC 1.06} SET data types which are collections of other ASN.1 types.  They are provided 
+in the same manner as the other data types except they use list of objects known as the \textbf{ltc\_asn1\_list} structure.  It is defined as 
+
+\index{ltc\_asn1\_list structure}
+\begin{verbatim}
+typedef struct {
+   int           type;
+   void         *data;
+   unsigned long size;
+   int           used;
+} ltc_asn1_list;
+\end{verbatim}
+
+The ``type'' field is one of the following ASN.1 field definitions.  The ``data'' pointer is a void pointer to the data to be encoded (or the destination) and the 
+``size'' field is specific to what you are encoding (e.g. number of bits in the BIT STRING data type).  The ``used'' field is primarily for the CHOICE decoder
+and reflects if the particular member of a list was the decoded data type.  To help build the lists in an orderly fashion the macro
+``LTC\_SET\_ASN1(list, index, Type, Data, Size)'' has been provided.
+
+It will assign to the ``index''th position in the ``list'' the tripplet (Type, Data, Size).  An example usage would be:
+
+\begin{small}
+\begin{verbatim}
+...
+ltc_asn1_list   sequence[3];
+unsigned long   three=3;
+
+LTC_SET_ASN1(sequence, 0, LTC_ASN1_IA5_STRING,    "hello", 5);
+LTC_SET_ASN1(sequence, 1, LTC_ASN1_SHORT_INTEGER, &three,  1);
+LTC_SET_ASN1(sequence, 2, LTC_ASN1_NULL,           NULL,   0);
+\end{verbatim}
+\end{small}
+
+The macro is relatively safe with respect to modifying variables, for instance the following code is equivalent.
+
+\begin{small}
+\begin{verbatim}
+...
+ltc_asn1_list   sequence[3];
+unsigned long   three=3;
+int             x=0;
+LTC_SET_ASN1(sequence, x++, LTC_ASN1_IA5_STRING,    "hello", 5);
+LTC_SET_ASN1(sequence, x++, LTC_ASN1_SHORT_INTEGER, &three,  1);
+LTC_SET_ASN1(sequence, x++, LTC_ASN1_NULL,           NULL,   0);
+\end{verbatim}
+\end{small}
+
+\begin{figure}[here]
+\begin{center}
+\begin{small}
+\begin{tabular}{|l|l|}
+\hline \textbf{Definition}           & \textbf{ASN.1 Type} \\
+\hline LTC\_ASN1\_EOL                & End of a ASN.1 list structure. \\
+\hline LTC\_ASN1\_INTEGER            & INTEGER (uses mp\_int) \\
+\hline LTC\_ASN1\_SHORT\_INTEGER     & INTEGER (32--bit using unsigned long) \\
+\hline LTC\_ASN1\_BIT\_STRING        & BIT STRING (one bit per char) \\
+\hline LTC\_ASN1\_OCTET\_STRING      & OCTET STRING (one octet per char) \\
+\hline LTC\_ASN1\_NULL               & NULL \\
+\hline LTC\_ASN1\_OBJECT\_IDENTIFIER & OBJECT IDENTIFIER (words are in unsigned long) \\
+\hline LTC\_ASN1\_IA5\_STRING        & IA5 STRING (one octet per char) \\
+\hline LTC\_ASN1\_PRINTABLE\_STRING  & PRINTABLE STIRNG (one octet per char) \\
+\hline LTC\_ASN1\_UTCTIME            & UTCTIME (see ltc\_utctime structure) \\
+\hline LTC\_ASN1\_SEQUENCE           & SEQUENCE OF \\
+\hline LTC\_ASN1\_CHOICE             & CHOICE \\
+\hline
+\end{tabular}
+\caption{List of ASN.1 Supported Types}
+\end{small}
+\end{center}
+\end{figure}
+
+\subsection{SEQUENCE Type}
+The SEQUENCE data type is a collection of other ASN.1 data types encapsulated with a small header which is a useful way of sending multiple data types in one packet.
+
+\subsubsection{SEUQNECE Encoding}
+To encode a sequence a \textbf{ltc\_asn1\_list} array must be initialized with the members of the sequence and their respective pointers.  The encoding is performed
+with the following function.
+
+\index{der\_encode\_sequence()}
+\begin{verbatim}
+int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned char *out,  unsigned long *outlen);
+\end{verbatim}
+This encodes a sequence of items pointed to by ``list'' where the list has ``inlen'' items in it.  The SEQUENCE will be encoded to ``out'' and of length ``outlen''.  The
+function will terminate when it reads all the items out of the list (upto ``inlen'') or it encounters an item in the list with a type of \textbf{LTC\_ASN1\_EOL}.
+
+The ``data'' pointer in the list would be the same pointer you would pass to the respective ASN.1 encoder (e.g. der\_encode\_bit\_string()) and it is simply passed on
+verbatim to the dependent encoder.  The list can contain other SEQUENCE or SET types which enables you to have nested SEQUENCE and SET definitions.  In these cases
+the ``data'' pointer is simply a pointer to another \textbf{ltc\_asn1\_list}.
+
+\subsubsection{SEQUENCE Decoding}
+
+\index{der\_decode\_sequence()}
+
+Decoding a SEQUENCE is similar to encoding.  You set up an array of \textbf{ltc\_asn1\_list} where in this case the ``size'' member is the maximum size 
+(in certain cases).  For types such as IA5 STRING, BIT STRING, OCTET STRING (etc) the ``size'' field is updated after successful decoding to reflect how many
+units of the respective type has been loaded.  
+
+\begin{verbatim}
+int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
+                              ltc_asn1_list *list, unsigned long  outlen);
+\end{verbatim}
+
+This will decode upto ``outlen'' items from the input buffer ``in'' of length ``inlen'' octets.  The function will stop (gracefully) when it runs out of items to decode.
+It will fail (for among other reasons) when it runs out of input bytes to read, a data type is invalid or a heap failure occured.
+
+For the following types the ``size'' field will be updated to reflect the number of units read of the given type.
+\begin{enumerate}
+   \item BIT STRING
+   \item OCTET STRING
+   \item OBJECT IDENTIFIER
+   \item IA5 STRING
+   \item PRINTABLE STRING
+\end{enumerate}
+
+\subsubsection{SEQUENCE Length}
+
+The length of a SEQUENCE can be determined with the following function.
+
+\index{der\_length\_sequence()}
+\begin{verbatim}
+int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned long *outlen);
+\end{verbatim}
+
+This will get the encoding size for the given ``list'' of length ``inlen'' and store it in ``outlen''.  
+
+\subsubsection{SEQUENCE Multiple Argument Lists}
+
+For small or simple sequences an encoding or decoding can be performed with one of the following two functions.
+
+\index{der\_encode\_sequence\_multi()}
+\index{der\_decode\_sequence\_multi()}
 
 \begin{verbatim}
-#include <tomcrypt.h>
-int main(void)
-{
-   mp_int        a, b, c, d;
-   unsigned char buffer[1000];
-   unsigned long len;
-   int           err;
-
-   /* init a,b,c,d with some values ... */
-
-   /* ok we want to store them now... */
-   len = sizeof(buffer);
-   if ((err = der_put_multi_integer(buffer, &len, 
-                                    &a, &b, &c, &d, NULL)) != CRYPT_OK) {
-      // error
-   }
-   printf("I stored %lu bytes in buf\n", len);
-
-   /* ok say we want to get them back for fun */
-   /* len set previously...otherwise set it to the size of the packet */
-   if ((err = der_get_multi_integer(buffer, &len,
-                                    &a, &b, &c, &d, NULL)) != CRYPT_OK) {
-      // error
-   }
-   printf("I read %lu bytes from buf\n", len);
-}
+int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...);
+int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...);
+\end{verbatim}
+
+These either encode or decode (respectively) a SEQUENCE data type where the items in the sequence are specified after the length parameter.
+
+The list of items are specified as a triple of the form ``(type, size, data)''  where ``type'' is an \textbf{int}, ``size'' is a \textbf{unsigned long}
+and ``data'' is \textbf{void} pointer.  The list of items must be terminated with an item with the type \textbf{LTC\_ASN1\_EOL}.
+
+It's ideal that you cast the ``size'' values to unsigned long to ensure that the proper data type is passed to the function.  Constants such as ``1'' without
+a cast or prototype are of type \textbf{int} by default.  Appending \textit{UL} or prepending \textit{(unsigned long)} is enough to cast it to the correct type.
+
+\subsection{ASN.1 INTEGER}
+
+To encode or decode INTEGER data types use the following functions.
+
+\index{der\_encode\_integer()}
+\index{der\_decode\_integer()}
+\index{der\_length\_integer()}
+\begin{verbatim}
+int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen);
+int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num);
+int der_length_integer(mp_int *num, unsigned long *len);
+\end{verbatim}
+
+These will encode or decode a signed INTEGER data type using the ``mp\_int'' data type to store the large INTEGER.  To encode smaller values without allocating
+an mp\_int to store the value the ``short'' INTEGER functions were made available.
+
+\index{der\_encode\_short\_integer()}
+\index{der\_decode\_short\_integer()}
+\index{der\_length\_short\_integer()}
+\begin{verbatim}
+int der_encode_short_integer(unsigned long  num, 
+                             unsigned char *out, unsigned long *outlen);
+
+int der_decode_short_integer(const unsigned char *in,  unsigned long inlen, 
+                                   unsigned long *num);
+
+int der_length_short_integer(unsigned long num, unsigned long *outlen);
+\end{verbatim}
+
+These will encode or decode an unsigned \textbf{unsigned long} type (only reads upto 32--bits).  For values in the range $0 \dots 2^{32} - 1$ the integer 
+and short integer functions can encode and decode each others outputs.  
+
+\subsection{ASN.1 BIT STRING}
+
+\index{der\_encode\_bit\_string()}
+\index{der\_decode\_bit\_string()}
+\index{der\_length\_bit\_string()}
+\begin{verbatim}
+int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_decode_bit_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_length_bit_string(unsigned long nbits, unsigned long *outlen);
+\end{verbatim}
+
+These will encode or decode a BIT STRING data type.  The bits are passed in (or read out) using one \textbf{char} per bit.  A non--zero value will be interpretted
+as a one bit and a zero value a zero bit.
+
+\subsection{ASN.1 OCTET STRING}
+
+\index{der\_encode\_octet\_string()}
+\index{der\_decode\_octet\_string()}
+\index{der\_length\_octet\_string()}
+\begin{verbatim}
+int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen);
+
+int der_decode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen);
+
+int der_length_octet_string(unsigned long noctets, unsigned long *outlen);
+\end{verbatim}
+
+These will encode or decode an OCTET STRING data type.  The octets are stored using one \textbf{char} each.  
+
+\subsection{ASN.1 OBJECT IDENTIFIER}
+
+\index{der\_encode\_object\_identifier()}
+\index{der\_decode\_object\_identifier()}
+\index{der\_length\_object\_identifier()}
+\begin{verbatim}
+int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
+                                 unsigned char *out,   unsigned long *outlen);
+
+int der_decode_object_identifier(const unsigned char *in,    unsigned long  inlen,
+                                       unsigned long *words, unsigned long *outlen);
+
+int der_length_object_identifier(unsigned long *words, unsigned long nwords, 
+                                 unsigned long *outlen);
 \end{verbatim}
+
+These will encode or decode an OBJECT IDENTIFIER object.  The words of the OID are stored in individual \textbf{unsigned long} elements and must be in the range
+$0 \ldots 2^{32} - 1$.  
+
+\subsection{ASN.1 IA5 STRING}
+
+\index{der\_encode\_ia5\_string()}
+\index{der\_decode\_ia5\_string()}
+\index{der\_length\_ia5\_string()}
+\begin{verbatim}
+int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_decode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, 
+                                unsigned long *outlen);
+\end{verbatim}
+
+These will encode or decode an IA5 STRING.  The characters are read or stored in individual \textbf{char} elements.  This functions performs internal character
+to numerical conversions based on the conventions of the compiler being used.  For instance, on an x86\_32 machine 'A' == 65 but the same may not be true on 
+say a SPARC machine.  Internally these functions have a table of literal characters and their numerical ASCII values.  This provides a stable conversion provided
+that the build platform honours the runtime platforms character conventions.
+
+If you're worried try building the test suite and running it.  It has hard coded test vectors to ensure it is operating properly. 
+
+\subsection{ASN.1 PRINTABLE STRING}
+
+\index{der\_encode\_printable\_string()}
+\index{der\_decode\_printable\_string()}
+\index{der\_length\_printable\_string()}
+\begin{verbatim}
+int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_decode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+
+int der_length_printable_string(const unsigned char *octets, unsigned long noctets, 
+                                unsigned long *outlen);
+\end{verbatim}
+
+These will encode or decode an PRINTABLE STRING.  The characters are read or stored in individual \textbf{char} elements.  This functions performs internal character
+to numerical conversions based on the conventions of the compiler being used.  For instance, on an x86\_32 machine 'A' == 65 but the same may not be true on 
+say a SPARC machine.  Internally these functions have a table of literal characters and their numerical ASCII values.  This provides a stable conversion provided
+that the build platform honours the runtime platforms character conventions.
+
+If you're worried try building the test suite and running it.  It has hard coded test vectors to ensure it is operating properly. 
+
+\subsection{ASN.1 UTCTIME}
+
+The UTCTIME type is to store a date and time in ASN.1 format.  It uses the following structure to organize the time.
+
+\begin{verbatim}
+typedef struct {
+   unsigned YY, /* year    00--99 */
+            MM, /* month   01--12 */
+            DD, /* day     01--31 */
+            hh, /* hour    00--23 */
+            mm, /* minute  00--59 */
+            ss, /* second  00--59 */
+            off_dir, /* timezone offset direction 0 == +, 1 == - */
+            off_hh, /* timezone offset hours */
+            off_mm; /* timezone offset minutes */
+} ltc_utctime;
+\end{verbatim}
+
+The time can be offset plus or minus a set amount of hours (off\_hh) and minutes (off\_mm).  When ``off\_dir'' is zero the time will be added otherwise it 
+will be subtracted.  
+
+For instance, the array $\lbrace 5, 6, 20, 22, 4, 00, 0, 5, 0 \rbrace$ represents the current time of 2005, June 20th, 22:04:00 with a time offset of +05h00.  
+
+\index{der\_encode\_utctime()}
+\index{der\_decode\_utctime()}
+\index{der\_length\_utctime()}
+\begin{verbatim}
+int der_encode_utctime(ltc_utctime *utctime, 
+                       unsigned char *out,   unsigned long *outlen);
+
+int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
+                             ltc_utctime   *out);
+
+int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen);
+\end{verbatim}
+
+The encoder will store time in one of the two ASN.1 formats, either ``YYMMDDhhmmssZ'' or ``YYMMDDhhmmss$\pm$hhmm'' and perform minimal error checking on the 
+input.  The decoder will read all valid ASN.1 formats and perform range checking on the values (not complete but rational) useful for catching packet errors.
+
+It is suggested that decoded data be further scrutinized (e.g. days of month in particular).
+
+\subsection{ASN.1 CHOICE}
+
+The CHOICE ASN.1 type represents a union of ASN.1 types all of which are stored in a ``ltc\_asn1\_list''.  There is no encoder for the CHOICE type, only a 
+decoder.  The decoder will scan through the provided list attempting to use the appropriate decoder on the input packet.  The list can contain any ASN.1 data
+type\footnote{Except it cannot have LTC\_ASN1\_INTEGER and LTC\_ASN1\_SHORT\_INTEGER simultaneously.} except for other CHOICE types.  
+
+There is no encoder for the CHOICE type as the actual DER encoding is the encoding of the chosen type.  
+
+\index{der\_decode\_choice()}
+\begin{verbatim}
+int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
+                            ltc_asn1_list *list, unsigned long  outlen);
+\end{verbatim}
+
+This will decode the input in the ``in'' field of length ``inlen''.  It uses the provided ASN.1 list specified in the ``list'' field which has ``outlen'' elements.  
+The ``inlen'' field will be updated with the length of the decoded data type as well as the respective entry in the ``list'' field will have the ``used'' flag 
+set to non--zero to reflect it was the data type decoded.
+
 \section{Password Based Cryptography}
 \subsection{PKCS \#5}
+\index{PKCS \#5}
 In order to securely handle user passwords for the purposes of creating session keys and chaining IVs the PKCS \#5 was drafted.   PKCS \#5
 is made up of two algorithms, Algorithm One and Algorithm Two.  Algorithm One is the older fairly limited algorithm which has been implemented
 for completeness.  Algorithm Two is a bit more modern and more flexible to work with.
@@ -3436,7 +3736,6 @@
 \}
 \end{alltt}
 
-
 \chapter{Miscellaneous}
 \section{Base64 Encoding and Decoding}
 The library provides functions to encode and decode a RFC1521 base64 coding scheme.  This means that it can decode what it 
@@ -3634,7 +3933,6 @@
 \begin{center}
 \begin{tabular}{|c|c|}
     \hline ECC Key Size (bits) & Work Factor ($log_2$) \\
-    \hline 160 & 80  \\
     \hline 192 & 96  \\
     \hline 224 & 112 \\
     \hline 256 & 128 \\
@@ -3792,8 +4090,8 @@
 it will not speed up the encryption or decryption functions.
 
 \subsection{GCM\_TABLES}
-When defined GCM will use a 64KB table (per GCM state) which will greatly lower up the per--packet latency.  
-It also increases the initialization time.  
+When defined GCM will use a 64KB table (per GCM state) which will greatly speed up the per--packet latency.  
+It also increases the initialization time and isn't suitable when you are going to use a key a few times only.  
 
 \subsection{SMALL\_CODE}
 When this is defined some of the code such as the Rijndael and SAFER+ ciphers are replaced with smaller code variants.
@@ -3824,6 +4122,13 @@
 of your block cipher (e.g. 16 bytes for AES).  This means sadly if you're on a platform with 57--bit words (or something) you can't 
 use this mode.  So sad.
 
+\subsection{LTC\_PTHREAD}
+When this is activated all of the descriptor table functions will use pthread locking to ensure thread safe updates to the tables.  Note that 
+it doesn't prevent a thread that is passively using a table from being messed up by another thread that updates the table.
+
+Generally the rule of thumb is to setup the tables once at startup and then leave them be.  This added build flag simply makes updating
+the tables safer.
+
 \section{MPI Tweaks}
 \subsection{RSA Only Tweak}
 If you plan on only using RSA with moduli in the range of 1024 to 2560 bits you can enable a series of tweaks
@@ -4030,8 +4335,8 @@
 can specify the number of rounds they want through ``num\_rounds'' where $num\_rounds = 0$ means use the default.  The destination of a scheduled key is stored
 in ``skey''.
 
-This is where things get tricky.  Currently there is no provision to allocate memory during initialization since there is no ``cipher done'' function.  So you have
-to either use an existing member of the symmetric\_key union or alias your own structure over top of it provided symmetric\_key is not smaller.
+Inside the ``symmetric\_key'' union there is a ``void *data'' which you can use to allocate data if you need a data structure that doesn't fit with the existing
+ones provided.  Just make sure in your ``done()'' function that you free the allocated memory.
 
 \subsection{Single block ECB}
 To process a single block in ECB mode the ecb\_encrypt() and ecb\_decrypt() functions were provided.  The plaintext and ciphertext buffers are allowed to overlap so you 
@@ -4062,7 +4367,8 @@
 \subsubsection{Accelerated CTR}
 This function is meant for accelerated CTR encryption.  It is accessible through the accel\_ctr\_encrypt pointer.
 The ``blocks'' value is the number of complete blocks to process.  The ``IV'' is the CTR counter vector.  It is an input upon calling this function and must be
-updated by the function before returning.  The ``mode'' value indicates whether the counter is big ($mode = 1$) or little ($mode = 0$) endian.
+updated by the function before returning.  The ``mode'' value indicates whether the counter is big (mode = CTR\_COUNTER\_BIG\_ENDIAN) or 
+little (mode = CTR\_COUNTER\_LITTLE\_ENDIAN) endian.
 
 This function (and the way it's called) differs from the other two since ctr\_encrypt() allows any size input plaintext.  The accelerator will only be
 called if the following conditions are met.
@@ -4101,10 +4407,10 @@
     unsigned long hashsize;
     /** Input block size in octets */
     unsigned long blocksize;
-    /** ASN.1 DER identifier */
-    unsigned char DER[64];
+    /** ASN.1 OID */
+    unsigned long OID[16];
     /** Length of DER encoding */
-    unsigned long DERlen;
+    unsigned long OIDlen;
     /** Init a hash state
       @param hash   The hash to initialize
       @return CRYPT_OK if successful
@@ -4144,8 +4450,8 @@
 The `blocksize'' variable indicates the length of input (in octets) that the hash processes in a given
 invokation.
 
-\subsection{DER Identifier}
-This is the DER identifier (including the SEQUENCE header).  This is used solely for PKCS \#1 style signatures.  
+\subsection{OID Identifier}
+This is the universal ASN.1 Object Identifier for the hash.
 
 \subsection{Initialization}
 The init function initializes the hash and prepares it to process message bytes.
@@ -4251,3 +4557,7 @@
 \input{crypt.ind}
 
 \end{document}
+
+% $Source: /cvs/libtom/libtomcrypt/crypt.tex,v $   
+% $Revision: 1.39 $   
+% $Date: 2005/06/27 13:08:28 $ 
--- a/demos/encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -235,3 +235,7 @@
    }
    return 0;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/encrypt.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:56 $ */
--- a/demos/hashsum.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/hashsum.c	Wed Jul 06 03:53:40 2005 +0000
@@ -113,3 +113,7 @@
 #endif
 
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/hashsum.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:56 $ */
--- a/demos/multi.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -104,3 +104,7 @@
    return EXIT_SUCCESS;
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/multi.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:56 $ */
--- a/demos/small.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/small.c	Wed Jul 06 03:53:40 2005 +0000
@@ -8,3 +8,7 @@
    register_hash(&sha256_desc);
    return 0;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/small.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:56 $ */
--- a/demos/test.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -2,18 +2,23 @@
 
 int main(void)
 {
+   int x;
    reg_algs();
    printf("build == \n%s\n", crypt_build_settings);
-   printf("\ncipher_test..."); fflush(stdout); printf(cipher_hash_test() ? "failed" : "passed");
-   printf("\nmodes_test..."); fflush(stdout); printf(modes_test() ? "failed" : "passed");
-   printf("\nmac_test..."); fflush(stdout); printf(mac_test() ? "failed" : "passed");
-   printf("\npkcs_1_test..."); fflush(stdout); printf(pkcs_1_test() ? "failed" : "passed");
-   printf("\nstore_test..."); fflush(stdout); printf(store_test() ? "failed" : "passed");
-   printf("\nrsa_test..."); fflush(stdout); printf(rsa_test() ? "failed" : "passed");
-   printf("\necc_test..."); fflush(stdout); printf(ecc_tests() ? "failed" : "passed");
-   printf("\ndsa_test..."); fflush(stdout); printf(dsa_test() ? "failed" : "passed");
-   printf("\ndh_test..."); fflush(stdout); printf(dh_tests() ? "failed" : "passed");
-   printf("\nder_test..."); fflush(stdout); printf(der_tests() ? "failed" : "passed");
-
+   printf("\nstore_test...."); fflush(stdout); x = store_test();       printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\ncipher_test..."); fflush(stdout); x = cipher_hash_test(); printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\nmodes_test...."); fflush(stdout); x = modes_test();       printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\nder_test......"); fflush(stdout); x = der_tests();        printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\nmac_test......"); fflush(stdout); x = mac_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\npkcs_1_test..."); fflush(stdout); x = pkcs_1_test();      printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\nrsa_test......"); fflush(stdout); x = rsa_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\necc_test......"); fflush(stdout); x = ecc_tests();        printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\ndsa_test......"); fflush(stdout); x = dsa_test();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\ndh_test......."); fflush(stdout); x = dh_tests();         printf(x ? "failed" : "passed");if (x) exit(EXIT_FAILURE);
+   printf("\n");
    return EXIT_SUCCESS;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/test.c,v $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2005/06/19 12:06:58 $ */
--- a/demos/timing.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/timing.c	Wed Jul 06 03:53:40 2005 +0000
@@ -17,7 +17,10 @@
 time_rsa();
 time_ecc();
 time_dh();
-
 return EXIT_SUCCESS;
 
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/timing.c,v $ */
+/* $Revision: 1.17 $ */
+/* $Date: 2005/06/23 02:16:26 $ */
--- a/demos/tv_gen.c	Fri May 06 13:23:02 2005 +0000
+++ b/demos/tv_gen.c	Wed Jul 06 03:53:40 2005 +0000
@@ -664,3 +664,7 @@
       
     
    
+
+/* $Source: /cvs/libtom/libtomcrypt/demos/tv_gen.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:56 $ */
Binary file doc/crypt.pdf has changed
--- a/doc/footer.html	Fri May 06 13:23:02 2005 +0000
+++ b/doc/footer.html	Wed Jul 06 03:53:40 2005 +0000
@@ -2,3 +2,9 @@
 Code by <a href="http://www.libtomcrypt.org/">Tom</a><br>
 Docs using <img src="doxygen.png" alt="doxygen" align="middle" border=0>
 <a href="http://jlcooke.ca/tom/hidden_image.png">
+
+<!--
+/* $Source: /cvs/libtom/libtomcrypt/doc/footer.html,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/07 10:09:20 $ */
+-->
--- a/doc/header.html	Fri May 06 13:23:02 2005 +0000
+++ b/doc/header.html	Wed Jul 06 03:53:40 2005 +0000
@@ -4,3 +4,9 @@
 <link href="doxygen.css" rel="stylesheet" type="text/css">
 </head><body>
 <!-- Generated by Doxygen 1.3.8 -->
+
+<!--
+/* $Source: /cvs/libtom/libtomcrypt/doc/header.html,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/07 10:09:20 $ */
+-->
--- a/genlist.sh	Fri May 06 13:23:02 2005 +0000
+++ b/genlist.sh	Wed Jul 06 03:53:40 2005 +0000
@@ -4,3 +4,7 @@
 perl ./parsenames.pl OBJECTS "$a"
 export a=`find . -type f | grep [.]/src | grep [.]h | sed -e 'se\./ee' | xargs`
 perl ./parsenames.pl HEADERS "$a"
+
+# $Source: /cvs/libtom/libtomcrypt/genlist.sh,v $   
+# $Revision: 1.3 $   
+# $Date: 2005/05/05 14:49:27 $ 
--- a/makefile	Fri May 06 13:23:02 2005 +0000
+++ b/makefile	Wed Jul 06 03:53:40 2005 +0000
@@ -4,7 +4,7 @@
 # Modified by Clay Culver
 
 # The version
-VERSION=1.02
+VERSION=1.05
 
 # Compiler and Linker Names
 #CC=gcc
@@ -21,6 +21,8 @@
 #CFLAGS += -Wsystem-headers -Wdeclaration-after-statement -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wmissing-prototypes \
 #		  -Wmissing-declarations -Wpointer-arith 
 
+ifndef IGNORE_SPEED
+
 # optimize for SPEED
 CFLAGS += -O3 -funroll-loops
 
@@ -30,6 +32,8 @@
 # optimize for SIZE
 #CFLAGS += -Os -DLTC_SMALL_CODE
 
+endif
+
 # older GCCs can't handle the "rotate with immediate" ROLc/RORc/etc macros
 # define this to help
 #CFLAGS += -DLTC_NO_ROLC
@@ -58,13 +62,24 @@
 DATAPATH=/usr/share/doc/libtomcrypt/pdf
 
 #Who do we install as?
+ifdef INSTALL_USER
+USER=$(INSTALL_USER)
+else
 USER=root
+endif
+
+ifdef INSTALL_GROUP
+GROUP=$(INSTALL_GROUP)
+else
 GROUP=wheel
+endif
 
 #List of objects to compile.
 
 #Leave MPI built-in or force developer to link against libtommath?
+ifndef IGNORE_MPI
 MPIOBJECT=src/misc/mpi/mpi.o
+endif
 
 OBJECTS=src/ciphers/aes/aes_enc.o $(MPIOBJECT) src/ciphers/aes/aes.o src/ciphers/anubis.o \
 src/ciphers/blowfish.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/khazad.o src/ciphers/noekeon.o \
@@ -115,29 +130,43 @@
 src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
 src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
 src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
-src/modes/ofb/ofb_start.o src/pk/asn1/der/der_decode_integer.o src/pk/asn1/der/der_encode_integer.o \
-src/pk/asn1/der/der_get_multi_integer.o src/pk/asn1/der/der_length_integer.o \
-src/pk/asn1/der/der_put_multi_integer.o src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
-src/pk/dsa/dsa_import.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o \
-src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o \
-src/pk/packet_valid_header.o src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o \
-src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o \
-src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v15_es_decode.o \
-src/pk/pkcs1/pkcs_1_v15_es_encode.o src/pk/pkcs1/pkcs_1_v15_sa_decode.o \
-src/pk/pkcs1/pkcs_1_v15_sa_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
+src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
+src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
+src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
+src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
+src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
+src/pk/asn1/der/integer/der_length_integer.o \
+src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
+src/pk/asn1/der/octet/der_decode_octet_string.o src/pk/asn1/der/octet/der_encode_octet_string.o \
+src/pk/asn1/der/octet/der_length_octet_string.o \
+src/pk/asn1/der/printable_string/der_decode_printable_string.o \
+src/pk/asn1/der/printable_string/der_encode_printable_string.o \
+src/pk/asn1/der/printable_string/der_length_printable_string.o \
+src/pk/asn1/der/sequence/der_decode_sequence.o src/pk/asn1/der/sequence/der_decode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_encode_sequence.o src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_length_sequence.o \
+src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/short_integer/der_encode_short_integer.o \
+src/pk/asn1/der/short_integer/der_length_short_integer.o src/pk/asn1/der/utctime/der_decode_utctime.o \
+src/pk/asn1/der/utctime/der_encode_utctime.o src/pk/asn1/der/utctime/der_length_utctime.o \
+src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o src/pk/packet_valid_header.o \
+src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o src/pk/pkcs1/pkcs_1_oaep_decode.o \
+src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o src/pk/pkcs1/pkcs_1_pss_decode.o \
+src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \
-src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_v15_decrypt_key.o \
-src/pk/rsa/rsa_v15_encrypt_key.o src/pk/rsa/rsa_v15_sign_hash.o src/pk/rsa/rsa_v15_verify_hash.o \
-src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o 
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \
+src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
+src/prngs/sprng.o src/prngs/yarrow.o 
 
-HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h \
-src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \
-src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
-src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h \
-src/headers/tommath_class.h src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h \
-src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
-src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
+HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h \
+src/headers/tomcrypt_macros.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
+src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h src/headers/tommath_class.h \
+src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_misc.h \
+src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
 
 TESTOBJECTS=demos/test.o
 HASHOBJECTS=demos/hashsum.o
@@ -171,7 +200,7 @@
 src/hashes/sha2/sha256.o: src/hashes/sha2/sha256.c src/hashes/sha2/sha224.c
 
 #This rule makes the libtomcrypt library.
-library: $(LIBTEST) $(LIBNAME)
+library: $(LIBNAME)
 
 $(LIBTEST): 
 	cd testprof ; CFLAGS="$(CFLAGS)" make 
@@ -193,15 +222,15 @@
 	$(CC) $(SMALLOBJECTS) $(LIBNAME) -o $(SMALL) $(WARN)
 	
 tv_gen: library $(TVS)
-	$(CC) $(TVS) $(LIBNAME) $(EXTRALIBS) -o $(TV)
+	$(CC) $(TVS) $(LIBNAME) -o $(TV)
 
 multi: library $(MULTIS)
 	$(CC) $(MULTIS) $(LIBNAME) -o $(MULTI)
 
-timing: library $(TIMINGS)
-	$(CC) $(TIMINGS) $(LIBTEST) $(LIBNAME) -o $(TIMING)
+timing: library $(LIBTEST) $(TIMINGS)
+	$(CC) $(TIMINGS) $(LIBTEST) $(LIBNAME) $(EXTRALIBS) -o $(TIMING)
 
-test: library $(TESTS)
+test: library $(LIBTEST) $(TESTS)
 	$(CC) $(TESTS) $(LIBTEST) $(LIBNAME) -o $(TEST)
 
 
@@ -216,11 +245,17 @@
 	install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH)
 	install -g $(GROUP) -o $(USER) doc/crypt.pdf $(DESTDIR)$(DATAPATH)
 
-install_lib: library
+install_test: $(LIBTEST)
 	install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(LIBPATH)
 	install -d -g $(GROUP) -o $(USER) $(DESTDIR)$(INCPATH)
-	install -g $(GROUP) -o $(USER) $(LIBNAME) $(DESTDIR)$(LIBPATH)
-	install -g $(GROUP) -o $(USER) $(HEADERS) $(DESTDIR)$(INCPATH)
+	install -g $(GROUP) -o $(USER) $(LIBTEST) $(DESTDIR)$(LIBPATH)
+
+profile:
+	CFLAGS="$(CFLAGS) -fprofile-generate" make timing EXTRALIBS=-lgcov
+	./timing
+	rm -f timing `find . -type f | grep [.][ao] | xargs`
+	CFLAGS="$(CFLAGS) -fprofile-use" make timing EXTRALIBS=-lgcov
+
 
 #This rule cleans the source tree of all compiled code, not including the pdf
 #documentation.
@@ -242,6 +277,7 @@
 	rm -f $(TV) $(PROF) $(SMALL) $(CRYPT) $(HASHSUM) $(MULTI) $(TIMING) $(TEST)
 	rm -rf doc/doxygen
 	rm -f doc/*.pdf
+	rm -f *.txt
 
 #build the doxy files (requires Doxygen, tetex and patience)
 doxy:
@@ -274,6 +310,8 @@
 #zipup the project (take that!)
 no_oops: clean
 	cd .. ; cvs commit 
+	echo Scanning for scratch/dirty files
+	find . -type f | grep -v CVS | xargs -n 1 bash mess.sh
 
 zipup: no_oops docs
 	cd .. ; rm -rf crypt* libtomcrypt-$(VERSION) ; mkdir libtomcrypt-$(VERSION) ; \
@@ -283,3 +321,8 @@
 	zip -9r crypt-$(VERSION).zip libtomcrypt-$(VERSION) ; \
 	gpg -b -a crypt-$(VERSION).tar.bz2 ; gpg -b -a crypt-$(VERSION).zip ; \
 	mv -fv crypt* ~ ; rm -rf libtomcrypt-$(VERSION)
+
+
+# $Source: /cvs/libtom/libtomcrypt/makefile,v $ 
+# $Revision: 1.70 $ 
+# $Date: 2005/06/19 18:03:24 $ 
--- a/makefile.icc	Fri May 06 13:23:02 2005 +0000
+++ b/makefile.icc	Wed Jul 06 03:53:40 2005 +0000
@@ -22,7 +22,7 @@
 #ARFLAGS=r
 
 # Compilation flags. Note the += does not write over the user's CFLAGS!
-CFLAGS += -c -I./src/headers/ -DINTEL_CC
+CFLAGS += -c -Isrc/headers/ -Itestprof/ -DINTEL_CC
 
 #The default rule for make builds the libtomcrypt library.
 default:library
@@ -41,7 +41,13 @@
 #	B - Blend of P4 and PM [mobile]
 #
 # Default to just generic max opts
+ifdef LTC_SMALL
+CFLAGS += -O2 -xP -ip
+endif
+
+ifndef IGNORE_SPEED
 CFLAGS += -O3 -xP -ip 
+endif
 
 # want to see stuff?
 #CFLAGS += -opt_report
@@ -122,29 +128,43 @@
 src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
 src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
 src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
-src/modes/ofb/ofb_start.o src/pk/asn1/der/der_decode_integer.o src/pk/asn1/der/der_encode_integer.o \
-src/pk/asn1/der/der_get_multi_integer.o src/pk/asn1/der/der_length_integer.o \
-src/pk/asn1/der/der_put_multi_integer.o src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
-src/pk/dsa/dsa_import.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o \
-src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o \
-src/pk/packet_valid_header.o src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o \
-src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o \
-src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v15_es_decode.o \
-src/pk/pkcs1/pkcs_1_v15_es_encode.o src/pk/pkcs1/pkcs_1_v15_sa_decode.o \
-src/pk/pkcs1/pkcs_1_v15_sa_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
+src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
+src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
+src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
+src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
+src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
+src/pk/asn1/der/integer/der_length_integer.o \
+src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
+src/pk/asn1/der/octet/der_decode_octet_string.o src/pk/asn1/der/octet/der_encode_octet_string.o \
+src/pk/asn1/der/octet/der_length_octet_string.o \
+src/pk/asn1/der/printable_string/der_decode_printable_string.o \
+src/pk/asn1/der/printable_string/der_encode_printable_string.o \
+src/pk/asn1/der/printable_string/der_length_printable_string.o \
+src/pk/asn1/der/sequence/der_decode_sequence.o src/pk/asn1/der/sequence/der_decode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_encode_sequence.o src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_length_sequence.o \
+src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/short_integer/der_encode_short_integer.o \
+src/pk/asn1/der/short_integer/der_length_short_integer.o src/pk/asn1/der/utctime/der_decode_utctime.o \
+src/pk/asn1/der/utctime/der_encode_utctime.o src/pk/asn1/der/utctime/der_length_utctime.o \
+src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o src/pk/packet_valid_header.o \
+src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o src/pk/pkcs1/pkcs_1_oaep_decode.o \
+src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o src/pk/pkcs1/pkcs_1_pss_decode.o \
+src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \
-src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_v15_decrypt_key.o \
-src/pk/rsa/rsa_v15_encrypt_key.o src/pk/rsa/rsa_v15_sign_hash.o src/pk/rsa/rsa_v15_verify_hash.o \
-src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o 
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \
+src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
+src/prngs/sprng.o src/prngs/yarrow.o 
 
-HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h \
-src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \
-src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
-src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h \
-src/headers/tommath_class.h src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h \
-src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
-src/headers/tomcrypt_prng.h  testprof/tomcrypt_test.h
+HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h \
+src/headers/tomcrypt_macros.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
+src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h src/headers/tommath_class.h \
+src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_misc.h \
+src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
 
 #ciphers come in two flavours... enc+dec and enc 
 aes_enc.o: aes.c aes_tab.c
@@ -214,4 +234,9 @@
 	install -d -g root -o root $(DESTDIR)$(LIBPATH)
 	install -d -g root -o root $(DESTDIR)$(INCPATH)
 	install -g root -o root $(LIBNAME) $(DESTDIR)$(LIBPATH)
+	install -g root -o root $(LIBTEST) $(DESTDIR)$(LIBPATH)
 	install -g root -o root $(HEADERS) $(DESTDIR)$(INCPATH)
+
+# $Source: /cvs/libtom/libtomcrypt/makefile.icc,v $   
+# $Revision: 1.33 $   
+# $Date: 2005/06/19 18:22:31 $ 
--- a/makefile.msvc	Fri May 06 13:23:02 2005 +0000
+++ b/makefile.msvc	Wed Jul 06 03:53:40 2005 +0000
@@ -57,29 +57,43 @@
 src/modes/ecb/ecb_decrypt.obj src/modes/ecb/ecb_done.obj src/modes/ecb/ecb_encrypt.obj \
 src/modes/ecb/ecb_start.obj src/modes/ofb/ofb_decrypt.obj src/modes/ofb/ofb_done.obj \
 src/modes/ofb/ofb_encrypt.obj src/modes/ofb/ofb_getiv.obj src/modes/ofb/ofb_setiv.obj \
-src/modes/ofb/ofb_start.obj src/pk/asn1/der/der_decode_integer.obj src/pk/asn1/der/der_encode_integer.obj \
-src/pk/asn1/der/der_get_multi_integer.obj src/pk/asn1/der/der_length_integer.obj \
-src/pk/asn1/der/der_put_multi_integer.obj src/pk/dh/dh.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj \
-src/pk/dsa/dsa_import.obj src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_sign_hash.obj \
-src/pk/dsa/dsa_verify_hash.obj src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/packet_store_header.obj \
-src/pk/packet_valid_header.obj src/pk/pkcs1/pkcs_1_i2osp.obj src/pk/pkcs1/pkcs_1_mgf1.obj \
-src/pk/pkcs1/pkcs_1_oaep_decode.obj src/pk/pkcs1/pkcs_1_oaep_encode.obj src/pk/pkcs1/pkcs_1_os2ip.obj \
-src/pk/pkcs1/pkcs_1_pss_decode.obj src/pk/pkcs1/pkcs_1_pss_encode.obj src/pk/pkcs1/pkcs_1_v15_es_decode.obj \
-src/pk/pkcs1/pkcs_1_v15_es_encode.obj src/pk/pkcs1/pkcs_1_v15_sa_decode.obj \
-src/pk/pkcs1/pkcs_1_v15_sa_encode.obj src/pk/rsa/rsa_decrypt_key.obj src/pk/rsa/rsa_encrypt_key.obj \
+src/modes/ofb/ofb_start.obj src/pk/asn1/der/bit/der_decode_bit_string.obj \
+src/pk/asn1/der/bit/der_encode_bit_string.obj src/pk/asn1/der/bit/der_length_bit_string.obj \
+src/pk/asn1/der/choice/der_decode_choice.obj src/pk/asn1/der/ia5/der_decode_ia5_string.obj \
+src/pk/asn1/der/ia5/der_encode_ia5_string.obj src/pk/asn1/der/ia5/der_length_ia5_string.obj \
+src/pk/asn1/der/integer/der_decode_integer.obj src/pk/asn1/der/integer/der_encode_integer.obj \
+src/pk/asn1/der/integer/der_length_integer.obj \
+src/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \
+src/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \
+src/pk/asn1/der/object_identifier/der_length_object_identifier.obj \
+src/pk/asn1/der/octet/der_decode_octet_string.obj src/pk/asn1/der/octet/der_encode_octet_string.obj \
+src/pk/asn1/der/octet/der_length_octet_string.obj \
+src/pk/asn1/der/printable_string/der_decode_printable_string.obj \
+src/pk/asn1/der/printable_string/der_encode_printable_string.obj \
+src/pk/asn1/der/printable_string/der_length_printable_string.obj \
+src/pk/asn1/der/sequence/der_decode_sequence.obj src/pk/asn1/der/sequence/der_decode_sequence_multi.obj \
+src/pk/asn1/der/sequence/der_encode_sequence.obj src/pk/asn1/der/sequence/der_encode_sequence_multi.obj \
+src/pk/asn1/der/sequence/der_length_sequence.obj \
+src/pk/asn1/der/short_integer/der_decode_short_integer.obj \
+src/pk/asn1/der/short_integer/der_encode_short_integer.obj \
+src/pk/asn1/der/short_integer/der_length_short_integer.obj src/pk/asn1/der/utctime/der_decode_utctime.obj \
+src/pk/asn1/der/utctime/der_encode_utctime.obj src/pk/asn1/der/utctime/der_length_utctime.obj \
+src/pk/dh/dh.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj src/pk/dsa/dsa_import.obj \
+src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj \
+src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/packet_store_header.obj src/pk/packet_valid_header.obj \
+src/pk/pkcs1/pkcs_1_i2osp.obj src/pk/pkcs1/pkcs_1_mgf1.obj src/pk/pkcs1/pkcs_1_oaep_decode.obj \
+src/pk/pkcs1/pkcs_1_oaep_encode.obj src/pk/pkcs1/pkcs_1_os2ip.obj src/pk/pkcs1/pkcs_1_pss_decode.obj \
+src/pk/pkcs1/pkcs_1_pss_encode.obj src/pk/rsa/rsa_decrypt_key.obj src/pk/rsa/rsa_encrypt_key.obj \
 src/pk/rsa/rsa_export.obj src/pk/rsa/rsa_exptmod.obj src/pk/rsa/rsa_free.obj src/pk/rsa/rsa_import.obj \
-src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_sign_hash.obj src/pk/rsa/rsa_v15_decrypt_key.obj \
-src/pk/rsa/rsa_v15_encrypt_key.obj src/pk/rsa/rsa_v15_sign_hash.obj src/pk/rsa/rsa_v15_verify_hash.obj \
-src/pk/rsa/rsa_verify_hash.obj src/prngs/fortuna.obj src/prngs/rc4.obj src/prngs/rng_get_bytes.obj \
-src/prngs/rng_make_prng.obj src/prngs/sober128.obj src/prngs/sprng.obj src/prngs/yarrow.obj 
+src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_sign_hash.obj src/pk/rsa/rsa_verify_hash.obj src/prngs/fortuna.obj \
+src/prngs/rc4.obj src/prngs/rng_get_bytes.obj src/prngs/rng_make_prng.obj src/prngs/sober128.obj \
+src/prngs/sprng.obj src/prngs/yarrow.obj 
 
-HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h \
-src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \
-src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
-src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h \
-src/headers/tommath_class.h src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h \
-src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
-src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
+HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h \
+src/headers/tomcrypt_macros.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
+src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h src/headers/tommath_class.h \
+src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_misc.h \
+src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
 
 #ciphers come in two flavours... enc+dec and enc
 src/ciphers/aes/aes_enc.obj: src/ciphers/aes/aes.c src/ciphers/aes/aes_tab.c
@@ -102,3 +116,7 @@
 
 timing: demos/timing.c library
 	cl $(CFLAGS) demos/timing.c testprof/tomcrypt_prof.lib tomcrypt.lib advapi32.lib
+
+# $Source: /cvs/libtom/libtomcrypt/makefile.msvc,v $   
+# $Revision: 1.15 $   
+# $Date: 2005/06/27 12:37:06 $ 
--- a/makefile.shared	Fri May 06 13:23:02 2005 +0000
+++ b/makefile.shared	Wed Jul 06 03:53:40 2005 +0000
@@ -6,7 +6,7 @@
 # Tom St Denis
 
 # The version
-VERSION=0:102
+VERSION=0:105
 
 # Compiler and Linker Names
 CC=libtool --mode=compile gcc
@@ -18,14 +18,18 @@
 #CFLAGS += -Wsystem-headers -Wdeclaration-after-statement -Wbad-function-cast -Wcast-align -Wstrict-prototypes -Wmissing-prototypes \
 #			 -Wmissing-declarations -Wpointer-arith 
 
+ifndef IGNORE_SPEED
+
 # optimize for SPEED
-CFLAGS += -O3 -funroll-all-loops
+CFLAGS += -O3 -funroll-loops
 
 # add -fomit-frame-pointer.  hinders debugging!
 CFLAGS += -fomit-frame-pointer
 
 # optimize for SIZE
-#CFLAGS += -Os
+#CFLAGS += -Os -DLTC_SMALL_CODE
+
+endif
 
 # compile for DEBUGING (required for ccmalloc checking!!!)
 #CFLAGS += -g3
@@ -45,7 +49,6 @@
 TEST=test
 TIMING=timing
 
-
 #LIBPATH-The directory for libtomcrypt to be installed to.
 #INCPATH-The directory to install the header files for libtomcrypt.
 #DATAPATH-The directory to install the pdf docs.
@@ -55,16 +58,27 @@
 DATAPATH=/usr/share/doc/libtomcrypt/pdf
 
 #Who do we install as?
+ifdef INSTALL_USER
+USER=$(INSTALL_USER)
+else
 USER=root
-GROUP=wheel
+endif
+
+ifdef INSTALL_GROUP
+GROUP=$(INSTALL_GROUP)   
+else
+GROUP=wheel  
+endif
 
 #List of objects to compile.
 
 #Leave MPI built-in or force developer to link against libtommath?
+ifndef IGNORE_MPI
 MPIOBJECT=src/misc/mpi/mpi.o
-
+else 
 #If you don't want mpi.o then add this
-#MPISHARED=$(LIBPATH)/libtommath.la
+MPISHARED=$(LIBPATH)/libtommath.la
+endif
 
 OBJECTS=src/ciphers/aes/aes_enc.o $(MPIOBJECT) src/ciphers/aes/aes.o src/ciphers/anubis.o \
 src/ciphers/blowfish.o src/ciphers/cast5.o src/ciphers/des.o src/ciphers/khazad.o src/ciphers/noekeon.o \
@@ -115,29 +129,43 @@
 src/modes/ecb/ecb_decrypt.o src/modes/ecb/ecb_done.o src/modes/ecb/ecb_encrypt.o \
 src/modes/ecb/ecb_start.o src/modes/ofb/ofb_decrypt.o src/modes/ofb/ofb_done.o \
 src/modes/ofb/ofb_encrypt.o src/modes/ofb/ofb_getiv.o src/modes/ofb/ofb_setiv.o \
-src/modes/ofb/ofb_start.o src/pk/asn1/der/der_decode_integer.o src/pk/asn1/der/der_encode_integer.o \
-src/pk/asn1/der/der_get_multi_integer.o src/pk/asn1/der/der_length_integer.o \
-src/pk/asn1/der/der_put_multi_integer.o src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o \
-src/pk/dsa/dsa_import.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o \
-src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o \
-src/pk/packet_valid_header.o src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o \
-src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o \
-src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v15_es_decode.o \
-src/pk/pkcs1/pkcs_1_v15_es_encode.o src/pk/pkcs1/pkcs_1_v15_sa_decode.o \
-src/pk/pkcs1/pkcs_1_v15_sa_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
+src/modes/ofb/ofb_start.o src/pk/asn1/der/bit/der_decode_bit_string.o \
+src/pk/asn1/der/bit/der_encode_bit_string.o src/pk/asn1/der/bit/der_length_bit_string.o \
+src/pk/asn1/der/choice/der_decode_choice.o src/pk/asn1/der/ia5/der_decode_ia5_string.o \
+src/pk/asn1/der/ia5/der_encode_ia5_string.o src/pk/asn1/der/ia5/der_length_ia5_string.o \
+src/pk/asn1/der/integer/der_decode_integer.o src/pk/asn1/der/integer/der_encode_integer.o \
+src/pk/asn1/der/integer/der_length_integer.o \
+src/pk/asn1/der/object_identifier/der_decode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_encode_object_identifier.o \
+src/pk/asn1/der/object_identifier/der_length_object_identifier.o \
+src/pk/asn1/der/octet/der_decode_octet_string.o src/pk/asn1/der/octet/der_encode_octet_string.o \
+src/pk/asn1/der/octet/der_length_octet_string.o \
+src/pk/asn1/der/printable_string/der_decode_printable_string.o \
+src/pk/asn1/der/printable_string/der_encode_printable_string.o \
+src/pk/asn1/der/printable_string/der_length_printable_string.o \
+src/pk/asn1/der/sequence/der_decode_sequence.o src/pk/asn1/der/sequence/der_decode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_encode_sequence.o src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
+src/pk/asn1/der/sequence/der_length_sequence.o \
+src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/short_integer/der_encode_short_integer.o \
+src/pk/asn1/der/short_integer/der_length_short_integer.o src/pk/asn1/der/utctime/der_decode_utctime.o \
+src/pk/asn1/der/utctime/der_encode_utctime.o src/pk/asn1/der/utctime/der_length_utctime.o \
+src/pk/dh/dh.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/pk/dsa/dsa_import.o \
+src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
+src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/packet_store_header.o src/pk/packet_valid_header.o \
+src/pk/pkcs1/pkcs_1_i2osp.o src/pk/pkcs1/pkcs_1_mgf1.o src/pk/pkcs1/pkcs_1_oaep_decode.o \
+src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1/pkcs_1_os2ip.o src/pk/pkcs1/pkcs_1_pss_decode.o \
+src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_import.o \
-src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_v15_decrypt_key.o \
-src/pk/rsa/rsa_v15_encrypt_key.o src/pk/rsa/rsa_v15_sign_hash.o src/pk/rsa/rsa_v15_verify_hash.o \
-src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o 
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o \
+src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o src/prngs/sober128.o \
+src/prngs/sprng.o src/prngs/yarrow.o 
 
-HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h \
-src/headers/tomcrypt_mac.h src/headers/tomcrypt_macros.h \
-src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
-src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h \
-src/headers/tommath_class.h src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h \
-src/headers/tomcrypt_misc.h src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h \
-src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
+HEADERS=src/headers/tommath_superclass.h src/headers/tomcrypt_cfg.h src/headers/tomcrypt_mac.h \
+src/headers/tomcrypt_macros.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_argchk.h \
+src/headers/tomcrypt_cipher.h src/headers/tomcrypt_pk.h src/headers/tommath_class.h \
+src/headers/ltc_tommath.h src/headers/tomcrypt_hash.h src/headers/tomcrypt_misc.h \
+src/headers/tomcrypt.h src/headers/tomcrypt_pkcs.h src/headers/tomcrypt_prng.h testprof/tomcrypt_test.h
 
 TESTOBJECTS=demos/test.o
 HASHOBJECTS=demos/hashsum.o
@@ -164,7 +192,7 @@
 src/hashes/sha2/sha256.o: src/hashes/sha2/sha256.c src/hashes/sha2/sha224.c
 
 #This rule makes the libtomcrypt library.
-library: $(LIBTEST) $(LIBNAME)
+library: $(LIBNAME)
 
 $(LIBTEST):
 	cd testprof ; CFLAGS="$(CFLAGS)" GROUP=$(GROUP) USER=$(USER) VERSION=$(VERSION) LIBPATH=$(LIBPATH) LIBNAME=$(LIBTEST) make -f makefile.shared
@@ -180,19 +208,22 @@
 #This rule makes the hash program included with libtomcrypt
 hashsum: library
 	gcc $(CFLAGS) demos/hashsum.c -o hashsum.o
-	gcc -o hashsum hashsum.o -ltomcrypt_prof -ltomcrypt $(MPISHARED)
+	gcc -o hashsum hashsum.o -ltomcrypt $(MPISHARED)
 
 #makes the crypt program
 crypt: library 
 	gcc $(CFLAGS) demos/encrypt.c -o encrypt.o
-	gcc -o crypt encrypt.o -ltomcrypt_prof -ltomcrypt $(MPISHARED)
+	gcc -o crypt encrypt.o -ltomcrypt $(MPISHARED)
 
 tv_gen: library $(TVS)
-	gcc -o tv_gen $(TVS) -ltomcrypt_prof -ltomcrypt $(MPISHARED)
+	gcc -o tv_gen $(TVS) -ltomcrypt $(MPISHARED)
 
-test: library $(TESTS)
+test: library $(LIBTEST) $(TESTS)
 	gcc -o $(TEST) $(TESTS) -ltomcrypt_prof -ltomcrypt $(MPISHARED)
 
-timing: library $(TIMINGS)
+timing: library $(LIBTEST) $(TIMINGS)
 	gcc -o $(TIMING) $(TIMINGS) -ltomcrypt_prof -ltomcrypt $(MPISHARED)
 
+# $Source: /cvs/libtom/libtomcrypt/makefile.shared,v $   
+# $Revision: 1.19 $   
+# $Date: 2005/06/27 12:37:06 $ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mess.sh	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,4 @@
+#!/bin/bash
+if cvs log $1 >/dev/null 2>/dev/null; then exit 0; else echo "$1 shouldn't be here" ; exit 1; fi
+
+
--- a/notes/etc/saferp_optimizer.c	Fri May 06 13:23:02 2005 +0000
+++ b/notes/etc/saferp_optimizer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -171,3 +171,7 @@
    return 0;
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/saferp_optimizer.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/notes/etc/whirlgen.c	Fri May 06 13:23:02 2005 +0000
+++ b/notes/etc/whirlgen.c	Wed Jul 06 03:53:40 2005 +0000
@@ -89,3 +89,7 @@
 }
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/whirlgen.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/notes/etc/whirltest.c	Fri May 06 13:23:02 2005 +0000
+++ b/notes/etc/whirltest.c	Wed Jul 06 03:53:40 2005 +0000
@@ -13,3 +13,7 @@
    }
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/notes/etc/whirltest.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/notes/tech0005.txt	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,18 @@
+Tech Note 0005
+Minimizing Code Space
+Tom St Denis
+
+Introduction
+------------
+
+Tweaking...
+
+You can disable whole classes of algorithms on the command line with the LTC_NO_* defines.  From there you can manually turn on what you want to enable.  
+
+The following build with GCC 3.4.3 on an AMD64 box gets you AES, CTR mode, SHA-256, HMAC, Yarrow, full RSA PKCS #1, PKCS #5, ASN.1 DER and MPI in 
+roughly 80KB of code.
+
+CFLAGS="-DSC_RSA_1 -DLTC_NO_CIPHERS -DLTC_NO_HASHES -DLTC_NO_PRNGS -DLTC_NO_MACS -DLTC_NO_MODES -DLTC_NO_PK -DRIJNDAEL -DCTR -DSHA256 \
+-DHMAC -DYARROW -DMRSA -DMPI -Os -fomit-frame-pointer" make IGNORE_SPEED=1
+
+Neato eh?
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/notes/tech0006.txt	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,91 @@
+Tech Note 0006
+PK Standards Compliance
+Tom St Denis
+
+RSA
+----
+
+PKCS #1 compliance.
+
+Key Format:  RSAPublicKey and RSAPrivateKey as per PKCS #1 v2.1
+Encryption:  OAEP as per PKCS #1
+Signature :  PSS  as per PKCS #1
+
+DSA
+----
+
+The NIST DSA algorithm
+
+Key Format:  HomeBrew [see below]
+Signature :  ANSI X9.62 format [see below].
+
+Keys are stored as 
+
+DSAPublicKey ::= SEQUENCE {
+    publicFlags    BIT STRING(1), -- must be 0
+    g              INTEGER      , -- base generator, check that g^q mod p == 1
+                                  -- and that 1 < g < p - 1
+    p              INTEGER      , -- prime modulus 
+    q              INTEGER      , -- order of sub-group (must be prime)
+    y              INTEGER      , -- public key, specifically, g^x mod p, 
+                                  -- check that y^q mod p == 1
+                                  -- and that 1 < y < p - 1
+}
+
+DSAPrivateKey ::= SEQUENCE {
+    publicFlags    BIT STRING(1), -- must be 1
+    g              INTEGER      , -- base generator, check that g^q mod p == 1
+                                  -- and that 1 < g < p - 1
+    p              INTEGER      , -- prime modulus 
+    q              INTEGER      , -- order of sub-group (must be prime)
+    y              INTEGER      , -- public key, specifically, g^x mod p, 
+                                  -- check that y^q mod p == 1
+                                  -- and that 1 < y < p - 1
+    x              INTEGER        -- private key
+}
+
+Signatures are stored as 
+
+DSASignature ::= SEQUENCE {
+    r, s           INTEGER        -- signature parameters
+}
+
+ECC
+----
+
+The ANSI X9.62 and X9.63 algorithms [partial].  Supports all NIST GF(p) curves.
+
+Key Format   :  Homebrew [see below, only GF(p) NIST curves supported]
+Signature    :  X9.62 compliant
+Encryption   :  Homebrew [based on X9.63, differs in that the public point is stored as an ECCPublicKey]
+Shared Secret:  X9.63 compliant
+
+ECCPublicKey ::= SEQUENCE {
+    flags       BIT STRING(1), -- public/private flag (always zero), 
+    keySize     INTEGER,       -- Curve size (in bits) divided by eight 
+                               -- and rounded down, e.g. 521 => 65
+    pubkey.x    INTEGER,       -- The X co-ordinate of the public key point
+    pubkey.y    INTEGER,       -- The Y co-ordinate of the public key point
+}
+
+ECCPrivateKey ::= SEQUENCE {
+    flags       BIT STRING(1), -- public/private flag (always one), 
+    keySize     INTEGER,       -- Curve size (in bits) divided by eight 
+                               -- and rounded down, e.g. 521 => 65
+    pubkey.x    INTEGER,       -- The X co-ordinate of the public key point
+    pubkey.y    INTEGER,       -- The Y co-ordinate of the public key point
+    secret.k    INTEGER,       -- The secret key scalar
+}
+
+The encryption works by finding the X9.63 shared secret and hashing it.  The hash is then simply XOR'ed against the message [which must be at most the size
+of the hash digest].  The format of the encrypted text is as follows
+
+ECCEncrypted ::= SEQUENCE {
+    hashOID     OBJECT IDENTIFIER,   -- The OID of the hash used
+    pubkey      OCTET STRING     ,   -- Encapsulation of a random ECCPublicKey
+    skey        OCTET STRING         -- The encrypted text (which the hash was XOR'ed against)
+}
+
+% $Source: /cvs/libtom/libtomcrypt/notes/tech0006.txt,v $   
+% $Revision: 1.2 $   
+% $Date: 2005/06/18 02:26:27 $ 
--- a/parsenames.pl	Fri May 06 13:23:02 2005 +0000
+++ b/parsenames.pl	Wed Jul 06 03:53:40 2005 +0000
@@ -20,3 +20,7 @@
 if ($ARGV[0] eq "HEADERS") { print "testprof/tomcrypt_test.h"; }
 
 print "\n\n";
+
+# $Source: /cvs/libtom/libtomcrypt/parsenames.pl,v $   
+# $Revision: 1.3 $   
+# $Date: 2005/05/05 14:49:27 $ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/run.sh	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,35 @@
+#!/bin/bash
+bash build.sh " $1" "$2 -O2" "$3 IGNORE_SPEED=1"
+if [ -a testok.txt ] && [ -f testok.txt ]; then
+   echo
+else
+	echo
+	echo "Test failed"
+	exit 1
+fi
+
+rm -f testok.txt
+bash build.sh " $1" "$2 -Os" " $3 IGNORE_SPEED=1 LTC_SMALL=1"
+if [ -a testok.txt ] && [ -f testok.txt ]; then
+   echo
+else
+	echo
+	echo "Test failed"
+	exit 1
+fi
+
+rm -f testok.txt
+bash build.sh " $1" " $2" " $3"
+if [ -a testok.txt ] && [ -f testok.txt ]; then
+   echo
+else
+	echo
+	echo "Test failed"
+	exit 1
+fi
+
+exit 0
+
+# $Source: /cvs/libtom/libtomcrypt/run.sh,v $   
+# $Revision: 1.13 $   
+# $Date: 2005/05/11 18:59:53 $ 
--- a/src/ciphers/aes/aes.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/aes/aes.c	Wed Jul 06 03:53:40 2005 +0000
@@ -127,7 +127,7 @@
 #endif    
     LTC_ARGCHK(key  != NULL);
     LTC_ARGCHK(skey != NULL);
-    
+  
     if (keylen != 16 && keylen != 24 && keylen != 32) {
        return CRYPT_INVALID_KEYSIZE;
     }
@@ -747,3 +747,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/aes/aes.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/aes/aes_tab.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/aes/aes_tab.c	Wed Jul 06 03:53:40 2005 +0000
@@ -1018,3 +1018,7 @@
     0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL,
     0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 };
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/aes/aes_tab.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/anubis.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/anubis.c	Wed Jul 06 03:53:40 2005 +0000
@@ -1548,3 +1548,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/anubis.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/blowfish.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/blowfish.c	Wed Jul 06 03:53:40 2005 +0000
@@ -581,3 +581,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/blowfish.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/cast5.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/cast5.c	Wed Jul 06 03:53:40 2005 +0000
@@ -709,3 +709,7 @@
 } 
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/cast5.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/des.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/des.c	Wed Jul 06 03:53:40 2005 +0000
@@ -1888,3 +1888,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/des.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/khazad.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/khazad.c	Wed Jul 06 03:53:40 2005 +0000
@@ -845,3 +845,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/khazad.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/noekeon.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/noekeon.c	Wed Jul 06 03:53:40 2005 +0000
@@ -290,3 +290,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/noekeon.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/rc2.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/rc2.c	Wed Jul 06 03:53:40 2005 +0000
@@ -348,3 +348,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc2.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/rc5.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/rc5.c	Wed Jul 06 03:53:40 2005 +0000
@@ -308,3 +308,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc5.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/rc6.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/rc6.c	Wed Jul 06 03:53:40 2005 +0000
@@ -337,3 +337,7 @@
 #endif /*RC6*/
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc6.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/safer/safer.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/safer/safer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -481,3 +481,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/safer.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/safer/safer_tab.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/safer/safer_tab.c	Wed Jul 06 03:53:40 2005 +0000
@@ -62,3 +62,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/safer_tab.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/safer/saferp.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/safer/saferp.c	Wed Jul 06 03:53:40 2005 +0000
@@ -549,3 +549,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/saferp.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/skipjack.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/skipjack.c	Wed Jul 06 03:53:40 2005 +0000
@@ -329,3 +329,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/skipjack.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/twofish/twofish.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/twofish/twofish.c	Wed Jul 06 03:53:40 2005 +0000
@@ -576,7 +576,7 @@
         b = RORc(b ^ (t2 + t1 + k[3]), 1);
 
         t2 = g1_func(b, skey);
-        t1 = g_func(a, key) + t2;
+        t1 = g_func(a, skey) + t2;
         c = ROLc(c, 1) ^ (t1 + k[0]);
         d = RORc(d ^ (t2 +  t1 + k[1]), 1);
         k -= 4;
@@ -700,3 +700,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/twofish/twofish.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/twofish/twofish_tab.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/twofish/twofish_tab.c	Wed Jul 06 03:53:40 2005 +0000
@@ -490,3 +490,7 @@
 #endif /* TWOFISH_ALL_TABLES */
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/twofish/twofish_tab.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/ciphers/xtea.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/ciphers/xtea.c	Wed Jul 06 03:53:40 2005 +0000
@@ -201,3 +201,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/xtea.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ccm/ccm_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ccm/ccm_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -293,7 +293,6 @@
 
 #ifdef LTC_CLEAN_STACK
    zeromem(skey,   sizeof(*skey));
-   zeromem(B,      sizeof(B));
    zeromem(PAD,    sizeof(PAD));
    zeromem(CTRPAD, sizeof(CTRPAD));
 #endif
@@ -304,3 +303,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ccm/ccm_memory.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ccm/ccm_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ccm/ccm_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -168,3 +168,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ccm/ccm_test.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_addheader.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_addheader.c	Wed Jul 06 03:53:40 2005 +0000
@@ -32,3 +32,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_addheader.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -44,3 +44,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_decrypt_verify_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_decrypt_verify_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -102,3 +102,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -88,3 +88,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -45,3 +45,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_encrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_encrypt_authenticate_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_encrypt_authenticate_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -76,3 +76,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -108,11 +108,9 @@
    /* note we don't finish the headeromac, this allows us to add more header later */
 
    /* setup the CTR mode */
-   if ((err = ctr_start(cipher, eax->N, key, keylen, 0, &eax->ctr)) != CRYPT_OK) {
+   if ((err = ctr_start(cipher, eax->N, key, keylen, 0, CTR_COUNTER_BIG_ENDIAN, &eax->ctr)) != CRYPT_OK) {
       goto LBL_ERR; 
    }
-   /* use big-endian counter */
-   eax->ctr.mode = 1;
 
    /* setup the OMAC for the ciphertext */
    if ((err = omac_init(&eax->ctomac, cipher, key, keylen)) != CRYPT_OK) { 
@@ -140,3 +138,7 @@
 }
 
 #endif 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_init.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/eax/eax_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/eax/eax_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -276,3 +276,7 @@
 }
 
 #endif /* EAX_MODE */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_add_aad.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_add_aad.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,8 +27,11 @@
 int gcm_add_aad(gcm_state *gcm,
                const unsigned char *adata,  unsigned long adatalen)
 {
-   unsigned long x, y;
+   unsigned long x;
    int           err;
+#ifdef LTC_FAST
+   unsigned long y;
+#endif
 
    LTC_ARGCHK(gcm    != NULL);
    if (adatalen > 0) {
@@ -115,3 +118,7 @@
 }
 #endif
    
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_add_aad.c,v $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_add_iv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_add_iv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -88,3 +88,7 @@
 
 #endif
    
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_add_iv.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -75,3 +75,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_done.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_gf_mult.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_gf_mult.c	Wed Jul 06 03:53:40 2005 +0000
@@ -31,6 +31,7 @@
 static const unsigned char mask[] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
 static const unsigned char poly[] = { 0x00, 0xE1 };
 
+     
 /**
   GCM GF multiplier (internal use only) 
   @param a   First value
@@ -87,3 +88,7 @@
 
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c,v $ */
+/* $Revision: 1.16 $ */
+/* $Date: 2005/05/21 14:33:42 $ */
--- a/src/encauth/gcm/gcm_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -17,6 +17,46 @@
 
 #ifdef GCM_MODE
 
+#ifdef GCM_TABLES
+
+/* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format.  Since only the 
+ * lower 16 bits are not zero'ed I removed the upper 14 bytes */
+static const unsigned char gcm_shift_table[256*2] = {
+0x00, 0x00, 0x01, 0xc2, 0x03, 0x84, 0x02, 0x46, 0x07, 0x08, 0x06, 0xca, 0x04, 0x8c, 0x05, 0x4e,
+0x0e, 0x10, 0x0f, 0xd2, 0x0d, 0x94, 0x0c, 0x56, 0x09, 0x18, 0x08, 0xda, 0x0a, 0x9c, 0x0b, 0x5e,
+0x1c, 0x20, 0x1d, 0xe2, 0x1f, 0xa4, 0x1e, 0x66, 0x1b, 0x28, 0x1a, 0xea, 0x18, 0xac, 0x19, 0x6e,
+0x12, 0x30, 0x13, 0xf2, 0x11, 0xb4, 0x10, 0x76, 0x15, 0x38, 0x14, 0xfa, 0x16, 0xbc, 0x17, 0x7e,
+0x38, 0x40, 0x39, 0x82, 0x3b, 0xc4, 0x3a, 0x06, 0x3f, 0x48, 0x3e, 0x8a, 0x3c, 0xcc, 0x3d, 0x0e,
+0x36, 0x50, 0x37, 0x92, 0x35, 0xd4, 0x34, 0x16, 0x31, 0x58, 0x30, 0x9a, 0x32, 0xdc, 0x33, 0x1e,
+0x24, 0x60, 0x25, 0xa2, 0x27, 0xe4, 0x26, 0x26, 0x23, 0x68, 0x22, 0xaa, 0x20, 0xec, 0x21, 0x2e,
+0x2a, 0x70, 0x2b, 0xb2, 0x29, 0xf4, 0x28, 0x36, 0x2d, 0x78, 0x2c, 0xba, 0x2e, 0xfc, 0x2f, 0x3e,
+0x70, 0x80, 0x71, 0x42, 0x73, 0x04, 0x72, 0xc6, 0x77, 0x88, 0x76, 0x4a, 0x74, 0x0c, 0x75, 0xce,
+0x7e, 0x90, 0x7f, 0x52, 0x7d, 0x14, 0x7c, 0xd6, 0x79, 0x98, 0x78, 0x5a, 0x7a, 0x1c, 0x7b, 0xde,
+0x6c, 0xa0, 0x6d, 0x62, 0x6f, 0x24, 0x6e, 0xe6, 0x6b, 0xa8, 0x6a, 0x6a, 0x68, 0x2c, 0x69, 0xee,
+0x62, 0xb0, 0x63, 0x72, 0x61, 0x34, 0x60, 0xf6, 0x65, 0xb8, 0x64, 0x7a, 0x66, 0x3c, 0x67, 0xfe,
+0x48, 0xc0, 0x49, 0x02, 0x4b, 0x44, 0x4a, 0x86, 0x4f, 0xc8, 0x4e, 0x0a, 0x4c, 0x4c, 0x4d, 0x8e,
+0x46, 0xd0, 0x47, 0x12, 0x45, 0x54, 0x44, 0x96, 0x41, 0xd8, 0x40, 0x1a, 0x42, 0x5c, 0x43, 0x9e,
+0x54, 0xe0, 0x55, 0x22, 0x57, 0x64, 0x56, 0xa6, 0x53, 0xe8, 0x52, 0x2a, 0x50, 0x6c, 0x51, 0xae,
+0x5a, 0xf0, 0x5b, 0x32, 0x59, 0x74, 0x58, 0xb6, 0x5d, 0xf8, 0x5c, 0x3a, 0x5e, 0x7c, 0x5f, 0xbe,
+0xe1, 0x00, 0xe0, 0xc2, 0xe2, 0x84, 0xe3, 0x46, 0xe6, 0x08, 0xe7, 0xca, 0xe5, 0x8c, 0xe4, 0x4e,
+0xef, 0x10, 0xee, 0xd2, 0xec, 0x94, 0xed, 0x56, 0xe8, 0x18, 0xe9, 0xda, 0xeb, 0x9c, 0xea, 0x5e,
+0xfd, 0x20, 0xfc, 0xe2, 0xfe, 0xa4, 0xff, 0x66, 0xfa, 0x28, 0xfb, 0xea, 0xf9, 0xac, 0xf8, 0x6e,
+0xf3, 0x30, 0xf2, 0xf2, 0xf0, 0xb4, 0xf1, 0x76, 0xf4, 0x38, 0xf5, 0xfa, 0xf7, 0xbc, 0xf6, 0x7e,
+0xd9, 0x40, 0xd8, 0x82, 0xda, 0xc4, 0xdb, 0x06, 0xde, 0x48, 0xdf, 0x8a, 0xdd, 0xcc, 0xdc, 0x0e,
+0xd7, 0x50, 0xd6, 0x92, 0xd4, 0xd4, 0xd5, 0x16, 0xd0, 0x58, 0xd1, 0x9a, 0xd3, 0xdc, 0xd2, 0x1e,
+0xc5, 0x60, 0xc4, 0xa2, 0xc6, 0xe4, 0xc7, 0x26, 0xc2, 0x68, 0xc3, 0xaa, 0xc1, 0xec, 0xc0, 0x2e,
+0xcb, 0x70, 0xca, 0xb2, 0xc8, 0xf4, 0xc9, 0x36, 0xcc, 0x78, 0xcd, 0xba, 0xcf, 0xfc, 0xce, 0x3e,
+0x91, 0x80, 0x90, 0x42, 0x92, 0x04, 0x93, 0xc6, 0x96, 0x88, 0x97, 0x4a, 0x95, 0x0c, 0x94, 0xce,
+0x9f, 0x90, 0x9e, 0x52, 0x9c, 0x14, 0x9d, 0xd6, 0x98, 0x98, 0x99, 0x5a, 0x9b, 0x1c, 0x9a, 0xde,
+0x8d, 0xa0, 0x8c, 0x62, 0x8e, 0x24, 0x8f, 0xe6, 0x8a, 0xa8, 0x8b, 0x6a, 0x89, 0x2c, 0x88, 0xee,
+0x83, 0xb0, 0x82, 0x72, 0x80, 0x34, 0x81, 0xf6, 0x84, 0xb8, 0x85, 0x7a, 0x87, 0x3c, 0x86, 0xfe,
+0xa9, 0xc0, 0xa8, 0x02, 0xaa, 0x44, 0xab, 0x86, 0xae, 0xc8, 0xaf, 0x0a, 0xad, 0x4c, 0xac, 0x8e,
+0xa7, 0xd0, 0xa6, 0x12, 0xa4, 0x54, 0xa5, 0x96, 0xa0, 0xd8, 0xa1, 0x1a, 0xa3, 0x5c, 0xa2, 0x9e,
+0xb5, 0xe0, 0xb4, 0x22, 0xb6, 0x64, 0xb7, 0xa6, 0xb2, 0xe8, 0xb3, 0x2a, 0xb1, 0x6c, 0xb0, 0xae,
+0xbb, 0xf0, 0xba, 0x32, 0xb8, 0x74, 0xb9, 0xb6, 0xbc, 0xf8, 0xbd, 0x3a, 0xbf, 0x7c, 0xbe, 0xbe };
+
+#endif
+
 /**
   Initialize a GCM state
   @param gcm     The GCM state to initialize
@@ -31,7 +71,7 @@
    int           err;
    unsigned char B[16];
 #ifdef GCM_TABLES
-   int           x, y;
+   int           x, y, z, t;
 #endif
 
    LTC_ARGCHK(gcm != NULL);
@@ -72,17 +112,34 @@
 
 #ifdef GCM_TABLES
    /* setup tables */
+
+   /* generate the first table as it has no shifting (from which we make the other tables) */
    zeromem(B, 16);
-   for (x = 0; x < 16; x++) {
-       for (y = 0; y < 256; y++) {
-            B[x] = y;
-            gcm_gf_mult(gcm->H, B, &gcm->PC[x][y][0]);
-       }
-       B[x] = 0;
+   for (y = 0; y < 256; y++) {
+        B[0] = y;
+        gcm_gf_mult(gcm->H, B, &gcm->PC[0][y][0]);
    }
+
+   /* now generate the rest of the tables based the previous table */
+   for (x = 1; x < 16; x++) {
+      for (y = 0; y < 256; y++) {
+         /* now shift it right by 8 bits */
+         t = gcm->PC[x-1][y][15];
+         for (z = 15; z > 0; z--) {
+             gcm->PC[x][y][z] = gcm->PC[x-1][y][z-1];
+         }
+         gcm->PC[x][y][0] = gcm_shift_table[t<<1];
+         gcm->PC[x][y][1] ^= gcm_shift_table[(t<<1)+1];
+     }
+  }
+
 #endif
 
    return CRYPT_OK;
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_init.c,v $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2005/05/21 15:05:19 $ */
--- a/src/encauth/gcm/gcm_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -87,3 +87,7 @@
 }
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_memory.c,v $ */
+/* $Revision: 1.19 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_process.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_process.c	Wed Jul 06 03:53:40 2005 +0000
@@ -141,3 +141,7 @@
 
 #endif
    
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_process.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_reset.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_reset.c	Wed Jul 06 03:53:40 2005 +0000
@@ -38,3 +38,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_reset.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/gcm/gcm_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/gcm/gcm_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -281,7 +281,6 @@
 };
    int           idx, err;
    unsigned long x, y;
-   gcm_state     gcm;
    unsigned char out[2][64], T[2][16];
 
    /* find aes */
@@ -363,3 +362,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_test.c,v $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -71,3 +71,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_decrypt_verify_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_decrypt_verify_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -80,3 +80,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_done_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_done_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -74,3 +74,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_done_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_done_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -40,3 +40,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -64,3 +64,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_encrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_encrypt_authenticate_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_encrypt_authenticate_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -78,3 +78,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -127,3 +127,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_init.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_ntz.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_ntz.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_ntz.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_shift_xor.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_shift_xor.c	Wed Jul 06 03:53:40 2005 +0000
@@ -33,3 +33,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/ocb_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/ocb_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -231,3 +231,7 @@
    -- hard to stream [you can't emit ciphertext until full block]
    -- The setup is somewhat complicated...
 */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/encauth/ocb/s_ocb_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/encauth/ocb/s_ocb_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -138,3 +138,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/s_ocb_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/chc/chc.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/chc/chc.c	Wed Jul 06 03:53:40 2005 +0000
@@ -291,3 +291,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/chc/chc.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/helper/hash_file.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/helper/hash_file.c	Wed Jul 06 03:53:40 2005 +0000
@@ -51,3 +51,7 @@
 #endif
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_file.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/helper/hash_filehandle.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/helper/hash_filehandle.c	Wed Jul 06 03:53:40 2005 +0000
@@ -64,3 +64,7 @@
 #endif
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_filehandle.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/helper/hash_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/helper/hash_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -62,3 +62,7 @@
 
     return err;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/helper/hash_memory_multi.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/helper/hash_memory_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -80,3 +80,7 @@
     va_end(args);
     return err;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_memory_multi.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/hashes/md2.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/md2.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,11 +24,9 @@
     16,
     16,
 
-    /* DER encoding */
-    { 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 
-      0x48, 0x86, 0xF7, 0x0D, 0x02, 0x02, 0x05, 0x00, 
-      0x04, 0x10 },
-    18,
+    /* OID */
+   { 1, 2, 840, 113549, 2, 2,  },
+   6,
 
     &md2_init,
     &md2_process,
@@ -246,3 +244,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/md2.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/md4.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/md4.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,9 +24,9 @@
     16,
     64,
  
-    /* DER encoding (not yet supported) */
-    { 0x00 },
-    0,    
+    /* OID */
+   { 1, 2, 840, 113549, 2, 4,  },
+   6,
 
     &md4_init,
     &md4_process,
@@ -300,3 +300,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/md4.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/md5.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/md5.c	Wed Jul 06 03:53:40 2005 +0000
@@ -25,11 +25,9 @@
     16,
     64,
 
-    /* DER identifier */
-    { 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 
-      0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 
-      0x04, 0x10 },
-    18,
+    /* OID */
+   { 1, 2, 840, 113549, 2, 5,  },
+   6,
 
     &md5_init,
     &md5_process,
@@ -363,3 +361,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/md5.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/rmd128.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/rmd128.c	Wed Jul 06 03:53:40 2005 +0000
@@ -30,9 +30,9 @@
     16,
     64,
 
-    /* DER identifier (not supported) */
-    { 0x00 },
-    0,
+    /* OID */
+   { 1, 0, 10118, 3, 0, 50 },
+   6,
 
     &rmd128_init,
     &rmd128_process,
@@ -403,3 +403,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/rmd128.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/rmd160.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/rmd160.c	Wed Jul 06 03:53:40 2005 +0000
@@ -30,10 +30,9 @@
     20,
     64,
 
-    /* DER identifier */
-    { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x24, 
-      0x03, 0x02, 0x01, 0x05, 0x00, 0x04, 0x14 },
-    15,
+    /* OID */
+   { 1, 3, 36, 3, 2, 1,  },
+   6,
 
     &rmd160_init,
     &rmd160_process,
@@ -463,3 +462,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/rmd160.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/sha1.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/sha1.c	Wed Jul 06 03:53:40 2005 +0000
@@ -25,10 +25,9 @@
     20,
     64,
 
-    /* DER identifier */
-    { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 
-      0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 },
-    15,
+    /* OID */
+   { 1, 3, 14, 3, 2, 26,  },
+   6,
 
     &sha1_init,
     &sha1_process,
@@ -282,3 +281,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha1.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/sha2/sha224.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/sha2/sha224.c	Wed Jul 06 03:53:40 2005 +0000
@@ -20,9 +20,9 @@
     28,
     64,
 
-    /* DER identifier (not supported) */
-    { 0x00 },
-    0,
+    /* OID */
+   { 2, 16, 840, 1, 101, 3, 4, 2, 4,  },
+   9,
 
     &sha224_init,
     &sha256_process,
@@ -118,3 +118,7 @@
  #endif
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha224.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/sha2/sha256.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/sha2/sha256.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,11 +24,9 @@
     32,
     64,
 
-    /* DER identifier */
-    { 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 
-      0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 
-      0x00, 0x04, 0x20 },
-    19,
+    /* OID */
+   { 2, 16, 840, 1, 101, 3, 4, 2, 1,  },
+   9,
     
     &sha256_init,
     &sha256_process,
@@ -335,3 +333,7 @@
 #endif
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha256.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/sha2/sha384.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/sha2/sha384.c	Wed Jul 06 03:53:40 2005 +0000
@@ -20,11 +20,9 @@
     48,
     128,
 
-    /* DER identifier */
-    { 0x30, 0x41, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 
-      0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 
-      0x00, 0x04, 0x30 },
-    19,
+    /* OID */
+   { 2, 16, 840, 1, 101, 3, 4, 2, 2,  },
+   9,
 
     &sha384_init,
     &sha512_process,
@@ -130,3 +128,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha384.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/sha2/sha512.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/sha2/sha512.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,11 +24,9 @@
     64,
     128,
 
-    /* DER identifier */
-    { 0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 
-      0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 
-      0x00, 0x04, 0x40 },
-    19,
+    /* OID */
+   { 2, 16, 840, 1, 101, 3, 4, 2, 3,  },
+   9,
 
     &sha512_init,
     &sha512_process,
@@ -314,3 +312,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha512.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/tiger.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/tiger.c	Wed Jul 06 03:53:40 2005 +0000
@@ -25,11 +25,9 @@
     24,
     64,
 
-    /* DER identifier */
-    { 0x30, 0x29, 0x30, 0x0D, 0x06, 0x09, 0x2B, 0x06, 
-      0x01, 0x04, 0x01, 0xDA, 0x47, 0x0C, 0x02, 0x05, 
-      0x00, 0x04, 0x18 },
-    19,
+    /* OID */
+   { 1, 3, 6, 1, 4, 1, 11591, 12, 2,  },
+   9,
 
     &tiger_init,
     &tiger_process,
@@ -809,3 +807,7 @@
 
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/tiger.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/whirl/whirl.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/whirl/whirl.c	Wed Jul 06 03:53:40 2005 +0000
@@ -25,9 +25,9 @@
     64,
     64,
 
-    /* DER encoding (not yet supported) */
-    { 0x00 },
-    0,
+   /* OID */
+   { 1, 0, 10118, 3, 0, 55 },
+   6,
 
     &whirlpool_init,
     &whirlpool_process,
@@ -307,3 +307,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/whirl/whirl.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/23 02:42:07 $ */
--- a/src/hashes/whirl/whirltab.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/hashes/whirl/whirltab.c	Wed Jul 06 03:53:40 2005 +0000
@@ -577,3 +577,7 @@
 CONST64(0x6302aa71c81949d9),
 };
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/hashes/whirl/whirltab.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/ltc_tommath.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/ltc_tommath.h	Wed Jul 06 03:53:40 2005 +0000
@@ -575,3 +575,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/ltc_tommath.h,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt.h	Wed Jul 06 03:53:40 2005 +0000
@@ -16,8 +16,8 @@
 #endif
 
 /* version */
-#define CRYPT   0x0102
-#define SCRYPT  "1.02"
+#define CRYPT   0x0105
+#define SCRYPT  "1.05"
 
 /* max size of either a cipher/hash block or symmetric key [largest of the two] */
 #define MAXBLOCKSIZE  128
@@ -79,3 +79,7 @@
 
 #endif /* TOMCRYPT_H_ */
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt.h,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/06/19 18:03:25 $ */
--- a/src/headers/tomcrypt_argchk.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_argchk.h	Wed Jul 06 03:53:40 2005 +0000
@@ -19,3 +19,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_argchk.h,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt_cfg.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_cfg.h	Wed Jul 06 03:53:40 2005 +0000
@@ -106,3 +106,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_cfg.h,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt_cipher.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_cipher.h	Wed Jul 06 03:53:40 2005 +0000
@@ -32,7 +32,7 @@
 
 #ifdef RIJNDAEL
 struct rijndael_key {
-   ulong32 eK[64], dK[64];
+   ulong32 eK[60], dK[60];
    int Nr;
 };
 #endif
@@ -599,8 +599,15 @@
 #endif
 
 #ifdef CTR
-int ctr_start(int cipher, const unsigned char *IV, const unsigned char *key, 
-              int keylen, int num_rounds, symmetric_CTR *ctr);
+
+#define CTR_COUNTER_LITTLE_ENDIAN    0
+#define CTR_COUNTER_BIG_ENDIAN       1
+
+int ctr_start(               int   cipher,
+              const unsigned char *IV,
+              const unsigned char *key,       int keylen,
+                             int  num_rounds, int ctr_mode,
+                   symmetric_CTR *ctr);
 int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr);
 int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_CTR *ctr);
 int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
@@ -611,9 +618,12 @@
 int find_cipher(const char *name);
 int find_cipher_any(const char *name, int blocklen, int keylen);
 int find_cipher_id(unsigned char ID);
-
 int register_cipher(const struct ltc_cipher_descriptor *cipher);
 int unregister_cipher(const struct ltc_cipher_descriptor *cipher);
-
 int cipher_is_valid(int idx);
 
+LTC_MUTEX_PROTO(ltc_cipher_mutex);
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_cipher.h,v $ */
+/* $Revision: 1.16 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/headers/tomcrypt_custom.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_custom.h	Wed Jul 06 03:53:40 2005 +0000
@@ -1,6 +1,3 @@
-/* This header is meant to be included before mycrypt.h in projects where
- * you don't want to throw all the defines in a makefile. 
- */
 #ifndef TOMCRYPT_CUSTOM_H_
 #define TOMCRYPT_CUSTOM_H_
 
@@ -20,7 +17,9 @@
 /* #define LTC_SMALL_CODE */
 
 /* Enable self-test test vector checking */
-#define LTC_TEST
+#ifndef LTC_NO_TEST
+   #define LTC_TEST
+#endif
 
 /* clean the stack of functions which put private information on stack */
 /* #define LTC_CLEAN_STACK */
@@ -38,6 +37,8 @@
 /* #define LTC_NO_BSWAP */
 
 /* ---> Symmetric Block Ciphers <--- */
+#ifndef LTC_NO_CIPHERS
+
 #define BLOWFISH
 #define RC2
 #define RC5
@@ -48,8 +49,12 @@
 /* _TABLES tells it to use tables during setup, _SMALL means to use the smaller scheduled key format
  * (saves 4KB of ram), _ALL_TABLES enables all tables during setup */
 #define TWOFISH
-#define TWOFISH_TABLES
-/* #define TWOFISH_ALL_TABLES */
+#ifndef LTC_NO_TABLES
+   #define TWOFISH_TABLES
+   /* #define TWOFISH_ALL_TABLES */
+#else
+   #define TWOFISH_SMALL
+#endif
 /* #define TWOFISH_SMALL */
 /* DES includes EDE triple-DES */
 #define DES
@@ -61,15 +66,23 @@
 #define ANUBIS
 #define ANUBIS_TWEAK
 
+#endif /* LTC_NO_CIPHERS */
+
 
 /* ---> Block Cipher Modes of Operation <--- */
+#ifndef LTC_NO_MODES
+
 #define CFB
 #define OFB
 #define ECB
 #define CBC
 #define CTR
 
+#endif /* LTC_NO_MODES */
+
 /* ---> One-Way Hash Functions <--- */
+#ifndef LTC_NO_HASHES 
+
 #define CHC_HASH
 #define WHIRLPOOL
 #define SHA512
@@ -84,7 +97,11 @@
 #define RIPEMD128
 #define RIPEMD160
 
+#endif /* LTC_NO_HASHES */
+
 /* ---> MAC functions <--- */
+#ifndef LTC_NO_MACS
+
 #define HMAC
 #define OMAC
 #define PMAC
@@ -95,6 +112,7 @@
 #endif
 
 /* ---> Encrypt + Authenticate Modes <--- */
+
 #define EAX_MODE
 #if defined(EAX_MODE) && !(defined(CTR) && defined(OMAC))
    #error EAX_MODE requires CTR and OMAC mode
@@ -104,13 +122,20 @@
 #define CCM_MODE
 
 #define GCM_MODE
+
 /* Use 64KiB tables */
-#define GCM_TABLES 
+#ifndef LTC_NO_TABLES
+   #define GCM_TABLES 
+#endif
+
+#endif /* LTC_NO_MACS */
 
 /* Various tidbits of modern neatoness */
 #define BASE64
 
 /* --> Pseudo Random Number Generators <--- */
+#ifndef LTC_NO_PRNGS
+
 /* Yarrow */
 #define YARROW
 /* which descriptor of AES to use?  */
@@ -142,7 +167,11 @@
 /* try /dev/urandom before trying /dev/random */
 #define TRY_URANDOM_FIRST
 
+#endif /* LTC_NO_PRNGS */
+
 /* ---> Public Key Crypto <--- */
+#ifndef LTC_NO_PK
+
 #define MRSA
 
 /* Digital Signature Algorithm */
@@ -168,7 +197,6 @@
 /* ECC */
 #define MECC
 /* Supported Key Sizes */
-#define ECC160
 #define ECC192
 #define ECC224
 #define ECC256
@@ -178,7 +206,11 @@
 /* Include the MPI functionality?  (required by the PK algorithms) */
 #define MPI
 
+#endif /* LTC_NO_PK */
+
 /* PKCS #1 (RSA) and #5 (Password Handling) stuff */
+#ifndef LTC_NO_PKCS
+
 #define PKCS_1
 #define PKCS_5
 
@@ -192,5 +224,33 @@
    #error RSA/DSA requires ASN.1 DER functionality, make sure LTC_DER is enabled
 #endif
 
+#endif /* LTC_NO_PKCS */
+
 #endif
 
+
+/* THREAD management */
+
+#ifdef LTC_PTHREAD
+
+#include <pthread.h>
+
+#define LTC_MUTEX_GLOBAL(x)   pthread_mutex_t x = PTHREAD_MUTEX_INITIALIZER;
+#define LTC_MUTEX_PROTO(x)    extern pthread_mutex_t x;
+#define LTC_MUTEX_LOCK(x)     pthread_mutex_lock(x);
+#define LTC_MUTEX_UNLOCK(x)   pthread_mutex_unlock(x);
+
+#else 
+
+/* default no functions */
+#define LTC_MUTEX_GLOBAL(x)
+#define LTC_MUTEX_PROTO(x)
+#define LTC_MUTEX_LOCK(x)
+#define LTC_MUTEX_UNLOCK(x)
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_custom.h,v $ */
+/* $Revision: 1.17 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/headers/tomcrypt_hash.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_hash.h	Wed Jul 06 03:53:40 2005 +0000
@@ -132,10 +132,11 @@
     unsigned long hashsize;
     /** Input block size in octets */
     unsigned long blocksize;
-    /** ASN.1 DER identifier */
-    unsigned char DER[64];
+    /** ASN.1 OID */
+    unsigned long OID[16];
     /** Length of DER encoding */
-    unsigned long DERlen;
+    unsigned long OIDlen;
+
     /** Init a hash state
       @param hash   The hash to initialize
       @return CRYPT_OK if successful
@@ -278,6 +279,8 @@
 int unregister_hash(const struct ltc_hash_descriptor *hash);
 int hash_is_valid(int idx);
 
+LTC_MUTEX_PROTO(ltc_hash_mutex);
+
 int hash_memory(int hash, 
                 const unsigned char *in,  unsigned long inlen, 
                       unsigned char *out, unsigned long *outlen);
@@ -292,29 +295,29 @@
 {                                                                                           \
     unsigned long n;                                                                        \
     int           err;                                                                      \
-    LTC_ARGCHK(md != NULL);                                                                    \
-    LTC_ARGCHK(in != NULL);                                                                   \
+    LTC_ARGCHK(md != NULL);                                                                 \
+    LTC_ARGCHK(in != NULL);                                                                 \
     if (md-> state_var .curlen > sizeof(md-> state_var .buf)) {                             \
        return CRYPT_INVALID_ARG;                                                            \
     }                                                                                       \
-    while (inlen > 0) {                                                                       \
-        if (md-> state_var .curlen == 0 && inlen >= block_size) {                             \
-           if ((err = compress_name (md, (unsigned char *)in)) != CRYPT_OK) { \
-              return err;         \
-           }                                        \
+    while (inlen > 0) {                                                                     \
+        if (md-> state_var .curlen == 0 && inlen >= block_size) {                           \
+           if ((err = compress_name (md, (unsigned char *)in)) != CRYPT_OK) {               \
+              return err;                                                                   \
+           }                                                                                \
            md-> state_var .length += block_size * 8;                                        \
-           in             += block_size;                                                   \
-           inlen          -= block_size;                                                   \
+           in             += block_size;                                                    \
+           inlen          -= block_size;                                                    \
         } else {                                                                            \
-           n = MIN(inlen, (block_size - md-> state_var .curlen));                             \
-           memcpy(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n);             \
+           n = MIN(inlen, (block_size - md-> state_var .curlen));                           \
+           memcpy(md-> state_var .buf + md-> state_var.curlen, in, (size_t)n);              \
            md-> state_var .curlen += n;                                                     \
-           in             += n;                                                            \
-           inlen          -= n;                                                            \
+           in             += n;                                                             \
+           inlen          -= n;                                                             \
            if (md-> state_var .curlen == block_size) {                                      \
-              if ((err = compress_name (md, md-> state_var .buf)) != CRYPT_OK) {\
-                 return err;                                      \
-              } \
+              if ((err = compress_name (md, md-> state_var .buf)) != CRYPT_OK) {            \
+                 return err;                                                                \
+              }                                                                             \
               md-> state_var .length += 8*block_size;                                       \
               md-> state_var .curlen = 0;                                                   \
            }                                                                                \
@@ -322,3 +325,7 @@
     }                                                                                       \
     return CRYPT_OK;                                                                        \
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_hash.h,v $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/headers/tomcrypt_mac.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_mac.h	Wed Jul 06 03:53:40 2005 +0000
@@ -295,3 +295,7 @@
                          unsigned char *out);
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_mac.h,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt_macros.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_macros.h	Wed Jul 06 03:53:40 2005 +0000
@@ -132,7 +132,7 @@
 #ifdef ENDIAN_32BITWORD 
 
 #define STORE32L(x, y)        \
-     { unsigned long __t = (x); memcpy(y, &__t, 4); }
+     { ulong32  __t = (x); memcpy(y, &__t, 4); }
 
 #define LOAD32L(x, y)         \
      memcpy(&(x), y, 4);
@@ -152,7 +152,7 @@
 #else /* 64-bit words then  */
 
 #define STORE32L(x, y)        \
-     { unsigned long __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); memcpy(y, &__t, 4); }
 
 #define LOAD32L(x, y)         \
      { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
@@ -193,7 +193,7 @@
 #ifdef ENDIAN_32BITWORD 
 
 #define STORE32H(x, y)        \
-     { unsigned long __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); memcpy(y, &__t, 4); }
 
 #define LOAD32H(x, y)         \
      memcpy(&(x), y, 4);
@@ -213,7 +213,7 @@
 #else /* 64-bit words then  */
 
 #define STORE32H(x, y)        \
-     { unsigned long __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); memcpy(y, &__t, 4); }
 
 #define LOAD32H(x, y)         \
      { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
@@ -371,3 +371,7 @@
 #else
    #define byte(x, n) (((x) >> (8 * (n))) & 255)
 #endif   
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_macros.h,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt_misc.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_misc.h	Wed Jul 06 03:53:40 2005 +0000
@@ -15,3 +15,7 @@
 int mpi_to_ltc_error(int err);
 
 extern const char *crypt_build_settings;
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_misc.h,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tomcrypt_pk.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_pk.h	Wed Jul 06 03:53:40 2005 +0000
@@ -84,9 +84,6 @@
 #define MIN_RSA_SIZE 1024
 #define MAX_RSA_SIZE 4096
 
-/* Stack required for temps (plus padding) */
-// #define RSA_STACK    (8 + (MAX_RSA_SIZE/8))
-
 typedef struct Rsa_key {
     int type;
     mp_int e, d, N, p, q, qP, dP, dQ;
@@ -123,26 +120,6 @@
                           int            hash_idx, unsigned long saltlen,
                           int           *stat,     rsa_key      *key);
 
-/* these use PKCS #1 v1.5 padding */
-int rsa_v15_encrypt_key(const unsigned char *in,    unsigned long  inlen,
-                              unsigned char *out,   unsigned long *outlen,
-                              prng_state    *prng,     int            prng_idx, 
-                              rsa_key       *key);
-         
-int rsa_v15_decrypt_key(const unsigned char *in,     unsigned long  inlen,
-                              unsigned char *out,    unsigned long  outlen, 
-                              int           *stat,   rsa_key       *key);
-
-int rsa_v15_sign_hash(const unsigned char *in,       unsigned long  inlen, 
-                            unsigned char *out,      unsigned long *siglen, 
-                            int            hash_idx, rsa_key       *key);
-
-int rsa_v15_verify_hash(const unsigned char *sig,      unsigned long siglen,
-                        const unsigned char *hash,     unsigned long hashlen,
-                              int            hash_idx, int          *stat,     
-                              rsa_key       *key);
-
-
 /* PKCS #1 import/export */
 int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key);
 int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
@@ -244,10 +221,19 @@
 int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
 void dsa_free(dsa_key *key);
 
+
+int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
+                                   mp_int *r,   mp_int *s,
+                               prng_state *prng, int wprng, dsa_key *key);
+
 int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
                         unsigned char *out, unsigned long *outlen,
                         prng_state *prng, int wprng, dsa_key *key);
 
+int dsa_verify_hash_raw(         mp_int *r,          mp_int *s,
+                    const unsigned char *hash, unsigned long hashlen, 
+                                    int *stat,      dsa_key *key);
+
 int dsa_verify_hash(const unsigned char *sig,  unsigned long siglen,
                     const unsigned char *hash, unsigned long hashlen, 
                           int           *stat, dsa_key       *key);
@@ -262,9 +248,134 @@
 
 #ifdef LTC_DER
 /* DER handling */
+
+enum {
+ LTC_ASN1_EOL,
+ LTC_ASN1_INTEGER,
+ LTC_ASN1_SHORT_INTEGER,
+ LTC_ASN1_BIT_STRING,
+ LTC_ASN1_OCTET_STRING,
+ LTC_ASN1_NULL,
+ LTC_ASN1_OBJECT_IDENTIFIER,
+ LTC_ASN1_IA5_STRING,
+ LTC_ASN1_PRINTABLE_STRING,
+ LTC_ASN1_UTCTIME,
+
+ LTC_ASN1_CHOICE,
+ LTC_ASN1_SEQUENCE
+};
+
+typedef struct {
+   int           type;
+   void         *data;
+   unsigned long size;
+   int           used;
+} ltc_asn1_list;
+
+#define LTC_SET_ASN1(list, index, Type, Data, Size)  \
+   do {                                              \
+      int LTC_MACRO_temp            = (index);       \
+      ltc_asn1_list *LTC_MACRO_list = (list);        \
+      LTC_MACRO_list[LTC_MACRO_temp].type = (Type);  \
+      LTC_MACRO_list[LTC_MACRO_temp].data = (Data);  \
+      LTC_MACRO_list[LTC_MACRO_temp].size = (Size);  \
+      LTC_MACRO_list[LTC_MACRO_temp].used = 0;       \
+   } while (0);
+
+/* SEQUENCE */
+int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned char *out,  unsigned long *outlen);
+
+int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
+                              ltc_asn1_list *list, unsigned long  outlen);
+
+int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned long *outlen);
+
+/* VA list handy helpers */
+int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...);
+int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...);
+
+/* INTEGER */
 int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen);
-int der_decode_integer(const unsigned char *in, unsigned long *inlen, mp_int *num);
+int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num);
 int der_length_integer(mp_int *num, unsigned long *len);
-int der_put_multi_integer(unsigned char *dst, unsigned long *outlen, mp_int *num, ...);
-int der_get_multi_integer(const unsigned char *src, unsigned long *inlen,  mp_int *num, ...);
+
+/* INTEGER -- handy for 0..2^32-1 values */
+int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num);
+int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned long *outlen);
+int der_length_short_integer(unsigned long num, unsigned long *outlen);
+
+/* BIT STRING */
+int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_decode_bit_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_length_bit_string(unsigned long nbits, unsigned long *outlen);
+
+/* OCTET STRING */
+int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen);
+int der_decode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen);
+int der_length_octet_string(unsigned long noctets, unsigned long *outlen);
+
+/* OBJECT IDENTIFIER */
+int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
+                                 unsigned char *out,   unsigned long *outlen);
+int der_decode_object_identifier(const unsigned char *in,    unsigned long  inlen,
+                                       unsigned long *words, unsigned long *outlen);
+int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen);
+unsigned long der_object_identifier_bits(unsigned long x);
+
+/* IA5 STRING */
+int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_decode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen);
+
+int der_ia5_char_encode(int c);
+int der_ia5_value_decode(int v);
+
+/* Printable STRING */
+int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_decode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen);
+int der_length_printable_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen);
+
+int der_printable_char_encode(int c);
+int der_printable_value_decode(int v);
+
+/* CHOICE */
+int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
+                            ltc_asn1_list *list, unsigned long  outlen);
+
+/* UTCTime */
+typedef struct {
+   unsigned YY, /* year */
+            MM, /* month */
+            DD, /* day */
+            hh, /* hour */
+            mm, /* minute */
+            ss, /* second */
+            off_dir, /* timezone offset direction 0 == +, 1 == - */
+            off_hh, /* timezone offset hours */
+            off_mm; /* timezone offset minutes */
+} ltc_utctime;
+
+int der_encode_utctime(ltc_utctime *utctime, 
+                       unsigned char *out,   unsigned long *outlen);
+
+int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
+                             ltc_utctime   *out);
+
+int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen);
+
+
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_pk.h,v $ */
+/* $Revision: 1.30 $ */
+/* $Date: 2005/06/19 11:23:03 $ */
--- a/src/headers/tomcrypt_pkcs.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_pkcs.h	Wed Jul 06 03:53:40 2005 +0000
@@ -10,7 +10,7 @@
 int pkcs_1_i2osp(mp_int *n, unsigned long modulus_len, unsigned char *out);
 int pkcs_1_os2ip(mp_int *n, unsigned char *in, unsigned long inlen);
 
-/* *** v2.0 padding */
+/* *** v2.1 padding */
 int pkcs_1_oaep_encode(const unsigned char *msg,    unsigned long msglen,
                        const unsigned char *lparam, unsigned long lparamlen,
                              unsigned long modulus_bitlen, prng_state *prng,
@@ -34,32 +34,6 @@
                             unsigned long saltlen,  int           hash_idx,
                             unsigned long modulus_bitlen, int    *res);
 
-/* *** v1.5 padding */
-/* encryption padding */
-int pkcs_1_v15_es_encode(const unsigned char *msg,    unsigned long msglen,
-                               unsigned long  modulus_bitlen, 
-                               prng_state    *prng,   int           prng_idx,
-                               unsigned char *out,    unsigned long *outlen);
-
-/* note "outlen" is fixed, you have to tell this decoder how big
- * the original message was.  Unlike the OAEP decoder it cannot auto-detect it.
- */
-int pkcs_1_v15_es_decode(const unsigned char *msg,  unsigned long msglen,
-                               unsigned long modulus_bitlen,
-                               unsigned char *out,  unsigned long outlen,
-                               int           *res);
-
-/* signature padding */
-int pkcs_1_v15_sa_encode(const unsigned char *msghash,  unsigned long msghashlen,
-                               int            hash_idx, unsigned long modulus_bitlen,
-                               unsigned char *out,      unsigned long *outlen);
-
-int pkcs_1_v15_sa_decode(const unsigned char *msghash, unsigned long msghashlen,
-                         const unsigned char *sig,     unsigned long siglen,
-                               int           hash_idx, unsigned long modulus_bitlen, 
-                               int          *res);
-
-
 #endif /* PKCS_1 */
 
 /* ===> PKCS #5 -- Password Based Cryptography <=== */
@@ -78,3 +52,7 @@
                 unsigned char *out,            unsigned long *outlen);
 
 #endif  /* PKCS_5 */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_pkcs.h,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/14 11:46:08 $ */
--- a/src/headers/tomcrypt_prng.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tomcrypt_prng.h	Wed Jul 06 03:53:40 2005 +0000
@@ -178,6 +178,7 @@
 int register_prng(const struct ltc_prng_descriptor *prng);
 int unregister_prng(const struct ltc_prng_descriptor *prng);
 int prng_is_valid(int idx);
+LTC_MUTEX_PROTO(ltc_prng_mutex);
 
 /* Slow RNG you **might** be able to use to seed a PRNG with.  Be careful as this
  * might not work on all platforms as planned
@@ -188,3 +189,7 @@
 
 int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void));
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_prng.h,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/headers/tommath_class.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tommath_class.h	Wed Jul 06 03:53:40 2005 +0000
@@ -992,3 +992,7 @@
 #else
 #define LTM_LAST
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tommath_class.h,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/headers/tommath_superclass.h	Fri May 06 13:23:02 2005 +0000
+++ b/src/headers/tommath_superclass.h	Wed Jul 06 03:53:40 2005 +0000
@@ -1,10 +1,14 @@
 /* super class file for PK algos */
 
 /* default ... include all MPI */
+#ifndef SC_RSA_1
+
 #define LTM_ALL
 
+#endif
+
 /* RSA only (does not support DH/DSA/ECC) */
-// #define SC_RSA_1
+/* #define SC_RSA_1 */
 
 /* For reference.... On an Athlon64 optimizing for speed...
 
@@ -70,3 +74,7 @@
 #endif
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tommath_superclass.h,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/14 13:27:20 $ */
--- a/src/mac/hmac/hmac_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -103,3 +103,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_done.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_file.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_file.c	Wed Jul 06 03:53:40 2005 +0000
@@ -87,3 +87,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_file.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -106,3 +106,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_init.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -71,3 +71,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_memory_multi.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_memory_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -86,3 +86,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_memory_multi.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_process.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_process.c	Wed Jul 06 03:53:40 2005 +0000
@@ -37,3 +37,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_process.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/hmac/hmac_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/hmac/hmac_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -310,3 +310,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -78,3 +78,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_file.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_file.c	Wed Jul 06 03:53:40 2005 +0000
@@ -77,3 +77,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_file.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -39,7 +39,7 @@
    }
 
 #ifdef LTC_FAST
-   if (16 % sizeof(LTC_FAST_TYPE)) {
+   if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
        return CRYPT_INVALID_ARG;
    }
 #endif
@@ -93,3 +93,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_init.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/06/06 10:22:44 $ */
--- a/src/mac/omac/omac_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -69,3 +69,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_memory_multi.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_memory_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -84,3 +84,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_memory_multi.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_process.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_process.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,7 +27,8 @@
 */
 int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen)
 {
-   int err, n, x;
+   unsigned long n, x;
+   int           err;
 
    LTC_ARGCHK(omac  != NULL);
    LTC_ARGCHK(in    != NULL);
@@ -57,7 +58,7 @@
    while (inlen != 0) { 
        /* ok if the block is full we xor in prev, encrypt and replace prev */
        if (omac->buflen == omac->blklen) {
-          for (x = 0; x < omac->blklen; x++) {
+          for (x = 0; x < (unsigned long)omac->blklen; x++) {
               omac->block[x] ^= omac->prev[x];
           }
           cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->block, omac->prev, &omac->key);
@@ -77,3 +78,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_process.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/05/05 14:35:58 $ */
--- a/src/mac/omac/omac_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/omac/omac_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -104,3 +104,7 @@
 }   
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pelican/pelican.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pelican/pelican.c	Wed Jul 06 03:53:40 2005 +0000
@@ -102,6 +102,12 @@
 
    LTC_ARGCHK(pelmac != NULL);
    LTC_ARGCHK(in     != NULL);
+
+   /* check range */
+   if (pelmac->buflen < 0 || pelmac->buflen > 15) {
+      return CRYPT_INVALID_ARG;
+   }
+
 #ifdef LTC_FAST
    if (pelmac->buflen == 0) {
       while (inlen & ~15) {
@@ -136,6 +142,12 @@
 {
    LTC_ARGCHK(pelmac  != NULL);
    LTC_ARGCHK(out     != NULL);
+
+   /* check range */
+   if (pelmac->buflen < 0 || pelmac->buflen > 16) {
+      return CRYPT_INVALID_ARG;
+   }
+
    if  (pelmac->buflen == 16) {
        four_rounds(pelmac);
        pelmac->buflen = 0;
@@ -147,3 +159,7 @@
 }                        
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican.c,v $ */
+/* $Revision: 1.16 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pelican/pelican_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pelican/pelican_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -53,3 +53,7 @@
 
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican_memory.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pelican/pelican_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pelican/pelican_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -114,3 +114,7 @@
 
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican_test.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -66,3 +66,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_file.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_file.c	Wed Jul 06 03:53:40 2005 +0000
@@ -78,3 +78,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_file.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_init.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_init.c	Wed Jul 06 03:53:40 2005 +0000
@@ -138,3 +138,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_init.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_memory.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_memory.c	Wed Jul 06 03:53:40 2005 +0000
@@ -68,3 +68,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_memory.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_memory_multi.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_memory_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -83,3 +83,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_memory_multi.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_ntz.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_ntz.c	Wed Jul 06 03:53:40 2005 +0000
@@ -33,3 +33,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_ntz.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_process.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_process.c	Wed Jul 06 03:53:40 2005 +0000
@@ -90,3 +90,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_process.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_shift_xor.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_shift_xor.c	Wed Jul 06 03:53:40 2005 +0000
@@ -38,3 +38,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_shift_xor.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/mac/pmac/pmac_test.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/mac/pmac/pmac_test.c	Wed Jul 06 03:53:40 2005 +0000
@@ -159,3 +159,7 @@
 
 
  
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/base64/base64_decode.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/base64/base64_decode.c	Wed Jul 06 03:53:40 2005 +0000
@@ -98,3 +98,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/base64/base64_decode.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/base64/base64_encode.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/base64/base64_encode.c	Wed Jul 06 03:53:40 2005 +0000
@@ -74,3 +74,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/base64/base64_encode.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/burn_stack.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/burn_stack.c	Wed Jul 06 03:53:40 2005 +0000
@@ -28,3 +28,7 @@
 }
 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/burn_stack.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/crypt/crypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -296,7 +296,20 @@
 #if defined(LTC_NO_ASM)
     " LTC_NO_ASM "
 #endif
+#if defined(LTC_NO_TEST)
+    " LTC_NO_TEST "
+#endif
+#if defined(LTC_NO_TABLES)
+    " LTC_NO_TABLES "
+#endif
+#if defined(LTC_PTHREAD)
+    " LTC_PTHREAD "
+#endif
     "\n"
     "\n\n\n"
     ;
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_argchk.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_argchk.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,3 +24,7 @@
  (void)raise(SIGABRT);
 }
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_argchk.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/crypt/crypt_cipher_descriptor.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_cipher_descriptor.c	Wed Jul 06 03:53:40 2005 +0000
@@ -19,3 +19,9 @@
 { NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
  };
 
+LTC_MUTEX_GLOBAL(ltc_cipher_mutex);
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_cipher_is_valid.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_cipher_is_valid.c	Wed Jul 06 03:53:40 2005 +0000
@@ -22,8 +22,15 @@
 */
 int cipher_is_valid(int idx)
 {
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    if (idx < 0 || idx >= TAB_SIZE || cipher_descriptor[idx].name == NULL) {
+      LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
       return CRYPT_INVALID_CIPHER;
    }
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return CRYPT_OK;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_cipher.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_cipher.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,11 +24,18 @@
 {
    int x;
    LTC_ARGCHK(name != NULL);
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (cipher_descriptor[x].name != NULL && !strcmp(cipher_descriptor[x].name, name)) {
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return x;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return -1;
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_cipher_any.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_cipher_any.c	Wed Jul 06 03:53:40 2005 +0000
@@ -31,13 +31,20 @@
    x = find_cipher(name);
    if (x != -1) return x;
 
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (cipher_descriptor[x].name == NULL) {
           continue;
        }
        if (blocklen <= (int)cipher_descriptor[x].block_length && keylen <= (int)cipher_descriptor[x].max_key_length) {
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return x;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_cipher_id.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_cipher_id.c	Wed Jul 06 03:53:40 2005 +0000
@@ -23,10 +23,18 @@
 int find_cipher_id(unsigned char ID)
 {
    int x;
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (cipher_descriptor[x].ID == ID) {
-          return (cipher_descriptor[x].name == NULL) ? -1 : x;
+          x = (cipher_descriptor[x].name == NULL) ? -1 : x;
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
+          return x;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_hash.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_hash.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,10 +24,17 @@
 {
    int x;
    LTC_ARGCHK(name != NULL);
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (hash_descriptor[x].name != NULL && strcmp(hash_descriptor[x].name, name) == 0) {
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return x;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_hash_any.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_hash_any.c	Wed Jul 06 03:53:40 2005 +0000
@@ -28,6 +28,7 @@
    x = find_hash(name);
    if (x != -1) return x;
 
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    y = MAXBLOCKSIZE+1;
    z = -1;
    for (x = 0; x < TAB_SIZE; x++) {
@@ -39,5 +40,10 @@
           y = hash_descriptor[x].hashsize;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return z;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_find_hash_id.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_hash_id.c	Wed Jul 06 03:53:40 2005 +0000
@@ -23,10 +23,18 @@
 int find_hash_id(unsigned char ID)
 {
    int x;
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (hash_descriptor[x].ID == ID) {
-          return (hash_descriptor[x].name == NULL) ? -1 : x;
-       }
+      if (hash_descriptor[x].ID == ID) {
+          x = (hash_descriptor[x].name == NULL) ? -1 : x;
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
+          return x;
+      }
    }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/06/19 18:03:25 $ */
--- a/src/misc/crypt/crypt_find_prng.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_find_prng.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,11 +24,18 @@
 {
    int x;
    LTC_ARGCHK(name != NULL);
+   LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if ((prng_descriptor[x].name != NULL) && strcmp(prng_descriptor[x].name, name) == 0) {
+          LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return x;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
    return -1;
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_prng.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_hash_descriptor.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_hash_descriptor.c	Wed Jul 06 03:53:40 2005 +0000
@@ -18,3 +18,10 @@
 struct ltc_hash_descriptor hash_descriptor[TAB_SIZE] = {
 { NULL, 0, 0, 0, { 0 }, 0, NULL, NULL, NULL, NULL }
 };
+
+LTC_MUTEX_GLOBAL(ltc_hash_mutex);
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_hash_is_valid.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_hash_is_valid.c	Wed Jul 06 03:53:40 2005 +0000
@@ -22,8 +22,15 @@
 */
 int hash_is_valid(int idx)
 {
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    if (idx < 0 || idx >= TAB_SIZE || hash_descriptor[idx].name == NULL) {
+      LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
       return CRYPT_INVALID_HASH;
    }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return CRYPT_OK;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_prng_descriptor.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_prng_descriptor.c	Wed Jul 06 03:53:40 2005 +0000
@@ -17,3 +17,10 @@
 struct ltc_prng_descriptor prng_descriptor[TAB_SIZE] = {
 { NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
 };
+
+LTC_MUTEX_GLOBAL(ltc_prng_mutex);
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_prng_is_valid.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_prng_is_valid.c	Wed Jul 06 03:53:40 2005 +0000
@@ -22,8 +22,15 @@
 */
 int prng_is_valid(int idx)
 {
+   LTC_MUTEX_LOCK(&ltc_prng_mutex);
    if (idx < 0 || idx >= TAB_SIZE || prng_descriptor[idx].name == NULL) {
+      LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
       return CRYPT_INVALID_PRNG;
    }
+   LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
    return CRYPT_OK;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_register_cipher.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_register_cipher.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,8 +27,10 @@
    LTC_ARGCHK(cipher != NULL);
 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (cipher_descriptor[x].name != NULL && cipher_descriptor[x].ID == cipher->ID) {
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return x;
        }
    }
@@ -37,10 +39,16 @@
    for (x = 0; x < TAB_SIZE; x++) {
        if (cipher_descriptor[x].name == NULL) {
           XMEMCPY(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor));
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return x;
        }
    }
 
    /* no spot */
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_cipher.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_register_hash.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_register_hash.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,8 +27,10 @@
    LTC_ARGCHK(hash != NULL);
 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return x;
        }
    }
@@ -37,10 +39,16 @@
    for (x = 0; x < TAB_SIZE; x++) {
        if (hash_descriptor[x].name == NULL) {
           XMEMCPY(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor));
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return x;
        }
    }
 
    /* no spot */
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_hash.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_register_prng.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_register_prng.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,8 +27,10 @@
    LTC_ARGCHK(prng != NULL);
 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (memcmp(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) {
+          LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return x;
        }
    }
@@ -37,10 +39,16 @@
    for (x = 0; x < TAB_SIZE; x++) {
        if (prng_descriptor[x].name == NULL) {
           XMEMCPY(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor));
+          LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return x;
        }
    }
 
    /* no spot */
+   LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
    return -1;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_prng.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_unregister_cipher.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_unregister_cipher.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,12 +27,19 @@
    LTC_ARGCHK(cipher != NULL);
 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (memcmp(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor)) == 0) {
           cipher_descriptor[x].name = NULL;
           cipher_descriptor[x].ID   = 255;
+          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return CRYPT_OK;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
    return CRYPT_ERROR;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_unregister_hash.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_unregister_hash.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,11 +27,18 @@
    LTC_ARGCHK(hash != NULL);
 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
           hash_descriptor[x].name = NULL;
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return CRYPT_OK;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
    return CRYPT_ERROR;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/crypt/crypt_unregister_prng.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/crypt/crypt_unregister_prng.c	Wed Jul 06 03:53:40 2005 +0000
@@ -25,13 +25,20 @@
    int x;
 
    LTC_ARGCHK(prng != NULL);
-
+ 
    /* is it already registered? */
+   LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
        if (memcmp(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) != 0) {
           prng_descriptor[x].name = NULL;
+          LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return CRYPT_OK;
        }
    }
+   LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
    return CRYPT_ERROR;
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 18:00:28 $ */
--- a/src/misc/error_to_string.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/error_to_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -68,3 +68,7 @@
    }   
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/error_to_string.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/mpi/is_prime.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/mpi/is_prime.c	Wed Jul 06 03:53:40 2005 +0000
@@ -30,3 +30,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/is_prime.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/mpi/mpi.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/mpi/mpi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -9042,3 +9042,7 @@
 
 
 /* EOF */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/mpi.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/mpi/mpi_to_ltc_error.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/mpi/mpi_to_ltc_error.c	Wed Jul 06 03:53:40 2005 +0000
@@ -42,3 +42,7 @@
 }
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/mpi_to_ltc_error.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/mpi/rand_prime.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/mpi/rand_prime.c	Wed Jul 06 03:53:40 2005 +0000
@@ -64,3 +64,7 @@
       
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/rand_prime.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/pkcs5/pkcs_5_1.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/pkcs5/pkcs_5_1.c	Wed Jul 06 03:53:40 2005 +0000
@@ -100,3 +100,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/pkcs5/pkcs_5_2.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/pkcs5/pkcs_5_2.c	Wed Jul 06 03:53:40 2005 +0000
@@ -123,3 +123,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/misc/zeromem.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/misc/zeromem.c	Wed Jul 06 03:53:40 2005 +0000
@@ -28,3 +28,7 @@
       *mem++ = 0;
    }
 }
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/zeromem.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -89,3 +89,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_decrypt.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
    
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -90,3 +90,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_encrypt.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_getiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_getiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -39,3 +39,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_getiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_setiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_setiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -38,3 +38,7 @@
 
 #endif 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_setiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cbc/cbc_start.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cbc/cbc_start.c	Wed Jul 06 03:53:40 2005 +0000
@@ -56,3 +56,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_start.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -59,3 +59,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
    
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -57,3 +57,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_encrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_getiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_getiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -39,3 +39,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_getiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_setiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_setiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -47,3 +47,7 @@
 
 #endif 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_setiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/cfb/cfb_start.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/cfb/cfb_start.c	Wed Jul 06 03:53:40 2005 +0000
@@ -61,3 +61,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_start.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
    
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -60,7 +60,7 @@
       /* is the pad empty? */
       if (ctr->padlen == ctr->blocklen) {
          /* increment counter */
-         if (ctr->mode == 0) {
+         if (ctr->mode == CTR_COUNTER_LITTLE_ENDIAN) {
             /* little-endian */
             for (x = 0; x < ctr->blocklen; x++) {
                ctr->ctr[x] = (ctr->ctr[x] + (unsigned char)1) & (unsigned char)255;
@@ -102,3 +102,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_encrypt.c,v $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_getiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_getiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -39,3 +39,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_getiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_setiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_setiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -52,3 +52,7 @@
 
 #endif 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_setiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ctr/ctr_start.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ctr/ctr_start.c	Wed Jul 06 03:53:40 2005 +0000
@@ -21,19 +21,23 @@
 /**
    Initialize a CTR context
    @param cipher      The index of the cipher desired
-   @param count       The initial vector
+   @param IV          The initial vector
    @param key         The secret key 
    @param keylen      The length of the secret key (octets)
    @param num_rounds  Number of rounds in the cipher desired (0 for default)
+   @param ctr_mode    The counter mode (CTR_COUNTER_LITTLE_ENDIAN or CTR_COUNTER_BIG_ENDIAN)
    @param ctr         The CTR state to initialize
    @return CRYPT_OK if successful
 */
-int ctr_start(int cipher, const unsigned char *count, const unsigned char *key, int keylen, 
-              int num_rounds, symmetric_CTR *ctr)
+int ctr_start(               int   cipher, 
+              const unsigned char *IV, 
+              const unsigned char *key,       int keylen, 
+                             int  num_rounds, int ctr_mode,
+                   symmetric_CTR *ctr)
 {
    int x, err;
 
-   LTC_ARGCHK(count != NULL);
+   LTC_ARGCHK(IV  != NULL);
    LTC_ARGCHK(key != NULL);
    LTC_ARGCHK(ctr != NULL);
 
@@ -51,12 +55,16 @@
    ctr->blocklen = cipher_descriptor[cipher].block_length;
    ctr->cipher   = cipher;
    ctr->padlen   = 0;
-   ctr->mode     = 0;
+   ctr->mode     = ctr_mode;
    for (x = 0; x < ctr->blocklen; x++) {
-       ctr->ctr[x] = count[x];
+       ctr->ctr[x] = IV[x];
    }
    cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key);
    return CRYPT_OK;
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_start.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ecb/ecb_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ecb/ecb_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -53,3 +53,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_decrypt.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ecb/ecb_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ecb/ecb_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -18,7 +18,7 @@
 #ifdef ECB
 
 /** Terminate the chain
-  @param rcb    The ECB chain to terminate
+  @param ecb    The ECB chain to terminate
   @return CRYPT_OK on success
 */
 int ecb_done(symmetric_ECB *ecb)
@@ -36,3 +36,7 @@
    
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_done.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ecb/ecb_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ecb/ecb_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -53,3 +53,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_encrypt.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ecb/ecb_start.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ecb/ecb_start.c	Wed Jul 06 03:53:40 2005 +0000
@@ -42,3 +42,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_start.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_decrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_decrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -37,3 +37,7 @@
 #endif
 
  
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_decrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_done.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_done.c	Wed Jul 06 03:53:40 2005 +0000
@@ -36,3 +36,7 @@
    
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_encrypt.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_encrypt.c	Wed Jul 06 03:53:40 2005 +0000
@@ -52,3 +52,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_encrypt.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_getiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_getiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -39,3 +39,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_getiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_setiv.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_setiv.c	Wed Jul 06 03:53:40 2005 +0000
@@ -47,3 +47,7 @@
 
 #endif 
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_setiv.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/modes/ofb/ofb_start.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/modes/ofb/ofb_start.c	Wed Jul 06 03:53:40 2005 +0000
@@ -54,3 +54,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_start.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/bit/der_decode_bit_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,101 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_bit_string.c
+  ASN.1 DER, encode a BIT STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a BIT STRING
+  @param in      The DER encoded BIT STRING
+  @param inlen   The size of the DER BIT STRING
+  @param out     [out] The array of bits stored (one per char)
+  @param outlen  [in/out] The number of bits stored
+  @return CRYPT_OK if successful
+*/
+int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long dlen, blen, x, y;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* packet must be at least 4 bytes */
+   if (inlen < 4) {
+       return CRYPT_INVALID_ARG;
+   }
+
+   /* check for 0x03 */
+   if ((in[0]&0x1F) != 0x03) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+    /* offset in the data */
+    x = 1;
+
+   /* get the length of the data */
+   if (in[x] & 0x80) {
+      /* long format get number of length bytes */
+      y = in[x++] & 127;
+
+      /* invalid if 0 or > 2 */
+      if (y == 0 || y > 2) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read the data len */
+      dlen = 0;
+      while (y--) {
+         dlen = (dlen << 8) | (unsigned long)in[x++];
+      }
+   } else {
+      /* short format */
+      dlen = in[x++] & 127;
+   }
+  
+   /* is the data len too long or too short? */
+   if ((dlen == 0) || (dlen + x > inlen)) {
+       return CRYPT_INVALID_PACKET;
+   }
+
+   /* get padding count */
+   blen = ((dlen - 1) << 3) - (in[x++] & 7);
+
+   /* too many bits? */
+   if (blen > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* decode/store the bits */
+   for (y = 0; y < blen; y++) {
+       out[y] = (in[x] & (1 << (7 - (y & 7)))) ? 1 : 0;
+       if ((y & 7) == 7) {
+          ++x;
+       }
+   }
+
+   /* we done */
+   *outlen = blen;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/bit/der_encode_bit_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,87 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_bit_string.c
+  ASN.1 DER, encode a BIT STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a BIT STRING
+  @param in       The array of bits to store (one per char)
+  @param inlen    The number of bits tostore
+  @param out      [out] The destination for the DER encoded BIT STRING
+  @param outlen   [in/out] The max size and resulting size of the DER BIT STRING
+  @return CRYPT_OK if successful
+*/
+int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long len, x, y, buf;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* avoid overflows */
+   if ((err = der_length_bit_string(inlen, &len)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* store header (include bit padding count in length) */
+   x = 0;
+   y = (inlen >> 3) + ((inlen&7) ? 1 : 0) + 1;
+
+   out[x++] = 0x03;
+   if (y < 128) {
+      out[x++] = y;
+   } else if (y < 256) {
+      out[x++] = 0x81;
+      out[x++] = y;
+   } else if (y < 65536) {
+      out[x++] = 0x82;
+      out[x++] = (y>>8)&255;
+      out[x++] = y&255;
+   }
+
+   /* store number of zero padding bits */
+   out[x++] = (8 - inlen) & 7;
+
+   /* store the bits in big endian format */
+   for (y = buf = 0; y < inlen; y++) {
+       buf |= (in[y] ? 1 : 0) << (7 - (y & 7));
+       if ((y & 7) == 7) {
+          out[x++] = buf;
+          buf      = 0;
+       }
+   }
+   /* store last byte */
+   if (inlen & 7) {
+      out[x++] = buf;
+   }
+   *outlen = x;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/bit/der_length_bit_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,54 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_bit_string.c
+  ASN.1 DER, get length of BIT STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+/**
+  Gets length of DER encoding of BIT STRING 
+  @param nbits  The number of bits in the string to encode
+  @param outlen [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_bit_string(unsigned long nbits, unsigned long *outlen)
+{
+   unsigned long nbytes;
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get the number of the bytes */
+   nbytes = (nbits >> 3) + ((nbits & 7) ? 1 : 0) + 1;
+ 
+   if (nbytes < 128) {
+      /* 03 LL PP DD DD DD ... */
+      *outlen = 2 + nbytes;
+   } else if (nbytes < 256) {
+      /* 03 81 LL PP DD DD DD ... */
+      *outlen = 3 + nbytes;
+   } else if (nbytes < 65536) {
+      /* 03 82 LL LL PP DD DD DD ... */
+      *outlen = 4 + nbytes;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/choice/der_decode_choice.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,168 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_choice.c
+  ASN.1 DER, decode a CHOICE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+   Decode a CHOICE
+   @param in       The DER encoded input
+   @param inlen    [in/out] The size of the input and resulting size of read type
+   @param list     The list of items to decode
+   @param outlen   The number of items in the list
+   @return CRYPT_OK on success
+*/
+int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
+                            ltc_asn1_list *list, unsigned long  outlen)
+{
+   unsigned long size, x, z;
+   void          *data;
+
+   LTC_ARGCHK(in    != NULL);
+   LTC_ARGCHK(inlen != NULL);
+   LTC_ARGCHK(list  != NULL);
+
+   /* get blk size */
+   if (*inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* set all of the "used" flags to zero */
+   for (x = 0; x < outlen; x++) {
+       list[x].used = 0;
+   }
+
+   /* now scan until we have a winner */
+   for (x = 0; x < outlen; x++) {
+       size = list[x].size;
+       data = list[x].data;
+
+       switch (list[x].type) {
+           case LTC_ASN1_INTEGER:
+               if (der_decode_integer(in, *inlen, data) == CRYPT_OK) {
+                  if (der_length_integer(data, &z) == CRYPT_OK) {
+                      list[x].used = 1;
+                      *inlen       = z;
+                      return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_SHORT_INTEGER:
+               if (der_decode_short_integer(in, *inlen, data) == CRYPT_OK) {
+                  if (der_length_short_integer(size, &z) == CRYPT_OK) {
+                      list[x].used = 1;
+                      *inlen       = z;
+                      return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_BIT_STRING:
+               if (der_decode_bit_string(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_bit_string(size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_OCTET_STRING:
+               if (der_decode_octet_string(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_octet_string(size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_NULL:
+               if (*inlen == 2 && in[x] == 0x05 && in[x+1] == 0x00) {
+                  *inlen = 2;
+                  return CRYPT_OK;
+               }
+               break;
+                  
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+               if (der_decode_object_identifier(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_object_identifier(data, size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_IA5_STRING:
+               if (der_decode_ia5_string(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_ia5_string(data, size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+
+           case LTC_ASN1_PRINTABLE_STRING:
+               if (der_decode_printable_string(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_printable_string(data, size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+           case LTC_ASN1_UTCTIME:
+               z = *inlen;
+               if (der_decode_utctime(in, &z, data) == CRYPT_OK) {
+                  list[x].used = 1;
+                  *inlen       = z;
+                  return CRYPT_OK;
+               }
+               break;
+
+           case LTC_ASN1_SEQUENCE:
+               if (der_decode_sequence(in, *inlen, data, size) == CRYPT_OK) {
+                  if (der_length_sequence(data, size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
+           default:
+               return CRYPT_INVALID_ARG;
+       }
+   }
+
+   return CRYPT_INVALID_PACKET;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/19 11:25:01 $ */
--- a/src/pk/asn1/der/der_decode_integer.c	Fri May 06 13:23:02 2005 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,98 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, [email protected], http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file der_decode_integer.c
-  ASN.1 DER, decode an integer, Tom St Denis
-*/
-
-
-#ifdef LTC_DER
-
-/* decodes a DER INTEGER in [in].  You have to tell this function
- * how many bytes are available [inlen].  It will then attempt to 
- * read the INTEGER.  If all goes well it stores the number of bytes
- * read in [inlen] and the number in [num].
- */
-/**
-  Read a mp_int integer
-  @param in       The DER encoded data
-  @param inlen    [in] Size of the in data, [out] number of bytes read
-  @param num      The first mp_int to decode
-  @return CRYPT_OK if successful
-*/
-int der_decode_integer(const unsigned char *in, unsigned long *inlen, mp_int *num)
-{
-   unsigned long tmplen, y, z;
-
-   LTC_ARGCHK(num    != NULL);
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(inlen  != NULL);
-
-   /* save copy of max output size */
-   tmplen = *inlen;
-   *inlen = 0;
-
-   /* min DER INTEGER is 0x02 01 00 == 0 */
-   if (tmplen < (1 + 1 + 1)) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   /* ok expect 0x02 when we AND with 0011 1111 [3F] */
-   if ((*in++ & 0x3F) != 0x02) {
-      return CRYPT_INVALID_PACKET;
-   }
-   ++(*inlen);
-
-   /* now decode the len stuff */
-   z = *in++;
-   ++(*inlen);
-
-   if ((z & 0x80) == 0x00) {
-      /* short form */
-
-      /* will it overflow? */
-      if (*inlen + z > tmplen) {
-         return CRYPT_INVALID_PACKET;
-      }
-     
-      /* no so read it */
-      (*inlen) += z;
-      return mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in, z));
-   } else {
-      /* long form */
-      z &= 0x7F;
-      
-      /* will number of length bytes overflow? (or > 4) */
-      if (((*inlen + z) > tmplen) || (z > 4)) {
-         return CRYPT_INVALID_PACKET;
-      }
-
-      /* now read it in */
-      y = 0;
-      while (z--) {
-         y = ((unsigned long)(*in++)) | (y << 8);
-         ++(*inlen);
-      }
-
-      /* now will reading y bytes overrun? */
-      if ((*inlen + y) > tmplen) {
-         return CRYPT_INVALID_PACKET;
-      }
-
-      /* no so read it */
-      (*inlen) += y;
-      return mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in, y));
-   }
-}
-
-#endif
--- a/src/pk/asn1/der/der_encode_integer.c	Fri May 06 13:23:02 2005 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,109 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, [email protected], http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file der_encode_integer.c
-  ASN.1 DER, encode an integer, Tom St Denis
-*/
-
-
-#ifdef LTC_DER
-
-/* Exports a positive bignum as DER format (upto 2^32 bytes in size) */
-/**
-  Store a mp_int integer
-  @param num      The first mp_int to encode
-  @param out      [out] The destination for the DER encoded integers
-  @param outlen   [in/out] The max size and resulting size of the DER encoded integers
-  @return CRYPT_OK if successful
-*/
-int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
-{  
-   unsigned long tmplen, x, y, z;
-   int           err, leading_zero;
-
-   LTC_ARGCHK(num    != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-
-   /* find out how big this will be */
-   if ((err = der_length_integer(num, &tmplen)) != CRYPT_OK) {
-      return err;
-   }
-
-   if (*outlen < tmplen) {
-      return CRYPT_BUFFER_OVERFLOW;
-   }
-
-   /* we only need a leading zero if the msb of the first byte is one */
-   if ((mp_count_bits(num) & 7) == 7 || mp_iszero(num) == MP_YES) {
-      leading_zero = 1;
-   } else {
-      leading_zero = 0;
-   }
-
-   /* get length of num in bytes (plus 1 since we force the msbyte to zero) */
-   y = mp_unsigned_bin_size(num) + leading_zero;
-
-   /* now store initial data */
-   *out++ = 0x02;
-   if (y < 128) {
-      /* short form */
-      *out++ = (unsigned char)y;
-   } else {
-      /* long form (relies on y != 0) */
-
-      /* get length of length... ;-) */
-      x = y;
-      z = 0;
-      while (x) {
-         ++z;
-         x >>= 8;
-      }
-      
-      /* store length of length */
-      *out++ = 0x80 | ((unsigned char)z);
-
-      /* now store length */
-      
-      /* first shift length up so msbyte != 0 */
-      x = y;
-      while ((x & 0xFF000000) == 0) {
-          x <<= 8;
-      }
-
-      /* now store length */
-      while (z--) {
-         *out++ = (unsigned char)((x >> 24) & 0xFF);
-         x <<= 8;
-      }
-   }
-
-   /* now store msbyte of zero if num is non-zero */
-   if (leading_zero) {
-      *out++ = 0x00;
-   }
-
-   /* if it's not zero store it as big endian */
-   if (mp_iszero(num) == MP_NO) {
-      /* now store the mpint */
-      if ((err = mp_to_unsigned_bin(num, out)) != MP_OKAY) {
-          return mpi_to_ltc_error(err);
-      }
-   }
-
-   /* we good */
-   *outlen = tmplen; 
-   return CRYPT_OK;
-}
-
-#endif
--- a/src/pk/asn1/der/der_get_multi_integer.c	Fri May 06 13:23:02 2005 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, [email protected], http://libtomcrypt.org
- */
-#include <stdarg.h>
-#include "tomcrypt.h"
-
-/**
-  @file der_get_multi_integer.c
-  ASN.1 DER, read multiple integers, Tom St Denis
-*/
-
-
-#ifdef LTC_DER
-
-/* will read multiple DER INTEGER encoded mp_ints from src
- * of upto [inlen] bytes.  It will store the number of bytes
- * read back into [inlen].
- */
-/**
-  Read multiple mp_int integers one after another
-  @param src      The DER encoded integers
-  @param inlen    [in] The length of the src buffer, [out] the amount of bytes read
-  @param num      The first mp_int to decode
-  @param ...      A NULL terminated list of mp_ints to decode
-  @return CRYPT_OK if successful
-*/
-int der_get_multi_integer(const unsigned char *src, unsigned long *inlen, 
-                  mp_int *num, ...)
-{
-   va_list        args;
-   mp_int        *next;
-   unsigned long  wrote, len;
-   int            err;
-
-   LTC_ARGCHK(src    != NULL);
-   LTC_ARGCHK(inlen  != NULL);
-
-   /* setup va list */
-   next  = num;
-   len   = *inlen;
-   wrote = 0;
-   va_start(args, num);
-
-   while (next != NULL) {
-       if ((err = der_decode_integer(src, inlen, next)) != CRYPT_OK) {
-          va_end(args);
-          return err;
-       }
-       wrote += *inlen;
-       src   += *inlen;
-       len   -= *inlen;
-       *inlen = len;
-        next     = va_arg(args, mp_int*);
-   }
-   va_end(args);
-   *inlen = wrote;
-   return CRYPT_OK;
-}
-
-#endif
--- a/src/pk/asn1/der/der_length_integer.c	Fri May 06 13:23:02 2005 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, [email protected], http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file der_length_integer.c
-  ASN.1 DER, get length of encoding, Tom St Denis
-*/
-
-
-#ifdef LTC_DER
-/**
-  Gets length of DER encoding of num 
-  @param num    The mp_int to get the size of 
-  @param outlen [out] The length of the DER encoding for the given integer
-  @return CRYPT_OK if successful
-*/
-int der_length_integer(mp_int *num, unsigned long *outlen)
-{
-   unsigned long z, len;
-   int           leading_zero;
-
-   LTC_ARGCHK(num     != NULL);
-   LTC_ARGCHK(outlen  != NULL);
-
-   /* we only need a leading zero if the msb of the first byte is one */
-   if ((mp_count_bits(num) & 7) == 7 || mp_iszero(num) == MP_YES) {
-      leading_zero = 1;
-   } else {
-      leading_zero = 0;
-   }
-
-   /* size for bignum */
-   z = len = leading_zero + mp_unsigned_bin_size(num);
-
-   /* we need a 0x02 */
-   ++len;
-
-   /* now we need a length */
-   if (z < 128) {
-      /* short form */
-      ++len;
-   } else {
-      /* long form (relies on z != 0) */
-      ++len;
-
-      while (z) {
-         ++len;
-         z >>= 8;
-      }
-   }
-
-   *outlen = len; 
-   return CRYPT_OK;
-}
-
-#endif
--- a/src/pk/asn1/der/der_put_multi_integer.c	Fri May 06 13:23:02 2005 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, [email protected], http://libtomcrypt.org
- */
-#include <stdarg.h>
-#include "tomcrypt.h"
-
-/**
-  @file der_put_multi_integer.c
-  ASN.1 DER, store multiple integers, Tom St Denis
-*/
-
-
-#ifdef LTC_DER
-
-/* store multiple mp_ints in DER INTEGER format to the out, will not
- * overflow the length you give it [outlen] and store the number of 
- * bytes used in [outlen] 
- */
-/**
-  Store multiple mp_int integers one after another
-  @param out      [out] The destination for the DER encoded integers
-  @param outlen   [in/out] The max size and resulting size of the DER encoded integers
-  @param num      The first mp_int to encode
-  @param ...      A NULL terminated list of mp_ints to encode
-  @return CRYPT_OK if successful
-*/
-int der_put_multi_integer(unsigned char *out, unsigned long *outlen, 
-                  mp_int *num, ...)
-{
-   va_list        args;
-   mp_int        *next;
-   unsigned long  wrote, len;
-   int            err;
-
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-
-   /* setup va list */
-   next  = num;
-   len   = *outlen;
-   wrote = 0;
-   va_start(args, num);
-
-   while (next != NULL) {
-        if ((err = der_encode_integer(next, out, outlen)) != CRYPT_OK) {
-           va_end(args);
-           return err;
-        }
-        wrote   += *outlen;
-        out     += *outlen;
-        len     -= *outlen;
-        *outlen  = len;
-        next     = va_arg(args, mp_int*);
-   }
-   va_end(args);
-   *outlen = wrote;
-   return CRYPT_OK;
-}
-
-#endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/ia5/der_decode_ia5_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,95 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_ia5_string.c
+  ASN.1 DER, encode a IA5 STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a IA5 STRING
+  @param in      The DER encoded IA5 STRING
+  @param inlen   The size of the DER IA5 STRING
+  @param out     [out] The array of octets stored (one per char)
+  @param outlen  [in/out] The number of octets stored
+  @return CRYPT_OK if successful
+*/
+int der_decode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+   int           t;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* must have header at least */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* check for 0x16 */
+   if ((in[0] & 0x1F) != 0x16) {
+      return CRYPT_INVALID_PACKET;
+   }
+   x = 1;
+
+   /* decode the length */
+   if (in[x] & 0x80) {
+      /* valid # of bytes in length are 1,2,3 */
+      y = in[x] & 0x7F;
+      if ((y == 0) || (y > 3) || ((x + y) > inlen)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read the length in */
+      len = 0;
+      ++x;
+      while (y--) {
+         len = (len << 8) | in[x++];
+      }
+   } else {
+      len = in[x++] & 0x7F;
+   }
+
+   /* is it too long? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   if (len + x > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* read the data */
+   for (y = 0; y < len; y++) {
+       t = der_ia5_value_decode(in[x++]);
+       if (t == -1) {
+           return CRYPT_INVALID_ARG;
+       }
+       out[y] = t;
+   }
+
+   *outlen = y;
+
+   return CRYPT_OK;
+}
+ 
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/ia5/der_encode_ia5_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,84 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_ia5_string.c
+  ASN.1 DER, encode a IA5 STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+  Store an IA5 STRING
+  @param in       The array of IA5 to store (one per char)
+  @param inlen    The number of IA5 to store
+  @param out      [out] The destination for the DER encoded IA5 STRING
+  @param outlen   [in/out] The max size and resulting size of the DER IA5 STRING
+  @return CRYPT_OK if successful
+*/
+int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get the size */
+   if ((err = der_length_ia5_string(in, inlen, &len)) != CRYPT_OK) {
+      return err; 
+   }
+
+   /* too big? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* encode the header+len */
+   x = 0;
+   out[x++] = 0x16;
+   if (inlen < 128) {
+      out[x++] = inlen;
+   } else if (inlen < 256) {
+      out[x++] = 0x81;
+      out[x++] = inlen;
+   } else if (inlen < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else if (inlen < 16777216UL) {
+      out[x++] = 0x83;
+      out[x++] = (inlen>>16)&255;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* store octets */
+   for (y = 0; y < inlen; y++) {
+       out[x++] = der_ia5_char_encode(in[y]);
+   }
+
+   /* retun length */
+   *outlen = x;
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/ia5/der_length_ia5_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,194 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_ia5_string.c
+  ASN.1 DER, get length of IA5 STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+static const struct {
+   int code, value;
+} ia5_table[] = {
+{ '\0', 0 },
+{ '\a', 7 }, 
+{ '\b', 8 }, 
+{ '\t', 9 }, 
+{ '\n', 10 }, 
+{ '\f', 12 }, 
+{ '\r', 13 }, 
+{ ' ', 32 }, 
+{ '!', 33 }, 
+{ '"', 34 }, 
+{ '#', 35 }, 
+{ '$', 36 }, 
+{ '%', 37 }, 
+{ '&', 38 }, 
+{ '\'', 39 }, 
+{ '(', 40 }, 
+{ ')', 41 }, 
+{ '*', 42 }, 
+{ '+', 43 }, 
+{ ',', 44 }, 
+{ '-', 45 }, 
+{ '.', 46 }, 
+{ '/', 47 }, 
+{ '0', 48 }, 
+{ '1', 49 }, 
+{ '2', 50 }, 
+{ '3', 51 }, 
+{ '4', 52 }, 
+{ '5', 53 }, 
+{ '6', 54 }, 
+{ '7', 55 }, 
+{ '8', 56 }, 
+{ '9', 57 }, 
+{ ':', 58 }, 
+{ ';', 59 }, 
+{ '<', 60 }, 
+{ '=', 61 }, 
+{ '>', 62 }, 
+{ '?', 63 }, 
+{ '@', 64 }, 
+{ 'A', 65 }, 
+{ 'B', 66 }, 
+{ 'C', 67 }, 
+{ 'D', 68 }, 
+{ 'E', 69 }, 
+{ 'F', 70 }, 
+{ 'G', 71 }, 
+{ 'H', 72 }, 
+{ 'I', 73 }, 
+{ 'J', 74 }, 
+{ 'K', 75 }, 
+{ 'L', 76 }, 
+{ 'M', 77 }, 
+{ 'N', 78 }, 
+{ 'O', 79 }, 
+{ 'P', 80 }, 
+{ 'Q', 81 }, 
+{ 'R', 82 }, 
+{ 'S', 83 }, 
+{ 'T', 84 }, 
+{ 'U', 85 }, 
+{ 'V', 86 }, 
+{ 'W', 87 }, 
+{ 'X', 88 }, 
+{ 'Y', 89 }, 
+{ 'Z', 90 }, 
+{ '[', 91 }, 
+{ '\\', 92 }, 
+{ ']', 93 }, 
+{ '^', 94 }, 
+{ '_', 95 }, 
+{ '`', 96 }, 
+{ 'a', 97 }, 
+{ 'b', 98 }, 
+{ 'c', 99 }, 
+{ 'd', 100 }, 
+{ 'e', 101 }, 
+{ 'f', 102 }, 
+{ 'g', 103 }, 
+{ 'h', 104 }, 
+{ 'i', 105 }, 
+{ 'j', 106 }, 
+{ 'k', 107 }, 
+{ 'l', 108 }, 
+{ 'm', 109 }, 
+{ 'n', 110 }, 
+{ 'o', 111 }, 
+{ 'p', 112 }, 
+{ 'q', 113 }, 
+{ 'r', 114 }, 
+{ 's', 115 }, 
+{ 't', 116 }, 
+{ 'u', 117 }, 
+{ 'v', 118 }, 
+{ 'w', 119 }, 
+{ 'x', 120 }, 
+{ 'y', 121 }, 
+{ 'z', 122 }, 
+{ '{', 123 }, 
+{ '|', 124 }, 
+{ '}', 125 }, 
+{ '~', 126 }
+};
+
+int der_ia5_char_encode(int c)
+{
+   int x;
+   for (x = 0; x < (int)(sizeof(ia5_table)/sizeof(ia5_table[0])); x++) {
+       if (ia5_table[x].code == c) {
+          return ia5_table[x].value;
+       }
+   }
+   return -1;
+}
+
+int der_ia5_value_decode(int v)
+{
+   int x;
+   for (x = 0; x < (int)(sizeof(ia5_table)/sizeof(ia5_table[0])); x++) {
+       if (ia5_table[x].value == v) {
+          return ia5_table[x].code;
+       }
+   }
+   return -1;
+}
+   
+/**
+  Gets length of DER encoding of IA5 STRING 
+  @param octets   The values you want to encode 
+  @param noctets  The number of octets in the string to encode
+  @param outlen   [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen)
+{
+   unsigned long x;
+
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(octets != NULL);
+
+   /* scan string for validity */
+   for (x = 0; x < noctets; x++) {
+       if (der_ia5_char_encode(octets[x]) == -1) {
+          return CRYPT_INVALID_ARG;
+       }
+   }
+
+   if (noctets < 128) {
+      /* 16 LL DD DD DD ... */
+      *outlen = 2 + noctets;
+   } else if (noctets < 256) {
+      /* 16 81 LL DD DD DD ... */
+      *outlen = 3 + noctets;
+   } else if (noctets < 65536UL) {
+      /* 16 82 LL LL DD DD DD ... */
+      *outlen = 4 + noctets;
+   } else if (noctets < 16777216UL) {
+      /* 16 83 LL LL LL DD DD DD ... */
+      *outlen = 5 + noctets;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/integer/der_decode_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,110 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_integer.c
+  ASN.1 DER, decode an integer, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Read a mp_int integer
+  @param in       The DER encoded data
+  @param inlen    Size of DER encoded data
+  @param num      The first mp_int to decode
+  @return CRYPT_OK if successful
+*/
+int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num)
+{
+   unsigned long x, y, z;
+   int           err;
+
+   LTC_ARGCHK(num    != NULL);
+   LTC_ARGCHK(in     != NULL);
+
+   /* min DER INTEGER is 0x02 01 00 == 0 */
+   if (inlen < (1 + 1 + 1)) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* ok expect 0x02 when we AND with 0001 1111 [1F] */
+   x = 0;
+   if ((in[x++] & 0x1F) != 0x02) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* now decode the len stuff */
+   z = in[x++];
+
+   if ((z & 0x80) == 0x00) {
+      /* short form */
+
+      /* will it overflow? */
+      if (x + z > inlen) {
+         return CRYPT_INVALID_PACKET;
+      }
+     
+      /* no so read it */
+      if ((err = mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in + x, z))) != CRYPT_OK) {
+         return err;
+      }
+   } else {
+      /* long form */
+      z &= 0x7F;
+      
+      /* will number of length bytes overflow? (or > 4) */
+      if (((x + z) > inlen) || (z > 4) || (z == 0)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* now read it in */
+      y = 0;
+      while (z--) {
+         y = ((unsigned long)(in[x++])) | (y << 8);
+      }
+
+      /* now will reading y bytes overrun? */
+      if ((x + y) > inlen) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* no so read it */
+      if ((err = mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in + x, y))) != CRYPT_OK) {
+         return err;
+      }
+   }
+
+   /* see if it's negative */
+   if (in[x] & 0x80) {
+      mp_int tmp;
+      if (mp_init(&tmp) != MP_OKAY) {
+         return CRYPT_MEM;
+      }
+
+      if (mp_2expt(&tmp, mp_count_bits(num)) != MP_OKAY || mp_sub(num, &tmp, num) != MP_OKAY) {
+         mp_clear(&tmp);
+         return CRYPT_MEM;
+      }
+      mp_clear(&tmp);
+   } 
+
+   return CRYPT_OK;
+
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/06/01 00:06:05 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/integer/der_encode_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,128 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_integer.c
+  ASN.1 DER, encode an integer, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/* Exports a positive bignum as DER format (upto 2^32 bytes in size) */
+/**
+  Store a mp_int integer
+  @param num      The first mp_int to encode
+  @param out      [out] The destination for the DER encoded integers
+  @param outlen   [in/out] The max size and resulting size of the DER encoded integers
+  @return CRYPT_OK if successful
+*/
+int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
+{  
+   unsigned long tmplen, y;
+   int           err, leading_zero;
+
+   LTC_ARGCHK(num    != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* find out how big this will be */
+   if ((err = der_length_integer(num, &tmplen)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (*outlen < tmplen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   if (mp_cmp_d(num, 0) != MP_LT) {
+      /* we only need a leading zero if the msb of the first byte is one */
+      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == MP_YES) {
+         leading_zero = 1;
+      } else {
+         leading_zero = 0;
+      }
+
+      /* get length of num in bytes (plus 1 since we force the msbyte to zero) */
+      y = mp_unsigned_bin_size(num) + leading_zero;
+   } else {
+      leading_zero = 0;
+      y            = mp_count_bits(num);
+      y            = y + (8 - (y & 7));
+      y            = y >> 3;
+
+   }
+
+   /* now store initial data */
+   *out++ = 0x02;
+   if (y < 128) {
+      /* short form */
+      *out++ = (unsigned char)y;
+   } else if (y < 256) {
+      *out++ = 0x81;
+      *out++ = y;
+   } else if (y < 65536UL) {
+      *out++ = 0x82;
+      *out++ = (y>>8)&255;
+      *out++ = y;
+   } else if (y < 16777216UL) {
+      *out++ = 0x83;
+      *out++ = (y>>16)&255;
+      *out++ = (y>>8)&255;
+      *out++ = y;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* now store msbyte of zero if num is non-zero */
+   if (leading_zero) {
+      *out++ = 0x00;
+   }
+
+   /* if it's not zero store it as big endian */
+   if (mp_cmp_d(num, 0) == MP_GT) {
+      /* now store the mpint */
+      if ((err = mp_to_unsigned_bin(num, out)) != MP_OKAY) {
+          return mpi_to_ltc_error(err);
+      }
+   } else if (mp_iszero(num) != MP_YES) {
+      mp_int tmp;
+      /* negative */
+      if (mp_init(&tmp) != MP_OKAY) {
+         return CRYPT_MEM;
+      }
+
+      /* 2^roundup and subtract */
+      y = mp_count_bits(num);
+      y = y + (8 - (y & 7));
+      if (mp_2expt(&tmp, y) != MP_OKAY || mp_add(&tmp, num, &tmp) != MP_OKAY) {
+         mp_clear(&tmp);
+         return CRYPT_MEM;
+      }
+
+      if ((err = mp_to_unsigned_bin(&tmp, out)) != MP_OKAY) {
+         mp_clear(&tmp);
+         return mpi_to_ltc_error(err);
+      }
+      mp_clear(&tmp);
+   }
+
+   /* we good */
+   *outlen = tmplen; 
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/integer/der_length_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,81 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_integer.c
+  ASN.1 DER, get length of encoding, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+/**
+  Gets length of DER encoding of num 
+  @param num    The mp_int to get the size of 
+  @param outlen [out] The length of the DER encoding for the given integer
+  @return CRYPT_OK if successful
+*/
+int der_length_integer(mp_int *num, unsigned long *outlen)
+{
+   unsigned long z, len;
+   int           leading_zero;
+
+   LTC_ARGCHK(num     != NULL);
+   LTC_ARGCHK(outlen  != NULL);
+
+   if (mp_cmp_d(num, 0) != MP_LT) {
+      /* positive */
+
+      /* we only need a leading zero if the msb of the first byte is one */
+      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == MP_YES) {
+         leading_zero = 1;
+      } else {
+         leading_zero = 0;
+      }
+
+      /* size for bignum */
+      z = len = leading_zero + mp_unsigned_bin_size(num);
+   } else {
+      /* it's negative */
+      /* find power of 2 that is a multiple of eight and greater than count bits */
+      leading_zero = 0;
+      z = mp_count_bits(num);
+      z = z + (8 - (z & 7));
+      len = z = z >> 3;
+   }
+
+   /* now we need a length */
+   if (z < 128) {
+      /* short form */
+      ++len;
+   } else {
+      /* long form (relies on z != 0), assumes length bytes < 128 */
+      ++len;
+
+      while (z) {
+         ++len;
+         z >>= 8;
+      }
+   }
+
+   /* we need a 0x02 to indicate it's INTEGER */
+   ++len;
+
+   /* return length */
+   *outlen = len; 
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,99 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_object_identifier.c
+  ASN.1 DER, Decode Object Identifier, Tom St Denis
+*/
+
+#ifdef LTC_DER
+/**
+  Decode OID data and store the array of integers in words
+  @param in      The OID DER encoded data
+  @param inlen   The length of the OID data
+  @param words   [out] The destination of the OID words
+  @param outlen  [in/out] The number of OID words
+  @return CRYPT_OK if successful
+*/
+int der_decode_object_identifier(const unsigned char *in,    unsigned long  inlen,
+                                       unsigned long *words, unsigned long *outlen)
+{
+   unsigned long x, y, t, len;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(words  != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* header is at least 3 bytes */
+   if (inlen < 3) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* must be room for at least two words */
+   if (*outlen < 2) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* decode the packet header */
+   x = 0;
+   if ((in[x++] & 0x1F) != 0x06) {
+      return CRYPT_INVALID_PACKET;
+   }
+   
+   /* get the length */
+   if (in[x] < 128) {
+      len = in[x++]; 
+   } else {
+       if (in[x] < 0x81 || in[x] > 0x82) {
+          return CRYPT_INVALID_PACKET;
+       }
+       y   = in[x++] & 0x7F;
+       len = 0;
+       while (y--) {
+          len = (len << 8) | (unsigned long)in[x++];
+       }
+   }
+
+   if (len < 1 || (len + x) > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* decode word1 and word2 */
+   --len;
+   t = in[x++];
+   words[0] = t/40;
+   words[1] = t%40;
+
+   /* decode rest */
+   y = 2;
+   t = 0;
+   while (len--) {
+       t = (t << 7) | (in[x] & 0x7F);
+       if (!(in[x++] & 0x80)) {
+           /* store t */
+           if (y >= *outlen) {
+              return CRYPT_BUFFER_OVERFLOW;
+           }
+           words[y++] = t;
+           t          = 0;
+       }
+   }
+       
+   *outlen = y;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_object_identifier.c
+  ASN.1 DER, Encode Object Identifier, Tom St Denis
+*/
+
+#ifdef LTC_DER
+/**
+  Encode an OID
+  @param words   The words to encode  (upto 32-bits each)
+  @param nwords  The number of words in the OID
+  @param out     [out] Destination of OID data
+  @param outlen  [in/out] The max and resulting size of the OID
+  @return CRYPT_OK if successful
+*/
+int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
+                                 unsigned char *out,   unsigned long *outlen)
+{
+   unsigned long i, x, y, z, t, mask;
+   int           err;
+
+   LTC_ARGCHK(words  != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* check length */
+   if ((err = der_length_object_identifier(words, nwords, &x)) != CRYPT_OK) {
+      return err;
+   }
+   if (x > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* compute length to store OID data */
+   z = 1;
+   for (y = 2; y < nwords; y++) {
+       t = der_object_identifier_bits(words[y]);
+       z += t/7 + ((t%7) ? 1 : 0);
+   }
+
+   /* store header + length */
+   x = 0; 
+   out[x++] = 0x06;
+   if (z < 128) {
+      out[x++] = z;
+   } else if (z < 256) {
+      out[x++] = 0x81;
+      out[x++] = z;
+   } else if (z < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (z>>8)&255;
+      out[x++] = z&255;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* store first byte */
+   out[x++] = words[0] * 40 + words[1];   
+   
+    for (i = 2; i < nwords; i++) {
+        /* store 7 bit words in little endian */
+        t    = words[i] & 0xFFFFFFFF;
+        if (t) {
+           y    = x;
+           mask = 0;
+           while (t) {
+               out[x++] = (t & 0x7F) | mask;
+               t    >>= 7;
+               mask  |= 0x80;  /* upper bit is set on all but the last byte */
+           }
+           /* now swap bytes y...x-1 */
+           z = x - 1;
+           while (y < z) {
+               t = out[y]; out[y] = out[z]; out[z] = t;
+               ++y; 
+               --z;
+           }
+       } else {
+          /* zero word */
+          out[x++] = 0x00;
+       }
+   }
+
+   *outlen = x;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/object_identifier/der_length_object_identifier.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,84 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_object_identifier.c
+  ASN.1 DER, get length of Object Identifier, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+unsigned long der_object_identifier_bits(unsigned long x)
+{
+   unsigned long c;
+   x &= 0xFFFFFFFF;
+   c  = 0;
+   while (x) {
+     ++c;
+     x >>= 1;
+   }
+   return c;
+}
+
+
+/**
+  Gets length of DER encoding of Object Identifier
+  @param nwords   The number of OID words 
+  @param words    The actual OID words to get the size of
+  @param outlen   [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen)
+{
+   unsigned long y, z, t;   
+
+   LTC_ARGCHK(words  != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+
+   /* must be >= 2 words */
+   if (nwords < 2) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* word1 = 0,1,2 and word2 0..39 */
+   if (words[0] > 2 || words[1] > 39) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* leading byte of first two words */
+   z = 1;
+   for (y = 2; y < nwords; y++) {
+       t = der_object_identifier_bits(words[y]);
+       z += t/7 + ((t%7) ? 1 : 0);
+   }
+
+   /* now depending on the length our length encoding changes */
+   if (z < 128) {
+      z += 2;
+   } else if (z < 256) {
+      z += 3;
+   } else if (z < 65536UL) {
+      z += 4;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   *outlen = z;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/octet/der_decode_octet_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,90 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_octet_string.c
+  ASN.1 DER, encode a OCTET STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a OCTET STRING
+  @param in      The DER encoded OCTET STRING
+  @param inlen   The size of the DER OCTET STRING
+  @param out     [out] The array of octets stored (one per char)
+  @param outlen  [in/out] The number of octets stored
+  @return CRYPT_OK if successful
+*/
+int der_decode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* must have header at least */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* check for 0x04 */
+   if ((in[0] & 0x1F) != 0x04) {
+      return CRYPT_INVALID_PACKET;
+   }
+   x = 1;
+
+   /* decode the length */
+   if (in[x] & 0x80) {
+      /* valid # of bytes in length are 1,2,3 */
+      y = in[x] & 0x7F;
+      if ((y == 0) || (y > 3) || ((x + y) > inlen)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read the length in */
+      len = 0;
+      ++x;
+      while (y--) {
+         len = (len << 8) | in[x++];
+      }
+   } else {
+      len = in[x++] & 0x7F;
+   }
+
+   /* is it too long? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   if (len + x > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* read the data */
+   for (y = 0; y < len; y++) {
+       out[y] = in[x++];
+   }
+
+   *outlen = y;
+
+   return CRYPT_OK;
+}
+ 
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/octet/der_encode_octet_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,85 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_octet_string.c
+  ASN.1 DER, encode a OCTET STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store an OCTET STRING
+  @param in       The array of OCTETS to store (one per char)
+  @param inlen    The number of OCTETS to store
+  @param out      [out] The destination for the DER encoded OCTET STRING
+  @param outlen   [in/out] The max size and resulting size of the DER OCTET STRING
+  @return CRYPT_OK if successful
+*/
+int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
+                                  unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get the size */
+   if ((err = der_length_octet_string(inlen, &len)) != CRYPT_OK) {
+      return err; 
+   }
+
+   /* too big? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* encode the header+len */
+   x = 0;
+   out[x++] = 0x04;
+   if (inlen < 128) {
+      out[x++] = inlen;
+   } else if (inlen < 256) {
+      out[x++] = 0x81;
+      out[x++] = inlen;
+   } else if (inlen < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else if (inlen < 16777216UL) {
+      out[x++] = 0x83;
+      out[x++] = (inlen>>16)&255;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* store octets */
+   for (y = 0; y < inlen; y++) {
+       out[x++] = in[y];
+   }
+
+   /* retun length */
+   *outlen = x;
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/octet/der_length_octet_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,53 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_octet_string.c
+  ASN.1 DER, get length of OCTET STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+/**
+  Gets length of DER encoding of OCTET STRING 
+  @param noctets  The number of octets in the string to encode
+  @param outlen   [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_octet_string(unsigned long noctets, unsigned long *outlen)
+{
+   LTC_ARGCHK(outlen != NULL);
+
+   if (noctets < 128) {
+      /* 04 LL DD DD DD ... */
+      *outlen = 2 + noctets;
+   } else if (noctets < 256) {
+      /* 04 81 LL DD DD DD ... */
+      *outlen = 3 + noctets;
+   } else if (noctets < 65536UL) {
+      /* 04 82 LL LL DD DD DD ... */
+      *outlen = 4 + noctets;
+   } else if (noctets < 16777216UL) {
+      /* 04 83 LL LL LL DD DD DD ... */
+      *outlen = 5 + noctets;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/16 15:08:11 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/printable_string/der_decode_printable_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,95 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_printable_string.c
+  ASN.1 DER, encode a printable STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a printable STRING
+  @param in      The DER encoded printable STRING
+  @param inlen   The size of the DER printable STRING
+  @param out     [out] The array of octets stored (one per char)
+  @param outlen  [in/out] The number of octets stored
+  @return CRYPT_OK if successful
+*/
+int der_decode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+   int           t;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* must have header at least */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* check for 0x13 */
+   if ((in[0] & 0x1F) != 0x13) {
+      return CRYPT_INVALID_PACKET;
+   }
+   x = 1;
+
+   /* decode the length */
+   if (in[x] & 0x80) {
+      /* valid # of bytes in length are 1,2,3 */
+      y = in[x] & 0x7F;
+      if ((y == 0) || (y > 3) || ((x + y) > inlen)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read the length in */
+      len = 0;
+      ++x;
+      while (y--) {
+         len = (len << 8) | in[x++];
+      }
+   } else {
+      len = in[x++] & 0x7F;
+   }
+
+   /* is it too long? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   if (len + x > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* read the data */
+   for (y = 0; y < len; y++) {
+       t = der_printable_value_decode(in[x++]);
+       if (t == -1) {
+           return CRYPT_INVALID_ARG;
+       }
+       out[y] = t;
+   }
+
+   *outlen = y;
+
+   return CRYPT_OK;
+}
+ 
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/21 02:29:54 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/printable_string/der_encode_printable_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,84 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_printable_string.c
+  ASN.1 DER, encode a printable STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+  Store an printable STRING
+  @param in       The array of printable to store (one per char)
+  @param inlen    The number of printable to store
+  @param out      [out] The destination for the DER encoded printable STRING
+  @param outlen   [in/out] The max size and resulting size of the DER printable STRING
+  @return CRYPT_OK if successful
+*/
+int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
+                                unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get the size */
+   if ((err = der_length_printable_string(in, inlen, &len)) != CRYPT_OK) {
+      return err; 
+   }
+
+   /* too big? */
+   if (len > *outlen) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* encode the header+len */
+   x = 0;
+   out[x++] = 0x13;
+   if (inlen < 128) {
+      out[x++] = inlen;
+   } else if (inlen < 256) {
+      out[x++] = 0x81;
+      out[x++] = inlen;
+   } else if (inlen < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else if (inlen < 16777216UL) {
+      out[x++] = 0x83;
+      out[x++] = (inlen>>16)&255;
+      out[x++] = (inlen>>8)&255;
+      out[x++] = inlen&255;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* store octets */
+   for (y = 0; y < inlen; y++) {
+       out[x++] = der_printable_char_encode(in[y]);
+   }
+
+   /* retun length */
+   *outlen = x;
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/21 02:29:54 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/printable_string/der_length_printable_string.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,166 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_printable_string.c
+  ASN.1 DER, get length of Printable STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+static const struct {
+   int code, value;
+} printable_table[] = {
+{ ' ', 32 }, 
+{ '\'', 39 }, 
+{ '(', 40 }, 
+{ ')', 41 }, 
+{ '+', 43 }, 
+{ ',', 44 }, 
+{ '-', 45 }, 
+{ '.', 46 }, 
+{ '/', 47 }, 
+{ '0', 48 }, 
+{ '1', 49 }, 
+{ '2', 50 }, 
+{ '3', 51 }, 
+{ '4', 52 }, 
+{ '5', 53 }, 
+{ '6', 54 }, 
+{ '7', 55 }, 
+{ '8', 56 }, 
+{ '9', 57 }, 
+{ ':', 58 }, 
+{ '=', 61 }, 
+{ '?', 63 }, 
+{ 'A', 65 }, 
+{ 'B', 66 }, 
+{ 'C', 67 }, 
+{ 'D', 68 }, 
+{ 'E', 69 }, 
+{ 'F', 70 }, 
+{ 'G', 71 }, 
+{ 'H', 72 }, 
+{ 'I', 73 }, 
+{ 'J', 74 }, 
+{ 'K', 75 }, 
+{ 'L', 76 }, 
+{ 'M', 77 }, 
+{ 'N', 78 }, 
+{ 'O', 79 }, 
+{ 'P', 80 }, 
+{ 'Q', 81 }, 
+{ 'R', 82 }, 
+{ 'S', 83 }, 
+{ 'T', 84 }, 
+{ 'U', 85 }, 
+{ 'V', 86 }, 
+{ 'W', 87 }, 
+{ 'X', 88 }, 
+{ 'Y', 89 }, 
+{ 'Z', 90 }, 
+{ 'a', 97 }, 
+{ 'b', 98 }, 
+{ 'c', 99 }, 
+{ 'd', 100 }, 
+{ 'e', 101 }, 
+{ 'f', 102 }, 
+{ 'g', 103 }, 
+{ 'h', 104 }, 
+{ 'i', 105 }, 
+{ 'j', 106 }, 
+{ 'k', 107 }, 
+{ 'l', 108 }, 
+{ 'm', 109 }, 
+{ 'n', 110 }, 
+{ 'o', 111 }, 
+{ 'p', 112 }, 
+{ 'q', 113 }, 
+{ 'r', 114 }, 
+{ 's', 115 }, 
+{ 't', 116 }, 
+{ 'u', 117 }, 
+{ 'v', 118 }, 
+{ 'w', 119 }, 
+{ 'x', 120 }, 
+{ 'y', 121 }, 
+{ 'z', 122 }, 
+};
+
+int der_printable_char_encode(int c)
+{
+   int x;
+   for (x = 0; x < (int)(sizeof(printable_table)/sizeof(printable_table[0])); x++) {
+       if (printable_table[x].code == c) {
+          return printable_table[x].value;
+       }
+   }
+   return -1;
+}
+
+int der_printable_value_decode(int v)
+{
+   int x;
+   for (x = 0; x < (int)(sizeof(printable_table)/sizeof(printable_table[0])); x++) {
+       if (printable_table[x].value == v) {
+          return printable_table[x].code;
+       }
+   }
+   return -1;
+}
+   
+/**
+  Gets length of DER encoding of Printable STRING 
+  @param octets   The values you want to encode 
+  @param noctets  The number of octets in the string to encode
+  @param outlen   [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_printable_string(const unsigned char *octets, unsigned long noctets, unsigned long *outlen)
+{
+   unsigned long x;
+
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(octets != NULL);
+
+   /* scan string for validity */
+   for (x = 0; x < noctets; x++) {
+       if (der_printable_char_encode(octets[x]) == -1) {
+          return CRYPT_INVALID_ARG;
+       }
+   }
+
+   if (noctets < 128) {
+      /* 16 LL DD DD DD ... */
+      *outlen = 2 + noctets;
+   } else if (noctets < 256) {
+      /* 16 81 LL DD DD DD ... */
+      *outlen = 3 + noctets;
+   } else if (noctets < 65536UL) {
+      /* 16 82 LL LL DD DD DD ... */
+      *outlen = 4 + noctets;
+   } else if (noctets < 16777216UL) {
+      /* 16 83 LL LL LL DD DD DD ... */
+      *outlen = 5 + noctets;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2005/05/21 02:29:54 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/sequence/der_decode_sequence.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,234 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+
+/**
+  @file der_decode_sequence.c
+  ASN.1 DER, decode a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+   Decode a SEQUENCE
+   @param in       The DER encoded input
+   @param inlen    The size of the input
+   @param list     The list of items to decode
+   @param outlen   The number of items in the list
+   @return CRYPT_OK on success
+*/
+int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
+                              ltc_asn1_list *list, unsigned long  outlen)
+{
+   int           err, type;
+   unsigned long size, x, y, z, i, blksize;
+   void          *data;
+
+   LTC_ARGCHK(in   != NULL);
+   LTC_ARGCHK(list != NULL);
+
+   /* get blk size */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* sequence type? */
+   x = 0;
+   if (in[x++] != 0x30) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   if (in[x] < 128) {
+      blksize = in[x++];
+   } else if (in[x] & 0x80) {
+      if (in[x] < 0x81 || in[x] > 0x83) {
+         return CRYPT_INVALID_PACKET;
+      }
+      y = in[x++] & 0x7F;
+
+      /* would reading the len bytes overrun? */
+      if (x + y > inlen) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read len */
+      blksize = 0;
+      while (y--) {
+          blksize = (blksize << 8) | (unsigned long)in[x++];
+      }
+  }
+
+  /* would this blksize overflow? */
+  if (x + blksize > inlen) {
+     return CRYPT_INVALID_PACKET;
+  }
+
+  /* ok read data */
+   inlen = blksize;
+   for (i = 0; i < outlen; i++) {
+       type = list[i].type;
+       size = list[i].size;
+       data = list[i].data;
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+               z = inlen;
+               if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               if ((err = der_length_integer(data, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+
+           case LTC_ASN1_SHORT_INTEGER:
+               z = inlen;
+               if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               if ((err = der_length_short_integer(size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_BIT_STRING:
+               z = inlen;
+               if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_OCTET_STRING:
+               z = inlen;
+               if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_octet_string(size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_NULL:
+               if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) {
+                  err = CRYPT_INVALID_PACKET;
+                  goto LBL_ERR;
+               }
+               x     += 2;
+               inlen -= 2;
+               break;
+                  
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+               z = inlen;
+               if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_object_identifier(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_IA5_STRING:
+               z = inlen;
+               if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_ia5_string(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+
+           case LTC_ASN1_PRINTABLE_STRING:
+               z = inlen;
+               if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_printable_string(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_UTCTIME:
+               z = inlen;
+               if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           case LTC_ASN1_SEQUENCE:
+               z = inlen;
+               if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+
+           case LTC_ASN1_CHOICE:
+               z = inlen;
+               if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x     += z;
+               inlen -= z;
+               break;
+
+           default:
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+   err = CRYPT_OK;   
+
+LBL_ERR:
+   return err;
+}  
+ 
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/06/18 19:20:23 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/sequence/der_decode_sequence_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,124 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+
+/**
+  @file der_decode_sequence_multi.c
+  ASN.1 DER, decode a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
+{
+   int           err, type;
+   unsigned long size, x;
+   void          *data;
+   va_list       args;
+   ltc_asn1_list *list;
+
+   LTC_ARGCHK(in    != NULL);
+
+   /* get size of output that will be required */
+   va_start(args, inlen);
+   x = 0;
+   for (;;) {
+       type = va_arg(args, int);
+       size = va_arg(args, unsigned long);
+       data = va_arg(args, void*);
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+           case LTC_ASN1_SHORT_INTEGER:
+           case LTC_ASN1_BIT_STRING:
+           case LTC_ASN1_OCTET_STRING:
+           case LTC_ASN1_NULL:
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+           case LTC_ASN1_IA5_STRING:
+           case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTCTIME:
+           case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_CHOICE:
+                ++x; 
+                break;
+          
+           default:
+               va_end(args);
+               return CRYPT_INVALID_ARG;
+       }
+   }
+   va_end(args);
+
+   /* allocate structure for x elements */
+   if (x == 0) {
+      return CRYPT_NOP;
+   }
+
+   list = XCALLOC(sizeof(*list), x);
+   if (list == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* fill in the structure */
+   va_start(args, inlen);
+   x = 0;
+   for (;;) {
+       type = va_arg(args, int);
+       size = va_arg(args, unsigned long);
+       data = va_arg(args, void*);
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+           case LTC_ASN1_SHORT_INTEGER:
+           case LTC_ASN1_BIT_STRING:
+           case LTC_ASN1_OCTET_STRING:
+           case LTC_ASN1_NULL:
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+           case LTC_ASN1_IA5_STRING:
+           case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTCTIME:
+           case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_CHOICE:
+                list[x].type   = type;
+                list[x].size   = size;
+                list[x++].data = data;
+                break;
+         
+           default:
+               va_end(args);
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+   va_end(args);
+
+   err = der_decode_sequence(in, inlen, list, x);
+LBL_ERR:
+   XFREE(list);
+   return err;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/06/18 19:20:23 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/sequence/der_encode_sequence.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,281 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+
+/**
+  @file der_encode_sequence.c
+  ASN.1 DER, encode a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+   Encode a SEQUENCE
+   @param list      The list of items to encode
+   @param inlen     The number of items in the list
+   @param out       [out] The destination 
+   @param outlen    [in/out] The size of the output
+   @return CRYPT_OK on success
+*/
+int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned char *out,  unsigned long *outlen) 
+{
+   int           err, type;
+   unsigned long size, x, y, z, i;
+   void          *data;
+
+   LTC_ARGCHK(list    != NULL);
+   LTC_ARGCHK(out     != NULL);
+   LTC_ARGCHK(outlen  != NULL);
+
+   /* get size of output that will be required */
+   y = 0;
+   for (i = 0; i < inlen; i++) {
+       type = list[i].type;
+       size = list[i].size;
+       data = list[i].data;
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+               if ((err = der_length_integer(data, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_SHORT_INTEGER:
+               if ((err = der_length_short_integer(*((unsigned long*)data), &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_BIT_STRING:
+               if ((err = der_length_bit_string(size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_OCTET_STRING:
+               if ((err = der_length_octet_string(size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_NULL:
+               y += 2;
+               break;
+
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+               if ((err = der_length_object_identifier(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_IA5_STRING:
+               if ((err = der_length_ia5_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_PRINTABLE_STRING:
+               if ((err = der_length_printable_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_UTCTIME:
+               if ((err = der_length_utctime(data, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_SEQUENCE:
+               if ((err = der_length_sequence(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+          
+           default:
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+
+   /* calc header size */
+   z = y;
+   if (y < 128) {
+      y += 2;
+   } else if (y < 256) {
+      /* 0x30 0x81 LL */
+      y += 3;
+   } else if (y < 65536UL) {
+      /* 0x30 0x82 LL LL */
+      y += 4;
+   } else if (y < 16777216UL) {
+      /* 0x30 0x83 LL LL LL */
+      y += 5;
+   } else {
+      err = CRYPT_INVALID_ARG;
+      goto LBL_ERR;
+   }
+
+   /* too big ? */
+   if (*outlen < y) {
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto LBL_ERR;
+   }
+
+   /* store header */
+   x = 0;
+   out[x++] = 0x30;
+   if (z < 128) {
+      out[x++] = z;
+   } else if (z < 256) {
+      out[x++] = 0x81;
+      out[x++] = z;
+   } else if (z < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (z>>8UL)&255;
+      out[x++] = z&255;
+   } else if (z < 16777216UL) {
+      out[x++] = 0x83;
+      out[x++] = (z>>16UL)&255;
+      out[x++] = (z>>8UL)&255;
+      out[x++] = z&255;
+   }
+
+   /* store data */
+   *outlen -= x;
+   for (i = 0; i < inlen; i++) {
+       type = list[i].type;
+       size = list[i].size;
+       data = list[i].data;
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+               z = *outlen;
+               if ((err = der_encode_integer(data, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_SHORT_INTEGER:
+               z = *outlen;
+               if ((err = der_encode_short_integer(*((unsigned long*)data), out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_BIT_STRING:
+               z = *outlen;
+               if ((err = der_encode_bit_string(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_OCTET_STRING:
+               z = *outlen;
+               if ((err = der_encode_octet_string(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_NULL:
+               out[x++] = 0x05;
+               out[x++] = 0x00;
+               *outlen -= 2;
+               break;
+
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+               z = *outlen;
+               if ((err = der_encode_object_identifier(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_IA5_STRING:
+               z = *outlen;
+               if ((err = der_encode_ia5_string(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+          
+           case LTC_ASN1_PRINTABLE_STRING:
+               z = *outlen;
+               if ((err = der_encode_printable_string(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_UTCTIME:
+               z = *outlen;
+               if ((err = der_encode_utctime(data, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_SEQUENCE:
+               z = *outlen;
+               if ((err = der_encode_sequence(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           default:
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+   *outlen = x;
+   err = CRYPT_OK;   
+
+LBL_ERR:
+   return err;
+}
+
+#endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/sequence/der_encode_sequence_multi.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,123 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+
+/**
+  @file der_encode_sequence_multi.c
+  ASN.1 DER, encode a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
+{
+   int           err, type;
+   unsigned long size, x;
+   void          *data;
+   va_list       args;
+   ltc_asn1_list *list;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get size of output that will be required */
+   va_start(args, outlen);
+   x = 0;
+   for (;;) {
+       type = va_arg(args, int);
+       size = va_arg(args, unsigned long);
+       data = va_arg(args, void*);
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+           case LTC_ASN1_SHORT_INTEGER:
+           case LTC_ASN1_BIT_STRING:
+           case LTC_ASN1_OCTET_STRING:
+           case LTC_ASN1_NULL:
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+           case LTC_ASN1_IA5_STRING:
+           case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTCTIME:
+           case LTC_ASN1_SEQUENCE:
+                ++x; 
+                break;
+          
+           default:
+               va_end(args);
+               return CRYPT_INVALID_ARG;
+       }
+   }
+   va_end(args);
+
+   /* allocate structure for x elements */
+   if (x == 0) {
+      return CRYPT_NOP;
+   }
+
+   list = XCALLOC(sizeof(*list), x);
+   if (list == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* fill in the structure */
+   va_start(args, outlen);
+   x = 0;
+   for (;;) {
+       type = va_arg(args, int);
+       size = va_arg(args, unsigned long);
+       data = va_arg(args, void*);
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+           case LTC_ASN1_SHORT_INTEGER:
+           case LTC_ASN1_BIT_STRING:
+           case LTC_ASN1_OCTET_STRING:
+           case LTC_ASN1_NULL:
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+           case LTC_ASN1_IA5_STRING:
+           case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTCTIME:
+           case LTC_ASN1_SEQUENCE:
+                list[x].type   = type;
+                list[x].size   = size;
+                list[x++].data = data;
+                break;
+         
+           default:
+               va_end(args);
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+   va_end(args);
+
+   err = der_encode_sequence(list, x, out, outlen);   
+LBL_ERR:
+   XFREE(list);
+   return err;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/06/18 19:20:23 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/sequence/der_length_sequence.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,144 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+
+/**
+  @file der_length_sequence.c
+  ASN.1 DER, length a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+   Get the length of a DER sequence 
+   @param list   The sequences of items in the SEQUENCE
+   @param inlen  The number of items
+   @param outlen [out] The length required in octets to store it 
+   @return CRYPT_OK on success
+*/
+int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
+                        unsigned long *outlen) 
+{
+   int           err, type;
+   unsigned long size, x, y, z, i;
+   void          *data;
+
+   LTC_ARGCHK(list    != NULL);
+   LTC_ARGCHK(outlen  != NULL);
+
+   /* get size of output that will be required */
+   y = 0;
+   for (i = 0; i < inlen; i++) {
+       type = list[i].type;
+       size = list[i].size;
+       data = list[i].data;
+
+       if (type == LTC_ASN1_EOL) { 
+          break;
+       }
+
+       switch (type) {
+           case LTC_ASN1_INTEGER:
+               if ((err = der_length_integer(data, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_SHORT_INTEGER:
+               if ((err = der_length_short_integer(*((unsigned long *)data), &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_BIT_STRING:
+               if ((err = der_length_bit_string(size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_OCTET_STRING:
+               if ((err = der_length_octet_string(size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_NULL:
+               y += 2;
+               break;
+
+           case LTC_ASN1_OBJECT_IDENTIFIER:
+               if ((err = der_length_object_identifier(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_IA5_STRING:
+               if ((err = der_length_ia5_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_PRINTABLE_STRING:
+               if ((err = der_length_printable_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_SEQUENCE:
+               if ((err = der_length_sequence(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+          
+           default:
+               err = CRYPT_INVALID_ARG;
+               goto LBL_ERR;
+       }
+   }
+
+   /* calc header size */
+   z = y;
+   if (y < 128) {
+      y += 2;
+   } else if (y < 256) {
+      /* 0x30 0x81 LL */
+      y += 3;
+   } else if (y < 65536UL) {
+      /* 0x30 0x82 LL LL */
+      y += 4;
+   } else if (y < 16777216UL) {
+      /* 0x30 0x83 LL LL LL */
+      y += 5;
+   } else {
+      err = CRYPT_INVALID_ARG;
+      goto LBL_ERR;
+   }
+
+   /* store size */
+   *outlen = y;
+   err     = CRYPT_OK;
+
+LBL_ERR:
+   return err;
+}
+
+#endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/short_integer/der_decode_short_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,68 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_short_integer.c
+  ASN.1 DER, decode an integer, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Read a mp_int integer
+  @param in       The DER encoded data
+  @param inlen    Size of data
+  @param num      [out] The integer to decode
+  @return CRYPT_OK if successful
+*/
+int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num)
+{
+   unsigned long len, x, y;
+
+   LTC_ARGCHK(num    != NULL);
+   LTC_ARGCHK(in     != NULL);
+
+   /* check length */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* check header */
+   x = 0;
+   if ((in[x++] & 0x1F) != 0x02) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* get the packet len */
+   len = in[x++];
+
+   if (x + len > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* read number */
+   y = 0;
+   while (len--) {
+      y = (y<<8) | (unsigned long)in[x++];
+   }
+   *num = y;
+
+   return CRYPT_OK;
+
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/05/23 01:04:13 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/short_integer/der_encode_short_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,97 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_short_integer.c
+  ASN.1 DER, encode an integer, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/* Exports a positive integer as DER format (upto 32-bits in size) */
+/**
+  Store a mp_int integer
+  @param num      The integer to encode
+  @param out      [out] The destination for the DER encoded integers
+  @param outlen   [in/out] The max size and resulting size of the DER encoded integers
+  @return CRYPT_OK if successful
+*/
+int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned long *outlen)
+{  
+   unsigned long len, x, y, z;
+   int           err;
+   
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* force to 32 bits */
+   num &= 0xFFFFFFFFUL;
+
+   /* find out how big this will be */
+   if ((err = der_length_short_integer(num, &len)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (*outlen < len) {
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* get len of output */
+   z = 0;
+   y = num;
+   while (y) {
+     ++z;
+     y >>= 8;
+   }
+
+   /* handle zero */
+   if (z == 0) {
+      z = 1;
+   }
+
+   /* see if msb is set */
+   z += (num&(1UL<<((z<<3) - 1))) ? 1 : 0;
+
+   /* adjust the number so the msB is non-zero */
+   for (x = 0; (z <= 4) && (x < (4 - z)); x++) {
+      num <<= 8;
+   }
+
+   /* store header */
+   x = 0;
+   out[x++] = 0x02;
+   out[x++] = z;
+
+   /* if 31st bit is set output a leading zero and decrement count */
+   if (z == 5) {
+      out[x++] = 0;
+      --z;
+   }
+
+   /* store values */
+   for (y = 0; y < z; y++) {
+      out[x++] = (num >> 24) & 0xFF;
+      num    <<= 8;
+   }
+
+   /* we good */
+   *outlen = x;
+ 
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/23 01:27:03 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/short_integer/der_length_short_integer.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,69 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_short_integer.c
+  ASN.1 DER, get length of encoding, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+/**
+  Gets length of DER encoding of num 
+  @param num    The integer to get the size of 
+  @param outlen [out] The length of the DER encoding for the given integer
+  @return CRYPT_OK if successful
+*/
+int der_length_short_integer(unsigned long num, unsigned long *outlen)
+{
+   unsigned long z, y, len;
+
+   LTC_ARGCHK(outlen  != NULL);
+
+   /* force to 32 bits */
+   num &= 0xFFFFFFFFUL;
+
+   /* get the number of bytes */
+   z = 0;
+   y = num;
+   while (y) {
+     ++z;
+     y >>= 8;
+   }
+
+   /* handle zero */
+   if (z == 0) {
+      z = 1;
+   }
+
+   /* we need a 0x02 to indicate it's INTEGER */
+   len = 1;
+
+   /* length byte */
+   ++len;
+
+   /* bytes in value */
+   len += z;
+
+   /* see if msb is set */
+   len += (num&(1UL<<((z<<3) - 1))) ? 1 : 0;
+
+   /* return length */
+   *outlen = len; 
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/23 01:35:38 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/utctime/der_decode_utctime.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,120 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_utctime.c
+  ASN.1 DER, decode a  UTCTIME, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+static int char_to_int(unsigned char x)
+{
+   switch (x)  {
+      case '0': return 0;
+      case '1': return 1;
+      case '2': return 2;
+      case '3': return 3;
+      case '4': return 4;
+      case '5': return 5;
+      case '6': return 6;
+      case '7': return 7;
+      case '8': return 8;
+      case '9': return 9;
+   }
+   return 100;
+}
+
+#define DECODE_V(y, max) \
+   y  = char_to_int(buf[x])*10 + char_to_int(buf[x+1]); \
+   if (y >= max) return CRYPT_INVALID_PACKET;           \
+   x += 2;
+
+int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
+                             ltc_utctime   *out)
+{
+   unsigned char buf[32];
+   unsigned long x;
+   int           y;
+
+   LTC_ARGCHK(in    != NULL);
+   LTC_ARGCHK(inlen != NULL);
+   LTC_ARGCHK(out   != NULL);
+
+   /* check header */
+   if (*inlen < 2UL || (in[1] >= sizeof(buf)) || ((in[1] + 2UL) > *inlen)) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* decode the string */
+   for (x = 0; x < in[1]; x++) {
+       y = der_ia5_value_decode(in[x+2]);
+       if (y == -1) {
+          return CRYPT_INVALID_PACKET;
+       }
+       buf[x] = y;
+   }
+   *inlen = 2 + x;
+
+
+   /* possible encodings are 
+YYMMDDhhmmZ
+YYMMDDhhmm+hh'mm'
+YYMMDDhhmm-hh'mm'
+YYMMDDhhmmssZ
+YYMMDDhhmmss+hh'mm'
+YYMMDDhhmmss-hh'mm'
+
+    So let's do a trivial decode upto [including] mm 
+   */
+
+    x = 0;
+    DECODE_V(out->YY, 100);
+    DECODE_V(out->MM, 13);
+    DECODE_V(out->DD, 32);
+    DECODE_V(out->hh, 24);
+    DECODE_V(out->mm, 60);
+
+    /* clear timezone and seconds info */
+    out->off_dir = out->off_hh = out->off_mm = out->ss = 0;
+
+    /* now is it Z, +, - or 0-9 */
+    if (buf[x] == 'Z') {
+       return CRYPT_OK;
+    } else if (buf[x] == '+' || buf[x] == '-') {
+       out->off_dir = (buf[x++] == '+') ? 0 : 1;
+       DECODE_V(out->off_hh, 24);
+       DECODE_V(out->off_mm, 60);
+       return CRYPT_OK;
+    }
+
+    /* decode seconds */
+    DECODE_V(out->ss, 60);
+
+    /* now is it Z, +, - */
+    if (buf[x] == 'Z') {
+       return CRYPT_OK;
+    } else if (buf[x] == '+' || buf[x] == '-') {
+       out->off_dir = (buf[x++] == '+') ? 0 : 1;
+       DECODE_V(out->off_hh, 24);
+       DECODE_V(out->off_mm, 60);
+       return CRYPT_OK;
+    } else {
+       return CRYPT_INVALID_PACKET;
+    }
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/06/19 12:07:00 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/utctime/der_encode_utctime.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,80 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_utctime.c
+  ASN.1 DER, encode a  UTCTIME, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+static const char *baseten = "0123456789";
+
+#define STORE_V(y) \
+    out[x++] = der_ia5_char_encode(baseten[(y/10) % 10]); \
+    out[x++] = der_ia5_char_encode(baseten[y % 10]);
+
+/**
+  Gets length of DER encoding of UTCTIME
+  @param outlen [out] The length of the DER encoding
+  @return CRYPT_OK if successful
+*/
+int der_encode_utctime(ltc_utctime *utctime, 
+                       unsigned char *out,   unsigned long *outlen)
+{
+    unsigned long x, tmplen;
+    int           err;
+ 
+    LTC_ARGCHK(utctime != NULL);
+    LTC_ARGCHK(out     != NULL);
+    LTC_ARGCHK(outlen  != NULL);
+
+    if ((err = der_length_utctime(utctime, &tmplen)) != CRYPT_OK) {
+       return err;
+    }
+    if (tmplen > *outlen) {
+        return CRYPT_BUFFER_OVERFLOW;
+    }
+    
+    /* store header */
+    out[0] = 0x17;
+
+    /* store values */
+    x = 2;
+    STORE_V(utctime->YY);
+    STORE_V(utctime->MM);
+    STORE_V(utctime->DD);
+    STORE_V(utctime->hh);
+    STORE_V(utctime->mm);
+    STORE_V(utctime->ss);
+
+    if (utctime->off_mm || utctime->off_hh) {
+       out[x++] = der_ia5_char_encode(utctime->off_dir ? '-' : '+');
+       STORE_V(utctime->off_hh);
+       STORE_V(utctime->off_mm);
+    } else {
+       out[x++] = der_ia5_char_encode('Z');
+    }
+
+    /* store length */
+    out[1] = x - 2;
+   
+    /* all good let's return */
+    *outlen = x;
+    return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2005/06/19 12:07:00 $ */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/pk/asn1/der/utctime/der_length_utctime.c	Wed Jul 06 03:53:40 2005 +0000
@@ -0,0 +1,45 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, [email protected], http://libtomcrypt.org
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_utctime.c
+  ASN.1 DER, get length of UTCTIME, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+  Gets length of DER encoding of UTCTIME
+  @param outlen [out] The length of the DER encoding
+  @return CRYPT_OK if successful
+*/
+int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen)
+{
+   LTC_ARGCHK(outlen  != NULL);
+   LTC_ARGCHK(utctime != NULL);
+
+   if (utctime->off_hh == 0 && utctime->off_mm == 0) {
+      /* we encode as YYMMDDhhmmssZ */
+      *outlen = 2 + 13;
+   } else {
+      /* we encode as YYMMDDhhmmss{+|-}hh'mm' */
+      *outlen = 2 + 17;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2005/06/19 11:23:04 $ */
--- a/src/pk/dh/dh.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dh/dh.c	Wed Jul 06 03:53:40 2005 +0000
@@ -518,3 +518,7 @@
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dh/dh.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/pk/dh/dh_sys.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dh/dh_sys.c	Wed Jul 06 03:53:40 2005 +0000
@@ -493,3 +493,7 @@
    return err;
 }
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dh/dh_sys.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/pk/dsa/dsa_export.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_export.c	Wed Jul 06 03:53:40 2005 +0000
@@ -27,18 +27,13 @@
 */
 int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key)
 {
-   unsigned long y, z;
-   int err;
+   unsigned char flags[1];
 
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(key    != NULL);
 
    /* can we store the static header?  */
-   if (*outlen < (PACKET_SIZE + 1 + 2)) {
-      return CRYPT_BUFFER_OVERFLOW;
-   }
-   
    if (type == PK_PRIVATE && key->type != PK_PRIVATE) {
       return CRYPT_PK_TYPE_MISMATCH;
    }
@@ -47,29 +42,31 @@
       return CRYPT_INVALID_ARG;
    }
 
-   /* store header */
-   packet_store_header(out, PACKET_SECT_DSA, PACKET_SUB_KEY);
-   y = PACKET_SIZE;
-
-   /* store g, p, q, qord */
-   out[y++] = type;
-   out[y++] = (key->qord>>8)&255;
-   out[y++] = key->qord & 255;
+   flags[0] = (type != PK_PUBLIC) ? 1 : 0;
 
-   OUTPUT_BIGNUM(&key->g,out,y,z);
-   OUTPUT_BIGNUM(&key->p,out,y,z);
-   OUTPUT_BIGNUM(&key->q,out,y,z);
-
-   /* public exponent */
-   OUTPUT_BIGNUM(&key->y,out,y,z);
-   
    if (type == PK_PRIVATE) {
-      OUTPUT_BIGNUM(&key->x,out,y,z);
+      return der_encode_sequence_multi(out, outlen,
+                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                                 LTC_ASN1_INTEGER,      1UL, &key->g,
+                                 LTC_ASN1_INTEGER,      1UL, &key->p,
+                                 LTC_ASN1_INTEGER,      1UL, &key->q,
+                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_INTEGER,      1UL, &key->x,
+                                 LTC_ASN1_EOL,          0UL, NULL);
+   } else {
+      return der_encode_sequence_multi(out, outlen,
+                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                                 LTC_ASN1_INTEGER,      1UL, &key->g,
+                                 LTC_ASN1_INTEGER,      1UL, &key->p,
+                                 LTC_ASN1_INTEGER,      1UL, &key->q,
+                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_EOL,          0UL, NULL);
    }
-
-   *outlen = y;
-   return CRYPT_OK;
 }
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_export.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/06/03 19:24:31 $ */
--- a/src/pk/dsa/dsa_free.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_free.c	Wed Jul 06 03:53:40 2005 +0000
@@ -28,3 +28,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_free.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/pk/dsa/dsa_import.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_import.c	Wed Jul 06 03:53:40 2005 +0000
@@ -26,46 +26,64 @@
 */
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
-   unsigned long x, y;
+   unsigned char flags[1];
    int           err;
 
    LTC_ARGCHK(in  != NULL);
    LTC_ARGCHK(key != NULL);
 
-   /* check length */
-   if ((1+2+PACKET_SIZE) > inlen) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   /* check type */
-   if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DSA, PACKET_SUB_KEY)) != CRYPT_OK) {
-      return err;
-   }
-   y = PACKET_SIZE;
-
    /* init key */
    if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != MP_OKAY) {
       return CRYPT_MEM;
    }
 
-   /* read type/qord */
-   key->type = in[y++];
-   key->qord = ((unsigned)in[y]<<8)|((unsigned)in[y+1]);
-   y += 2;
-
-   /* input publics */
-   INPUT_BIGNUM(&key->g,in,x,y, inlen);
-   INPUT_BIGNUM(&key->p,in,x,y, inlen);
-   INPUT_BIGNUM(&key->q,in,x,y, inlen);
-   INPUT_BIGNUM(&key->y,in,x,y, inlen);
-   if (key->type == PK_PRIVATE) {
-      INPUT_BIGNUM(&key->x,in,x,y, inlen);
+   /* get key type */
+   if ((err = der_decode_sequence_multi(in, inlen,
+                                  LTC_ASN1_BIT_STRING, 1UL, flags,
+                                  LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
+      goto error;
    }
 
-   return CRYPT_OK;
+   if (flags[0] == 1) {
+      if ((err = der_decode_sequence_multi(in, inlen,
+                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                                 LTC_ASN1_INTEGER,      1UL, &key->g,
+                                 LTC_ASN1_INTEGER,      1UL, &key->p,
+                                 LTC_ASN1_INTEGER,      1UL, &key->q,
+                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_INTEGER,      1UL, &key->x,
+                                 LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
+         goto error;
+      }
+      key->type = PK_PRIVATE;
+   } else {
+      if ((err = der_decode_sequence_multi(in, inlen,
+                                 LTC_ASN1_BIT_STRING,   1UL, flags,
+                                 LTC_ASN1_INTEGER,      1UL, &key->g,
+                                 LTC_ASN1_INTEGER,      1UL, &key->p,
+                                 LTC_ASN1_INTEGER,      1UL, &key->q,
+                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
+         goto error;
+      }
+      key->type = PK_PUBLIC;
+  }
+  key->qord = mp_unsigned_bin_size(&key->q);
+
+  if (key->qord >= MDSA_MAX_GROUP || key->qord <= 15 ||
+      key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= MDSA_DELTA) {
+      err = CRYPT_INVALID_PACKET;
+      goto error;
+   }
+
+  return CRYPT_OK;
 error: 
    mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
    return err;
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_import.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2005/06/08 23:31:17 $ */
--- a/src/pk/dsa/dsa_make_key.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_make_key.c	Wed Jul 06 03:53:40 2005 +0000
@@ -70,15 +70,15 @@
    }
 
    /* force magnitude */
-   buf[0] = 1;
+   buf[0] |= 0xC0;
 
    /* force even */
-   buf[modulus_size - group_size] &= ~1;
+   buf[modulus_size - group_size - 1] &= ~1;
 
-   if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size+1)) != MP_OKAY) { goto error; }
+   if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != MP_OKAY) { goto error; }
    if ((err = mp_mul(&key->q, &tmp2, &key->p)) != MP_OKAY)                             { goto error; }
    if ((err = mp_add_d(&key->p, 1, &key->p)) != MP_OKAY)                               { goto error; }
-   
+
    /* now loop until p is prime */
    for (;;) {
        if ((err = is_prime(&key->p, &res)) != CRYPT_OK)                                { goto LBL_ERR; }
@@ -140,3 +140,7 @@
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_make_key.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2005/06/11 05:45:35 $ */
--- a/src/pk/dsa/dsa_sign_hash.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_sign_hash.c	Wed Jul 06 03:53:40 2005 +0000
@@ -21,26 +21,25 @@
   Sign a hash with DSA
   @param in       The hash to sign
   @param inlen    The length of the hash to sign
-  @param out      [out] Where to store the signature
-  @param outlen   [in/out] The max size and resulting size of the signature
+  @param r        The "r" integer of the signature (caller must initialize with mp_init() first)
+  @param s        The "s" integer of the signature (caller must initialize with mp_init() first)
   @param prng     An active PRNG state
   @param wprng    The index of the PRNG desired
   @param key      A private DSA key
   @return CRYPT_OK if successful
 */
-int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
-                        unsigned char *out, unsigned long *outlen,
-                        prng_state *prng, int wprng, dsa_key *key)
+int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
+                                   mp_int *r,   mp_int *s,
+                               prng_state *prng, int wprng, dsa_key *key)
 {
-   mp_int         k, kinv, tmp, r, s;
+   mp_int         k, kinv, tmp;
    unsigned char *buf;
    int            err;
-   unsigned long  out1, out2;
 
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(r   != NULL);
+   LTC_ARGCHK(s   != NULL);
+   LTC_ARGCHK(key != NULL);
 
    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
       return err;
@@ -60,7 +59,7 @@
    }
 
    /* Init our temps */
-   if ((err = mp_init_multi(&k, &kinv, &r, &s, &tmp, NULL)) != MP_OKAY)               { goto error; }
+   if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != MP_OKAY)               { goto error; }
 
 retry:
 
@@ -85,37 +84,26 @@
    if ((err = mp_invmod(&k, &key->q, &kinv)) != MP_OKAY)                              { goto error; }
 
    /* now find r = g^k mod p mod q */
-   if ((err = mp_exptmod(&key->g, &k, &key->p, &r)) != MP_OKAY)                       { goto error; }
-   if ((err = mp_mod(&r, &key->q, &r)) != MP_OKAY)                                    { goto error; }
+   if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != MP_OKAY)                        { goto error; }
+   if ((err = mp_mod(r, &key->q, r)) != MP_OKAY)                                      { goto error; }
 
-   if (mp_iszero(&r) == MP_YES)                                                       { goto retry; }
+   if (mp_iszero(r) == MP_YES)                                                        { goto retry; }
 
    /* now find s = (in + xr)/k mod q */
    if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != MP_OKAY)     { goto error; }
-   if ((err = mp_mul(&key->x, &r, &s)) != MP_OKAY)                                    { goto error; }
-   if ((err = mp_add(&s, &tmp, &s)) != MP_OKAY)                                       { goto error; }
-   if ((err = mp_mulmod(&s, &kinv, &key->q, &s)) != MP_OKAY)                          { goto error; }
-
-   if (mp_iszero(&s) == MP_YES)                                                       { goto retry; }
+   if ((err = mp_mul(&key->x, r, s)) != MP_OKAY)                                      { goto error; }
+   if ((err = mp_add(s, &tmp, s)) != MP_OKAY)                                         { goto error; }
+   if ((err = mp_mulmod(s, &kinv, &key->q, s)) != MP_OKAY)                            { goto error; }
 
-   /* now store em both */
-   
-   /* first check that we have enough room */
-   if ((err = der_length_integer(&s, &out1)) != CRYPT_OK)                             { goto LBL_ERR; }
-   if ((err = der_length_integer(&r, &out2)) != CRYPT_OK)                             { goto LBL_ERR; }
-   if (*outlen < (out1+out2)) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto LBL_ERR;
-   }
+   if (mp_iszero(s) == MP_YES)                                                        { goto retry; }
 
-   /* store ints */
-   err = der_put_multi_integer(out, outlen, &r, &s, NULL);
+   err = CRYPT_OK;
    goto LBL_ERR;
 
 error: 
    err = mpi_to_ltc_error(err);
 LBL_ERR: 
-   mp_clear_multi(&k, &kinv, &r, &s, &tmp, NULL);
+   mp_clear_multi(&k, &kinv, &tmp, NULL);
 #ifdef LTC_CLEAN_STACK
    zeromem(buf, MDSA_MAX_GROUP);
 #endif
@@ -123,4 +111,49 @@
    return err;
 }
 
+/**
+  Sign a hash with DSA
+  @param in       The hash to sign
+  @param inlen    The length of the hash to sign
+  @param out      [out] Where to store the signature
+  @param outlen   [in/out] The max size and resulting size of the signature
+  @param prng     An active PRNG state
+  @param wprng    The index of the PRNG desired
+  @param key      A private DSA key
+  @return CRYPT_OK if successful
+*/
+int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
+                        unsigned char *out, unsigned long *outlen,
+                        prng_state *prng, int wprng, dsa_key *key)
+{
+   mp_int        r, s;
+   int           err;
+
+   LTC_ARGCHK(in      != NULL);
+   LTC_ARGCHK(out     != NULL);
+   LTC_ARGCHK(outlen  != NULL);
+   LTC_ARGCHK(key     != NULL);
+
+   if (mp_init_multi(&r, &s, NULL) != MP_OKAY) {
+      return CRYPT_MEM;
+   }
+
+   if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, prng, wprng, key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   err = der_encode_sequence_multi(out, outlen, 
+                             LTC_ASN1_INTEGER, 1UL, &r, 
+                             LTC_ASN1_INTEGER, 1UL, &s, 
+                             LTC_ASN1_EOL,     0UL, NULL);
+
+LBL_ERR:
+   mp_clear_multi(&r, &s, NULL);
+   return err;
+}
+
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2005/05/15 21:48:59 $ */
--- a/src/pk/dsa/dsa_verify_hash.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_verify_hash.c	Wed Jul 06 03:53:40 2005 +0000
@@ -20,6 +20,71 @@
 
 /**
   Verify a DSA signature
+  @param r        DSA "r" parameter
+  @param s        DSA "s" parameter
+  @param hash     The hash that was signed
+  @param hashlen  The length of the hash that was signed
+  @param stat     [out] The result of the signature verification, 1==valid, 0==invalid
+  @param key      The corresponding public DH key
+  @return CRYPT_OK if successful (even if the signature is invalid)
+*/
+int dsa_verify_hash_raw(         mp_int *r,          mp_int *s,
+                    const unsigned char *hash, unsigned long hashlen, 
+                                    int *stat,      dsa_key *key)
+{
+   mp_int        w, v, u1, u2;
+   int           err;
+
+   LTC_ARGCHK(r    != NULL);
+   LTC_ARGCHK(s    != NULL);
+   LTC_ARGCHK(stat != NULL);
+   LTC_ARGCHK(key  != NULL);
+
+   /* default to invalid signature */
+   *stat = 0;
+
+   /* init our variables */
+   if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) {
+      return mpi_to_ltc_error(err);
+   }
+
+   /* neither r or s can be null or >q*/
+   if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
+      err = CRYPT_INVALID_PACKET;
+      goto done;
+   }
+   
+   /* w = 1/s mod q */
+   if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY)                                      { goto error; }
+
+   /* u1 = m * w mod q */
+   if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY)       { goto error; }
+   if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY)                                { goto error; }
+
+   /* u2 = r*w mod q */
+   if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY)                                 { goto error; } 
+
+   /* v = g^u1 * y^u2 mod p mod q */
+   if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY)                          { goto error; }
+   if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY)                          { goto error; }
+   if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY)                                { goto error; }
+   if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY)                                         { goto error; }
+
+   /* if r = v then we're set */
+   if (mp_cmp(r, &v) == MP_EQ) {
+      *stat = 1;
+   }
+
+   err = CRYPT_OK;
+   goto done;
+
+error : err = mpi_to_ltc_error(err);
+done  : mp_clear_multi(&w, &v, &u1, &u2, NULL);
+   return err;
+}
+
+/**
+  Verify a DSA signature
   @param sig      The signature
   @param siglen   The length of the signature (octets)
   @param hash     The hash that was signed
@@ -32,59 +97,32 @@
                     const unsigned char *hash, unsigned long hashlen, 
                     int *stat, dsa_key *key)
 {
-   mp_int        r, s, w, v, u1, u2;
-   int           err;
+   int    err;
+   mp_int r, s;
 
-   LTC_ARGCHK(sig  != NULL);
-   LTC_ARGCHK(hash != NULL);
-   LTC_ARGCHK(stat != NULL);
-   LTC_ARGCHK(key  != NULL);
-
-   /* default to invalid signature */
-   *stat = 0;
-
-   /* init our variables */
-   if ((err = mp_init_multi(&r, &s, &w, &v, &u1, &u2, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
+   if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) {
+      return CRYPT_MEM;
    }
 
-   /* read in r followed by s */
-   if ((err = der_get_multi_integer(sig, &siglen, &r, &s, NULL)) != CRYPT_OK)              { goto done; }
-
-   /* neither r or s can be null */
-   if (mp_iszero(&r) == MP_YES || mp_iszero(&s) == MP_YES) {
-      err = CRYPT_INVALID_PACKET;
-      goto done;
-   }
-   
-   /* w = 1/s mod q */
-   if ((err = mp_invmod(&s, &key->q, &w)) != MP_OKAY)                                      { goto error; }
-
-   /* u1 = m * w mod q */
-   if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY)       { goto error; }
-   if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY)                                { goto error; }
-
-   /* u2 = r*w mod q */
-   if ((err = mp_mulmod(&r, &w, &key->q, &u2)) != MP_OKAY)                                 { goto error; } 
-
-   /* v = g^u1 * y^u2 mod p mod q */
-   if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY)                                { goto error; }
-   if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY)                                         { goto error; }
-
-   /* if r = v then we're set */
-   if (mp_cmp(&r, &v) == MP_EQ) {
-      *stat = 1;
+   /* decode the sequence */
+   if ((err = der_decode_sequence_multi(sig, siglen,
+                                  LTC_ASN1_INTEGER, 1UL, &r, 
+                                  LTC_ASN1_INTEGER, 1UL, &s, 
+                                  LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+      goto LBL_ERR;
    }
 
-   err = CRYPT_OK;
-   goto done;
+   /* do the op */
+   err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key);
 
-error : err = mpi_to_ltc_error(err);
-done  : mp_clear_multi(&r, &s, &w, &v, &u1, &u2, NULL);
+LBL_ERR:
+   mp_clear_multi(&r, &s, NULL);
    return err;
 }
 
 #endif
 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2005/05/15 21:48:59 $ */
--- a/src/pk/dsa/dsa_verify_key.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/dsa/dsa_verify_key.c	Wed Jul 06 03:53:40 2005 +0000
@@ -96,3 +96,7 @@
    return err;
 }
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2005/05/05 14:35:59 $ */
--- a/src/pk/ecc/ecc.c	Fri May 06 13:23:02 2005 +0000
+++ b/src/pk/ecc/ecc.c	Wed Jul 06 03:53:40 2005 +0000
@@ -24,7 +24,7 @@
 #ifdef MECC
 
 /* size of our temp buffers for exported keys */
-#define ECC_BUF_SIZE 160
+#define ECC_BUF_SIZE 256
 
 /* max private key size */
 #define ECC_MAXSIZE  66
@@ -34,22 +34,6 @@
    int size;
    char *name, *prime, *B, *order, *Gx, *Gy;
 } sets[] = {
-#ifdef ECC160
-{
-   20,
-   "ECC-160",
-   /* prime */
-   "G00000000000000000000000007",
-   /* B */
-   "1oUV2vOaSlWbxr6",
-   /* order */
-   "G0000000000004sCQUtDxaqDUN5",
-   /* Gx */
-   "jpqOf1BHus6Yd/pyhyVpP",
-   /* Gy */
-   "D/wykuuIFfr+vPyx7kQEPu8MixO",
-},
-#endif
 #ifdef ECC192
 {
     24,
@@ -76,19 +60,20 @@
    "ECC-224",
 
    /* prime */
-   "400000000000000000000000000000000000BV",
+   "3/////////////////////0000000000000001",
 
    /* B */
-   "21HkWGL2CxJIp",
+   "2q1Gg530Ipg/L1CbPGHB2trx/OkYSBEKCZLV+q",
 
    /* order */
-   "4000000000000000000Kxnixk9t8MLzMiV264/",
+   "3//////////////////nQYuBZmFXFTAKLSN2ez",
 
    /* Gx */
-   "jpqOf1BHus6Yd/pyhyVpP",
+   "2t3WozQxI/Vp8JaBbA0y7JLi8H8ZGoWDOHN1qX",
+
 
    /* Gy */
-   "3FCtyo2yHA5SFjkCGbYxbOvNeChwS+j6wSIwck",
+   "2zDsE8jVSZ+qmYt+RDGtMWMWT7P4JLWPc507uq",
 },
 #endif
 #ifdef ECC256
@@ -165,70 +150,6 @@
 }
 };
 
-#if 0
-
-/* you plug in a prime and B value and it finds a pseudo-random base point */
-void ecc_find_base(void)
-{
-   static char *prime = "26959946667150639794667015087019630673637144422540572481103610249951";
-   static char *order = "26959946667150639794667015087019637467111563745054605861463538557247";
-   static char *b     = "9538957348957353489587";
-   mp_int pp, p, r, B, tmp1, tmp2, tx, ty, x, y;
-   char buf[4096];
-   int i;
-
-   mp_init_multi(&tx, &ty, &x, &y, &p, &pp, &r, &B, &tmp1, &tmp2, NULL);
-   mp_read_radix(&p, prime, 10);
-   mp_read_radix(&r, order, 10);
-   mp_read_radix(&B, b, 10);
-
-   /* get (p+1)/4 */
-   mp_add_d(&p, 1, &pp);
-   mp_div_2(&pp, &pp);
-   mp_div_2(&pp, &pp);
-
-   buf[0] = 0;
-   do {
-      printf("."); fflush(stdout);
-      /* make a random value of x */
-      for (i = 0; i < 16; i++) buf[i+1] = rand() & 255;
-      mp_read_raw(&x, buf, 17);
-      mp_copy(&x, &tx);
-
-      /* now compute x^3 - 3x + b */
-      mp_expt_d(&x, 3, &tmp1);
-      mp_mul_d(&x, 3, &tmp2);
-      mp_sub(&tmp1, &tmp2, &tmp1);
-      mp_add(&tmp1, &B, &tmp1);
-      mp_mod(&tmp1, &p, &tmp1);
-
-      /* now compute sqrt via x^((p+1)/4) */
-      mp_exptmod(&tmp1, &pp, &p, &tmp2);
-      mp_copy(&tmp2, &ty);
-
-      /* now square it */
-      mp_sqrmod(&tmp2, &p, &tmp2);
-
-      /* tmp2 should equal tmp1 */
-   } while (mp_cmp(&tmp1, &tmp2));
-
-   /* now output values in way that libtomcrypt wants */
-   mp_todecimal(&p, buf);
-   printf("\n\np==%s\n", buf);
-   mp_tohex(&B, buf);
-   printf("b==%s\n", buf);
-   mp_todecimal(&r, buf);
-   printf("r==%s\n", buf);
-   mp_tohex(&tx, buf);
-   printf("Gx==%s\n", buf);
-   mp_tohex(&ty, buf);
-   printf("Gy==%s\n", buf);
-
-   mp_clear_multi(&tx, &ty, &x, &y, &p, &pp, &r, &B, &tmp1, &tmp2, NULL);
-}
- 
-#endif
-
 static int is_valid_idx(int n)
 {
    int x;
@@ -263,7 +184,7 @@
    }
 }
 
-static int ecc_map(ecc_point *P, mp_int *modulus, mp_int *mu)
+static int ecc_map(ecc_point *P, mp_int *modulus, mp_digit mp)
 {
    mp_int t1, t2;
    int err;
@@ -272,20 +193,23 @@
       return CRYPT_MEM;
    }
 
+   /* first map z back to normal */
+   if ((err = mp_montgomery_reduce(&P->z, modulus, mp)) != MP_OKAY)           { goto error; }
+
    /* get 1/z */
-   if ((err = mp_invmod(&P->z, modulus, &t1)) != MP_OKAY)                   { goto error; }
+   if ((err = mp_invmod(&P->z, modulus, &t1)) != MP_OKAY)                     { goto error; }
  
    /* get 1/z^2 and 1/z^3 */
-   if ((err = mp_sqr(&t1, &t2)) != MP_OKAY)                        { goto error; }
-   if ((err = mp_reduce(&t2, modulus, mu)) != MP_OKAY)             { goto error; }
-   if ((err = mp_mul(&t1, &t2, &t1)) != MP_OKAY)                   { goto error; }
-   if ((err = mp_reduce(&t1, modulus, mu)) != MP_OKAY)             { goto error; }
+   if ((err = mp_sqr(&t1, &t2)) != MP_OKAY)                                   { goto error; }
+   if ((err = mp_mod(&t2, modulus, &t2)) != MP_OKAY)                          { goto error; }
+   if ((err = mp_mul(&t1, &t2, &t1)) != MP_OKAY)                              { goto error; }
+   if ((err = mp_mod(&t1, modulus, &t1)) != MP_OKAY)                          { goto error; }
 
    /* multiply against x/y */
-   if ((err = mp_mul(&P->x, &t2, &P->x)) != MP_OKAY)               { goto error; }
-   if ((err = mp_reduce(&P->x, modulus, mu)) != MP_OKAY)           { goto error;