Update head to match stable 1.0
authorDavid Shaw <dshaw@jabberwocky.com>
Sat, 29 Jun 2002 13:31:13 +0000 (13:31 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Sat, 29 Jun 2002 13:31:13 +0000 (13:31 +0000)
154 files changed:
checks/ChangeLog
checks/Makefile.am
checks/armdetach.test
checks/armdetachm.test
checks/armencrypt.test
checks/armencryptp.test
checks/armsignencrypt.test
checks/armsigs.test
checks/clearsig.test
checks/conventional-mdc.test [new file with mode: 0755]
checks/conventional.test
checks/decrypt-dsa.test
checks/decrypt.test
checks/defs.inc
checks/detach.test
checks/detachm.test
checks/encrypt-dsa.test
checks/encrypt.test
checks/encryptp.test
checks/genkey1024.test
checks/mds.test
checks/mkdemodirs
checks/multisig.test [new file with mode: 0755]
checks/options.in [new file with mode: 0644]
checks/pgp263-test.pub.asc [new file with mode: 0644]
checks/pgp263-test.sec.asc [new file with mode: 0644]
checks/pubring.asc
checks/run-gpg [deleted file]
checks/run-gpg.patterns [deleted file]
checks/run-gpgm [deleted file]
checks/seat.test
checks/signencrypt-dsa.test
checks/signencrypt.test
checks/sigs-dsa.test
checks/sigs.test
checks/version.test
cipher/ChangeLog [new file with mode: 0644]
cipher/Makefile.am [new file with mode: 0644]
cipher/bithelp.h [new file with mode: 0644]
cipher/blowfish.c [new file with mode: 0644]
cipher/blowfish.h [new file with mode: 0644]
cipher/cast5.c [new file with mode: 0644]
cipher/cast5.h [new file with mode: 0644]
cipher/cipher.c [new file with mode: 0644]
cipher/des.c [new file with mode: 0644]
cipher/des.h [new file with mode: 0644]
cipher/dsa.c [new file with mode: 0644]
cipher/dsa.h [new file with mode: 0644]
cipher/dynload.c [new file with mode: 0644]
cipher/dynload.h [new file with mode: 0644]
cipher/elgamal.c [new file with mode: 0644]
cipher/elgamal.h [new file with mode: 0644]
cipher/g10c.c [new file with mode: 0644]
cipher/gost.c [new file with mode: 0644]
cipher/gost.h [new file with mode: 0644]
cipher/md.c [new file with mode: 0644]
cipher/md5.c [new file with mode: 0644]
cipher/primegen.c [new file with mode: 0644]
cipher/pubkey.c [new file with mode: 0644]
cipher/rand-internal.h [new file with mode: 0644]
cipher/random.c [new file with mode: 0644]
cipher/random.h [new file with mode: 0644]
cipher/rijndael.c [new file with mode: 0644]
cipher/rmd.h [new file with mode: 0644]
cipher/rmd160.c [new file with mode: 0644]
cipher/rmd160test.c [new file with mode: 0644]
cipher/rndegd.c [new file with mode: 0644]
cipher/rndlinux.c [new file with mode: 0644]
cipher/rndriscos.c [new file with mode: 0644]
cipher/rndunix.c [new file with mode: 0644]
cipher/rndw32.c [new file with mode: 0644]
cipher/rsa.c [new file with mode: 0644]
cipher/rsa.h [new file with mode: 0644]
cipher/sha1.c [new file with mode: 0644]
cipher/smallprime.c [new file with mode: 0644]
cipher/tiger.c [new file with mode: 0644]
cipher/twofish.c [new file with mode: 0644]
contrib/UTF-8-test.txt [new file with mode: 0644]
contrib/changes-in-2000 [new file with mode: 0644]
contrib/why-gnupg [new file with mode: 0644]
debian/README.Debian
debian/changelog
debian/control
debian/copyright
debian/lintian.override [new file with mode: 0644]
debian/postinst [deleted file]
debian/postrm [deleted file]
debian/preinst
debian/rules
doc/ChangeLog
doc/DETAILS
doc/FAQ [deleted file]
doc/HACKING
doc/Makefile.am
doc/OpenPGP
doc/README.W32 [new file with mode: 0644]
doc/faq.raw [new file with mode: 0644]
doc/fr/ChangeLog [new file with mode: 0644]
doc/fr/DETAILS [new file with mode: 0644]
doc/fr/FAQ [new file with mode: 0644]
doc/fr/README.fr [new file with mode: 0644]
doc/gnupg-w32.reg [new file with mode: 0644]
doc/gpg.sgml
doc/gpgv.sgml [new file with mode: 0644]
doc/gpgv.texi [new file with mode: 0644]
doc/gph/Makefile.am
doc/gph/signatures.jpg.asc [new file with mode: 0644]
doc/samplekeys.asc [new file with mode: 0644]
doc/version.sgml.in [deleted file]
include/ChangeLog
include/cipher.h [new file with mode: 0644]
include/distfiles
include/errors.h
include/gpga-prot.h [deleted file]
include/host2net.h
include/http.h
include/i18n.h
include/iobuf.h
include/keyserver.h [new file with mode: 0644]
include/memory.h [new file with mode: 0644]
include/mpi.h [new file with mode: 0644]
include/ttyio.h
include/types.h
include/util.h
keyserver/ChangeLog [new file with mode: 0644]
keyserver/Makefile.am [new file with mode: 0644]
keyserver/gpgkeys_hkp.c [new file with mode: 0644]
keyserver/gpgkeys_ldap.c [new file with mode: 0644]
keyserver/gpgkeys_mailto.in [new file with mode: 0755]
keyserver/gpgkeys_test.in [new file with mode: 0755]
zlib/ChangeLog
zlib/adler32.c
zlib/compress.c
zlib/crc32.c
zlib/deflate.c
zlib/deflate.h
zlib/example.c
zlib/infblock.c
zlib/infblock.h
zlib/infcodes.c
zlib/infcodes.h
zlib/inffast.c
zlib/inffast.h
zlib/inflate.c
zlib/inftrees.c
zlib/inftrees.h
zlib/infutil.c
zlib/infutil.h
zlib/trees.c
zlib/uncompr.c
zlib/zconf.h
zlib/zlib.h
zlib/zutil.c
zlib/zutil.h

index b5c810b..3bb7863 100644 (file)
-Wed Oct  4 13:16:18 CEST 2000  Werner Koch  <wk@openit.de>
+2002-05-10  Werner Koch  <wk@gnupg.org>
 
-        * run-gpg: redirect fgrep output to stderr
+       * Makefile.am: Add gpg_dearmor to all targets where it is used.
+       Noted by Andreas Haumer. 
 
-Sat Nov 13 17:44:23 CET 1999  Werner Koch  <wk@gnupg.de>
+2002-04-19  Werner Koch  <wk@gnupg.org>
 
-       * genkey1024.test: Does not use --quick-random anymore.
+       * signencrypt-dsa.test, sigs-dsa.test: Don't check with MD5 as
+       this is not valid with DSA signatures.
 
-Thu Oct 28 16:17:46 CEST 1999  Werner Koch  <wk@gnupg.de>
+2001-12-22  Werner Koch  <wk@gnupg.org>
+
+       * options.in: Add no-permission-warning.
+
+2001-12-21  Werner Koch  <wk@gnupg.org>
+
+       * Makefile.am (distclean-local): prefix mkdemodirs with srcdir
+       (DISTCLEANFILES): Add random_seed.
+
+2001-12-19  Werner Koch  <wk@gnupg.org>
+
+       * options.in: Remove load-extension tiger
+       * Makefile.am (./options): append it if there is such a module.
+
+2001-10-23  Werner Koch  <wk@gnupg.org>
+
+       * defs.inc, Makefile.am: Do not use $srcdir when invoking gpg.
+       Write the logfile to the current directory.
+
+2001-09-28  Werner Koch  <wk@gnupg.org>
+
+       * defs.inc: Write a log file for each test. 
+       * run-gpg, run-gpgm, run-gpg.patterns: Removed.  Replaced in all
+       tests by a simple macro from defs.inc.
+       * Makefile.am (CLEANFILES): Remove log files.
+       (./gpg_dearmor): create it and use it instead of the macro.
+       This is needed in multisig.test due to IFS tricks.
+
+       * armsignencrypt.test, signencrypt-dsa.test, signencrypt.test,
+       armencryptp.test, armencrypt.test, encryptp.test, seat.test,
+       encrypt-dsa.test, encrypt.test: Use --always-trust because the
+       test are not designed to check the validity.
+       
+2001-09-06  Werner Koch  <wk@gnupg.org>
+
+       * genkey1024.test: Simplified by using a parameter file.
+
+2001-05-30  Werner Koch  <wk@gnupg.org>
+
+       * multisig.test (IFS): Reset IFS just before the test.
+
+2001-04-30  Werner Koch  <wk@gnupg.org>
+
+       * multisig.test: Add an set +x to avoid ksh problems
+
+2001-04-28  Werner Koch  <wk@gnupg.org>
+
+       * run-gpg.patterns: a v3 test key expired yesterday, suppress the
+       messages.
+
+2001-03-27  Werner Koch  <wk@gnupg.org>
+
+       * defs.inc: Removed creation of options file.
+       * options.in: New.
+       * Makefile.am: Create options file and fixed import of pubdemo.asc.
+
+       * run-gpg.patterns (gpg): Add some more patterns.
+
+2001-03-20  Werner Koch  <wk@gnupg.org>
+
+       * Makefile.am: Import the pubdemo.asc file 
+
+       * sigs.test (hash_algo_list): s/tiger/tiger192/
+
+2001-03-19  Werner Koch  <wk@gnupg.org>
+
+       * mkdemodirs (GPGDEMO): Add --allow-secret-key-import to all gpg
+       invocations.  Use echon -n instead of an argument with \c.
+
+2001-02-12  Werner Koch  <wk@gnupg.org>
+
+       * multisig.test: new
+       * Makefile.am (TESTS): Added.
+
+2000-10-18  Werner Koch  <wk@gnupg.org>
+
+       * conventional-mdc.test: Add Rijndael and fix for empty plain texts.
+
+Thu Feb 10 17:39:44 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * mkdemodirs: Fixed the --clean loop.
+
+Thu Jan 13 19:31:58 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * defs.inc (chdir): Removed becuase it is unsused an plain old sh
+       does not like this name.  Reported by Alec Habig.
+
+Tue Oct 26 20:02:23 1999  Werner Koch  (wk@gnupg.org)
 
        * Makefile.am (GPG_DEARMOR): New and use --no-options.
 
 Tue Aug 31 17:20:44 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
-
        * defs.inc: set LC_ALL empty
 
 Wed Aug  4 10:34:18 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
-
        * defs.inc (echo_n): New and used instead of /bin/echo "\c"
 
 Sun Apr 18 10:11:28 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
@@ -70,3 +157,15 @@ Mon May 18 15:40:02 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
        * ChangeLog: New.
 
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
index 41ded3c..ed779a4 100644 (file)
@@ -1,6 +1,24 @@
-## Process this file with automake to create Makefile.in
-
-GPG_DEARMOR = ../g10/gpg --no-options --quiet --yes --dearmor
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+
+# Process this file with automake to create Makefile.in
+
+GPG_IMPORT  = ../g10/gpg --homedir . --quiet --yes --import
 
 TESTS = version.test mds.test \
        decrypt.test decrypt-dsa.test \
@@ -11,54 +29,67 @@ TESTS = version.test mds.test \
        signencrypt.test signencrypt-dsa.test \
        armsignencrypt.test armdetach.test \
        armdetachm.test detachm.test genkey1024.test \
-       conventional.test
+       conventional.test conventional-mdc.test \
+       multisig.test
 
 
 TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
             plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \
-            pubring.pkr.asc secring.skr.asc secdemo.asc pubdemo.asc
+            pubring.pkr.asc secring.skr.asc secdemo.asc pubdemo.asc options.in
 
 DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large
 
-EXTRA_DIST = defs.inc run-gpg run-gpg.patterns $(TESTS) $(TEST_FILES) \
+EXTRA_DIST = defs.inc $(TESTS) $(TEST_FILES) \
             mkdemodirs signdemokey
 CLEANFILES = prepared.stamp x y yy z out err  $(DATA_FILES) \
-            plain-1 plain-2 plain-3 options trustdb.gpg *.lock .\#lk* \
+            plain-1 plain-2 plain-3 trustdb.gpg *.lock .\#lk* \
+            *.test.log options gpg_dearmor \
             pubring.gpg secring.gpg pubring.pkr secring.skr
-DISTCLEANFILES = pubring.gpg~
+DISTCLEANFILES = pubring.gpg~ random_seed
 
 
 all-local: prepared.stamp
 
 distclean-local:
-       ./mkdemodirs --clean
+       $(srcdir)/mkdemodirs --clean
 
 prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \
-               ./pubring.pkr ./secring.skr $(DATA_FILES)
+               ./pubring.pkr ./secring.skr ./options ./gpg_dearmor \
+               $(DATA_FILES)
+        $(GPG_IMPORT) $(srcdir)/pubdemo.asc     
         echo timestamp >./prepared.stamp
 
+./options: $(srcdir)/options.in
+       cat $(srcdir)/options.in >./options
+       @set -e; if echo "@DYNAMIC_CIPHER_MODS@" |grep tiger >/dev/null ;then \
+         echo load-extension ../cipher/tiger >>./options; fi
 
-./pubring.gpg: $(srcdir)/pubring.asc
-        $(GPG_DEARMOR) -o ./pubring.gpg $(srcdir)/pubring.asc
+./gpg_dearmor:
+       echo '#!/bin/sh' >./gpg_dearmor
+       echo "../g10/gpg --no-options --no-greeting \
+             --no-secmem-warning --batch --dearmor" >>./gpg_dearmor
+       chmod 755 ./gpg_dearmor
 
-./secring.gpg: $(srcdir)/secring.asc
-        $(GPG_DEARMOR) -o ./secring.gpg $(srcdir)/secring.asc
+./pubring.gpg: $(srcdir)/pubring.asc $(srcdir)/pubdemo.asc ./gpg_dearmor
+       ./gpg_dearmor > ./pubring.gpg < $(srcdir)/pubring.asc
 
-./pubring.pkr: $(srcdir)/pubring.pkr.asc
-        $(GPG_DEARMOR) -o ./pubring.pkr $(srcdir)/pubring.pkr.asc
+./secring.gpg: $(srcdir)/secring.asc ./gpg_dearmor
+       ./gpg_dearmor > ./secring.gpg < $(srcdir)/secring.asc
 
-./secring.skr: $(srcdir)/secring.skr.asc
-        $(GPG_DEARMOR) -o ./secring.skr $(srcdir)/secring.skr.asc
+./pubring.pkr: $(srcdir)/pubring.pkr.asc ./gpg_dearmor
+       ./gpg_dearmor > ./pubring.pkr < $(srcdir)/pubring.pkr.asc
 
-./plain-1: $(srcdir)/plain-1o.asc
-        $(GPG_DEARMOR) -o ./plain-1 $(srcdir)/plain-1o.asc
+./secring.skr: $(srcdir)/secring.skr.asc ./gpg_dearmor
+       ./gpg_dearmor > ./secring.skr < $(srcdir)/secring.skr.asc
 
-./plain-2: $(srcdir)/plain-2o.asc
-        $(GPG_DEARMOR) -o ./plain-2 $(srcdir)/plain-2o.asc
+./plain-1: $(srcdir)/plain-1o.asc ./gpg_dearmor
+       ./gpg_dearmor > ./plain-1 < $(srcdir)/plain-1o.asc
 
-./plain-3: $(srcdir)/plain-3o.asc
-        $(GPG_DEARMOR) -o ./plain-3 $(srcdir)/plain-3o.asc
+./plain-2: $(srcdir)/plain-2o.asc ./gpg_dearmor
+       ./gpg_dearmor > ./plain-2 < $(srcdir)/plain-2o.asc
 
+./plain-3: $(srcdir)/plain-3o.asc ./gpg_dearmor
+       ./gpg_dearmor > ./plain-3 < $(srcdir)/plain-3o.asc
 
 
 data-500:
index c68c5da..c445d6c 100755 (executable)
@@ -5,7 +5,7 @@
 
 #info Checking armored detached signatures
 for i in $plain_files $data_files ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sab -o x --yes $i
-    $srcdir/run-gpg -o /dev/null --yes x  <$i || error "$i: bad signature"
+    echo "$usrpass1" | $GPG --passphrase-fd 0 -sab -o x --yes $i
+    $GPG -o /dev/null --yes x  <$i || error "$i: bad signature"
 done
 
index f628fcf..f195842 100755 (executable)
@@ -4,6 +4,6 @@
 
 #info Checking armored detached signatures of multiple files
 i="$plain_files $data_files"
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sab -o x --yes $i
-cat $i | $srcdir/run-gpg -o /dev/null --yes x || error "$i: bad signature"
+echo "$usrpass1" | $GPG --passphrase-fd 0 -sab -o x --yes $i
+cat $i | $GPG -o /dev/null --yes x || error "$i: bad signature"
 
index cade9dd..356d1bd 100755 (executable)
@@ -4,8 +4,8 @@
 
 #info Checking armored encryption
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg -ea -o x --yes -r "$usrname2" $i
-    $srcdir/run-gpg -o y --yes x
+    $GPG --always-trust -ea -o x --yes -r "$usrname2" $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index 95a1efd..d18c56b 100755 (executable)
@@ -4,9 +4,9 @@
 
 #info Checking armored encryption with a pipe
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg -ea --yes -r "$usrname2" < $i | tee x | $srcdir/run-gpg -o y --yes
+    $GPG --always-trust -ea --yes -r "$usrname2" < $i | tee x | $GPG -o y --yes
     cmp $i y || error "$i: mismatch"
-    $srcdir/run-gpg --yes < x > y
+    $GPG --yes < x > y
     cmp $i y || error "$i: mismatch"
 done
 
index f8ffdaf..24b9575 100755 (executable)
@@ -5,9 +5,9 @@
 
 #info Checking armored signing and encryption
 for i in $plain_files $data_files ; do
-    echo "$usrpass1" \
-    | $srcdir/run-gpg --passphrase-fd 0 -sae -o x --yes -r "$usrname2" $i
-    $srcdir/run-gpg -o y --yes x
+    echo "$usrpass1"  | $GPG --passphrase-fd 0 --always-trust \
+                        -sae -o x --yes -r "$usrname2" $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index 34b5a7f..aecc064 100755 (executable)
@@ -4,8 +4,8 @@
 
 #info Checking armored signatures
 for i in $plain_files $data_files ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sa -o x --yes $i
-    $srcdir/run-gpg -o y --yes x
+    echo "$usrpass1" | $GPG --passphrase-fd 0 -sa -o x --yes $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index f77fd5d..89d3233 100755 (executable)
 # it is clear text and not binary text.
 # ======================================
 for i in $plain_files plain-large ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sat -o x --yes $i
-    $srcdir/run-gpg --verify x
+    echo "$usrpass1" | $GPG --passphrase-fd 0 -sat -o x --yes $i
+    $GPG --verify x
 done
 
 # ======================================
 # and once more to check rfc1991
 # ======================================
 for i in $plain_files plain-large ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 \
+    echo "$usrpass1" | $GPG --passphrase-fd 0 \
                         --rfc1991 --digest-algo md5 -sat -o x --yes $i
-    $srcdir/run-gpg --verify x
+    $GPG --verify x
 done
 
 # ======================================
@@ -35,8 +35,8 @@ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 EOF
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
-$srcdir/run-gpg --verify x
+echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y
+$GPG --verify x
 
 # ======================================
 # and one with only one long lines
@@ -44,14 +44,15 @@ $srcdir/run-gpg --verify x
 cat >y <<EOF
 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxyx
 EOF
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
-$srcdir/run-gpg --verify x
+echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y
+$GPG --verify x
+# ======================================
 # and one with an empty body
 # ======================================
 cat >y <<EOF
 EOF
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
-$srcdir/run-gpg --verify x
+echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y
+$GPG --verify x
 
 # ======================================
 # and one with one empty line at the end
@@ -63,20 +64,39 @@ line 3
 there is a blank line after this
 
 EOF
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
-$srcdir/run-gpg --verify x
+echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y
+$GPG --verify x
 
 
 # ======================================
-# I think this file will be contructed wrong (gpg 0.9.3)
+# I think this file will be constructed wrong (gpg 0.9.3)
 # but it should verify okay anyway.
-# bash's builtin echo needs the option -e so we use the external one.
 # ======================================
 echo "this is a sig test" >y
 echo_n " " >>y
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
-$srcdir/run-gpg --verify x
+echo "$usrpass1" | $GPG --passphrase-fd 0 --clearsign -o x --yes y
+$GPG --verify x
+
 
+# ======================================
+# check our special diff mode
+# ======================================
+cat >y <<EOF
+--- mainproc.c Tue Jun 27 09:28:11 2000
++++ mainproc.c~ Thu Jun  8 22:50:25 2000
+@@ -1190,16 +1190,13 @@
+               md_enable( c->mfx.md, n1->pkt->pkt.signature->digest_algo);
+           }
+           /* ask for file and hash it */
+-          if( c->sigs_only ) {
++          if( c->sigs_only )   
+               rc = hash_datafiles( c->mfx.md, NULL,
+                                    c->signed_data, c->sigfilename,
+                       n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 );
+EOF
+echo "$usrpass1" | $GPG --passphrase-fd 0 \
+                                  --not-dash-escaped --clearsign -o x --yes y
+$GPG --verify x
 
 
 
diff --git a/checks/conventional-mdc.test b/checks/conventional-mdc.test
new file mode 100755 (executable)
index 0000000..463e0c4
--- /dev/null
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+. $srcdir/defs.inc || exit 3
+
+#info Checking conventional encryption
+for i in 0 1 2 3 9 10 11 19 20 21 22 23 39 40 41 8192 32000 ; do
+  for ciph in 3des cast5 blowfish twofish rijndael; do
+    # *BSD's dd can't cope with a count of 0
+    if test "$i" = "0"; then
+        : >z
+    else
+        dd if=data-80000 of=z bs=1 count=$i 2>/dev/null
+    fi
+    echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \
+       --force-mdc --cipher $ciph -c -o x --yes z
+    echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \
+       -o y --yes x
+    cmp z y || error "$ciph/$i: mismatch"
+  done
+done
+
index 289a850..87aeb9c 100755 (executable)
@@ -2,22 +2,22 @@
 
 . $srcdir/defs.inc || exit 3
 
-# temp. hack cause the format for 128 biut blocksize messages may change
+# temp. hack cause the format for 128 bit blocksize messages may change
 GNUPG_ENABLE_TWOFISH=1
 export GNUPG_ENABLE_TWOFISH
 
 #info Checking conventional encryption
 for i in plain-2 data-32000 ; do
-    echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -c -o x --yes $i
-    echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0    -o y --yes x
+    echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -c -o x --yes $i
+    echo "Hier spricht HAL" | $GPG --passphrase-fd 0    -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
 for a in cast5 3des twofish; do
     for i in plain-1 data-80000 ; do
-      echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 \
+      echo "Hier spricht HAL" | $GPG --passphrase-fd 0 \
                                          --cipher-algo $a -c -o x --yes $i
-      echo "Hier spricht HAL" | $srcdir/run-gpg --passphrase-fd 0 -o y --yes x
+      echo "Hier spricht HAL" | $GPG --passphrase-fd 0 -o y --yes x
       cmp $i y || error "$i: ($a) mismatch"
     done
 done
index ba73ddf..6dc7dc4 100755 (executable)
@@ -4,7 +4,7 @@
 
 #info Checking decryption of supplied DSA encrypted file
 for i in "plain-1" ; do
-    $srcdir/run-gpg $dsa_keyrings -o y --yes $srcdir/$i-pgp.asc
+    $GPG $dsa_keyrings -o y --yes $srcdir/$i-pgp.asc
     cmp $i y || error "$i: mismatch"
 done
 
index 1d74494..aab4167 100755 (executable)
@@ -4,8 +4,7 @@
 
 #info Checking decryption of supplied files
 for i in $plain_files ; do
-    echo "$usrpass1" | $srcdir/run-gpg  --passphrase-fd 0 \
-                      -o y --yes $srcdir/$i.asc
+    echo "$usrpass1" | $GPG  --passphrase-fd 0 -o y --yes $srcdir/$i.asc
     cmp $i y || error "$i: mismatch"
 done
 
index c975025..2eb25c7 100755 (executable)
@@ -49,9 +49,6 @@ info () {
     echo "$pgmname:" $* >&2
 }
 
-chdir () {
-    cd $1 || fatal "cannot cd to $1"
-}
 
 echo_n_init=no
 echo_n () {
@@ -101,11 +98,9 @@ pgmname=`basename $0`
 
 [ -z "$srcdir" ] && fatal "not called from make"
 
-cat <<EOF  >./options
-no-greeting
-no-secmem-warning
-load-extension ../cipher/tiger
-batch
-emulate-md-encode-bug
-EOF
+GPG="../g10/gpg --homedir . "
+
+exec 2> ${pgmname}.log
 
+:
+# end
\ No newline at end of file
index cdad558..6a3ae05 100755 (executable)
@@ -4,7 +4,7 @@
 
 #info Checking detached signatures
 for i in $plain_files $data_files ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sb -o x --yes $i
-    $srcdir/run-gpg -o /dev/null --yes x  <$i || error "$i: bad signature"
+    echo "$usrpass1" | $GPG --passphrase-fd 0 -sb -o x --yes $i
+    $GPG -o /dev/null --yes x  <$i || error "$i: bad signature"
 done
 
index b5fb05a..dc60bb2 100755 (executable)
@@ -4,6 +4,6 @@
 
 #info Checking detached signatures of multiple files
 i="$plain_files $data_files"
-echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sb -o x --yes $i
-cat $i | $srcdir/run-gpg -o /dev/null --yes x || error "$i: bad signature"
+echo "$usrpass1" | $GPG --passphrase-fd 0 -sb -o x --yes $i
+cat $i | $GPG -o /dev/null --yes x || error "$i: bad signature"
 
index ba0564f..27891bf 100755 (executable)
@@ -4,16 +4,16 @@
 
 #info Checking encryption
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg $dsa_keyrings -e -o x --yes -r "$dsa_usrname2" $i
-    $srcdir/run-gpg $dsa_keyrings -o y --yes x
+    $GPG $dsa_keyrings --always-trust -e -o x --yes -r "$dsa_usrname2" $i
+    $GPG $dsa_keyrings -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
 # and with cast
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg $dsa_keyrings --cipher-algo cast5 -e \
+    $GPG $dsa_keyrings --always-trust --cipher-algo cast5 -e \
                                        -o x --yes -r "$dsa_usrname2" $i
-    $srcdir/run-gpg $dsa_keyrings -o y --yes x
+    $GPG $dsa_keyrings -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index 468136c..4e5c5c0 100755 (executable)
@@ -4,13 +4,13 @@
 
 #info Checking encryption
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg -e -o x --yes -r "$usrname2" $i
-    $srcdir/run-gpg -o y --yes x
+    $GPG --always-trust -e -o x --yes -r "$usrname2" $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg -e -o x --yes -r "$usrname2" --cipher-algo cast5 $i
-    $srcdir/run-gpg -o y --yes x
+    $GPG --always-trust -e -o x --yes -r "$usrname2" --cipher-algo cast5 $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index c63fb82..7df24ef 100755 (executable)
@@ -4,7 +4,7 @@
 
 #info Checking encryption with a pipe
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg -e --yes -r "$usrname2" <$i | tee yy | $srcdir/run-gpg --yes > y
+    $GPG --always-trust -e --yes -r "$usrname2" <$i | $GPG --yes > y
     cmp $i y || error "$i: mismatch"
 done
 
index 6e01a61..e9852d7 100755 (executable)
 #!/bin/sh
 
-echo "test is currently disabled"
-exit 0
-
-
 . $srcdir/defs.inc || exit 3
-ignore_errors=yes
-
-
-if (expect -v) < /dev/null > /dev/null 2>&1 ; then
-  :
-else
-  echo "\"expect\" needed but not found - test skipped"
-  exit 0
-fi
-
-LANG=
-LANGUAGE=
 
-expect  - <<EOF >/dev/null
-#set timeout -1
-set timeout 8
-match_max 100000
-spawn ../g10/gpg --no-batch --homedir . --gen-key
-expect {
-    -exact "Please select what kind of key you want:\r
-   (1) DSA and ElGamal (default)\r
-   (2) DSA (sign only)\r
-   (4) ElGamal (sign and encrypt)\r
-Your selection? "  { send -- "1\r" }
-    timeout { exit 1 } }
-expect {
-    -exact "1\r
-\r                 \rDSA keypair will have 1024 bits.\r
-About to generate a new ELG-E keypair.\r
-              minimum keysize is  768 bits\r
-              default keysize is 1024 bits\r
-    highest suggested keysize is 2048 bits\r
-What keysize do you want? (1024) " { send -- "\r" }
-    timeout { exit 1 } }
-expect {
-    -exact "\r
-\r                                 \rRequested keysize is 1024 bits\r
-Please specify how long the key should be valid.\r
-         0 = key does not expire\r
-      <n>  = key expires in n days\r
-      <n>w = key expires in n weeks\r
-      <n>m = key expires in n months\r
-      <n>y = key expires in n years\r
-Key is valid for? (0) " { send -- "1\r" }
-    timeout { exit 1 } }
-expect {
-     -exact "1\r
-\r                       \rKey expires at " { }
-    timeout { exit 1 } }
-expect {
-     -re "(.*)\r
-" {}
-    timeout { exit 1 } }
-expect {
-    -exact "Is this correct (y/n)? " { send -- "y\r" }
-    timeout { exit 1 } }
-expect {
-    -exact "y\r
-\r                        \r\r
-You need a User-ID to identify your key; the software constructs the user id\r
-from Real Name, Comment and Email Address in this form:\r
-    \"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\r
-\r
-Real name: " { send -- "Harry H.\r" }
-    timeout { exit 1 } }
-expect {
-   -exact "Harry H.\r
-\r                   \rEmail address: " { send -- "hh@ddorf.de\r" }
-    timeout { exit 1 } }
-expect {
-   -exact "hh@ddorf.de\r
-\r                          \rComment: " { send -- "a test\r" }
-    timeout { exit 1 } }
-expect {
-   -exact "a test\r
-\r               \rYou selected this USER-ID:\r
-    \"Harry H. (a test) <hh@ddorf.de>\"\r
-\r
-Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? " { send -- "o\r" }
-    timeout { exit 1 } }
-expect {
-   -exact "o\r
-\r                                                     \rYou need a Passphrase to protect your secret key.\r
-\r
-Enter passphrase: " { sleep 1; send -- "abc\r" }
-    timeout { exit 1 } }
-expect {
-  -ex "\r                  \rRepeat passphrase: " { sleep 1; send -- "abc\r" }
-    timeout { exit 1 } }
-set timeout 600
-expect {
-    -re "^.*\r\npublic and secret key" { exit 0 }
-    eof  { exit 1 }
-}
-exit 1
+../g10/gpg --quiet --batch --quick-random --homedir . --gen-key <<EOF
+Key-Type: DSA
+Key-Length: 1024
+Subkey-Type: ELG-E
+Subkey-Length: 1024
+Name-Real: Harry H.
+Name-Comment: test key 
+Name-Email: hh@@ddorf.de
+Expire-Date: 1
+Passphrase: abc
+%commit
+Key-Type: RSA
+Key-Length: 1024
+Key-Usage: sign,encrypt
+Name-Real: Harry A.
+Name-Comment: RSA test key 
+Name-Email: hh@@ddorf.de
+Expire-Date: 2
+Passphrase: abc
+%commit
 EOF
 
-#*-*wedit:notab*-*
index 6b9cfbd..60a7947 100755 (executable)
@@ -13,7 +13,7 @@ test_one () {
 failed=""
 
 #info Checking message digests
-cat /dev/null | $srcdir/run-gpg -v --print-mds >y
+cat /dev/null | $GPG -v --print-mds >y
 test_one "MD5"    "D41D8CD98F00B204E9800998ECF8427E"
 test_one "SHA1"   "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709"
 test_one "RMD160" "9C1185A5C5E9FC54612808977EE8F548B2258D31"
@@ -25,7 +25,7 @@ fi
 
 [ "$failed" != "" ] && error "$failed failed for empty string"
 
-echo_n "abcdefghijklmnopqrstuvwxyz" | $srcdir/run-gpg --print-mds >y
+echo_n "abcdefghijklmnopqrstuvwxyz" | $GPG --print-mds >y
 test_one "MD5"    "C3FCD3D76192E4007DFB496CCA67E13B"
 test_one "SHA1"   "32D10C7B8CF96570CA04CE37F2A19D84240D3A89"
 test_one "RMD160" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC"
index b0755ab..d6b7d7c 100755 (executable)
@@ -2,15 +2,15 @@
 
 set -e
 
-GPG="../g10/gpg --batch --quiet --no-secmem-warning"
+GPG="../g10/gpg --batch --quiet --no-secmem-warning --allow-secret-key-import"
 NAMES='Alpha Bravo Charlie Delta Echo Foxtrot Golf Hotel India
        Juliet Kilo Lima Mike November Oscar Papa Quebec Romeo
        Sierra Tango Uniform Victor Whisky XRay Yankee Zulu'
 
 if [ "$1" = "--clean" ]; then
-    for i in $NAMES; do
+    (for i in $NAMES; do
        [ -d $i ] && rm -r $i
-    done
+    done) || true
     exit 0
 fi
 
@@ -19,15 +19,15 @@ $GPG --dearmor -o pubdemo.gpg --yes ../checks/pubdemo.asc
 [ -f ./tdb.tmp ] && rm ./tdb.tmp
 GPGDEMO="$GPG --homedir . --trustdb-name ./tdb.tmp --no-default-keyring
         --keyring pubdemo.gpg --secret-keyring secdemo.gpg"
-/bin/echo "Creating:\c"
+echo -n "Creating:"
 for name in $NAMES; do
-    /bin/echo " $name\c"
+    echo -n " $name"
     [ -d $name ] && rm -r $name
     mkdir $name
-    $GPGDEMO --export-secret-key -o - $name | tee $name/Secret.gpg | \
-           $GPG --homedir $name --import
-    $GPGDEMO --export -o - $name | tee $name/Public.gpg | \
-           $GPG --homedir $name --import
+    $GPGDEMO --export-secret-key -o - $name > $name/Secret.gpg
+    $GPG --homedir $name --import $name/Secret.gpg
+    $GPGDEMO --export -o - $name > $name/Public.gpg
+    $GPG --homedir $name --import $name/Public.gpg
     [ -f $name/pubring.gpg~ ] && rm $name/pubring.gpg~
 done
 echo "."
diff --git a/checks/multisig.test b/checks/multisig.test
new file mode 100755 (executable)
index 0000000..c391f6f
--- /dev/null
@@ -0,0 +1,145 @@
+#!/bin/sh
+# Check that gpg verifies only signatures where there is no ambiguity
+# in the order of packets.  Needs the Demo Keys Lima and Mike.
+
+. $srcdir/defs.inc || exit 3
+
+# (variable intialization was created using:
+#   for i in files; do echo "`echo $i | sed 's,[.-],_,g'`='"; \
+#   gpg --no-version --enarmor <$i | grep -v ^Comment:; echo "'" ; done 
+# )
+
+sig_1ls1ls_valid='
+-----BEGIN PGP ARMORED FILE-----
+
+kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg
+ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e
+8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOZANAwACETfKtR+3kQP4AawnYgV0ZXh0
+MTqIKvRJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCr0N8q1H7eR
+A/gRAto6AKCWkmlzmRLUmakO/NByFxu+3vDwewCeMAqa5mhUztHwWk3Fw7hDgXQF
+pzk=
+=8jSC
+-----END PGP ARMORED FILE-----
+'
+sig_ls_valid='
+-----BEGIN PGP ARMORED FILE-----
+
+rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI
+K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT
+QDUFTH2PvZRxjw==
+=J+lb
+-----END PGP ARMORED FILE-----
+'
+sig_sl_valid='
+-----BEGIN PGP ARMORED FILE-----
+
+iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU
+tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n
+dCBkbyB0aGF0Cg==
+=N9MP
+-----END PGP ARMORED FILE-----
+'
+sig_11lss_valid_but_is_not='
+-----BEGIN PGP ARMORED FILE-----
+
+kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g
+c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT
+mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy
+XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB
+Q341WRXKS/at
+=Ekrs
+-----END PGP ARMORED FILE-----
+'
+sig_11lss11lss_valid_but_is_not='
+-----BEGIN PGP ARMORED FILE-----
+
+kA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogyXUkgYW0g
+c29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED+BECwQAAnRXT
+mXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp5Yg/AwUAOogy
+XTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0P01WmbgZJoZB
+Q341WRXKS/atkA0DAAIRN8q1H7eRA/gAkA0DAAIRN8q1H7eRA/gBrCdiBXRleHQx
+OogyXUkgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqIMl03yrUft5ED
++BECwQAAnRXTmXjVd385oD38W80XuheWKTGcAJ9pZ6/flaKDfw+SLido7xaUHuhp
+5Yg/AwUAOogyXTfKtR+3kQP4EQLBAACgnN0IP+NztE0aAc/DZ17yHWR9diwAniN0
+P01WmbgZJoZBQ341WRXKS/at
+=P1Mu
+-----END PGP ARMORED FILE-----
+'
+sig_ssl_valid_but_is_not='
+-----BEGIN PGP ARMORED FILE-----
+
+iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU
+tH60PslLE0A1BUx9j72UcY+IPwMFADqIK0s3yrUft5ED+BECLQMAn2jZUNOpB4Ou
+urSQkc2TRfg6ek02AJ9+oJS0frQ+yUsTQDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJ
+IGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRoYXQK
+=Zven
+-----END PGP ARMORED FILE-----
+'
+sig_1lsls_invalid='
+-----BEGIN PGP ARMORED FILE-----
+
+kA0DAAIRN8q1H7eRA/gBrCdiBXRleHQxOogq9EkgYW0gc29ycnksIEkgY2FuJ3Qg
+ZG8gdGhhdAqIPwMFADqIKvQ3yrUft5ED+BEC2joAoJaSaXOZEtSZqQ780HIXG77e
+8PB7AJ4wCprmaFTO0fBaTcXDuEOBdAWnOawnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5
+LCBJIGNhbid0IGRvIHRoYXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeD
+rrq0kJHNk0X4OnpNNgCffqCUtH60PslLE0A1BUx9j72UcY8=
+=nkeu
+-----END PGP ARMORED FILE-----
+'
+sig_lsls_invalid='
+-----BEGIN PGP ARMORED FILE-----
+
+rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI
+K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT
+QDUFTH2PvZRxj6wnYgV0ZXh0MTqIK0tJIGFtIHNvcnJ5LCBJIGNhbid0IGRvIHRo
+YXQKiD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCf
+fqCUtH60PslLE0A1BUx9j72UcY8=
+=BlZH
+-----END PGP ARMORED FILE-----
+'
+sig_lss_invalid='
+-----BEGIN PGP ARMORED FILE-----
+
+rCdiBXRleHQxOogrS0kgYW0gc29ycnksIEkgY2FuJ3QgZG8gdGhhdAqIPwMFADqI
+K0s3yrUft5ED+BECLQMAn2jZUNOpB4OuurSQkc2TRfg6ek02AJ9+oJS0frQ+yUsT
+QDUFTH2PvZRxj4g/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF
++Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGP
+=jmt6
+-----END PGP ARMORED FILE-----
+'
+sig_slsl_invalid='
+-----BEGIN PGP ARMORED FILE-----
+
+iD8DBQA6iCtLN8q1H7eRA/gRAi0DAJ9o2VDTqQeDrrq0kJHNk0X4OnpNNgCffqCU
+tH60PslLE0A1BUx9j72UcY+sJ2IFdGV4dDE6iCtLSSBhbSBzb3JyeSwgSSBjYW4n
+dCBkbyB0aGF0Cog/AwUAOogrSzfKtR+3kQP4EQItAwCfaNlQ06kHg666tJCRzZNF
++Dp6TTYAn36glLR+tD7JSxNANQVMfY+9lHGPrCdiBXRleHQxOogrS0kgYW0gc29y
+cnksIEkgY2FuJ3QgZG8gdGhhdAo=
+=phBF
+-----END PGP ARMORED FILE-----
+'
+
+save_IFS="${IFS}"
+IFS=""
+for i in "$sig_1ls1ls_valid" "$sig_ls_valid" "$sig_sl_valid"; do
+    echo "$i" | ./gpg_dearmor >x
+    IFS="${save_IFS}"
+    $GPG --verify x 2>/dev/null || error "valid is invalid"
+    IFS=""
+done
+#for i in "$sig_11lss_valid_but_is_not" "$sig_11lss11lss_valid_but_is_not" \
+#         "$sig_ssl_valid_but_is_not"; do
+#    echo "$i" | $GPG --dearmor >x
+#    $GPG --verify <x 2>/dev/null || error "valid is invalid"
+#done
+
+# without the +e ksh seems to terminate the for loop
+set +e
+for i in "$sig_1lsls_invalid" "$sig_lsls_invalid" \
+         "$sig_lss_invalid" "$sig_slsl_invalid" ; do
+    echo "$i" | ./gpg_dearmor >x
+    IFS="${save_IFS}"
+    $GPG --verify <x 2>/dev/null && error "invalid is valid"
+    IFS=""
+done
+IFS="${save_IFS}"
diff --git a/checks/options.in b/checks/options.in
new file mode 100644 (file)
index 0000000..c789164
--- /dev/null
@@ -0,0 +1,6 @@
+no-greeting
+no-secmem-warning
+no-permission-warning
+batch
+emulate-md-encode-bug
+no-auto-check-trustdb
diff --git a/checks/pgp263-test.pub.asc b/checks/pgp263-test.pub.asc
new file mode 100644 (file)
index 0000000..53310d7
--- /dev/null
@@ -0,0 +1,14 @@
+Type Bits/KeyID    Date       User ID
+pub   888/A50283F1 2001/11/08 pgp2.6.3-test-key
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: 2.6.3a
+
+mQB8AzvqRosAAAEDeNMKLJMJQeGC2RG5Nec6R2mzC12N1wGLiYYJCsmSQd1Y8mht
+A2Sc+4k/q5+l6GHtfqUR/RTCIIudAZUzrQVIMhHDKF+5de9lsE5QxQS1u43QGVCb
+/9IYrOLOizYQ2pkBtD9LCrf7W2DccMEkpQKD8QAFE7QRcGdwMi42LjMtdGVzdC1r
+ZXmJAIQDBRA76kaL3HDBJKUCg/EBAZMoA3Yqqdix6B2RAzywi9bKSLqwAFVL+MMw
+W+BnYeBXF9u+bPpQvtyxgi0vx8F9r84B3HAhZNEjBWODF6vctIQhXhAhXIniDTSj
+HNzQ/+nbWnebQn18XUV2SdM1PzMOblD+nISte7+WUfWzlD7YUJPkFPw=
+=b498
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/checks/pgp263-test.sec.asc b/checks/pgp263-test.sec.asc
new file mode 100644 (file)
index 0000000..78992e3
--- /dev/null
@@ -0,0 +1,18 @@
+Type Bits/KeyID    Date       User ID
+sec   888/A50283F1 2001/11/08 pgp2.6.3-test-key
+
+-----BEGIN PGP SECRET KEY BLOCK-----
+Version: 2.6.3a
+
+lQGdAzvqRosAAAEDeNMKLJMJQeGC2RG5Nec6R2mzC12N1wGLiYYJCsmSQd1Y8mht
+A2Sc+4k/q5+l6GHtfqUR/RTCIIudAZUzrQVIMhHDKF+5de9lsE5QxQS1u43QGVCb
+/9IYrOLOizYQ2pkBtD9LCrf7W2DccMEkpQKD8QAFEwADd0Kk5aeyFM3zbPgfikkE
+7iFg9h2LG3nARmA4wAnCZaQ3CS5zRHCdXOf5KLkm6xFza1yMat4iWx6ULvuuNpIc
+RmkHccyXYkRi3Hvacd5A9VCNw1UKtCdaCKgacsfplU0s1xYWGZd4J8Jg8boSfW5W
+gwG8Dc9R20HHno8uD2vfr5rg8ElWvbFyJI/j4eCVAd+NYAGNvB8I3VP38IIYcavh
+YYcGjrpxbGVRybsBvA9IJltpGaVulxwpeCp5NecCGgoAUsN4Ktf42Pg7HXDlQL6r
+Xs/YggMztj4NzEgBHXAOLShdKKhDAbEByVSKXZD9A8J+RejXBl6VbuJmD/5qOvph
+GAPKS3ahPDj8438HyD7yIDLYYVRKfxjWHLubc46Pgui0EXBncDIuNi4zLXRlc3Qt
+a2V5
+=l/aV
+-----END PGP SECRET KEY BLOCK-----
index 2bb25df..b58aa5c 100644 (file)
-This is a test public keyring simply stored by GNUPG so that
-it is easier to make diff files.
-
-pub   768G/9D266E0F 1998-04-28 Test one (pp=def) <one@test.nowhere.nil>
-sig       9D266E0F 1998-04-28   Test one (pp=def) <one@test.nowhere.nil>
-sig       2E5FA4F4 1998-04-28   test two (no pp) <two@test.nowhere.nil>
-sig       6D11D6D3 1998-04-28   test three (pp=abc) <three@test.nowhere.nil>
-pub   800G/2E5FA4F4 1998-04-28 test two (no pp) <two@test.nowhere.nil>
-sig       2E5FA4F4 1998-04-28   test two (no pp) <two@test.nowhere.nil>
-sig       9D266E0F 1998-04-28   Test one (pp=def) <one@test.nowhere.nil>
-sig       6D11D6D3 1998-04-28   test three (pp=abc) <three@test.nowhere.nil>
-pub   768G/6D11D6D3 1998-04-28 test three (pp=abc) <three@test.nowhere.nil>
-sig       6D11D6D3 1998-04-28   test three (pp=abc) <three@test.nowhere.nil>
-sig       9D266E0F 1998-04-28   Test one (pp=def) <one@test.nowhere.nil>
-sig       2E5FA4F4 1998-04-28   test two (no pp) <two@test.nowhere.nil>
-
-
-
 -----BEGIN PGP ARMORED FILE-----
-Version: GNUPG v0.2.15a (Linux)
-Comment: This is an alpha version!
-Comment: Use "gpgm --dearmor" for unpacking
+Version: GnuPG v1.0.7 (GNU/Linux)
+Comment: Use "gpg --dearmor" for unpacking
 
-mM8DNUWBuARHEAMA8bSQw1VFSXbgZ+nNXhM9xeDD+OpKQU4hUaCKfuTtRHoY5QxTPz3DFWRl
-FewsA50Ou28jlPWxIKZaaGxMqbDtqyUsm6AEz/vRi5VKiVHf28XUkMryQSTHvjwJFVb7+6Wb
-AAMFAwDXZiawNtgYsjwVedv/xXdhTsrf0Tn/8HCj3S9N/MAT0zCnXL0flYeqhqL/okuBcrwM
-A4amAIWGVW7ws7k7QgrfJoWG2SELxIT9MovMLvq5Kh55J7H6Yn6uoFzIOX0A43HQIiNjcmVh
-dGVkIGJ5IEdOVVBHIHYwLjIuMTVhIChMaW51eCm0KFRlc3Qgb25lIChwcD1kZWYpIDxvbmVA
-dGVzdC5ub3doZXJlLm5pbD6I1wMFEzVFgbg8a7vmnSZuDxADD/4DAK0FELG1gICh/fxO5dXu
-lV+S1CY9YPQwRxQN7zYlixA7vedTCN9jutMC6fOlmMXqfivF2CMux3uz0oTJgjF/myh+jkcO
-sE+iUgcO+fdMIn4oY53Pval5zuCcmqqbszP6mQMAqIYYNtE2BI6acRU8sqwIxx/GiVqELwzX
-4QGp5N/4oURoZJ4Ybb8+6eEePI1vzIpLq9TO0ttQzDv9hO8WNyYEPVAoe9gOIoMYOh9E0W9R
-u0wf4sh67KCrRvc7yrFTMwHtiN8DBRA1RYLMDvng6C5fpPQQAzlHAx4qEZmAhoAtCfgQmlmq
-HIwcOa2xI/eOsqexT6eYMty8f/vsNznGhTh5gJ3PDDy8U/Lj1KRJWPeDSZJ/6tZ/3DUd/x+K
-jPzVVnm1zlJSflR5AWLS7IQiyJzz7uo2dUiCs2nO4rZcAyDaLbj/2aWwI92UQzKjWvcS49lW
-r2wp0QURUomqvNexKkHHDyIRhwspXwT9glETyn+focZKRBJTv0QtxOMVQeGaUnIuAcsDgpZu
-ZkXBcdXgPbmj39rN+nNUW1UI0fKsnBl5cnSgiNcDBRA1RYLaZE80um0R1tMQAwq4Av9rzmMg
-XgDtJy+mauJJ5FUEE5GY3bIul1MuIbaMv6T99uWgwD9q2HsV0z9/T552cOTJ/DIkSjdusZ6+
-PlY8jYDK4xTYwcglPuMH5/EsKW8zZwcwYiqnGMbmY4F70SxZW2EC/1p760rM7MrNCDAWnEle
-gTvEMvutfK+K3DOu+Ba+KxU3zfgWr4z6B74QV2TvHrF0Zgu9UpXOp0FghufA6JevCvYhzNDM
-4VJV24QaF3bt16JoHQyiS9jtYcMl4IzexeeO0JjXAzVFggEAABADINyO1leIKxvoee6oi0zk
-I9SCJ6dSTEH7/kETqetNArjqClenO1K0AVd+MqMajl97bg5iUYGam55PECkkozOlscDzDF9e
-xWY6sey44dBREQhgXLVWE4GZ1G3sy85aD+sVHgxwlz8AAwUDILAV8w6FL7PpgiedAOHslMtq
-f7sh1IeNSkCjRdqvMCKgKroSLQto9WprXMUv3KHmTL7TpZNad+8xJUK7R5GHUTR1OIFQMJvT
-odG8RU6JOaGoeTqWgs61v00fFgwY6sYO11ckmsfQIiNjcmVhdGVkIGJ5IEdOVVBHIHYwLjIu
-MTVhIChMaW51eCm0J3Rlc3QgdHdvIChubyBwcCkgPHR3b0B0ZXN0Lm5vd2hlcmUubmlsPojf
-AwUTNUWCAQ754OguX6T0EAOQsQMfXrBhe1g+hBCwQH94+08VqNGS/+Fs8s4FRmEP1Y0TuT6U
-qf9QLHtfbPgKbJL1NwGgy6dn4TfWo2PRj0U8ai+YIIPZopl4hnrj+v1f94V/IbMd3N77K0F0
-rJrHzL4egHi95BUVdgMgr00QAYcbbZItd/wIb2TNSu/DRlzEXezA3xRuCIBnTdsrHMPc2B4l
-mCQsyx9/fmBlwrVLlaftBTvrOUa/yXf8hHwPv48avRwgClaoChExhFMdEA9Df5ju4192VldJ
-yJgPVz0Ze4jXAwUQNUWCsTxru+adJm4PEAOeIwMAhzYyjVb5vlae3V3VO+5+Zsx4SVRB2NeC
-Y74FIN5vXMoWJyt/UjmXC9CmI82PvVD3F8RXKUZqZC9gXcGyDYyZ87oooYc9HbQ7lhyOWsv/
-0dWztX9UQQrHdScQ0TbZcC2aAvwJF7WESAGhOGssVKWaUkXZJV1sCpyyEtkUP/UJtcGha/Op
-PlmG6vC9XW5ymtRk0XhFkvG4dLopbRIZgAI0CmHSloKIL5Y4JzOfc5bccNCB/tiI+3Y1JIr3
-AYMqaSTjoGOI1gMFEDVFgwJkTzS6bRHW0xAD83sC93MCuEN8MCJGTZX//I7QVsg5DJ9xJRdy
-5Te6MNA1Ie1o7+EJZ1MqDVF/6+HkITqGWFOPD/GYPmgdP5QALfHW6z9YddHOHH6Skt2fC2NW
-Tip4e+/t8iAOR/ynwocPpyHkAwCHsxTXtRlaCbIt40/3d0LFPoN4JYBVDM+pWfNgNAWUzgME
-Mua2P24g4P4NZnW3fsJuYQ6Ro7jqu6oolfFkxVOYd2/KrnH5Mggu3D8q+gg68kzXTj62QW9v
-TBax5Ve0Kk+YzwM1RYJlAAAQAwCWZQsoNJJI8u1nV+5VZaXZqZBn+uk3fp/my7l9YLQeV5S9
-U76Ogdw0la/YiWX2m8Aw+hO47pYswsyRi2lu/FE/dr0o0CB53LB4EnFJPiBHrB8rm3wI142B
-QeJ9Dj5YU/MAAwYC/1gB0NoFl2QhbYY83tuLg/UlIkM8CZtxtXR9vfQq0UgrVuDoeLx0/mln
-Wm8pmJsHR+0r8sL2yjl7P0RQ+FJtiaMTVHihJyhXukCO1bPM3PX8L/QsmXFzWcfmavk11xpP
-NdAiI2NyZWF0ZWQgYnkgR05VUEcgdjAuMi4xNWEgKExpbnV4KbQsdGVzdCB0aHJlZSAocHA9
-YWJjKSA8dGhyZWVAdGVzdC5ub3doZXJlLm5pbD6I1wMFEzVFgmVkTzS6bRHW0xADVtEDAIWy
-FsZZgyT9wLmEsVbLcv2WNK/z7XweyDOV203Z3Po5lo75+c8bFkRPNcD/0R/nD5wbyNPACFHx
-e7VUm+wLHZFq5Hw8TuAegqNq0ZlgeR/vLgs54m1eOi3jbDfyZMJASAL/XKRGnGu3oi6SjknK
-sKhFOprdn7DeMW0q7YP5WtRTnnrJjIhDl0c+mi82Yj2OVEOLg3SaILBDZJd9muLPHQLAp95X
-sKZ0nHfBzlFFsr0V5BvWF4UV+U9JHxyDuXLWyEDbiNcDBRA1RYK7PGu75p0mbg8QA3mwAvsH
-XEo6HotEGw0stskTnV/Dp32bSJ8yRq2kOWfQAgaY1ZZWVRSPtHBDAJZJ/LpfWXPke90M3B72
-v0a9gAxOx5VfevaaXJAdp/ZjrVh1TE90LujbPVNeHt4a1dD0bQa9EbwC/1NTZMfb8LDHxYds
-JdDdZxsxfCDy2U7BWC1e3LLQCJOeNfSx76ICJBLq+HOpCgP2AodGgV9Rx01O3Fz8Gx3iVRgZ
-bKnyS8perkS3AFayedGat/6reUI6KJtddro0SIeBxIjfAwUQNUWDEw754OguX6T0EAPKMgMe
-L8YKAj4KvkJBWNxt1W+WTjF2YBj4pYmrWisXxgmRZWEwwyDHYecH1zE2L12o82QGprbU8BW+
-GUXQVxbRt0rvlDqfGPN5HAgdjES7sK3qVZLsVeMcnhpjDDQkpYkCIsWueCKKRwMfSiqZ1S3o
-BHIz3CVzbQkdMp6FbpSYXRR55CyzVdUZDb9ynXKxQCk3Pmn0bTFsRWRFOlRe3oVpS2lM2EQF
-u5cWheypAt2y86ZuoevHPkcpsR0UXD129IzwOV3cstGm3jCAhdGMmA==
-=eCl1
+mM8DNUWBuARHEAMA8bSQw1VFSXbgZ+nNXhM9xeDD+OpKQU4hUaCKfuTtRHoY5QxT
+Pz3DFWRlFewsA50Ou28jlPWxIKZaaGxMqbDtqyUsm6AEz/vRi5VKiVHf28XUkMry
+QSTHvjwJFVb7+6WbAAMFAwDXZiawNtgYsjwVedv/xXdhTsrf0Tn/8HCj3S9N/MAT
+0zCnXL0flYeqhqL/okuBcrwMA4amAIWGVW7ws7k7QgrfJoWG2SELxIT9MovMLvq5
+Kh55J7H6Yn6uoFzIOX0A43HQIiNjcmVhdGVkIGJ5IEdOVVBHIHYwLjIuMTVhIChM
+aW51eCm0KFRlc3Qgb25lIChwcD1kZWYpIDxvbmVAdGVzdC5ub3doZXJlLm5pbD6I
+1wMFEzVFgbg8a7vmnSZuDxADD/4DAK0FELG1gICh/fxO5dXulV+S1CY9YPQwRxQN
+7zYlixA7vedTCN9jutMC6fOlmMXqfivF2CMux3uz0oTJgjF/myh+jkcOsE+iUgcO
++fdMIn4oY53Pval5zuCcmqqbszP6mQMAqIYYNtE2BI6acRU8sqwIxx/GiVqELwzX
+4QGp5N/4oURoZJ4Ybb8+6eEePI1vzIpLq9TO0ttQzDv9hO8WNyYEPVAoe9gOIoMY
+Oh9E0W9Ru0wf4sh67KCrRvc7yrFTMwHtiN8DBRA1RYLMDvng6C5fpPQQAzlHAx4q
+EZmAhoAtCfgQmlmqHIwcOa2xI/eOsqexT6eYMty8f/vsNznGhTh5gJ3PDDy8U/Lj
+1KRJWPeDSZJ/6tZ/3DUd/x+KjPzVVnm1zlJSflR5AWLS7IQiyJzz7uo2dUiCs2nO
+4rZcAyDaLbj/2aWwI92UQzKjWvcS49lWr2wp0QURUomqvNexKkHHDyIRhwspXwT9
+glETyn+focZKRBJTv0QtxOMVQeGaUnIuAcsDgpZuZkXBcdXgPbmj39rN+nNUW1UI
+0fKsnBl5cnSgiNcDBRA1RYLaZE80um0R1tMQAwq4Av9rzmMgXgDtJy+mauJJ5FUE
+E5GY3bIul1MuIbaMv6T99uWgwD9q2HsV0z9/T552cOTJ/DIkSjdusZ6+PlY8jYDK
+4xTYwcglPuMH5/EsKW8zZwcwYiqnGMbmY4F70SxZW2EC/1p760rM7MrNCDAWnEle
+gTvEMvutfK+K3DOu+Ba+KxU3zfgWr4z6B74QV2TvHrF0Zgu9UpXOp0FghufA6Jev
+CvYhzNDM4VJV24QaF3bt16JoHQyiS9jtYcMl4IzexeeO0JjXAzVFggEAABADINyO
+1leIKxvoee6oi0zkI9SCJ6dSTEH7/kETqetNArjqClenO1K0AVd+MqMajl97bg5i
+UYGam55PECkkozOlscDzDF9exWY6sey44dBREQhgXLVWE4GZ1G3sy85aD+sVHgxw
+lz8AAwUDILAV8w6FL7PpgiedAOHslMtqf7sh1IeNSkCjRdqvMCKgKroSLQto9Wpr
+XMUv3KHmTL7TpZNad+8xJUK7R5GHUTR1OIFQMJvTodG8RU6JOaGoeTqWgs61v00f
+FgwY6sYO11ckmsfQIiNjcmVhdGVkIGJ5IEdOVVBHIHYwLjIuMTVhIChMaW51eCm0
+J3Rlc3QgdHdvIChubyBwcCkgPHR3b0B0ZXN0Lm5vd2hlcmUubmlsPojfAwUTNUWC
+AQ754OguX6T0EAOQsQMfXrBhe1g+hBCwQH94+08VqNGS/+Fs8s4FRmEP1Y0TuT6U
+qf9QLHtfbPgKbJL1NwGgy6dn4TfWo2PRj0U8ai+YIIPZopl4hnrj+v1f94V/IbMd
+3N77K0F0rJrHzL4egHi95BUVdgMgr00QAYcbbZItd/wIb2TNSu/DRlzEXezA3xRu
+CIBnTdsrHMPc2B4lmCQsyx9/fmBlwrVLlaftBTvrOUa/yXf8hHwPv48avRwgClao
+ChExhFMdEA9Df5ju4192VldJyJgPVz0Ze4jXAwUQNUWCsTxru+adJm4PEAOeIwMA
+hzYyjVb5vlae3V3VO+5+Zsx4SVRB2NeCY74FIN5vXMoWJyt/UjmXC9CmI82PvVD3
+F8RXKUZqZC9gXcGyDYyZ87oooYc9HbQ7lhyOWsv/0dWztX9UQQrHdScQ0TbZcC2a
+AvwJF7WESAGhOGssVKWaUkXZJV1sCpyyEtkUP/UJtcGha/OpPlmG6vC9XW5ymtRk
+0XhFkvG4dLopbRIZgAI0CmHSloKIL5Y4JzOfc5bccNCB/tiI+3Y1JIr3AYMqaSTj
+oGOI1gMFEDVFgwJkTzS6bRHW0xAD83sC93MCuEN8MCJGTZX//I7QVsg5DJ9xJRdy
+5Te6MNA1Ie1o7+EJZ1MqDVF/6+HkITqGWFOPD/GYPmgdP5QALfHW6z9YddHOHH6S
+kt2fC2NWTip4e+/t8iAOR/ynwocPpyHkAwCHsxTXtRlaCbIt40/3d0LFPoN4JYBV
+DM+pWfNgNAWUzgMEMua2P24g4P4NZnW3fsJuYQ6Ro7jqu6oolfFkxVOYd2/KrnH5
+Mggu3D8q+gg68kzXTj62QW9vTBax5Ve0Kk+YzwM1RYJlAAAQAwCWZQsoNJJI8u1n
+V+5VZaXZqZBn+uk3fp/my7l9YLQeV5S9U76Ogdw0la/YiWX2m8Aw+hO47pYswsyR
+i2lu/FE/dr0o0CB53LB4EnFJPiBHrB8rm3wI142BQeJ9Dj5YU/MAAwYC/1gB0NoF
+l2QhbYY83tuLg/UlIkM8CZtxtXR9vfQq0UgrVuDoeLx0/mlnWm8pmJsHR+0r8sL2
+yjl7P0RQ+FJtiaMTVHihJyhXukCO1bPM3PX8L/QsmXFzWcfmavk11xpPNdAiI2Ny
+ZWF0ZWQgYnkgR05VUEcgdjAuMi4xNWEgKExpbnV4KbQsdGVzdCB0aHJlZSAocHA9
+YWJjKSA8dGhyZWVAdGVzdC5ub3doZXJlLm5pbD6I1wMFEzVFgmVkTzS6bRHW0xAD
+VtEDAIWyFsZZgyT9wLmEsVbLcv2WNK/z7XweyDOV203Z3Po5lo75+c8bFkRPNcD/
+0R/nD5wbyNPACFHxe7VUm+wLHZFq5Hw8TuAegqNq0ZlgeR/vLgs54m1eOi3jbDfy
+ZMJASAL/XKRGnGu3oi6SjknKsKhFOprdn7DeMW0q7YP5WtRTnnrJjIhDl0c+mi82
+Yj2OVEOLg3SaILBDZJd9muLPHQLAp95XsKZ0nHfBzlFFsr0V5BvWF4UV+U9JHxyD
+uXLWyEDbiNcDBRA1RYK7PGu75p0mbg8QA3mwAvsHXEo6HotEGw0stskTnV/Dp32b
+SJ8yRq2kOWfQAgaY1ZZWVRSPtHBDAJZJ/LpfWXPke90M3B72v0a9gAxOx5Vfevaa
+XJAdp/ZjrVh1TE90LujbPVNeHt4a1dD0bQa9EbwC/1NTZMfb8LDHxYdsJdDdZxsx
+fCDy2U7BWC1e3LLQCJOeNfSx76ICJBLq+HOpCgP2AodGgV9Rx01O3Fz8Gx3iVRgZ
+bKnyS8perkS3AFayedGat/6reUI6KJtddro0SIeBxIjfAwUQNUWDEw754OguX6T0
+EAPKMgMeL8YKAj4KvkJBWNxt1W+WTjF2YBj4pYmrWisXxgmRZWEwwyDHYecH1zE2
+L12o82QGprbU8BW+GUXQVxbRt0rvlDqfGPN5HAgdjES7sK3qVZLsVeMcnhpjDDQk
+pYkCIsWueCKKRwMfSiqZ1S3oBHIz3CVzbQkdMp6FbpSYXRR55CyzVdUZDb9ynXKx
+QCk3Pmn0bTFsRWRFOlRe3oVpS2lM2EQFu5cWheypAt2y86ZuoevHPkcpsR0UXD12
+9IzwOV3cstGm3jCAhdGMmJkBogQ2446eEQQAtmWxQ19MJiSPMiw2EHSImXgLhy5n
+8h7Kl2ixlDGbVogL5/4TaXLcGoZsypuaF4px1L1JCzkNLPKzpbteZ4cOGs3N9K0z
+9S7CJJ+czkTZxXYGAukSsoTnopv+t/v8hrXZ05uPZVX2gqsLBJgQhJF2nlgxqvon
+tW/PSfPU+p/yarsAoKEJI1XlRhvgf0syevson3R1kFZHA/0Vw8i11+Plhxj9mnre
+dV5SqI1hsLGZnPSzz2IcFP0XFDu3HtUEG9FxZVFRQYWNCUKTP7cv5DYvmhlhc4oG
+0PhwFmZFLwPPlSAFZ3jfqfkh4RiMi01yqQGE6uOgML5ZWeQqb39Ngqf/ltWlcgNK
+pwVjMniMV5kfRzoupccZ+XI2owP/VWbnzl1qgl5Ab8+Dst0ORW40ENP/rcvKw5/D
+k2oj4uNRclJxIuizvqsgUtPRY52Y/vj5HEXF1vfUjcZhCUWOzLjR7ecCLxB9ozRD
+ifZbM82RQQ27sLI1xyt+fpT2xhMuvcQj9uohGn8rCim0VyYRNQvrZPEpyvhputrI
+r5iv+Wq0KUFscGhhIFRlc3QgKGRlbW8ga2V5KSA8YWxwaGFAZXhhbXBsZS5uZXQ+
+iF0EExECABUFAjbjjp4DCwoDAxUDAgMWAgECF4AAEgkQLXJ8x2hpdzQHZUdQRwAB
+ATl4AKCBLmRplv/8ZfSqep5IjqEAuaXvWwCgl6NEzT+/WewPTGcwZY+pLkycLv20
+EEFsaWNlIChkZW1vIGtleSmIXQQTEQIAFQUCNuO2qwMLCgMDFQMCAxYCAQIXgAAS
+CRAtcnzHaGl3NAdlR1BHAAEBJ4wAn0x5RWtqCjklzo93B143k4zBvLftAKCFbrlx
+lNCUPVsGUir9AzxvP0A3gbQnQWxmYSBUZXN0IChkZW1vIGtleSkgPGFsZmFAZXhh
+bXBsZS5uZXQ+iF0EExECABUFAjbjuFgDCwoDAxUDAgMWAgECF4AAEgkQLXJ8x2hp
+dzQHZUdQRwABAbfCAKCT8Guo/lZuVYtzb7qPCWa4uDyfwwCfXam5miXQfBXSZx3x
+oda1yt8vyXK5AQ0ENuOPDxAEAJyN1x9X9LsjfX2Z8O9s7BzMO9OoOxFtvZw+FA0B
+uDs0WVYkq1GuZ9/XiO0K30zvtZnlb7NMvBfz7xbLeYx+vKzy5xkq18+LE5dU+HKK
+dRQZKrrwgCsDy8tJRO447QsiLTksCDqPMaE32OCRBF5nKrG5vih7/cmEhf2CuAn+
+2yM3AAMHA/0Z5eYysaLnAwPeqQ9vNvUyrCxUEmrvl4svG7zkkg3ZcgAbDpDQUmni
+jt3gEBCoAzO3c41TU5wJaUNBEPGPWfKcTlmBEGJWjK50QQuA2diGncxIS5SDs+QV
+af434a6/KFVQcCmV7K8/T2S8/nuGJ/rIlFL5XovW6A/S9mYEjh2pD4hOBBgRAgAG
+BQI2448PABIJEC1yfMdoaXc0B2VHUEcAAQEgqQCfcDXmD8uNVdKg/C9vqI3JSndq
+knsAnRxzVeHi/iJ73OCKtvFrHbV9GogqmQGiBDbjkGcRBAC/DCQungO2iJ7j9+9q
+d2crjBU8K+AmQhs27JBkJqtAbC/xFqkHBsA1Pi8Zb6TLa/OCm2PbXFiM5x00wiEn
+VKNzuGOzU8uHB6kwWtLj8+V7VOWOkSDEtnlTF6u0y9JOvs7GwDvqOM5C3QH7La+z
+nNeAu1527Hj6l0XGSAzyvp+NkwCgnktU11VFpKSIdoplZBayN9OzT8sD/Awc/890
+fiSMWYNGo4+n6IHxhjBBM9lL+DAe1RtCEtwUSWNrGsIxFnDRkMxvMpaT4GusG+DP
+haTddrDBSyFiCLxKDBYgMbSO6wQ9g6zWEEh1ZMTMVU/akr81DOEColXn/f3Q4sRj
+xI3hu2z8tjVewAPNTuWETQ6iHHoVqdpkK4aABACfbMrnfK6TujxSs91MfKBWfYxy
+w9hjM6+VV8cJJdDXiheMKzWcrVecwgYYzukmNinO//BRmQcs1wdfi5UdfHLNFDig
+w96SdyZpHx+79ghD3NqDmzYakoRIoDKcZAIrAjgfl5if6vIiA4c1LjhSdcVTBsSy
+ic/mkk01EgztWKY0abQtQ2hhcmxpZSBUZXN0IChkZW1vIGtleSkgPGNoYXJsaWVA
+ZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjkGcDCwoDAxUDAgMWAgECF4AAEgkQQT9K
+8xr9q2wHZUdQRwABAT5EAJ9fcDAXA+7n6av9/VJr9a/Sb1PnuACfVMEihQSsyol6
+FBm7vc3S73d+pIq5AQ0ENuOQghAEAKFjw1K+7qwrSngPQBUGxHPyJVdiptGVFNkA
+dLgsJfDH+LwWZ90hedo0s6jKLjhiu5IKeVl2Hhhaq4LHaaDLAbnz0DNwWFqGaoSU
+1spvubgX/8QYhkrTNOBbXe1DAb2FNc6Fh6pyGc45oMPA8QrUav7aj/kA2qGquKfR
+MUUFYuB3AAMHA/9HTT2zrVf8WRRQCHzDhO5rqqd03/YaypezI9iN0XkTeASsryMN
+wMueI4eqSzBXXtskbzVzMJETklxUUstZAmD1yl6hOk/5hwX6b3CG2zBo4n8s+vHz
+zyL86aW5IPzVU/7rMGGFNRulrN8sR23ddzOlbsI101vKIRyBP7oKv5bYZohOBBgR
+AgAGBQI245CCABIJEEE/SvMa/atsB2VHUEcAAQG1rQCcDbUhj2I23rC0k3kcChgO
+X32YhQ4An0zwuiPl8hmr4xya2h04Ev20gjdDmQGiBDbjkc0RBACKzsZMOq0QzqW6
+inp5azEWL36qFRWn03pL7GVvDNBlUDgWMKp/VVH0lfx/CMt5ybFPnFOFBVxGqB4V
+VoLKTLY2B78VwUw9lB5o/mO/kZFZzk+8f1LDym8Y5MHnpXhl5HhxAsMGbkIXm0q7
+UEJZarYwsd9y3tNd7pALNkpyPN3DywCg31W+so34RtAL5MfN1ZpRal1x9acEAIVY
+TItU9OkjWM2ygJnTQXwVq7/ZtpeTyZ1E6UllLpurniSx85BDNF4FZx7fmHRbs14F
+Gn7J6hJ/tjeLSNM7ias6Iv/Q0JxLyoo2cYobWKt0t6zelCENmlxR7Yb1bcWcaHGX
+pbmGlhz3nnSZSPYfcjm2Z9JixVxWOk1Ih0GLPETYA/9IjW3qrsscxCnSHcw9DbPt
+1oyFQZWJedWXb6sqNvlPtu9IV1XSLLK7Kiq9Q8EZbAkUsDGPp6wdGVDpby2iAe6g
+kJHtwvZsrv3yaBg4TGTmAF7GrVUdBBk3V50rgsajYRIqsJW2RjAHMBTvqFgUoBso
+xTx0zEjsNF0uNne91DcU2rQnRWNobyBUZXN0IChkZW1vIGtleSkgPGVjaG9AZXhh
+bXBsZS5uZXQ+iF0EExECABUFAjbjpH8DCwoDAxUDAgMWAgECF4AAEgkQMYwfrvrv
+bRsHZUdQRwABAWcDAKCzaFoiAm79QSmYISeiM7XMKhoHDACaA8CU1j8+20C7rNip
+OHYz3KfUMhe0DkV2ZSAoZGVtbyBrZXkpiF0EExECABUFAjbjuAADCwoDAxUDAgMW
+AgECF4AAEgkQMYwfrvrvbRsHZUdQRwABASDdAJ44x/SDfOdtzwgGJOsg9SBTP2nd
+agCgnp5FlNmTvP6FPLHgkNx5F5BtiUa0EkVjaGVsb24gKGRlbW8ga2V5KYhdBBMR
+AgAVBQI247gfAwsKAwMVAwIDFgIBAheAABIJEDGMH676720bB2VHUEcAAQFepgCe
+OpUG5rVkWVJXULaeGZzqbT+2SbUAn3HmDGXzAJ6lCiYh5NrTIb8A7wIduQENBDbj
+kf8QBAC0pe0mjRH/JmKL3mubSTRMKGcd77+l8psl4GtcA6iqNj3g650Q2xxgW+Qb
+1iL9SeiIJP8KuEfj6vfPVKZHKkRAfsjnpbhN8zz7WQa2y8kkmqojHoGIh5wAD3NE
+6ox+1D2WvnySmU1JOuAQlEDfRC5C9hSrQBkO0TUCWL2wquDv1wADBQQAl3TuGt2S
+CuYSXo4R2dNZpB2ukqqHOj7nnTQu7ZVoi1OtgZYxor/w783GzLJ75PfdQMSd6T+G
+byq+QgpaiBvlmWtc5rcF3ZgnxiW9n2zUlQ+M6denubJT6/Aqfn7yL9v0sr8K7kTr
+PqAM0lb6DAMwBkpN8o+Z0+aIpG5/jOtnwuSITgQYEQIABgUCNuOR/wASCRAxjB+u
++u9tGwdlR1BHAAEBj5AAnRH+1me1/iHDnS5ltXysOdl24/BMAKCPThApQ7lJe8LY
+r61+lXUUwr1TKZkBogQ245LREQQAubUOd0B7cFzJHF5vo5NwiMZ1JXPjyNqL2OWE
+/XfaeJiB55oMmVEPmK1JF69wU7ZBpo1l4PEIWcP7WRMqvBEFl+8LnelRkSW95kwF
+r3D8TRnarZy3kfiBF1t33dnkVTaZYxCDKOBdZ/ZiRvLa6gZ/KHhITfzaS7h36G2M
+bAlGlj8AoKQPFsEPjByKYdx72m5/2Ju/4d4jA/oCNAKaJH7N8Y3HLis1ShhpytJP
+1yC9GJjtec3ugzYSC7RKV3NJcBeCX4om3KhiDSN6YYVICf4wdqz6TAocoqPzR2t7
+Fz6+upxIgh5WGnnCs2e7uO1eXUCSXONfiDEDzRKGTQjkdvwFo+880DkiGln/qmRr
+cILA568dwNnOrBio5QP/dbkpUBhqGDr2LchpkoYyQlqzbvUpXJ1xlfZim1jfrmdf
+sk83dE3iBzvmT8ByIZcMoqDEHil95LmJp3qw1yVeApP/ZWR+0XiBLEF9GhcAOc5i
+hH2ACSXLWiRXpyMmK2/erTvTX3QkAcqoQ1cFWCwNNCrlgycB84Hdm5GXdajp7cC0
+J0dvbGYgVGVzdCAoZGVtbyBrZXkpIDxnb2xmQGV4YW1wbGUubmV0PohdBBMRAgAV
+BQI245LRAwsKAwMVAwIDFgIBAheAABIJEBaEEKSPwoLmB2VHUEcAAQEi4wCfbbaA
+ruJvA5fMgp3+Bk/T0kL/f54AoI56Vqqpio01uS7SADzj47t3WQyquQENBDbjkvwQ
+BAC2wan9ScDXLgCqN7CWSRM5B68vC3PCbemYsuOXZjdN8afw2LSHxZ3buRXfYxRn
+JNo1pm4PGkMQ7ZpQikZZVCZa+WoIVXYXRnYAjxHhvHW0LaQPvnyFS9H5LaGf2Urs
+TWVA+695zYsSaX669XFb9WbiIMGB4yUiXPvQwUL0tSd+kwADBQP8C3sKWjsPh02T
+jcEy+FDxWAn4g3LfsOPw8dfawJln+0h9LA0hTebbKBJWt5OUMqjjTq/pCZ5+z+b1
+0f2WwET/xAvjQSTdJjrFX9DNNU3jhCCelEpal9oxsbNYlVd5zOU2RN4hlmj+eEOb
+5oy5wy797sQpsbrgGetCTsvPotIpvbGITgQYEQIABgUCNuOS/AASCRAWhBCkj8KC
+5gdlR1BHAAEB9+wAoInApOl706hL9+EV1UpIX/hHAxzjAJ95K6j3OWXkiRmu0X0X
+FYZuULXL8pkBogQ245SxEQQAyG4mRUQZagjDgl0xAnaSbLCQ5wJqYq/snwCl+IbD
+lXcoHqXQNO9QJrPKwKQAUv3Nvk7mqZWnfMPoskLOASrs6nkCv2Fo9Aw6smNizO6i
+W7xXepwvxjho4hLnE00oGPCDhUnAU05LO2pTBoxwHVs0o6vtaaViXk0s6dOFCoVd
+f9MAoLjiGlK/3DFWoUrqIiuE3aLfgkddBACrp1snJ1BtiGhmKjt7An6Qoc5LVnU4
+1J/REiQIyitUFAvPX+fiqzDyE3VD8qX/vvTLpgZCYvvEdBlSfM8IcCn1/Qh4aw9J
+HzuvKQg8WclvnQ8zq/7RV9J7h/aS/KIhDJIpGhi6YfjfjdSKfLYYfr3S4TVK9xD0
+Za3AH7/lrTqW8gP/fpKWu8fJyJ9kqHyYrI/j4ykt5QKBj3tHjqCv7FQb4FY8txnN
+3fLzBtva/tlkSKRsLobixjZUGF+uQR1dTCv042LxZ6aEUqrUytxqUc05pCSAvEZV
+8bX2H/5+ulSwdxKEzs1h2NvSTAiZ54zzKGjHNmEitdAaPD/9u5xdAiqPFxG0KUlu
+ZGlhIFRlc3QgKGRlbW8ga2V5KSA8aW5kaWFAZXhhbXBsZS5uZXQ+iF0EExECABUF
+AjbjlLEDCwoDAxUDAgMWAgECF4AAEgkQH+j8bwQllncHZUdQRwABAVpYAKCVZ7Df
+K+i/YZGyEu18DnWq0ixligCghGwDoMGgLnenSjyShMZ+1Ecekia5AQ0ENuOVEhAE
+AIMMgk/e8lsV/KEkd4/jNK4yFj5iy/Faon800I3GUzETuQA2AT3getR+GuV4pbZW
+E/80b9hnNW50UJGiP1+SXfVtY5vT8p/gNFwn5d0O/pq3bpgFRJmoawTzx8SFDwCV
+PHEcwOHE2j5LvfrvRBOyKU32tr976ri+Uowt0+92LuA7AAMFA/0Yo9dDqhjR2UoN
+cYfEZwWhRHaaJenP3z3QbzjJkASb5H84xCTEpv0dqEtVTJUoIo8Lh5VjbiCwok4Q
+PLVSbQFeHqTKb7N96PjevkZ1Co6OrLCNOcPRvXxgCwSGbuuLMkQJEutnXLu0DOKq
+uY94KXXh79La7lTgjReE/1Wzbgc1+ohOBBgRAgAGBQI245USABIJEB/o/G8EJZZ3
+B2VHUEcAAQEJeACgjmiKaxmzxkqYtvmw8HgBnOeALLMAn2iD2ym3cRhcAH3leZ/O
+qAkFG/ThmQGiBDbjlSURBACcp0BogujMnThXpn4UjBARj9oXgQWskkhz657AXu6R
+mX/u5RmpLGqbNmNuqKDIwUbJslIxrpOnA3QEobkIl7ThH+ZUIhGzPUnHlhd7M3dQ
+Ww1U0TfpHyXx3FYb7CCPabrSC7hWWh1ylUxz+RGJJSApR+D/GY+dF7dIllKUbaUG
+bwCg1z+vkNbzqibcwdYrwCjKG9VeFa8D/A5yPHqB9NMp+3OlAGE4XRTR8LeelALp
+u+MuNMGFCMLdZfmt/Amoyau51FsQ7WwWrNM5A+1v3Fq0x5WpNw6Lr7HbN9d6zidN
++L0uCrXPweET8ueS3DFnHI945epe703TbcjJBO/uYLn0LXExmTg846/1ZlQbPgLz
+mzb/2JMkJ+QzA/4xFbRL2YeaKyu4JjpMNUVzXYogUwg9KZZq/qBbpsIAD7Agd+Zx
+LJHoweItXaC0nS9C6qDJZ95OJrE+h/Tt2D2lmxXseTVlSESaWh45x9mbC0eRGFYY
+RsSx3z0hYwMmXA0ntj0lndC8ru8HjZtBW/KF0VB0RcfSyW+W+yAq0Jxo5rQnS2ls
+byBUZXN0IChkZW1vIGtleSkgPGtpbG9AZXhhbXBsZS5uZXQ+iF0EExECABUFAjbj
+lSUDCwoDAxUDAgMWAgECF4AAEgkQrRsPrUPC0McHZUdQRwABAdUSAJ9ZMVrsRsAk
+tfouxadXBc82Qh8nCwCcCavkRu7sfbEBJqKdldpinYwWZpK5AQ0ENuOVSBAEALmZ
+YtP72G7OodR4RfR270RxTHj40PfUpPIf3U8ezyO3kqjB12IdD2YIXIZW6zEj53ps
+X8DGya5nSvVjdFofQSVHtsnB/H7VHBkaOQnREoInHs4helYOD0M/RZcbRIb65e6v
+Eesuzvo9N0ACSlBsAXbeeNKGfGGCog74GVGcZ6HnAAMHA/9W9n2MwJ7lq0GV4V0E
+OHDVcTAVRSh0nB9uKBVW7hFi4DP7XYBfgj8Nlbc22vMkkdSvNFUoLEH7Op9sMglX
+fiCPJSh02U/6XyAhXDyZRyrOIHviTZ9SHMQQIqtEETVuYRkzvSnSfDBVq1p9gW6e
+ZN9q6AM7gmoKInpRaODFRWU7DYhOBBgRAgAGBQI245VIABIJEK0bD61DwtDHB2VH
+UEcAAQGO/QCfaGt8NeCm0zbssmOrXZ6v9zFk8xEAnj3SpjLTyqemniHSJ9KEzIKJ
+CdiDmQGiBDbjouIRBACKncc4Ueec7dWaVARy2SmNVufeSenYs4AsIPP0v59jEl7J
+I0rb+4JbIJoAzW/hcm26GS/UbbpQwig8/PgMUV5QfBST4CEOlf7/x2a4HKk9tDV4
+An7q2aNr1beW+twxfUGWWV5I0o1b/iKVk/LiQRiaMr8pJXY266m6/2Pn9LmDtwCg
++Iqfx8gsK2PZCWv87uEKAOLzHXsD/1eRxLqCt1hT98gdDLykRTlI3kMq6EK3I+z/
+8pDIMDuPIJq1eM68YdFZr8s7i1ye1QpDltPYHgWnUC733ujAKANdyybm3HrA3TSB
+jEAhNfcu8nkrVorvASQUDCLJatWRWJTUVrPH+GXIXMA/Oi6LDsgNDOJanwzzvDCC
+m8hWQqW9A/4xYAZ4NVFrQq8gtQPJWuMIfSFSvpZWNgQgYZntiXSUGYOVs28T/87R
+oRx02tsVDw2PA8z68q/XRuM9NdetxbUXQHB9eszFLi3W1idsXhd/C4SyiTgEFXG8
+Y8s94Eadgk1PAYHN6Gd3SY7jmevqYGVLmBp7qfj5Y9XSM5SE0Th+fLQpQnJhdm8g
+VGVzdCAoZGVtbyBrZXkpIDxicmF2b0BleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuOi
+4gMLCgMDFQMCAxYCAQIXgAASCRD+GAsdqeOwsgdlR1BHAAEB+u4AniJTgzmzXGxm
+JdrTAudfgUEGX1puAJ9+U2nDISnooSEoI9bA9Eb1YlzSqLQOQm9iIChkZW1vIGtl
+eSmIXQQTEQIAFQUCNuO3OwMLCgMDFQMCAxYCAQIXgAASCRD+GAsdqeOwsgdlR1BH
+AAEBGuEAoIrcivM2owTqgDdGWU6vHzs4IhGCAJ9WRH41/o3n2VLmPuMxc66Tv319
+DrkBDQQ246MHEAQAlUnV8VFpc/NRY6h4EeG9RLZoZlvPQpqbB3ypUsJWLwbWwf8u
+0xSH7wK+GRW6bqnsOib7YyBGaF76JU1sB1TxBZLhtCwGtN6JWmKcwumQQ7i5G9PU
+bpAg+M3WOscGwDEbDs2YL+fey2V7Tiyy55jsk6bI0Qy87VrLjYJZua33zk8AAwcD
+/0slWbxRHRFZ+f3UE6e3gLV3a22RDN+/XLQiduut0W02XeeZSAXr9X05ykJLw02N
+nufMiEOBPjc6/faoPQsn+ntzoRK01KhATobrAYHuP+xOS6yFTL6OgBVPaoJ9EoLJ
+7v8MNrcVcN1xI6i/B4JfuEP+e2EbyTnvqtvWHvSy/HmoiE4EGBECAAYFAjbjowcA
+EgkQ/hgLHanjsLIHZUdQRwABATK5AJ9pek7H6yt3ZHAJ+7nn7sGmxYxb5ACg1INF
+N4AMzqEUjbZ51KTVdAvyKlSZAaIENuOjhxEEAN5nO1c81jCmgh/oF+p6kiZmqFV3
+ape5kEmcS/BoWgCXt6vjaldctmFYi7v+BY4N9zI3GxQqAxt5D6dY7aN1xlC236CZ
+EAaXUXktvGw/ppHDjdbs8CRuZiA9jm1j92GAUY/mm6hX2aGKOkVwr9yN6DrA2CaO
+4SwK/wEXkVfj+nazAKDCaBzHzwSkkXf8QOtOTj/xevpnzwQAv30laCeXTDZM2I/1
+Pdzma1V1xizfae0kfzZOJBDQtHQDvNFjmu6iM1kL0uxOG3krr0AlqSsMD8W7mavb
+FigUlxbhvuul4pTL/BiJ946FhjlPY0Ni9pmdAldno7yUYsWADEKadkQ3ghEVqEqz
++ACYbzp3p8K+5KuiFJm9D4uyvToEAIVPi2N+4voxnRWGwKXF4E+fLYAzXT5sMMzl
+46Xk4Ms303F/5JG7kB0iiPPY6oP0l3nlahulRcbNMj7SDbfrfoi4m4ftUYIX3acX
+CSN0gNuVGipg8CwlGQyILgWRFp6oXQOmAlpxhIGcd1jdh3sj5y+CQrugGPNOJT9m
+zmFkB4rxtClEZWx0YSBUZXN0IChkZW1vIGtleSkgPGRlbHRhQGV4YW1wbGUubmV0
+PohdBBMRAgAVBQI246OHAwsKAwMVAwIDFgIBAheAABIJEOup8kDrncnmB2VHUEcA
+AQGuJgCgl0HAxcZVFMWV/DW7heKYJE9UVE0An1YVfKzHS6BZohosne3I1lAdagBG
+uQENBDbjo6oQBACPtZ1o4mPMk2zYbyu+sNm8P+5oAtD0+129gCn8OunvEwflPrb4
+opOUp07ezwhAE+K4Whwk2Kvmy3+ebxeX6Bw5k6+2vjlz9yXnh8Y7WA6MFk5+BuR0
+FUr8szC5BYh5srioJmcA6UMtg0ZVSC4YucRAFJ+eGGSCHRYDSSq3t9i+lwADBQP/
+dw4So+Ux1h4ucYQbjA/G3JUhyHAY6/RhFblqlvPZ907ui2PUAVQ3lbMXDQDn5YfN
+rU4hSGDnRlyjoefArHoX4ttnlo5zfsQC9oWA+4zEF+RpZhqAKh/eMEXQJtNZRdX8
+Pn90WYh64ZO5Qw2wZUf45IxbaEE3/v5okrksscv6HOmITgQYEQIABgUCNuOjqgAS
+CRDrqfJA653J5gdlR1BHAAEBc00AoJq+Jk/8DzdqaYOce+RN3F5+qgdvAJ9oTv4Y
+CD5H/60ksnQO9mWXPzFjOpkBogQ246UmEQQA3Vs5XdZcg1g6hj0sxjrHoV8k0mtK
+Tn1Uy3JKSaQ6RK3J/I0vHCq15FVKMCO0pWYT0ZmCPuaahmhuRWeVSXdU3ylooXOz
+viQx6Ct8mpjp4ejhUBT2VBdflpQBohVy3Pljg824DkjMv/MlwOp9M3vr93reZ/Ss
+4m97Axo8OQzJomMAoJlMJ6H6rJB1b9UurQ4NPJlwCyijBACFRsn/Yo9wczW9H1WB
+lDi1NO56kN0aTUD2irT0KQaG0ZJ0P2Unc7ogC3AgfkOuuH9XChgPjoLZtC/39cVJ
+ikVt60/ZczLXAsupHLnQiNjh5v4DnD8yqo4+aJ6Q/OH4EeAXW7HoU/Prq5sRYiv2
+xRSOngtS+XnQUHES7O0xdo2N0gQAnV8vch4Oog0yYcrL0e1Li1hP9bPcrIq4WYD2
+9L8iBcB30czPegGCD6S2a/475Kw2sE8WBnxiGa4+1Mhnj7u0QnhUVVV+eQenrzb9
+3wKm5sENRh01+1hwjXQJD9O8k8Wf8J2bnTwM0MEZBH2d/U3XHGzoR3x72790TUNF
+cW1rUFK0LUZveHRyb3QgVGVzdCAoZGVtbyBrZXkpIDxmb3h0cm90QGV4YW1wbGUu
+bmV0PohdBBMRAgAVBQI246UmAwsKAwMVAwIDFgIBAheAABIJENS/V/NzcuJDB2VH
+UEcAAQF3LQCfZhlov9Ux6LofeSt5g2hVijDdX0gAnRc7adixQ2hpprv4vNoKvmum
+F/D4uQENBDbjpVAQBADfVCPYwZ59MKgXTH4P71QzFnpG4E/MjqDNfW3NxQ9ZjLfw
+0ir6U1gGDuEsWRR+fS5OwCbfeHZDzPj8MZPuOZBamgiDvI1OvrrzUv+BijkWGEL6
+oRFnWI8zJ8zDAPuuvP1u2FQZOoKFXaHo2I9Q8zuJz8P2vEkgJfLx2yiPR1Dp2wAD
+BQP/SCCKZBNQIaY0cfKmiv8ZjRcAAvhXLyMCwLQUfVRqoNVOtMMfWpYtGdL27ESw
+4kgZIsxJ3ELQVkRiriMKbsJiNM4dMe+9gNuGz1CG9b2vhUPZ59sREVIRgyIfr0BJ
+AsYOn87mQ5lOBA6+XmjHO+ys4xpEVJZyfrq5QAw5GYcrPWCITgQYEQIABgUCNuOl
+UAASCRDUv1fzc3LiQwdlR1BHAAEBjvkAoJVm6lRsxer3LDTczfhFL1hP0zMpAJ9S
+AV34Wfz3GpTg7CD8xDNiUut5SZkBogQ246XaEQQAp44vakh1n7NC16HF0v2X+4ME
+VJO432stvwOAuLDxn2PxTkIQf8zfxbMfWccoqVkqMZVliLKFF8AbzfC8edPzeWr4
+B3SWBplNHjPqet3lWI6Uc+V+qjhE9k/M9764XsR8OXv3awl6tcYBqwuiyYqfEoDI
+nJWOHt5lyNNL+FSE73MAoNXIscn+BCUxiTy8Tldgvs/Dh3bzA/9WwpWSOXGxelys
+JAigp4NeAo1W/0v7Q95uynOvZY5qHyIE3VA6Ru17EgoJtv2aa+ISclTQUXHkwjDi
+aKm9jgSkJofcxwbAmkLNaZ3MgPxnqghJTIqy4/s9eOYBJuiBXoirLab/ZEO19siV
+vCi19uI5P1Ovcg9sf60cBkHIxHK/EgP9E33RY49Kk4PGv0Af1u2Z4kPQF82333XX
+r6p3C9atOh9xuQGDO8Hfi8ssNowpUjKKfHPaVjILtpKkDe7ONm+g+8+tAkUsTR3H
+sNKRRO1ZtAYHJFpunKtdh0pnOwVctv4tJNbAXexAtrHQLhxhPs4s+XGMNWr8DSOD
+O1plVZrfshi0KUhvdGVsIFRlc3QgKGRlbW8ga2V5KSA8aG90ZWxAZXhhbXBsZS5u
+ZXQ+iF0EExECABUFAjbjpdoDCwoDAxUDAgMWAgECF4AAEgkQE9uWVTTG4/EHZUdQ
+RwABAezUAKDIVCu3fJltReOUKcLaW5/xHUrqjQCfePhlWOhq7TGwPMq2R3g/M0gH
+na65AQ0ENuOmHRAEAM6TulLgllqT/bqeRlYSz6EggX0iAPSVpuQKev4Y0OYYmuwn
+EvBONT42hpej5IeZY9qpElAWvPdkl8kDGKjKhKv4e/gVu/p+tkgkTLWDh0WGTwOI
+b7NHe485xkJTLJbce6mpqFTT9FxfsLNcBy48kJd6jJ5KwEPJQCT/o4Oz+R6vAAMH
+A/wOtakC0V7Eha+yzAZ2lEkdKOvuPxwnYfLfppwHkAQwJJ3uQ0z4sKs6rI6GHpF+
+iSu8JPpm7CU3f2cOeSZKvcVZupxFKPySGze3D5TKnwi2qEvrbW8WfXzQjt1kzXVs
+QK/5hmWYgX8vck3MVH6Oak4NH31suNAjR2lSpPoiHJLRs4hOBBgRAgAGBQI246Yd
+ABIJEBPbllU0xuPxB2VHUEcAAQEmaACfU+XRhr/UgvgCfMlOthY327vlI30AoJyp
+WeGLup2DqouZIGkY8bmpDrz9mQGiBDbjp/8RBACXrm5v2sQpLtexfA2S8a2PUruC
+eqXYfVsnkYX1sYJaFaYHxYW2wDL1dR4LdZuty5YWBOxu1N9dnkjuPsdIbq6R/phy
+6xv5sDUihP4YBAZakV5ahd7XrBdkWXSkRzaJSfH1OG2hAXR87liVu8ck8RDeS+ip
+x1vnZY45864IAnFzqwCg2qjnDRjGAn2OSPsnhyZH44VQQpcD/A7SOu9gTt6Jl4VS
+MY2JGi3HOFPOHnevG3Pb8NYbcP4gEU63iqrHGndYJI07lKcFlZRbnSEOSFPFLuNK
+ax88GYKKeZDoQXkVoU/ItAGrS4rCExpZ+Jx2tBL2zJcWU+7NDmM5LeRUDE6a0N3s
+IxMLzz3Z2PTarMATjpA01Qj3WRlcA/48g1+gnyFXbO+UZn21WWj4uCyXUE6/G8SC
+ZhXXiDJOYxaBrmw2rtN0x1aLwXPRXLuwjhL5Ewn3qszCzaJPNYuLaMY7jiK2ha20
+LCqYYmaVJa6tGy9iFIGC80ItcUYZpCfmdw7W2oqdZIN/rblScCKmyBbw/gCB3mol
+mLBd8nrseLQrSnVsaWV0IFRlc3QgKGRlbW8ga2V5KSA8anVsaWV0QGV4YW1wbGUu
+bmV0PohdBBMRAgAVBQI246f/AwsKAwMVAwIDFgIBAheAABIJEAyCDHHSaZMTB2VH
+UEcAAQFA9gCgpEHwTLc3LpNopoagvYY0VATAzUwAnRZuUrRJxIpubUE37aF8OaYp
+GSC9uQENBDbjqCoQBACR2VIlh9OJkf8KR9Xy2eEjogPP5KCJkpyd4QGc76EAmi20
+BEYCiN1tRGU4h5mpEKAql1NcErsx0cDPhEoWcABc8MFmADmr4KiqfnzS3878AoZv
+yQqf2fnbP2ULwDkqcdpECw4pXI9MhTm+roUuaxaYwHnmLPzboOT2QyFXuaZ1BwAE
+DQQAjwmrcmep/QeqppfsJm40ocmBqDXhtNoHDSeJkrQpIHoUGnOK0SjKy3kkE8KX
+RrJATDQefiOFkCpxnJsj/+kLUI1AEE7jtVSLTLVRWMTG1o2aZbG6DOTNYcfHhabJ
+awJDAY3gH2uJTCziDd2ALTTuX5qicrOPlASjVeKIw1MUWY+ITgQYEQIABgUCNuOo
+KgASCRAMggxx0mmTEwdlR1BHAAEBj64AoL6wmTv08Y6txelPb8XUKpayw4FyAJ4n
+eVj62ZIfdX94DPkF00H5qvVeEZkBogQ246jdEQQAwVpm5pgcsPrtSUwIscY+TV0V
+0Cfcy7ZMUUNRh8S0D8kM6I1lpw+JBJnvMr7BV7rpWz1/M2TJ5eqnAvMLfm+RPHQr
+Wbr0C970udchnvTO+lUQv9R4K4hNGKhzE2CU+Cfh3In7ZXRxYnfo0ZxmaS8FbS8Y
+i2lgJukgYvNhU5+JVRsAoLY3N7v0jLD4MpT0cjf0Hh/PzmeTA/0dshv3PmReJFnI
+Jpc4ycUFDdsBmHg6DllDF0vJn+shfgy7cMaOqDpS2ix1U0evqh9lYc9c2qpNSK+h
+SY5LlBrx21RbdgZry9ukrU4yeMwuFBUlmD96i732z04U/kaA+HmvlXD8RhBnqrNL
+piJierNK3ktyiUvb4B7RqNdSLOJz9QP/RM1e0JF+RLhJ5VKRldqtvWhmMd0aXDoQ
+2IsaIDR7lvivSsHJbgRBAZk++DcMVcyOqnSVVWZ+ZcU+CAuRtM/5InX9UZIL/BKo
++QyIpIJ6dGrAfBYh0rG/t/XeHJ5NldHs/y5pJ11JdpqSqZP32/ql1k6jw2xVBPHc
+/M8qkRVyI8G0J0xpbWEgVGVzdCAoZGVtbyBrZXkpIDxsaW1hQGV4YW1wbGUubmV0
+PohdBBMRAgAVBQI246jdAwsKAwMVAwIDFgIBAheAABIJEDfKtR+3kQP4B2VHUEcA
+AQGKXACgkZY9/w96yK2Oiq/MUs/A74SzJ2MAniQ2eSHT5CQ4G8PPvYfPZueNI9PT
+uQENBDbjqPUQBACn8JyfkTPFcgaWMpUpnk+nTEkDe4GhAG9fO7alTgdT6+aDCdfX
+fXfH7gGwdURvDv6V/KEqcMPRNLAgAeP/F4T6OtoJNTxfWLB7j14DJNpYXjBPJPN1
+kpD2at8GcWB1aVGMsAtxMwlo4TZlqyfzCAAQeCLhBbIE9LWKX5oUTqiLOwADBgP9
+Gm8md+/xWp9sLE5i3uZ4t9Muu9w+UY3Ke/WcSA2CNthEYhHNtcMPP6PBwtz0x425
+mC1pe9RuxDyzRfV0/q+rjdWZBNA+VTVNDHXSj5hifvem3KFvA6TIgMabJ/q4WE7T
+4Hn8xjQpEsLGjSXAzG9WRg13qTzTilIk+rC6xYGbZHSITgQYEQIABgUCNuOo9QAS
+CRA3yrUft5ED+AdlR1BHAAEB/m8An11Axzacylwq4fbzHAqXyvsw/enKAJ9YcYoU
+dYgORS3xF8cAH2B5q4RBIpkBogQ246pkEQQAotQXkaoExYlC0GzW3VKn40g4a4wu
+Ak6Eg1sxTq2TaPN5S3qig135zw/RN7GxtIRPCGtTie2m8ghJvsjxPCFyV53tuLko
+IAEk7PPsXD5h3GjliObUNAfv6AS0/HefgCNlR9EA3SepwWLMOlFg+pVo3VBiIZaf
+3I8Xem5tCFWfzPMAoKnHUtSVCXZ7m3VgmGaibarLfwR5A/4gHjkUF8N/koq3JLrh
+qVDS8dgiyxSnzTo9CivD9k66iKxxRCP9Z5ni+fusJ27rS5HUS4ekanufS3uKASAA
+5zEOOvEmamBJ0Pv1X6gkAUsBOjaayPUiSVW8l4jtmwibI9yEhTWWqf8a+kBqb034
+WIgHUpQwWpMnNzrNSfVCpqDXDQQAiJEc9hFbyiN31SHgR3dfR1oCcKXIxYvza3Zu
+P9slGaG6lCfhpUnkPSkUH2LNOIkRZyIemqIx2yL/MTFhggNLVm73j5YVs0jHIwV8
+esnl9RC0CotvsTkuuXFk41SetHCyGpHhfZOZbabPVainnjZ5RDVRangavdWUfqCK
+zBjQKdC0J01pa2UgVGVzdCAoZGVtbyBrZXkpIDxtaWtlQGV4YW1wbGUubmV0Pohd
+BBMRAgAVBQI246pkAwsKAwMVAwIDFgIBAheAABIJEL55SFK+XPiGB2VHUEcAAQHx
+IwCbBHwywMR+PbPZX9J6pReLXH5aa/8AniSgj+olcL4RiHQrvg273+s/P7COtBJN
+YWxsb3J5IChkZW1vIGtleSmIXQQTEQIAFQUCNuO3twMLCgMDFQMCAxYCAQIXgAAS
+CRC+eUhSvlz4hgdlR1BHAAEBmdUAoKhrc+z524neflMpRwJ+NG8KVxOxAJsFZqm7
+bBtYllrdcTqNqMk49LfBObkBDQQ246p+EAQApnvWjY5rMvw9Ly8xFL49pGjAYFb9
+zFijvgG4tMirI3T9EBLflKLJ8m4KWoRoT2eNmy/JGLHyZjveaVh8TerDV+uxZkEG
+vv702nz8NOElQTjHWHoy0n6poci6FxhfJd1bnOjDK2mZEufEQNSn2PhA46gjCLRT
+APuwLpitSSL5ubsAAwYD/ij9KRO69/Jx3+W9DZQxWIQBiKnYHVr1us2WpdpTV4jp
+CqJOCOgB/hlBmCY1C1/tpsAj1A3ZZamJRWVZoNokkReItZLXfGacprGbmmjcg89g
+FM5V3nEUNCU/mm2BQWp58h4NOCv60dGr5GAqHDxAStPk388zbxEdyFs57CPQ4ZJt
+iE4EGBECAAYFAjbjqn4AEgkQvnlIUr5c+IYHZUdQRwABAZEyAJ91yirChpNTus0f
+QFZphR8KtDpOcgCeI37JBoFvBkcxtJoNMFGd2MuCWwqZAaIENuOq4xEEAK14podn
+ulwztC6PwRzxLHR8ne7Q10uyjnGf0STgVYwsG7qPDtv/kqMHZa1c5lJYoc7N5N9Q
+DHv00womsP2Nlb/SQQAVV5mnBkXWXx8GxEQtH1zEBqMTdG8WSAJgCFewXUmej6qJ
+TlM29p0ZThLOY/i86eeOshZPLzea1mLCgUhzAKCBppoKUTxDjU3Ih9W2NLd/42bz
+HQP+Jwf27Aze+kHZBXb0ggGprOBoWvu8GiiAWgCWVoJBs8uLIdfUyTeQRmDnF7CY
+NL+1TisaqPtRwv06VnHUgIPxynzTI1h+gjsrlczqxg4yZ8k5EY4Syoy2hhujeWW4
+OAOSDboNk3KdR4UdlGshbPZwqpO5oHd3DT2bywk26zemgS0D/1DUoOyMo+Lz7aRT
+MmgrdXrVCCVcBUOV/MroHko4RnoZH+Bf0zm7LIuNETJsVJI0+W8tHXX6ZXgZHkBy
+tVA6YTRCkXKjUyv64OxurCTMRG9GrWvmk7KozlY9eGVdrmijidrV8ERfvogTMrrE
+hUbTsac2dpj52U+Cwurgjz4DbRkbtC9Ob3ZlbWJlciBUZXN0IChkZW1vIGtleSkg
+PG5vdmVtYmVyQGV4YW1wbGUubmV0PohdBBMRAgAVBQI246rjAwsKAwMVAwIDFgIB
+AheAABIJECWwD9QwzsaEB2VHUEcAAQGY2ACePRDTHz8CtVNREhGEEuWLbN0kXAIA
+nRuuRt2VtHZ4Z40AIX/75PhLXjHyuQENBDbjqxwQBADhnHlYNzwuhbYK2a56H6Ic
+1p7ouhVQc3motQ2eTDCpnTev0DL9Xnh6DDm993234cAOdZ/pD7oWqa+kKk88etkR
+gP4CtZu741Njn2MUjuuRjf60lFzf5BPN40ex7seDKHEV2fv/J4Ki+yQI8NS2XScj
+p4iaXkb63JDzQv2ymrmu+wADBQP/eVYwIySAFP4DjMLW6k4FfnJh3udgGtQiRGpV
+fPMihvOp56h7i+McVE02ZY8o22ypXiQ/wIe0dQcQYUhA8vFrk7qJxFR1cU3C/WIo
+OKWfzs2GX+X5JdXizWki2/F2TE9CWz9Nm//zjKQK9vZXGoGtaNUbVr65VMiGDk5t
+kXE8ZH+ITgQYEQIABgUCNuOrHAASCRAlsA/UMM7GhAdlR1BHAAEBIOcAnjt0vZDn
+9+3cTNpCuV1ZKIu2t410AJ0Y3CnFBUFBOKk6zkOJnaArwVN3ZZkBogQ246tbEQQA
+lWieyQhDso2ZnD2wb+gq6aqk1rRUhcwdBwCTbiE1aLAsnuMl8nLH4fvhaTz2V/Ae
+joL00e28duA5or9JiBfmVblrpTAIGWsu0AU6uEQsWgZwRdso3NH/KfH8Z5lxwJtk
+Z/hlAiEHohmGoD38mJNsgnm63RXadUH76irO6McvWlcAoONeH7i25AcrMol4O7BZ
+wqGq25ibA/9IRhK7AFhfgaRrDTz84PaIssxp1dWKalRruMJYGQK2LDuEl53Q+d1r
+nYBPliPbjWr/9Gkjx3K4B0CfWWQC0sUl77bNRFqr8FXkjRZcvkCoxxHG7PIFG77r
+Ld2SiQ+eS+dp5QijuuMC8skkvQuuxS6eIk0g+jjGlNhjuu97Ya6xeQP/Zxek37p8
+P1u9TTmN7nPtlzGXGrfKVi9DtJ31E805ruXFqTuoFfcOBRrtfY+DOebX8RxIwQV/
+TEmyxwoXdmkv03EYwD6AJSmx3WuVi5/revcH9nfSEHDy7sFC8CBp4aavAFRQNrho
+mSB9lSm5clGLZiD4nljF1EFABwQFch7HhlO0KU9zY2FyIFRlc3QgKGRlbW8ga2V5
+KSA8b3NjYXJAZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjq1sDCwoDAxUDAgMWAgEC
+F4AAEgkQX2NWum2XMqwHZUdQRwABAbAvAJsFPpRP6U1YyH+PEW7+bkPLaozCkwCb
+B48G7tRKLpNYppdhFIvbLLAlHQe5AQ0ENuOrjhAEAJ0LVdE8z0IwWuBVS+KhTtJK
+F98ueOBYFneGps5iuyC1d+5B2/qUCLGc092eT+TiaMvzDWmpuNSZ+ZumlUPHOyKJ
+RCUlq3MYN9TWANzuSydekX+/OCFu5zLwc07RIeLe4z8ZcLnviJnWjFr8DXh8qcJV
+hPVOGpRrW6wLlhBcebgjAAMFA/9/gtmA3d1sviMupccM2kAgSOJNspfEMoc6cCh/
+//hITSalo1Ucu7efEjnsK1d9IjaQxBKb/emqlMrNoGUz8JswAlRqeGaUs8BENwn+
+FBwO0GwXmcUbvN8t97RIHCCwzUfEv3rxW9rtaxtilJr3z7cdIO7L1XCmEWnuLgdu
+cJtIrohOBBgRAgAGBQI246uOABIJEF9jVrptlzKsB2VHUEcAAQEN4QCdHqwqMSra
+XNfOIi5KeZKV0GpAxh4AnitllwOYEzlC37ZWnV2Z/LTaFzOgmQGiBDbjrEMRBACE
+EZiYbCZ4jYv20X3/2Bq2fWhVrfNRvd1vFoVedaqvp7VB4FDWOeWMqLOFyzmtrUvi
+vMz+l9eRXrFQT2CEGuQSAtdJgLC3yfta25xiT7jQQNlNjKBGkcaPybV0P/+Y4k0Z
+WMCw0Zwc7mjAj3bIq73rviQcOd8rUcI8Hu5vw9Tz7wCgqdnY9RbQ47m0ze5AhdKN
+isz8BNMD+wYpkMV8j8Esxqi2h10hAbIfODkE8TyPfAV4KtNfefwNQdf6T7N+enri
+paqHn1Ex2IW44jGG42U/gOo7rnX+wNlHMtNxvBw2eJNX9b5s649uPusoBgXMU1a9
+AWsHogtQ8Bty40KCdXLhcUUPAWCQxiMD61FuSXZZ81tmyVn3clzqA/9Eu4hFTfbc
+ZEiopXTnj9WHAwg/DDN4bxfZFHPtYW5oq/EjmfyGCQMkDfo/pmFrC7irWfxfaaog
+TU1x9o1gk6pXTg/2WMR1SQAEZ5IlRusnJDC7MR4tizzwSvMWnJNMvdpinu82v+34
+VYAkUrOzP681G81IciJx0ssa9kmG/vJW7rQnUGFwYSB0ZXN0IChkZW1vIGtleSkg
+PHBhcGFAZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjrEMDCwoDAxUDAgMWAgECF4AA
+EgkQXRXgHT/xMgYHZUdQRwABAQb6AJsENGQmK4nUrwcbtZ7+av5GDQ2T4wCfYJaV
+2rBtTR9aWTRQfZOQoIkNF8+5AQ0ENuOscRAEAN5hO+fEhqW2pX71oSUqW/TRHWSb
+ybNc5brQ1tzgTbheHiG/LQJ1lHjtZoZQsyW3H/efEuNARwryo4IjvK0nmiQsqZUR
+1795XTIbo/waPN08QujC26uWbL1pYL5yQarwbKOoyAst4jgE1NpZVc/r1+WUp7Nu
+EapicVjvFNzkiVCLAAMGBACWQJYr+h0ozr7JQ/BqI8vTKuVXb+DIBQjuSzN7Lvai
+IqMqb9ZdfNNmZ1Atvklo2Ce2VMyliQzVSTZuHJQbfrDTBXBf+Q+AINiHdZEAodzB
+vDv6p7vsTnoP+A2bS8l6xrWObKt3Ky9+GUDkqW3WuagcUKogQgEb/FKec+GegwSg
+UYhOBBgRAgAGBQI246xxABIJEF0V4B0/8TIGB2VHUEcAAQGThwCfUj+Oa7sVKCCW
+H1o+ZVgDDsdZAwAAn08A89d+q3DNrojy20Y8tg28QCYBmQGiBDbjrNERBACBwiP8
+Sjw+siERrEpyNz101v3/QFncHEGTvH1rscqbqjT+9x8sfZcWMXEHgN19747U8L0o
+1SoiLoZNp8ZvKpLjteyc4mzme+yuCZWlRTMB3unR3Fxza0mh3CGQfga04/iLg/1c
+GvGeBCtZDSO7ffcQ8XrAtaLuqRXIYQ0J+y+S0wCgpiAz5diH1RB7v8dfQaIKeTcT
+FWcD/ivIHF3IGKGPTaLqzy8B7maVOvC/zm6Ci5IH3lcRfwY9+9pYhb9OlRZDpruj
+xjNT+Qg9rtjMRNhfx78VWvZl3fccB94tQ2nc5LQ28RtgmUYN9bv9fuotW/WjlYKM
+IdSErwMJ/0DH1vjPsJtEem3FIThTv00II6xdCw5tXbyqUawVA/4ghoKHt1OoAPD+
+cGZ+5fF6k8pdLpd2LS2jv0t9C2v5NS0k4RUYhuqpAGyARIWJPmpHRbuqE6eXjtMh
+DI9Ce39X33hDDIAa0iC0zmpgVFbvSDUWTINFfns/NMy5TYGNUjqYeRpSQtou6NtF
+eJAWbwhcnit/b3samkq5KC81yvtGarQrUXVlYmVjIFRlc3QgKGRlbW8ga2V5KSA8
+cXVlYmVjQGV4YW1wbGUubmV0PohdBBMRAgAVBQI246zRAwsKAwMVAwIDFgIBAheA
+ABIJEBxn7BM8ZhyEB2VHUEcAAQHRuACffM0sr0N0bfmPgFX2sMhKKLBRuSsAoJjM
+o+EWIUZVylgjzkQcQHwjmDLVuQENBDbjrOQQBACRouE/462OQbUUzNKbAJ3kMrc8
+xYB+Pi4oFFwAG9EAwDpMhjX1h63xySEuwNzXPaTFgHTo1oEim2Mq862tEkO+f0pC
+Ofv0uXr9haZIvh2KO3DYFV52wiayGO5OAwDLp6jyfSQlF3PPFsRryleW+OYbagj5
+1dj4KvgBCCg+Whny4wADBQP/fjurbVG3mNm0B0XU4ZeB1MUMOJYGDe7LYBmbGxwn
+NMupZ9Rxfb5ROE5ehyPzUf/DmrkK17fPfPHYdN/UDWbDnQHkVk5OD4Erl6ulQxuV
+jcOgfW70Tyl3ucnlZjTZeihEgczHKvO5ADWVmevLyidiYocTx0QMn8cBq9iSpFRd
+EvmITgQYEQIABgUCNuOs5AASCRAcZ+wTPGYchAdlR1BHAAEBiJcAoJTy/pFHvd9y
+xAYZBYp7qLG2lUIOAJ9Rlpbjou3wb81vE+Qev1+GQGpaVZkBogQ24644EQQAlNDo
+1aAt9iof3VI1z3TehyLrBIR4XmKRSM2Bx02CZhQRIwY/QsK6WBoxlJqfgUtsBUuf
+cztjJaUBixq5qPmBgXYqN9/B8HZvG2nknHdiqKrvqFpAqATJtlccW0tzPJKtKaTb
+tkORBDv6hssFa1aXwTN7IjN5nLI1Wh8lsvk9SKsAoP5Z4IDSK/mM9h6FPRsAsAYv
+d99ZA/40UwQLl06u7wBtmxqSdF/86kjC0kWX8J2Y9vIceiNEiE9MmVNcYIKwIM0m
+wduF50EksVjEdgWUJrqT3RztJfMT5+Sgm2KOAvvfmbKa8RF4NPSrVXDDrFeqk6uN
+DT0jnUUTQFYTjk4Pxg9Kl+a/c7Qee6qXn5qeDX8ubZqN0noX0QP/Y5HSgi62UbBP
+5B+e5BqE+ZLeJ7yVtl909NwTCr7KVZt1o3Za0dCYtMosPT9ObAjCanhSnuEWa3hu
+outOgorWaUSEW6Y3zBKvN/M4FA7+1Rhe86gnnWLt+rHqX5M8Y/7JTcrugNtR04DF
+sYga5A16CLsTDxSmM2Rgvpwh14FtrqG0KVJvbWVvIFRlc3QgKGRlbW8ga2V5KSA8
+cm9tZW9AZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjrjgDCwoDAxUDAgMWAgECF4AA
+EgkQO9vtsXd/vtMHZUdQRwABAavgAKCWUwgFviV4MrPrUtCIDhMZZCn35ACfSAXu
+uu9e0d0Rz2QVDGB8BJkfhFm5AQ0ENuOuZhAEAInmt6zi1dFmPfqzs/gplZR/RgLy
+a0vHF40Rd7lyQC2fyAx9xJAngx6Lg7UQG+spn0PPbwSa/QWYN3roNR3jJtEiTU83
+yRavL1S4YsB/9UECQwjJeFgIScHvBGw2PiQXkOFiLK16nbB6Q+hxk7YYBSgjJjbI
+w1vabaDYrxScrZAHAAMFA/4jGKHej776LTZfCLjA57tqujbFJ4GYf1vycRony/xF
+UtE7QCChHgYvMp5M5+/nsVTjy2VjuzG2HoU7F4lpCRLWcPUtGlvcZQNmvuoz/I4Z
+inRaF1GAZb5zR5hrfaDlqOrbOff4fUvjKuZFJkzieZnlld72KOQazRQ1iqaLSAFj
+GohOBBgRAgAGBQI2465mABIJEDvb7bF3f77TB2VHUEcAAQFJ0QCgl+n9/5lZxK3l
+goKK1HWYfIYNSxIAoOxVFgrZ9x1jsIDsMcSszrP60JvgmQGiBDbjrwQRBADFLZOA
+CYlz942iqSIW4twe90tkmeu6yswZInI3pacFpOi53bAq2y7CFrA3/HzbYodK/QLP
+tmq3wKZDZcLghqtWZTxhhhH9fDqj8Rb54IVRGw3XKLD+GyJt5OhtrIBWzJevMQBp
+07ZEuRn8+N7k7s5z83WZxmyIz9LgZj32ZOhluwCg4YuIbbsa92PrnfZcdW1jPSql
+LQMEAIkWB5utOUWVQZHc5X2MdSMIJ/5fAoatzLD63wTLJWqQZ6tWp9v5xED5riHX
+vQugCzdbdNwx6SqJ8dl4I2Fc/KYLcthVO7cUkpthBPve+XV6d6L+E3w9SsZLDpe+
+9DwM4sS3zYT1tauANnBK7hoDu+KhF9/3wGtSdJ0Sg4JgP5oGA/9k0mSgmhR6HNyB
+0J5MoJhs82TaVWVdvtZCAfGdoTaPVfNT2Kc5WFfEpRudWo1tRt3j3LYuyTiD+jKr
+jVG2EeEzs2ctQ6uPlaqmQgenzniCi+NCCigKDDA2BTS6fc3E/rOvug0zx9u3hNVh
+LfjUIwYK9qHwv+IgFP55gGJqOMZ+2LQrU2llcnJhIFRlc3QgKGRlbW8ga2V5KSA8
+c2llcnJhQGV4YW1wbGUubmV0PohdBBMRAgAVBQI2468EAwsKAwMVAwIDFgIBAheA
+ABIJEKXmf3+jrj6hB2VHUEcAAQGvfwCgoevUn2afCdW1bLwbcRs5kYrM1GwAn04Y
+4r15A7ytYdO2PaxSkSJ4gn5NuQENBDbjr4AQBAC4cckdPiWgQNkGvAm3q8FxzRLo
+g68/jffvj8Mvt++XQ4NikO0VJ8ezYkVd+vG3v5RoHTISynmMWZZjT56aFDSDZPOk
+Qs2G0qZgAEgTpzCUBdlnUC8ZrHSTSQjCn7HtR2cpYCCUBliPtatDvS3Me1XdRfBh
+Xib04TB0ci6DrzFQkwADBQQAje0R1INm9GkZKAzTECi+lVei7wbXkn4JF6n9r1KL
+5oULVF8aGHNEJ1Twj7kuq2kacYjc/Di4KdESRTZN9szlZnNruvAd9JKHIgbeysen
+e3yRhy+YFaqXm1MtWCdwwaDiDoHDASpl55RtuCKxz6uW77qhrZ8E6GRDrhI92R88
+DbmITgQYEQIABgUCNuOvgAASCRCl5n9/o64+oQdlR1BHAAEBawkAnReKOagNQ/Ui
+7qWGxKWYY6I07+XhAJ9/kbrDpWSrx3zoS/YjBL1Z/i42ZpkBogQ247AKEQQAkOFN
+8GmHkbnVqUQNRoh8W8PQr6hcNeoMHuEODey1UillH313Zuj90865VaivBcUEMl4r
+RzuIkRCsxYqXF2ptEaQfyloVKcvldajjEyOSeqcnNi7eBvvfiKgUdMLhYMzb++hM
+a4WkvD56Ktb7CXXbC6wemc2RbEwQha3YegZN6t8AoPclQGtp49vyAcqdcXPIS7xE
+unezA/9doAqN740Bh6qFwCrG/ZIQ9SPwQyC1ftIOSTIO/zC5F9w3AwC3hfAdiecz
+dulTBaPYlwMYT2uw2dr8e4UCPP/aWuFQqdwfQLLC+OFi23W33aPRw9lp5HeljxH9
+ubw2zbS2I/u7FWWP6zMjY9/kqJQeGJYcnZFNcYTalSZPpQWFzQP+O7Jm8g0rCRtR
+JLCkq+yiLXl3p7hbHk9naYCtPnL5QuK0HHhYoixdXpRVVoQE1oF7reT1wUZ08Rtr
+8d+VJ3vqQuZxJ3L4Wvvd3dMwiubAAoxV0qNEARzeXztho93b8t1P5NbMJDDfcSi1
+7EnvJnNkDZInHbv+PIiBeRa3C+flQIy0KVRhbmdvIFRlc3QgKGRlbW8ga2V5KSA8
+dGFuZ29AZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjsAoDCwoDAxUDAgMWAgECF4AA
+EgkQWMuaTIWoHzgHZUdQRwABASTiAJ4vnNwg4QN5Nj6dgloAUhXLEwOfQgCeIMtf
+rfz8JP9PectU+oN68EWxNM25AQ0ENuOwnhAEAJ69MNjnL5VF+xPLtgvHSRiI+8EV
+Oag2s8YdLcOef8myd/ysoQhX7K9nWdhO2cOmL3Nbt1k03/Npx+EvvyCRUiPqgYt0
+63MFbbfF2tz6O3CMzb0tGwYan5jjlyXOIoVJQA0dibpJv0Avn+mzvCGQQ1q/+y50
++EsBD4T6GTTBW+t7AAMGBACdpIj93tczPsxKNoto5Dp8tSIMp9LEYrsNDl0PQeue
+s6dNhuarQzfiF4YC3X0KoKslnJD+ASwyeDbUKBDPzK9v+6I94dNV6W1POkdUBUDl
+5qFsN6u8qhFiMHzgagpUhdANeLF3Y0MGncmm0xbFuJvGZ+Yy1vtbB+D61Yx6DRM+
+AohOBBgRAgAGBQI247CeABIJEFjLmkyFqB84B2VHUEcAAQEImwCfYJ4NGyH/snAB
+xoxryuVciL3Cyu8AoMtIZ222A8al4XK0DrQqJAnIZlF+mQGiBDbjsakRBADettZo
+8gTOTr1nJXbk5sJfuVSQaMmbgLpZpMs3Q7C+gAX0XX+Q/vcuHp+wV2Nq0S4v+w5K
++sxDF4A8UDf+q+GmNKMA5U27hkcDQvE48EYUghcdWKjWeFwmmJOb0KMoatdeh4iP
+T4j8ocGw+i0z6o/e0y0OVWsUvIqp4iZP3UlnOwCggOq5GfPJMq3K3cND3nU7GOR8
+e1EEAMcgH09o68Hbjbwpw+ejPuKwVFa37COX/65FF8PONeleq7Mr3Y8yKqbLIsIW
+DaxrlflpbyMz/ShuDdNU8gh+msfwh0+RNzdEPmpJCCVJOdZO46cudgbyAQriH7Py
+sSbi7AbmpnMl7kQruhAZWXLtnH1e1kKovB43a3ph8wF4kotyA/45A8bLKEmJvpq/
+amY6VjDnGsxkDjjw2OoVbt8sLdGjpganj3fvy5KRhWeWLKhmtq44tH97m4YDmGCH
+Va/Iic4aDPMMvUPWdaY5DyCeerVOb3JN1qLC7o5x2HBt8RE7cXnPJl5VKxc4qzys
+5bqQEYYt2dP4cJqKk3OjjCbl6TJ+8bQtVW5pZm9ybSBUZXN0IChkZW1vIGtleSkg
+PHVuaWZvcm1AZXhhbXBsZS5uZXQ+iF0EExECABUFAjbjsakDCwoDAxUDAgMWAgEC
+F4AAEgkQqUwPdWUyRNYHZUdQRwABATNbAJ4zGxw32J0seAfYM/ZTq0/S01HRPQCf
+eV8WCJ077Pxl4dfO44z1MBL6PPq5AQ0ENuOxwxAEALW77T00/jp0+efpEm1zMvcs
+SujKtw+Yc6TcVuI18nxgycUF5JP5T75yGL+QrOb43jLxNkTywfAaqeR4gG0lfZiZ
+AkWEqLZFH0C1WfYdXVlMFhPWr8/syllM8wj0Q4OUIQ8lO9f4x20/zGHQayPWLXC6
+NA4kCJd2uqw/F6fhJyHnAAMFA/41FE7MsWriQFSmChPK9bMmX3oZ3KR/47QCFtOV
+nuLH0q1At/EaurOCjSHAONvZDN5Yd+NWFpppJzlRY0y4hDIdFyyP3HifblcYTQdT
+I5VIPjog4CN9kX5t5c5r81thxH7PM5F9evWrJbaDihXws3izi5Xh09qZDeX3wuSD
+yWFYJ4hOBBgRAgAGBQI247HDABIJEKlMD3VlMkTWB2VHUEcAAQHOmACfWYGI6kN6
+0nJgsIXNyIc7dgEwDW8AnRblYLw9mIfJbLolrMCwxazbA5OVmQGiBDbjs5oRBACj
+AxqGzA6j190iiN/1vJvS5jYLQ1H3xxhzXdZ6ZxjPJkslX1oxFqBINhjzBJnV9/7b
+1FFe5089NiCcGUVZa2xD3Vu+niLTAGNTQeNy6Y0E6wEfvplQLJbpVGOmuVeZyShH
+NCKjrsZFtS1mr7o19SUb5QWS3gZHabFTbmhibcFBXwCg36qGVAnGcZzvnUTGpRy3
+xjp+zuED/2qTJNpnPhicKSksVwb6EJFXH7mQSZlyblAnOAVFMx19GUijW4MWP5FU
+dcTd5KzIDgkenRLBrpCLIFVkQ4/baP/hOiCLOmCoRu3xnFyoRPM/Jn94Qy3Jo2wi
+gwkhQU+zyOU5C85QBD9ctkbYp/0mu9bpxmYTchHwD1v3dXUXEVajA/9lnEz1GiI0
+bwKpm8VKXp0YYP5hea8Jh5fNVb1QW2QqGd+XNHnRGSqX5smGyrs+xoYxD8+jv1Fh
+mGaSv+6+n+JBVK4TuWrQpZ0cgZL5jZnX27TOYXeY4d5YKgE+7ZO57TwCIfF/P6pu
+flGm+t5GcFwj4kkfohMEaeNhm1S+xf29q7QrVmljdG9yIFRlc3QgKGRlbW8ga2V5
+KSA8dmljdG9yQGV4YW1wbGUub3JnPohdBBMRAgAVBQI247OaAwsKAwMVAwIDFgIB
+AheAABIJEEevS2lh8EeEB2VHUEcAAQHMSQCgwD4p9j1sDwR1+9bBrzNQzVIyzmsA
+oNL7pfcdW4Jou1XHNc6hv4MpsHtvuQENBDbjs74QBACHkUCB29pMkveMEZyNiKIm
+izF5NZ/cv91Rj319k3xHf0NJWhQp/1G38SxLkPLBdWcoB4mJRNjDyVsxFUXvRWFI
+MekwL0q1sHSWTcJwCpQs+LKKtPmD3LA3bhbuTSdpYgmKy21SH4epubqBzk/P0193
+mWXzHgSGLeUoTo3N7eBQ0wADBQP8C1Q3WGrBZNOmFVly0erclpQRv1qCa785yx/b
+j9ur2LxHwVozAEXh8jmoiKZyoAz7YFnp29kR2qtVplH1oePNyFweZqIjtmZbiCaT
+4scUVZ/3LuYbxgMoUFeRoG4mnEVvUUh8mmZovMmZFrvp0uojcDsfYTx0VBr8waxg
+Jrg2YguITQQYEQIABgUCNuOzvgASCRBHr0tpYfBHhAdlR1BHAAEBU90AoJzJUQIh
+rby+ZQ+BnaORdChD+c2RAJQOkYvVpmfV4qsOUdwbIPgLPLCemQGiBDbjtDQRBAC9
+Vf1MkTKc8kSxfdfZ8Y88OJAr6gHsPUg0j1t8gPk0q2ijyrJuK84ujzmLmbtFSITK
+FfcT2VSD1u4qa0iFqzSwnywtRGYKd0gq1eMhaDcp3SmaMTyrbPJ3sKFDd98nbTzv
+nA1tHgZCFI7VZO7HBGgvnd+370lNQsnGRBF/vUDObwCgllBimEp4tasu0WNvZYpt
+jGy3ni0EAJLsL9W7jR64h6+nZNkdO1jRT45sW8mvyMOt1BkyRQVK6G2Lut879t/u
+pPCYK+/ohWaf3TkAKH1ucrBm9xHlPXJHZvoIA3brt/OuJmG7r8Ub70N2vrZmdXas
+/w5ru7EBcKeii9pp8pi6mim8dXTPS1R/b7BqytB0dlO9zSl9j7noA/9Y5UnQobM/
+qT1tiNhJEnUwlvvTB1UWId2UiUR3k/eNCxc7IdUytanqofXSxAu2jyDB5Ymv1od6
+bRCNM1JNWnOnqVoEd/u2csTAIkZ5fl/kE6HztqRGPB+H0n3Nb4MGu2mpLq+OUNhT
+nLpEZsZGXqd21eFXkWkThxstrH+kYVYSrbQrV2hpc2t5IFRlc3QgKGRlbW8ga2V5
+KSA8d2hpc2t5QGV4YW1wbGUubmV0PohdBBMRAgAVBQI247Q0AwsKAwMVAwIDFgIB
+AheAABIJEN7w97jsZ9veB2VHUEcAAQGiagCfTG5biKrPKo3dZTpI+fMQuSuPNmwA
+oI3mCWnR+UrV5myTBsNmQ9vcnr8zuQENBDbjtFYQBADPV+xDMQ8NzkqoJyO+lriA
+UrCNIBf1Kbc6U/IPAGOoED1YVPX4EB27u3K/EmRVd3clFS085Dau5rFIr3d/xXnL
+n++wqSgQq0Jc7LflMpIj0P209/oKt6MBovTAQn3lNpecmWd8oxiKoPP158Zgm7iL
+cOvRTcs+/p0KAzNvHIvQdwADBQP8CQS48V16lhWOSXV6u3JOukMeWBw6Tx+7M1Cq
+yBihmR8ZNlF6FPBvVkX0NFVUH2qJn5yr6PmxQxSRnC3yCEyPBa48xqIditzynMbE
+IkNUrFZTE915rr0k9MrwzPGuLfaPtr/Miy4BI0dnZ/5U4hoxPwDbp0aPUwRqb8+T
+9POTZs6ITgQYEQIABgUCNuO0VgASCRDe8Pe47Gfb3gdlR1BHAAEB/yAAn18Lg2NX
+AdY6HW0LEurh0Xcv8zlWAJ9ePiLMYxpoW5nv4g4nuOAWoL/KLJkBogQ247TcEQQA
+rUqUbiVTMxJhp8bA4vMXAzCuLjys4A44DE+uRFb9AGsZTmw/FTPETO7iU/3frlyY
+yTgIvI2zDF1SwHXG06KF3yIu8LF6OCM0N0k7KnKpw8M2tkPiT+D8ANrHU5d178ev
+zm40PyNDyKxSGNlIG1N4MIKFtNdMlahLvu91kG04WesAoLPa5zISvsX+Ew95M1o4
+Qti8iYHbA/4wr+eYRywP35eb/F5V9bOLWhWmEDzw4KHXQ7V+OJ7JD5n44S5KLPKw
+IogohDlPmrxDTAJ/YAukApUItd30kr0Uq34QgFktAsqgCP7C5KEM1TTxU25Tcs4o
+jUHoDyMj14ECuiTCP0ZFRKUivopgjgRhFTKXVVWTySkQ0g9SDaITSgP/a0FyXMQU
+YJjuB7GA6r4U6QnIHsxS5xrQgkshb4tp2MVWMhqlhsfOLaj1WZ+oe0DxKw0O3YKT
+H/EAzmNelKcMbtTcilLaIdI5l+Ylam/bZe7QvbN2s72Kn2PZjtYqO3Uzqw14bqAJ
+Rl0ekleMdZRMMzAsour+iNVPHnlodXnQ2gy0J1hSYXkgVGVzdCAoZGVtbyBrZXkp
+IDx4cmF5QGV4YW1wbGUubmV0PohdBBMRAgAVBQI247TcAwsKAwMVAwIDFgIBAheA
+ABIJEIl5psVWf7NKB2VHUEcAAQG3TwCfQ9GqGIzMX4vfsPK9xpWX7TNKuZsAnR8v
+7wPkWtynWbdi0Eymj6Pl2yJ4uQENBDbjtQUQBADG4aUG+qgOTGEgOAVnN0ck76An
+Kb3jOBIYeQGYEgF/lDYbY7fOQ3tIgQ0jXrKD1zHLvORNsG708yDNR79S5Ci/1nph
+crNOPWMujOsZ2WMo5xblhG+WJujt4pcNSRK9P5fonUE4hV7GXTljg1yZ/ui00Ot7
+b1B8ryAYE79t1B3svwAECwP9Hg2r8lBq/j/t3kRO4xl108DFXiQKdj7sXugmAcMo
+mF4nG3j2s219dLEFlSwn0/peGvjp8JFPfcMPU/xHJSaZLf90mXsf+pHcDWujHgVA
+9YC6ThYaGx9Je+VmcVYomELxNnMWKyOJePDU4ViIXhMCvGP0Pt39wcQoiLjeu15+
+l/6ITgQYEQIABgUCNuO1BQASCRCJeabFVn+zSgdlR1BHAAEB7JAAnihkYWPnxhbW
+i9SUMaB3Qz0SfsLvAJsEGrvruaT2XPVKwa9FFfqRj6WPnpkBogQ247VREQQA3VAG
+c4T+vuvVXcka4ETaLaLlL1xOiPIdJMWRWWQ60CZqWXDVpFBw6oG2AyfUZiHhLlmT
+Zssz8UhXLw/URsPSpiGbtpGWKiLs4OCqjslN0lHzcnGqxGWCZJixMgZa5DcWZJjw
+qdXEbDChgm4ULP/7+iKvIenTQNhFoCXr9MtdoHMAoLpNCmSKlTu1H5GlWmYTK9An
+dWrfA/47ip0VYgzIvUhI0iWcG95sNfshApzPL6zPgKBqACogs/5/DfRn9g07BcuM
+ihLJD0PLNPVnOXqQRaN4Da7jLuJA53XtLgpogxG08M6XUimTucfcovu29/bgjZIK
+A5c8KJ2lzXSJ9jZxSoy+O051f7yhXbUmYC1vdNr8GBk69QKy/wQAiHMfU3cbCfTT
+Mmig+zBHCkHjqzqr/zKtR8RT5AwSOIU2aUIiHdV08apCelBw8PbEf077TuWCq2Yy
+DZJmgWRYh5cdaMgdAd7ul1FS1yHPZYshcofWjgXUJHR4I8iPCs5OmdHo2HK3uU2O
+M36ZQGSpFA5WN1NEm9GtMSBoYKN2ERC0K1lhbmtlZSBUZXN0IChkZW1vIGtleSkg
+PHlhbmtlZUBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuO1UQMLCgMDFQMCAxYCAQIX
+gAASCRCe7zTNSxGyXwdlR1BHAAEBSQQAoJRRe9UHKHiX2iFczXq6nrvr0NhLAJ99
+W/I5b2/2QQ01we8i1mcSYPWj47kBDQQ247VnEAQAmuK5RcS0zTyXp6SjW2+WeQIp
+JnJDflL0+iBe//3SADv01qUmw3jWMAuxG+CcCApksl122V9npEHiLC4Q2A69roLR
+sbxKBPebustfadLJoVYqPsvjnrBlafe5GcrFPnKbE0wV6ZXx/Tp/eSDiQlid4lWz
+5J+z/mN7KhHANzoRAbsAAwYEAJO5fkCSdNwkisFXzeKslWxm9Yoe1TOouiSV11he
+x0j94Hpz5wGWEXF7z+FbDq+4V0UqGkKxaERsl6HMWNkImj57N/9h1C1YDfiKTimg
+5tZpKmehXtldpWGCNDZrE0RasrFCKENVhFMhpc4kAnx6rbA0+LhRvJkvkdxY7pKU
+//aZiE4EGBECAAYFAjbjtWcAEgkQnu80zUsRsl8HZUdQRwABAfRcAJ99+4jghLty
+CHQ82CGv/S/cv82GdwCgk3C62Y3uSS/2f+g+qQHLMvG9m3iZAaIENuO1yxEEAIEM
+k4Zf0L/HEJVk0/o4fPpwvm8zc+KZQCFX70cBVU9BWJOcUquRg9JDJF9bOM5TxE7V
+OnkIfPvjug5vqP0/vjIfW7LvzIWDhS6FcFaKeG4IoqrgghbAmQIoEWvVTx+7xrpj
+o1yOqIMDQqYZEmsw+Zd6deQmkUYcbvytS82L0gx/AKC6DM0guH/ddkJlT4FQ9h5c
+v6dQAQQAgNdmGPW8VceCL2WaKMoOMmhwQGhqY3+1pDLo7HVFEPoe18A9jlMRHWfv
+Gb2EzMT46/Ugqkf8TzvZGFrWq7W/t45rp5O41YXQ2+ZJH3nl+t5Gw25Hwk0hvpK0
+jYRH2nMFR+PKQL2mDbA94LvClAkgX1MX4lrUG8bYj6FrbEnvzoAD+wcRS8A6xznx
+hs+Vsg/KnYl0Qe9dNFPY0hJVG5MxCyDy9X32cxhHYJSHbvS4/LLbFloP+Rhwn3/W
+eBjsL2lts1ahXvQ+QQw7+qPrs4hWJZU/NSEh1RGitukaG5zegHNTE6CJqXshshI9
+Ei0OCDahmhjiGrJA3HwKPZlkDMOkza8KtCdadWx1IFRlc3QgKGRlbW8ga2V5KSA8
+enVsdUBleGFtcGxlLm5ldD6IXQQTEQIAFQUCNuO1ywMLCgMDFQMCAxYCAQIXgAAS
+CRBrxHeAVKzSRgdlR1BHAAEBQOsAniVMkc7hW7GdLkLpb6YDiEUy0yrHAKC3dyJ1
+RI9tKXk1EOW9jTopkl5ysbkBDQQ247XyEAQAzHzwwUKDM7+djJo2/EnWmCijc6g3
+fStaGNoXDEovi3B2oPiiRTsigX90qB5nFP7whDfi8k4JY2Eig5hH+MGdvni36hYE
+nQSadsZueYofvQh14N3V8fUmx4hiQiMXyWiLJzc91ZiRjww4wZWn/4Y5f+0mb0fj
+CaVSxTxo4+7joU8AAwUD/0oL9Gm3gl1XVV8BhJoXVdFQ6PN9yEEXUbtcrfkC51kT
+Bk2NaEGqbB+kC8GEmXwyZcW7AQN7X6ikraUUm3RjTU7CvkSHobBnXYt7FhqZURpu
+V7eSqZGP5nP7SxWmCTTKgIH1kHCpWRwaexKFjIIkYgyVFqtEx9cEQ6D2kXPh+Rna
+iE4EGBECAAYFAjbjtfIAEgkQa8R3gFSs0kYHZUdQRwABAX1jAKC5Gp5sHM9sWdZe
+M6qfu54F2OwMQACfTjYXfpMApAROPkjhhFNqH0d8x5GZAaIEO6cTzxEEAMnukcmm
+91KqYvahVQdYaI/Gv//n4YDWL7BHNdArU3MA0xjcmimynR67KIXdsKu/kEVcQJvH
+6rlyL2J+BvRopxHRmT+J4FKdQjzb0BdJMoKzxBd/v3ZwinW0fjlvTXabncnbRO3K
+fsD6Bd5FFv+0HOFfUJTQCga5YtNYrQZxIz5jAKDrTFXeC0ABRhQNBB/ym2jiJqzD
+RQP/ZK9t7tKX2GKmrdn8sFec3j9h1QNnDoP/82xrXZQRICNusMBEhPzD7OAEo0Vi
+gpz2Tu++wWci7ghKjCCMqmgYQDGJVmVbJgrqM+4WgPQv7jD2Q/yRUhlkf7/dp0SN
+FXfodHxOOD3d5Fj0zBMfprKle56vHjIDfpNwaz8k2XjZMw4D/i1v0WycSLrbSWcC
+YavqVEeZtkJ4UMHcjsjQz0VrI7T/DMmMeYoaqs8rzHlDJGuT2Nz4Q3kx8pY/lTLp
+k6n6aYq7HTvXHZSX5J0+An/7Vgj3UKH8Ks7/N/dN57ZJY55+6llmQkpg/PV0cdQN
+DSbKeVYkeA4tJrDjViGje86h6ZTUtCJIYXJyeSBILiAodGVzdCBrZXkpIDxoaEBA
+ZGRvcmYuZGU+iGAEExECACAFAjunE88FCQABUYAFCwcKAwQDFQMCAxYCAQIeAQIX
+gAAKCRB/8jC/nVY+ViD9AJsHf9byAEuDOECER69NAm18N2WdpACcDiaOaA3gd01M
+kdEz54toKFIpPEa5AQ0EO6cT2BAEAO3Onn+URLuPNsFVz6rrIWenJbpzGYTdNf7n
+9kAFIXfFAKL8nPtdne4zL6UQcHAABDOAd4gCI9tQSPHTrX1tSlzDF2xJL5sbFFxk
+aN1ivB9oh4+ToMXEGNOHAZ9SRinFqdBotzr84zg/rGVFTzhSuMkPCMUu+1NCKGJ4
+B6wIJ6/LAAMFA/0e7Jom6d9wPQ+LZDRBK7cH/yG+Ylq5ixl86AL3ERZL/JUuUe4B
+2iVPx331sY4G5pDC3sqv8FcmItditfFO8FYJFMWD2DfTdbtGU4XRwgd6BQ3192Aa
+LcwyjzpuEMrplCFQjTV0OfEFogRchP4x5UGx6gdyXRDi5n73CqQlGS4er4hMBBgR
+AgAMBQI7pxPYBQkAAVGAAAoJEH/yML+dVj5WO4MAnRC1ThcLd+ucK3uM0OvaqL4I
+B14GAJwNvBDmPEOrXuES/xFiuDa5aRzbyJiLBDunE9kBA/9nslf97u62S2MfyPtD
+taRtydoB9/s8KQlYakcTWajVSeoKXqSyyBNmWL1Elkx0q0mm9OoEvFRLjVBHPn4x
+CO2M5vZQgnxU8SJcHrVsJnFYu1fSQsa+LRHqToiX3LY7vKaKJ/5o9gTYWpbsX/ZD
+kS6UxuRa1BRoFYZdCS8A2/QSGQAFEbQmSGFycnkgQS4gKFJTQSB0ZXN0IGtleSkg
+PGhoQEBkZG9yZi5kZT6IuQQTAQEAIwUCO6cT2QIbDwUJAAKjAAULBwoDBAMVAwID
+FgIBAh4BAheAAAoJEJ6cEKDO2FT/Ad8D/09Z93LR+W85FFzr+zvPhkp0oJ9MVcnu
+OceEzNhT7uPyaf9ZYtgyHdjMnRMMPqZZnP8fwoyrkSoB/vDy/M9t9H2RHGbdU0El
+FRdqSWwMkGWzpA1cxMw5QuqznHLrHj6VsOkQ2jpGmY3yBQwJBbF19eGq3V5jJLW0
+Lzyn9HM37ToRmQGhBDuoot4RBADa7tyCsjFl/2zvNQr/r+GH/aCf12wlxsmVE1cs
+/GdkO4nvZgzB0m5RKPfsTEf18Op4wZh6y4rQJHCUFxVkG7MbPD2d/aUay1nU7vCo
+t6vG89vkUMtuebZY3tXNQfwVrt8lo87DnB/GA0dKPS0SQzbf08Hhahw4EUQDEWI3
+uvf/4wCgombN0n8cpUVPaoDMZkyJWXOd858D+wYzmkIbHk951dsM1wOLQv7athDw
+D7YHi/s34V1rWoZVmuT2U3EZiLusYJ5c/bgsRu9+A3Y6rDmh3XL5d9gpp2JEsWgJ
+MI4U79/AtyzjiwgO3hw3QuWooh+VB117qM8Sw9XyFhlmSD0ojxgtnrh2YW4Ow/YB
+9yU4iLvwP4iaCuH8A/dIqE8xObbkAi3NbyDewi6LTYSnLQkHvUQhBuMBJUfBLHKN
+vd28/Y5udS44qQvz8oEQ1zAmo0/y+kHWxfxh3eFHQiML4MS35srPBisCXOpJGoJ0
+dJ8c4y9a9srzeg6ZJGbTwoFQQZbaAIxcciRus7NvnCOEpyKJEba0lxhyVTCftCJI
+YXJyeSBILiAodGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iGAEExECACAFAjuoot4F
+CQABUYAFCwcKAwQDFQMCAxYCAQIeAQIXgAAKCRBCNzY0Y/tTEbmxAJ49YOdvcxh7
+tCPAVPcLWExYS+BesgCfQQhQ1qWjKuLy9yWDfGKS+5Qlsqm5AQ0EO6ii6BAEAKHp
+h48Yh6jezPm1Tb2F9UOfgLAEKHXbwv5F3nznYc3/cjCHLXJNISqlq+ZflRMu8lpU
+Wf2HQLzVFYXtDWoBrujlOldYy1IWKOvvYPBRIVrbe6r4tnklRN/2DY8DVWSSFovt
+NhWtyUGbil+wDAQoDbWQXhjnfr4zOv+gJIjMYbzXAAMFA/93V+ufNG4jqm6OrcMw
+f6E1GH0pBlySOwu1O6QrLXx/YlK+cMQqPyy/oZ6Uj8MqUFIJEBbQwe7byubHlYKb
+JG6bs4ecOUggATX3Bnby7HwB/xjQI6ECphjxmrGqtvbewG8LGSZNhmfrx44L0gLo
+8bp77j8pAaCc1syS8HNue/3K1IhLBBgRAgAMBQI7qKLoBQkAAVGAAAoJEEI3NjRj
++1MRb1kAnRcw4bpKaM7wyUoOK4rJuas+gOfMAJYsoMCmvozGAeeTJE7k8AWm9pLZ
+mIsEO6ii6QED/2vr03VB1JAzjQhzifY2ueHye0X/BcjtSFWhN6jIQzHHnRH8oSaN
+Mp0d42gvxNp5aypEs72SFO4W580DsxbNdtSJhaC6hnpncAg8yAsZIo3Ix7v738Yk
+h4zOB/4RLwmZJzm2gG+soiQAATTOBvnD0IJumU06pCRUHQDJ0daHswrRAAURtCZI
+YXJyeSBBLiAoUlNBIHRlc3Qga2V5KSA8aGhAQGRkb3JmLmRlPoi5BBMBAQAjBQI7
+qKLpAhsPBQkAAqMABQsHCgMEAxUDAgMWAgECHgECF4AACgkQg6m004p3Kwg6xAP/
+VgizRHS+2Rxh/kVKI1/PRQpVGCEl9uHB58peMdPl3aAXxBcOoO+74cfb3ce+rD0D
+EGhjXKcXDl2dwLl/lSAOdUwHPdLi6Miv4IvoMyMsCyxFIgGnr7qZUFOzEues9H0I
+bVbwSv6pJMCgyc0aOnRyCFfT3m9lXL9hIIUVvawatnqZAaIEO7NiKhEEAMlPZPLF
+VnBUnc9J2lZRdVmnHWgYCRc2kYgfeLMqY7Q9l/Nd1SxuCt8DpudwVs/8w+6oNIH+
+iH1k4qcZYOt7afw5C5Vn8LEN9NfcTTkvwEqb9z8FNeKTAqGK8lpl25NgANwqtxql
+gK9bZUuxzNIizsc/GqgkjwL5TgI6vpicdFoXAKDWyCdU8Q3EK6xoFWxPR5D98VqG
+pwP9FdCrFqC/Nt3rJHAq9PNCWJWtTO/TiK8LS8Pym7YRobKLzGAA41uBaEcUxhJA
+OJKeW8m4jq9mfmQixGIoDWm1oBbM5ooTySUBweJZUh13IJmocOYE++KxI7RXGmru
+aFcCG0pusHLJoanyzh6KeUby9S/PtY9Bo3vc8I239EPhj08D/i9l+cdXCGhGwOWQ
+xsCOUcXLV8zbf+lL0Aw/bcwtr6+CSCsW+DdnRsJzcyKsKz/EezJE89LUsmFqZXnH
+aSdXQ+UdMAegZoY+hqlnIOxhkM2RlGqO2egcJ8TJrzeuHEHsYkiwQozyhInnXmQd
+htDnQ+PrtYgr0BY5niwwB6t8NCGOtCJIYXJyeSBILiAodGVzdCBrZXkpIDxoaEBA
+ZGRvcmYuZGU+iGAEExECACAFAjuzYioFCQABUYAFCwcKAwQDFQMCAxYCAQIeAQIX
+gAAKCRDIQJy3y8q66ZRzAJwM2w8QpKAMfZsOIPKOiJKICCXlYwCfYKaaJ5LOz6mq
+kSbVgDVtpeAZJJWwAgAAuQENBDuzYjUQBACJygT7QnMtfDnFUnixXdXu/vOCqTbX
+vmysKnnI4OeDW9QxTr+ugf+f6ROykJFF75zq/53jgDD2cQkUjU2OWbrrqWF/aYHp
+YM21TDtIRfRe0llF1kSHPnYW2rjnY4/AeWvPjToevxursEn1J3Ijd6NentxE/FWh
+etTEHSWE784/NwAECwP/fpxILkyJUfPdNY5HqN4Aag1g0ZWjVfaWrebZDt0BIHJp
+Qd8RvUtQnOzCOZ29KOQKS9LHOJOB2EjysCKTwBDYK5ZonQUtmhdwNZeoLYlLrH1P
+Q9WuhddjT6dJWMl2yJ+zchmDRFajf+4AvrbYGnMbMdjCllnDcygSlzUt7KGcjuuI
+TAQYEQIADAUCO7NiNQUJAAFRgAAKCRDIQJy3y8q66b5jAJ9ROwHyPzvGq/vgztzs
+4972gMuDIQCfeQq3q4tW3qoWyC/TOkvTSeUuzwSwAgAAmIsEO7NiNwED/2S8L4RT
+6WxoBdOIu6eqS0McmZO7IDt9rDsXtpGG0CuXHajIgiSgEuYxX7uMHsNvbvV2JQyn
+P3ZyKhym5xYcjwt/pu2EpN09ZaTstXryDM2pWl0D2bSfkbjEa0DumA+aZpDXix5N
+juWsaQ1KZPFWerfJKrKCjRLe1ODBkvKlgAVpAAUTtCZIYXJyeSBBLiAoUlNBIHRl
+c3Qga2V5KSA8aGhAQGRkb3JmLmRlPoi5BBMBAQAjBQI7s2I3AhsPBQkAAqMABQsH
+CgMEAxUDAgMWAgECHgECF4AACgkQn5OQvjVwcDdcLwP+KHNNbeyiJbRnQ8lN12MM
+wPUn5mukWYb9zHnTNF8R5xFui9ZSIRzOOilw7DkbpoIlFz1Wwk9TfOQMtYD2U+Ts
+u/2a2jxDJuxS82ugY2LjsZpUY9HZ6x7v7xZpY64xpWD88zcqIrenMWTrG1pU/xr+
+mCQywk9dFARsoeRrZWH7fHKwAgAAmQGiBDu0KcsRBAD9+Zd8zw33dyY80G7qcBZD
+kw56//8J8ivxH2EZEfcVXxs7vnyAUuQdfZF/+5FzKjxkd4vDVwjRR/MLcDtMmvrY
+wCgsFLZ+f3CADN3sqyckVwqakpVCpRfQQ3SL6TiqenWPIwIs0BV1PBVe4xOkEoSB
+gAjnFc0roWeWYrhEBDjYzwCgpEMYeOKONrccun/7g/z+HAdh3xED/0aOuwx/L3HK
+dLaj32jsuQhoTiyQns5h4lV+5n0boXtDslEihN13g6ocx4i8sgyh2JPSmuapFR3A
+RBLpCLwdXACyJR00v2h2V5Y5vfzQW3pC6OfjOGy6/K3tLn9y1Tgk+k4KiSKH/YPS
+MfNIw7lE8EqrvBCORT8LddKbT2+xai7rA/9pJ0HoibbLjuqIb2YehSwIqX0Jolfp
+b6GXk+2j04tbpCRg+h8yzrWGbNcoRkSXoZuqG77WtR3/fnFqG+H6GCO1Gxbdcdx3
+tWsA/CQSu4WA4zTWr76xmD/glc8MtWEAdiLteKe8GwoC85e8waqGAHK/Iz1VLptw
+gXuSCQi9K6h1jLQiSGFycnkgSC4gKHRlc3Qga2V5KSA8aGhAQGRkb3JmLmRlPohg
+BBMRAgAgBQI7tCnLBQkAAVGABQsHCgMEAxUDAgMWAgECHgECF4AACgkQBAwmnIJS
+W2YqwgCgnm7EYwm08AAYQEWJ1PJtDjguT8AAn2mHZZSIkVNR41htlr1gdyDWCTb7
+sAIAALkBDQQ7tCnREAQAvkwf0DiD1zbcqiBajDGZhDvE0cb5BUbMcuJvSH0FBXop
+IIniYcmnfu5q393y8WPc/rVrJVHrAU2RyHTAoX8vI14Hvc4HUFDdnoj6Wk/xSiuY
+P8C4VN0NX3G+S+C4Pa1Er2s/m4X9PRz/YA0bMVynp7f9QM18aN++OpWV2jVBRd8A
+AwUD/3cuV7jHchUeZ7h6Upagzj7quky9o6o5lB///Pk9QZ5HEBQTCJDvmu13xCaa
+O9II4XFwjYntYbPOxOTJ1aEBKQubkUo0SIj8i5rhLTeDkkHB5M/rO40gS/MFNMVW
+qFCvUIQk7yBkum+MFcJFSEz7OMpL3K5X93W9twllqtUZqjvuiEwEGBECAAwFAju0
+KdEFCQABUYAACgkQBAwmnIJSW2YNEwCfbPwQzlrLRCUuJM2inVLcz/3jijIAoJWg
+gcMT69FfppDw3sA2h2PtAdOAsAIAAJiLBDu0KdIBBADLr2l43qiQ89pgGz1gEa8i
+JyrLvkiYjgbMjT3V9liCUwAXEYexXJD9OyKHXgzxRoeBIEvxRJQ2UbDJS+Uln+hY
+/NCVF7sq2yzZr79KlJQzVcNbiaHmLpSMqVNWW7hkqvrA1cmLqzw5F05QX6bTBiCO
+2LrvkOV5Nwl8prw7EDW7JQAFEbQmSGFycnkgQS4gKFJTQSB0ZXN0IGtleSkgPGho
+QEBkZG9yZi5kZT6IuQQTAQEAIwUCO7Qp0gIbDwUJAAKjAAULBwoDBAMVAwIDFgIB
+Ah4BAheAAAoJEJsH4rxTFNch1x0D/2WcB2ranNdpej5/YmsJlJha7vI5zoTCQMwk
+Px/oFJXZjfarEkFdKRY/nz+zZDVxDzr5DuA0vjBP5h3JuycQwuGdDGW7eF5ZIX34
+ntCepMLohLkqEO9JWUMWzBN3/pQXDSUyIbE7qSRLKqn9zGgvsrbx7vwnBPFJE/Qz
+0gREuUJ9sAIAAJkBogQ7tCz5EQQAtqJpy5L5ipND1euXjra9IDoCG+iGbo9Rbx2D
+eQw62EQxWfT5+JCLsy98OuDCznWB4qSU+gc/Acpmz39PuGKbZ1ysfM2y6Ht7yLqR
+UZJfIs8slQKeGSXPEOcEQSOddQbW5lDPfTov/AT2hf9vvpi3TyBuQ9rfeVh56nRv
+C87igEcAoJgCFriL+cHkx1XTdemk5462nlRvBACwLOfshZJfof2hgg2fJgEo6nUG
+meJ2axHzvy3NEd0zToDaUEaoX074m3sfu+WqiBfbgtG4TvLD1pRNYrGLD/pQ/5AQ
+ocBHdEBs+/1ODiurIwPAeHOR5uRzXtUnJVJosgQSjpNKQ6X60KoG9XVPmqr7PmUb
+NxpapFgKRcQm7djfaAQApjae7+WszMEIddG6c24xuFKRwhvw6mVtZzggN+vHDvjS
+IKyDnCHYY3OYS0/PDLdrLqxCGQau5XqlilSKLkyzbh7zO1KfznHua4uLUSF2qkTE
+q3njvBfPxKFdKE/YWy3ptV+xoZsVTlreRf/sEQzPNGtxJ3qDzloIZbFr9N3oXwO0
+IkhhcnJ5IEguICh0ZXN0IGtleSkgPGhoQEBkZG9yZi5kZT6IYAQTEQIAIAUCO7Qs
++QUJAAFRgAULBwoDBAMVAwIDFgIBAh4BAheAAAoJEAzxRunkmECDz9MAn08okktW
+vgrAJ600zYVZH7Qt26D/AJ9uA9PUHta29AzO1Owmibj2xzWsaLACAAC5AQ0EO7Qt
+ABAEAM1AVhC7V3EnU5XF7M7OPozDnk9fOgGpCh4HeD8Emuqh4TRVWSmCSA+YqWt5
+r1L4TpV4QQX+vUDHet2i/IieIFKOrowuwiONln+YGToxXSB8tOKKr4p0qJ/w4ozi
+jJZ6NVBmsGeXZIpu5LB2Ar4K3z3HZmwNSlDznVNwXJXNpfIXAAMHA/48d7y3W9y7
+jHD6QatVl68EelxV/x7BWHQF0JEltwHCKN65H5yV6IhUn84VNJazS5jVwYUvbmbQ
+u09Ndm7iKX/Gfwo5EyPxGzbLl/W5fA3vn1USXJFX2Tk7wALQ5SAZHHbrluIp/660
+zvXn3E+466KchiRCdOfqFpCd3Rxgrv/hAohMBBgRAgAMBQI7tC0ABQkAAVGAAAoJ
+EAzxRunkmECDFXwAn0NXK//V3U3k1LNXeU0mz6GYmaPRAJ9eRstO6/n170QF3Q7b
+kGNUvtPVdbACAACYiwQ7tC0BAQP/d9zC0s9/3Arm1Wul0feKO5jPA0pk/iZdcCDQ
+WYqoMflu2d9j3vIqFNN/tq9JDlvUXtdc4119Pr5Mgh7pVnSaQtYqbih8fbYgNUbX
+1NrqqtgeI7n28S5W+SMfR/uLCpdGSRoch/gvmKz2u7pnyQL/Tcm5ffMP0gkgjNVG
+a0ok/1MABRG0JkhhcnJ5IEEuIChSU0EgdGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+
+iLkEEwEBACMFAju0LQECGw8FCQACowAFCwcKAwQDFQMCAxYCAQIeAQIXgAAKCRBq
+3kKidAP1iVhsA/9q+o0L8lqSELMitAcEe8q74t+gaoQgOzIdWZp0G4GYaxyHU6xU
+AuWt18WAOJdf1WG+vmlz5kVX4OvlTQFl0oeVEfCEvNTaOJsUlPEajB8o3RrKzhxr
+rJ+nJGZV7SYs7CbF2cfrnuLMZ3vc07YlGMAxZU5QDTT4sKZ0hkEBhGqylrACAACZ
+AaIEO7Qv2REEAPz8+IF8X/cOgaxp1lafMWamZoGa7JaLvAbtQJZV8JZ/2au1iAXn
+j/C5f7BS8fQk4uE94mQy6cj1TBkNCJEARCrGRUQ3cSMBrFD/7WKneU9OLuTbG6cv
+B6LRBZv+LauSi2+I7OD+1k4VhZrYyISGIzHStJAFQezNLe+Md9zlNVrvAKCT0YGS
+v2bgvlU4D4+f9Li+20NGMwP/UKayvNs6H4TxWJipMNQep1rDOUDKNTyIJWaPAzA7
+5l+iFuyrBAw3cN4NTsDKRdNCCOfmlrC21j0eSDcizy3jVeXAdkKszQSLKCsrbGq4
+yL+ZIgHlfQdL8smSMIl6C0X746Ez9VU95acjjjhvh8WTw12jkbIR1RL9HP8LX62+
+r/MD/1ixh16oBvtK0l8QOVrbm/H6FwTZspf5bLb5G0RRBX1VJbKH4GCzlLyQ34fA
+Wl1xen6Pf5beJP5CMnG2eWYCrS6AluUuIJgo1w+vx4MGvq9OMdKyJZcYLbWUnx7C
+DbOo/1m+vZsXikA8z+GFfRsOLwL+HSdSQVxEZbG6hWJ+jRMutCJIYXJyeSBILiAo
+dGVzdCBrZXkpIDxoaEBAZGRvcmYuZGU+iGAEExECACAFAju0L9kFCQABUYAFCwcK
+AwQDFQMCAxYCAQIeAQIXgAAKCRBwEnpBKosIQEDhAJ0cAahtG1+/4gMMWltbitSq
+bTNBrACdEUWzmwEVSOrX/nMbvhAejSljTtqwAgAAuQENBDu0L94QBADW/R4I4DMQ
+vkGlvP6jxWLz6TgkPMAAfEyxIJoZYLJggau4XJYyElmUGVFVH36DPE0453yN7j3g
+BxVbOCZamUOINyehuBy8Gxom36Oegzvr/43TcNPTHZnVl9wJVCFmOsAR3L8A617l
+AguvUzlj4e7GwV5yCwwlNtBGO27Lq/dISwADBgP+JB4l+2Bdx9wMs1zVDGQj0BER
+tyHmwSVzLn3BG0pAM9wf6Me5/o633rOOQYl1mwmXXjUWZasmjegqWLUFPEkCyFMH
+R0CWWI9CdBOQROBFb6jK9Oq2jYoGxTJ4kCtMGo3z/pNsAGdNtgj5s0AgUIoQHw+L
+7u6XF8De/Sww56eyuKOITAQYEQIADAUCO7Qv3gUJAAFRgAAKCRBwEnpBKosIQNT/
+AJ9z794Z40YOapyZWN3NyQPI1zM0vwCfZIkY3c9J7WVXDqO+FlXWrb9L722wAgAA
+mIsEO7Qv4AED/1NZpI/iOHgQiAqloxQaiXvOL9X5hbtXPbFMN8J1S+78cRxBKtcb
+z4HXz5V0OrTKXG7aXu521hrlOeeAjBFhf2SvfYmPi5/s6RtQlv26+mLUFgptXy8M
+NViaADZaFIpmbPQfaRbY1RjVg8kSPKt35cOa3DqO2gjNfgbTUITTOUQvAAUTtCZI
+YXJyeSBBLiAoUlNBIHRlc3Qga2V5KSA8aGhAQGRkb3JmLmRlPoi5BBMBAQAjBQI7
+tC/gAhsPBQkAAqMABQsHCgMEAxUDAgMWAgECHgECF4AACgkQR6zxLyoSmJnf1wP+
+Lianh9lizALW8bgEWU7A8K6H9WnVSqVYJ/yihZXv8iHeHKNA5nhUumvx2xz2FbZU
+Nk1lgElbuoHjaG7mt+jJxvbx7NluGJkBk0jvE9zFz+LDqfaIp8Lb3IGVvlxnwl+D
+wGQ6MR1MDf1FcBpIlMEY5UFV99b5D8WQ0dlAaB4wWA6wAgAA
+=Xw/z
 -----END PGP ARMORED FILE-----
diff --git a/checks/run-gpg b/checks/run-gpg
deleted file mode 100755 (executable)
index 28d575e..0000000
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-
-[ -n "$show_cmds" ] && echo "../g10/gpg --homedir . $*" >&2
-
-if ../g10/gpg --homedir . $* 2>err.tmp.$$ ; then
-    :
-else
-    echo "(../g10/gpg --homedir . $*) failed" >&2
-    cat err.tmp.$$ >&2
-    rm err.tmp.$$
-    exit 1
-fi
-fgrep -v -f $srcdir/run-gpg.patterns err.tmp.$$ >&2
-rm err.tmp.$$
-
diff --git a/checks/run-gpg.patterns b/checks/run-gpg.patterns
deleted file mode 100644 (file)
index fde7bbb..0000000
+++ /dev/null
@@ -1,14 +0,0 @@
-gpg: Good signature from
-gpg:                 aka "
-gpg: Signature made
-gpg: ./trustdb.gpg: trustdb created
-gpg: NOTE: cipher algorithm 3 not found in preferences
-gpg: NOTE: cipher algorithm 4 not found in preferences
-gpg: NOTE: secret key 2E5FA4F4 is NOT protected.
-gpg: NOTE: secret key 439F02CA is NOT protected.
-gpg: WARNING: using insecure random number generator
-gpg: NOTE: signature key expired
-NOTE: this is a development version!
-secret key without public key - skipped
-gpg: using secondary key CB879DE9 instead of primary key 439F02CA
-
diff --git a/checks/run-gpgm b/checks/run-gpgm
deleted file mode 100755 (executable)
index 9afbee3..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-if ../g10/gpgm --homedir . $* 2>err.tmp.$$ ; then
-    :
-else
-    echo "(../g10/gpgm --homedir . $*) failed" >&2
-    cat err.tmp.$$ >&2
-    rm err.tmp.$$
-    exit 1
-fi
-rm err.tmp.$$
-
index f89234e..72ab27f 100755 (executable)
@@ -3,8 +3,9 @@
 . $srcdir/defs.inc || exit 3
 
 for i in $plain_files ; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -seat -r two -o x --yes $i
-    $srcdir/run-gpg -o y --yes x
+    echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust -seat \
+                        -r two -o x --yes $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index b93e5d3..41bf831 100755 (executable)
@@ -1,24 +1,20 @@
 #!/bin/sh
 
-echo "test is currently disabled"
-exit 0
-
 . $srcdir/defs.inc || exit 3
 
-
 #info Checking signing and encryption for DSA
 for i in $plain_files $data_files ; do
-    $srcdir/run-gpg $dsa_keyrings -se -o x --yes \
+    $GPG $dsa_keyrings --always-trust -se -o x --yes \
                -u "$dsa_usrname1" -r "$dsa_usrname2" $i
-    $srcdir/run-gpg $dsa_keyrings -o y --yes x
+    $GPG $dsa_keyrings -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
-for da in ripemd160 sha1 md5; do
+for da in ripemd160 sha1; do
     for i in $plain_files; do
-       $srcdir/run-gpg $dsa_keyrings -se -o x --yes --digest-algo $da \
+       $GPG $dsa_keyrings --always-trust -se -o x --yes --digest-algo $da \
                    -u "$dsa_usrname1" -r "$dsa_usrname2" $i
-       $srcdir/run-gpg $dsa_keyrings -o y --yes x
+       $GPG $dsa_keyrings -o y --yes x
        cmp $i y || error "$i: mismatch"
        # process only the first one
        break
index fa9363f..1d05990 100755 (executable)
@@ -5,9 +5,9 @@
 
 #info Checking signing and encryption
 for i in $plain_files $data_files ; do
-    echo "$usrpass1" \
-    | $srcdir/run-gpg --passphrase-fd 0 -se -o x --yes -r "$usrname2" $i
-    $srcdir/run-gpg -o y --yes x
+    echo "$usrpass1" | $GPG --passphrase-fd 0 --always-trust \
+                            -se -o x --yes -r "$usrname2" $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
index 0e14f20..2294cf5 100755 (executable)
@@ -1,24 +1,19 @@
 #!/bin/sh
 
-echo "test is currently disabled"
-exit 0
-
-
 . $srcdir/defs.inc || exit 3
 
-
 #info Checking DSA signatures (default digest algo)
 for i in $plain_files $data_files; do
-    $srcdir/run-gpg $dsa_keyrings -s -o x --yes -u $dsa_usrname1 $i
-    $srcdir/run-gpg $dsa_keyrings -o y --yes x
+    $GPG $dsa_keyrings -s -o x --yes -u $dsa_usrname1 $i
+    $GPG $dsa_keyrings -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
-for da in ripemd160 sha1 md5; do
+for da in ripemd160 sha1; do
     for i in $plain_files; do
-       $srcdir/run-gpg $dsa_keyrings --digest-algo $da \
+       $GPG $dsa_keyrings --digest-algo $da \
                                -s -o x --yes -u $dsa_usrname1 $i
-       $srcdir/run-gpg $dsa_keyrings -o y --yes x
+       $GPG $dsa_keyrings -o y --yes x
        cmp $i y || error "$i: mismatch"
        # process only the first one
        break
index a323889..7a8f998 100755 (executable)
@@ -4,21 +4,21 @@
 
 #info Checking signatures
 for i in $plain_files $data_files; do
-    echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -s -o x --yes $i
-    $srcdir/run-gpg -o y --yes x
+    echo "$usrpass1" | $GPG --passphrase-fd 0 -s -o x --yes $i
+    $GPG -o y --yes x
     cmp $i y || error "$i: mismatch"
 done
 
 hash_algo_list="ripemd160 sha1 md5"
-if have_hash_algo "TIGER"; then
-  hash_algo_list="$hash_algo_list tiger"
+if have_hash_algo "TIGER192"; then
+  hash_algo_list="$hash_algo_list tiger192"
 fi
 
 for da in $hash_algo_list ; do
     for i in $plain_files; do
-       echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --digest-algo $da \
+       echo "$usrpass1" | $GPG --passphrase-fd 0 --digest-algo $da \
                                -s -o x --yes $i
-       $srcdir/run-gpg -o y --yes x
+       $GPG -o y --yes x
        cmp $i y || error "$i: mismatch"
        # process only the first one
        break
index 13ca073..f1fd728 100755 (executable)
@@ -3,7 +3,7 @@
 . $srcdir/defs.inc || exit 3
 
 # print the GPG version
-$srcdir/run-gpg --version
+$GPG --version
 
 #fixme: check that the output is correct
 
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
new file mode 100644 (file)
index 0000000..da3ff58
--- /dev/null
@@ -0,0 +1,902 @@
+2002-05-07  Stefan Bellon  <sbellon@sbellon.de>
+
+       * md.c (md_start_debug): Use EXTSEP_S instead of ".".
+
+2002-04-24  Werner Koch  <wk@gnupg.org>
+
+       * tiger.c (tiger_final): Removed superfluous token pasting operators.
+       * md5.c (md5_final): Ditto.
+
+2002-04-22  Stefan Bellon  <sbellon@sbellon.de>
+
+       * rndriscos.c (func_table): Made func a function pointer.
+       (init_device): Improved loading of CryptRandom module.
+
+2002-04-18  Werner Koch  <wk@gnupg.org>
+
+       * rndlinux.c, rndegd.c, rndunix.c (func_table): Made func a
+       function pointer.  Note that we still need to change the module
+       interface to cope with data vs function pointer problems.  Hmmm,
+       even dlsym has a problem with this.
+
+2002-04-10  David Shaw  <dshaw@jabberwocky.com>
+
+       * cipher.c (setup_cipher_table, cipher_open, cipher_encrypt,
+       cipher_decrypt, dummy_setkey, dummy_encrypt_block,
+       dummy_decrypt_block): the dummy cipher should only be built on
+       development versions.
+
+2002-04-06  Werner Koch  <wk@gnupg.org>
+
+       * rijndael.c (rijndael_get_info): We do only support a 128 bit
+       blocksize so it makes sense to change the algorithm strings to
+       AES.
+       * cipher.c (string_to_cipher_algo): Map "RIJNDAEL" to "AES".
+
+2002-02-14  Werner Koch  <wk@gnupg.org>
+
+       * random.c (mix_pool): Removed the failsafe stuff again.  It makes
+       the code more complicate and may give the path to more bugs.
+
+2002-02-10  Werner Koch  <wk@gnupg.org>
+
+       * random.c (mix_pool): Carry an extra failsafe_digest buffer
+       around to make the function more robust.
+
+2002-02-08  Werner Koch  <wk@gnupg.org>
+
+       * random.c (add_randomness): Xor new data into the pool and not
+       just copy it.  This avoids any choosen input attacks which are not
+       serious in our setting because an outsider won't be able to mix
+       data in and even then we keep going with a PRNG.  Thanks to Stefan
+       Keller for pointing this out.
+
+2002-01-02  Stefan Bellon  <sbellon@sbellon.de>
+
+       * rndriscos.c [__riscos__]: Updated include file name.
+
+2001-12-21  Werner Koch  <wk@gnupg.org>
+
+       * Makefile.am (DISCLEANFILES): Add construct.c
+
+2001-12-19  Werner Koch  <wk@gnupg.org>
+
+       * rndw32.c [CYGWIN32]: Include winioctl.h.  By Disastry.
+
+2001-11-08  Werner Koch  <wk@gnupg.org>
+
+       * primegen.c (gen_prime): Set 2 high order bits for secret primes.
+       * rsa.c (generate): Loop until we find the exact modulus size.
+       Changed the exponent to 41.
+
+2001-10-22  Werner Koch  <wk@gnupg.org>
+
+       * Makefile.am: Need to use $(EXEEXT) where approriate.
+
+2001-09-09  Werner Koch  <wk@gnupg.org>
+
+       * rsa.c (rsa_get_info): s/usage/r_usage/ to avoid shadow warnings.
+
+2001-08-24  Werner Koch  <wk@gnupg.org>
+
+       * md.c (md_write): Made buf arg const.
+
+2001-08-22  Werner Koch  <wk@gnupg.org>
+
+       * random.c (fast_random_poll): Don't use gethrtime if it is broken.
+
+2001-08-20  Werner Koch  <wk@gnupg.org>
+
+       Applied patches from Stefan Bellon <sbellon@sbellon.de> to support
+       RISC OS.  Nearly all of these patches are identified by the
+       __riscos__ macro.
+       * blowfish.c, twofish.c: Added pragmas for use with a Norcraft
+       compiler. 
+       * dynload.c, md5.c, rmd160.c, sha1.c: Minor patches for RISC OS.
+       * rndriscos.c: New.
+       * rnd-internal.h: Added prototype.
+       * random.c (fast_random_poll): Use '#if defined' instead of just
+       'defined'; needed for RISC OS.
+       * primegen.c (gen_prime): count? are now ints for consistence
+       with is_prime().
+
+2001-08-08  Werner Koch  <wk@gnupg.org>
+
+       * rndw32.c (gather_random): Use toolhelp in addition to the NT
+       gatherer for Windows2000.  Suggested by Sami Tolvanen.
+
+       * random.c (read_pool): Fixed length check, this used to be one
+       byte to strict.  Made an assert out of it because the caller has
+       already made sure that only poolsize bytes are requested.
+       Reported by Marcus Brinkmann.
+
+2001-07-18  Werner Koch  <wk@gnupg.org>
+
+       * rndlinux.c (gather_random): casted a size_t arg to int so that
+       the format string is correct.  Casting is okay here and avoids
+       translation changes. 
+
+2001-06-12  Werner Koch  <wk@gnupg.org>
+
+       * cipher.c (string_to_cipher_algo): Use ascii_strcasecmp().
+       * md.c (string_to_digest_algo): Ditto.
+       * pubkey.c (string_to_pubkey_algo): Ditto.
+       * rndw32.c (slow_gatherer_windowsNT): Ditto.  Not really needed
+       here but anyway.
+
+2001-04-29  Werner Koch  <wk@gnupg.org>
+
+       * random.c (fast_random_poll): Do not check the return code of
+       getrusage.
+
+2001-04-17  Werner Koch  <wk@gnupg.org>
+
+       * rndunix.c: Add a signal.h header to avoid warnings on Solaris 7
+       and 8.
+
+2001-04-16  Werner Koch  <wk@gnupg.org>
+
+       * dynload.c [__MINGW32__]: Applied patch from Timo Schulz to make
+       it work under W32.  This patches is based on the one from
+       Disastry@saiknes.lv
+
+2001-04-06  Werner Koch  <wk@gnupg.org>
+
+       * rijndael.c, des.c, blowfish.c, twofish.c, cast5.c (burn_stack):
+       New.  Add wrappers for most functions to be able to call
+       burn_stack after the function invocation. This methods seems to be
+       the most portable way to zeroise the stack used. It does only work
+       on stack frame based machines but it is highly portable and has no
+       side effects.  Just setting the automatic variables at the end of
+       a function to zero does not work well because the compiler will
+       optimize them away - marking them as volatile would be bad for
+       performance.
+       * md5.c, sha1.c, rmd160.c, tiger.c (burn_stack): Likewise.
+       * random.c (burn_stack): New.
+       (mix_pool): Use it here to burn the stack of the mixblock function.
+       
+2001-04-02  Werner Koch  <wk@gnupg.org>
+
+       * primegen.c (generate_elg_prime): I was not initialized for mode
+       != 1.  Freed q at 3 places.  Thanks to  Tommi Komulainen.
+
+2001-03-28  Werner Koch  <wk@gnupg.org>
+
+       * md5.c (md5_final): Fixed calculation of hashed length.  Thanks
+       to disastry@saiknes.lv for pointing out that it was horrible wrong
+       for more than 512MB of input.
+       * sha1.c (sha1_final): Ditto.
+       * rmd160.c (rmd160_final): Ditto.
+       * tiger.c (tiger_final): Ditto.
+
+2001-03-19  Werner Koch  <wk@gnupg.org>
+
+       * blowfish.c (encrypt,do_encrypt): Changed name to do_encrypt to
+       avoid name clahses with an encrypt function in stdlib.h of
+       Dynix/PIX.  Thanks to Gene Carter.
+       * elgamal.c (encrypt,do_encrypt): Ditto.
+
+2001-03-12  Werner Koch  <wk@gnupg.org>
+
+       * twofish.c (gnupgext_enum_func): Add some static when comnpiled
+       as a module.
+
+       * tiger.c (tiger_get_info): Return "TIGER192" and not just
+       "TIGER".  By Edwin Woudt.
+
+2001-03-08  Werner Koch  <wk@gnupg.org>
+
+       * random.c: Always include time.h - standard requirement.  Thanks
+       to James Troup.
+
+2001-01-18  Werner Koch  <wk@gnupg.org>
+
+       * rndw32.c: Fixed typo and wrong ifdef for VER_PLATFORM* macro
+
+2001-01-12  Werner Koch  <wk@gnupg.org>
+
+       * cipher.c (cipher_encrypt,cipher_encrypt): Use blocksize and
+       not 8 for CBC mode (However: we don't use CBS in OpenPGP).
+
+2000-11-22  Werner Koch  <wk@gnupg.org>
+
+       * rndegd.c (gather_random): Fixed default socket to be '=entropy'.
+       Thanks to Tomasz Kozlowski.
+
+2000-10-12  Werner Koch  <wk@gnupg.org>
+
+        * rijndael.c: New.
+        * cipher.c: Add Rijndael support.
+
+Wed Oct  4 15:50:18 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * sha1.c (transform): Use rol() macro.  Actually this is not needed
+        for a newer gcc but there are still aoter compilers.
+
+Thu Sep 14 14:20:38 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * random.c (fast_random_poll): Check ENOSYS for getrusage.
+        * rndunix.c:  Add 2 sources for QNX. By Sam Roberts.
+
+Wed Sep 13 18:12:34 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * rsa.c (secret): Speed up by using the CRT.  For a 2k keys this
+        is about 3 times faster.
+        (stronger_key_check): New but unused code to check the secret key.
+
+Wed Sep  6 17:55:47 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * rsa.c: Changed the comment about the patent.
+        * Makefile.am: Included rsa.[ch].
+        * pubkey.c: Enabled RSA support.
+        (pubkey_get_npkey): Removed RSA workaround.
+
+Fri Aug 25 16:05:38 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * rndlinux.c (open_device): Loose random device checking.
+        By Nils Ellmenreich.
+
+        * rndegd.c (gather_random): Name of socket is nom configurable.
+
+Wed Jun 28 11:54:44 CEST 2000  Werner Koch  <wk@>
+
+  * rsa.c, rsa.h: New based on the old module version (only in CVS for now).
+  * pubkey.c (setup_pubkey_table): Added commented support for RSA.
+
+Fri Jun  9 10:09:52 CEST 2000  Werner Koch  <wk@openit.de>
+
+  * rndunix.c (waitpid): New. For UTS 2.1.  All by Dave Dykstra.
+  (my_popen): Do the FD_CLOEXEC only if it is available
+  (start_gatherer): Cope with missing _SC_OPEN_MAX
+
+Sun May 28 13:55:17 CEST 2000  Werner Koch  <wk@openit.de>
+
+  * random.c (read_seed_file): Binary open for DOSish system
+  (update_random_seed_file): Ditto.
+
+  * rndw32.c: Add some debuging code enabled by an environment variable.
+
+Tue May 23 09:19:00 CEST 2000  Werner Koch  <wk@openit.de>
+
+       * rndw32.c: Started with alternative code to replace entropy.dll
+
+Thu May 18 11:38:54 CEST 2000  Werner Koch  <wk@openit.de>
+
+       * primegen.c (register_primegen_progress): New.
+       * dsa.c (register_pk_dsa_progress): New.
+       * elgamal.c (register_pk_elg_progress): New.
+
+Fri Apr 14 19:37:08 CEST 2000  Werner Koch  <wk@openit.de>
+
+       * twofish.c (twofish_get_info): Fixed warning about cast.
+
+Tue Mar 28 14:26:58 CEST 2000  Werner Koch  <wk@openit.de>
+
+       * random.c [MINGW32]: Include process.h for getpid.
+
+Thu Mar  2 15:37:46 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * random.c (fast_random_poll): Add clock_gettime() as fallback for
+       system which support this POSIX.4 fucntion. By Sam Roberts.
+
+       * rndunix.c: Add some more headers for QNX. By Sam Roberts.
+
+       * random.c (read_seed_file): Removed the S_ISLNK test becuase it
+       is already covered by !S_ISREG and is not defined in Unixware.
+       Reported by Dave Dykstra.
+
+       * sha1.c (sha1_get_info): Removed those stupid double lines. Dave
+       is really a good lint.
+
+Wed Feb 23 10:07:57 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * twofish.c (twofish_get_info): Add some const to the casts.  By Martin
+       Kahlert.
+
+Mon Feb 14 14:30:20 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       (update_random_seed_file): Silently ignore update request when pool
+       is not filled.
+
+Fri Feb 11 17:44:40 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * random.c (read_seed_file): New.
+       (set_random_seed_file): New.
+       (read_pool): Try to read the seeding file.
+       (update_random_seed_file): New.
+
+       (read_pool): Do an initial extra seeding when level 2 quality random
+       is requested the first time.  This requestes at least POOLSIZE/2 bytes
+       of entropy.  Compined with the seeding file this should make normal
+       random bytes cheaper and increase the quality of the random bytes
+       used for key generation.
+
+       * rndegd.c (gather_random): Shortcut level 0.
+       * rndunix.c (gather_random): Ditto.
+       * rndw32.c (gather_random): Ditto.
+
+Fri Jan 14 18:32:01 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * rmd160.c (rmd160_get_info): Moved casting to the left side due to a
+       problem with UTS4.3.  Suggested by Dave Dykstra.
+       * sha1.c (sha1_get_info): Ditto.
+       * tiger.c (tiger_get_info): Ditto.
+       * md5.c (md5_get_info): Ditto
+       * des.c (des_get_info): Ditto.
+       * blowfish.c (blowfish_get_info): Ditto.
+       * cast5.c (cast5_get_info): Ditto.
+       * twofish.c (twofish_get_info): Ditto.
+
+Thu Jan 13 19:31:58 CET 2000  Werner Koch  <wk@gnupg.de>
+
+       * elgamal.c (wiener_map): New.
+       (gen_k): Use a much smaller k.
+       (generate): Calculate the qbits using the wiener map and
+       choose an x at a size comparable to the one choosen in gen_k
+
+       * random.c (read_pool): Print a more friendly error message in
+       cases when too much random is requested in one call.
+
+       * Makefile.am (tiger): Replaced -O1 by -O. Suggested by Alec Habig.
+
+Sat Dec  4 12:30:28 CET 1999  Werner Koch  <wk@gnupg.de>
+
+       * primegen.c (generate_elg_prime): All primes are now generated with
+       the lowest random quality level.  Becuase they are public anyway we
+       don't need stronger random and by this we do not drain the systems
+       entropy so much.
+
+Thu Oct 28 16:08:20 CEST 1999  Werner Koch  <wk@gnupg.de>
+
+       * random.c (fast_random_poll): Check whether RUSAGE_SELF is defined;
+       this is not the case for some ESIX and Unixware, although they have
+       getrusage().
+
+       * elgamal.c (sign): Hugh found strange code here. Replaced by BUG().
+
+Mon Oct 11 09:24:12 CEST 1999  Werner Koch  <wk@gnupg.de>
+
+       * rndw32.c (gather_random): Handle PCP_SEEDER_TOO_SMALL.
+
+Sat Oct  9 20:34:41 CEST 1999  Werner Koch  <wk@gnupg.de>
+
+       * Makefile.am:  Tweaked module build and removed libtool
+
+Fri Oct  8 20:32:01 CEST 1999  Werner Koch  <wk@gnupg.de>
+
+       * rndw32.c (load_and_init_winseed): Use the Registry to locate the DLL
+
+Mon Oct  4 21:23:04 CEST 1999  Werner Koch  <wk@gnupg.de>
+
+       * md.c (md_reset): Clear finalized; thanks to Ulf Moeller for
+       fixing this bug.
+
+Sat Sep 18 12:51:51 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+       * Makefile.am: Never compile mingw32 as module
+
+Wed Sep 15 14:39:59 CEST 1999  Michael Roth <mroth@nessie.de>
+
+       * des.c: Various speed improvements: One bit pre rotation
+         trick after initial permutation (Richard Outerbridge).
+         Finished test of SSLeay Tripple-DES patterns.
+
+Wed Sep 15 16:22:17 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndw32.c: New.
+
+Mon Sep 13 10:51:29 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * bithelp.h: New.
+       * rmd160.h, sha1.h, md5.h: Use the rol macro from bithelp.h
+
+Tue Sep  7 16:23:36 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * Makefile.am: Fixed seds for latest egcc. By Ollivier Robert.
+
+Mon Sep  6 19:59:08 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * des.c (selftest): Add some testpattern
+
+Mon Aug 30 20:38:33 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * cipher.c (do_cbc_encrypt): Fixed serious bug occuring when not using
+       in place encryption. Pointed out by Frank Stajano.
+
+Mon Jul 26 09:34:46 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * md5.c (md5_final): Fix for a SCO cpp bug.
+
+Thu Jul 15 10:15:35 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * elgamal.c (elg_check_secret_key,elg_encrypt
+       elg_decrypt,elg_sign,elg_verify): Sanity check on the args.
+       * dsa.c (dsa_check_secret_key,dsa_sign,dsa_verify): Ditto.
+
+       * pubkey.c (disable_pubkey_algo): New.
+       (check_pubkey_algo2): Look at disabled algo table.
+       * cipher.c (disable_cipher_algo): New.
+       (check_cipher_algo): Look at disabled algo table.
+
+Wed Jul  7 13:08:40 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * Makefile.am: Support for libtool.
+
+Fri Jul  2 11:45:54 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * dsa.c (gen_k): Changed algorithm to consume less random bytes
+       * elgamal.c (gen_k): Ditto.
+
+       * random.c (random_dump_stats): New.
+
+Thu Jul  1 12:47:31 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * primegen.c, elgamal.c, dsa.c (progess): New and replaced all
+       fputc with a call to this function.
+
+Sat Jun 26 12:15:59 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndegd.c (do_write): s/ssize_t/int/ due to SunOS 4.1 probs.
+
+       * cipher.c (do_cbc_encrypt, do_cbc_decrypt): New.
+
+       * dynload.c (HAVE_DL_SHL_LOAD): Map hpux API to dlopen (Dave Dykstra).
+       * Makefile.am (install-exec-hook): Removed.
+
+Sun May 23 14:20:22 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * cipher.c (setup_cipher_table): Enable Twofish
+
+       * random.c (fast_random_poll): Disable use of times() for mingw32.
+
+Mon May 17 21:54:43 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * dynload.c (register_internal_cipher_extension): Minor init fix.
+
+Tue May  4 15:47:53 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
+       that we didn't correct for step when passing the prime to the
+       Rabin-Miller test which led to bad performance (Stefan Keller).
+       (check_prime): Add a first Fermat test.
+
+Sun Apr 18 10:11:28 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * cipher.c (cipher_setiv): Add ivlen arg, changed all callers.
+
+       * random.c (randomize_buffer): alway use secure memory because
+       we can't use m_is_secure() on a statically allocated buffer.
+
+       * twofish.c: Replaced some macros by a loop to reduce text size.
+       * Makefile.am (twofish): No more need for sed editing.
+
+Fri Apr  9 12:26:25 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * cipher.c (cipher_open): Reversed the changes for AUTO_CFB.
+
+       * blowfish.c: Dropped the Blowfish 160 mode.
+       * cipher.c (cipher_open): Ditto.
+       (setup_cipher_table): Ditto.  And removed support of twofish128
+
+Wed Apr  7 20:51:39 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * random.c (get_random_bits): Can now handle requests > POOLSIZE
+
+       * cipher.c (cipher_open): Now uses standard CFB for automode if
+       the blocksize is gt 8 (according to rfc2440).
+
+       * twofish.c: Applied Matthew Skala's patches for 256 bit key.
+
+Tue Apr  6 19:58:12 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * random.c (get_random_bits): Can now handle requests > POOLSIZE
+
+       * cipher.c (cipher_open): Now uses standard CFB for automode if
+       the blocksize is gt 8 (according to rfc2440).
+
+Sat Mar 20 11:44:21 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndlinux.c (tty_printf) [IS_MODULE]: Removed.
+
+       * rndegd.c (gather_random): Some fixes.
+
+Wed Mar 17 13:09:03 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndegd.c (do_read): New.
+       (gather_random): Changed the implementation.
+
+Mon Mar  8 20:47:17 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * dynload.c (DLSYM_NEEDS_UNDERSCORE): Renamed.
+
+Fri Feb 26 17:55:41 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * md.c: Nearly a total rewrote.
+
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * cipher.c (context): Fixed alignment
+       * md.c: Ditto.
+
+       * rndegd.c: New
+
+Mon Feb 22 20:04:00 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndegd.c: New.
+
+Wed Feb 10 17:15:39 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * Makefile.am: Modules are now figured out by configure
+       * construct.c: New. Generated by configure. Changed all modules
+       to work with that.
+       * sha1.h: Removed.
+       * md5.h: Removed.
+
+       * twofish.c: Changed interface to allow Twofish/256
+
+       * rndunix.c (start_gatherer): Die on SIGPIPE.
+
+Wed Jan 20 18:59:49 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndunix.c (gather_random): Fix to avoid infinite loop.
+
+Sun Jan 17 11:04:33 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * des.c (is_weak_key): Replace system memcmp due to bugs
+       in SunOS's memcmp.
+       (des_get_info): Return error on failed selftest.
+       * twofish.c (twofish_setkey): Return error on failed selftest or
+       invalid keylength.
+       * cast5.c (cast_setkey): Ditto.
+       * blowfish.c (bf_setkey): Return error on failed selftest.
+
+Tue Jan 12 11:17:18 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * random.c (random_is_faked): New.
+
+       * tiger.c: Only compile if we have the u64 type
+
+Sat Jan  9 16:02:23 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndunix.c (gather_random): check for setuid.
+
+       * Makefile.am: Add a way to staically link random modules
+
+Thu Jan  7 18:00:58 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * md.c (md_stop_debug): Do a flush first.
+       (md_open): size of buffer now depends on the secure parameter
+
+Sun Jan  3 15:28:44 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * rndunix.c (start_gatherer): Fixed stupid ==/= bug
+
+1998-12-31  Geoff Keating  <geoffk@ozemail.com.au>
+
+       * des.c (is_weak_key): Rewrite loop end condition.
+
+Tue Dec 29 14:41:47 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * random.c: add unistd.h for getpid().
+       (RAND_MAX): Fallback value for Sun.
+
+Wed Dec 23 17:12:24 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * md.c (md_copy): Reset debug.
+
+Mon Dec 14 21:18:49 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * random.c (read_random_source): Changed the interface to the
+       random gathering function.
+       (gather_faked): Use new interface.
+       * dynload.c (dynload_getfnc_fast_random_poll): Ditto.
+       (dynload_getfnc_gather_random): Ditto.
+       * rndlinux.c (gather_random): Ditto.
+       * rndunix.c (gather_random): Ditto.
+
+Sat Dec 12 18:40:32 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * dynload.c (SYMBOL_VERSION): New to cope with system which needs
+       underscores.
+
+       * rndunix.c: Rewrote large parts
+
+Thu Dec 10 20:15:36 CET 1998  Werner Koch  <wk@isil.d.shuttle.de>
+
+       * dynload.c (load_extension): increased needed verbosity level.
+
+       * random.c (fast_random_poll): Fallback to a default fast random
+       poll function.
+       (read_random_source): Always use the faked entroy gatherer if no
+       gather module is available.
+       * rndlinux.c (fast_poll): Removed.
+       * rndunix.c (fast_poll): Removed.
+
+
+Wed Nov 25 12:33:41 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rand-*.c: Removed.
+       * rndlinux.c : New.
+       * rndunix.c : New.
+       * random.c : Restructured the interface to the gather modules.
+       (intialize): Call constructor functions
+       (read_radnom_source): Moved to here.
+       * dynload.c (dynload_getfnc_gather_random): New.
+       (dynload_getfnc_fast_random_poll): New.
+       (register_internal_cipher_extension): New.
+       (register_cipher_extension): Support of internal modules.
+
+Sun Nov  8 17:44:36 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rand-unix.c (read_random_source): Removed the assert.
+
+Mon Oct 19 18:34:30 1998  me,,,  (wk@tobold)
+
+       * pubkey.c: Hack to allow us to give some info about RSA keys back.
+
+Thu Oct 15 11:47:57 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * dynload.c: Support for DLD
+
+Wed Oct 14 12:13:07 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rand-unix.c: Now uses names from configure for /dev/random.
+
+1998-10-10  SL Baur  <steve@altair.xemacs.org>
+
+       * Makefile.am: fix sed -O substitutions to catch -O6, etc.
+
+Tue Oct  6 10:06:32 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-)
+       * rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto.
+
+Mon Sep 28 13:23:09 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c (md_digest): New.
+       (md_reset): New.
+
+Wed Sep 23 12:27:02 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * tiger.c (TIGER_CONTEXT): moved "buf", so that it is 64 bit aligned.
+
+Mon Sep 21 06:22:53 1998  Werner Koch  (wk@(none))
+
+       * des.c: Some patches from Michael.
+
+Thu Sep 17 19:00:06 1998  Werner Koch  (wk@(none))
+
+       * des.c : New file from Michael Roth <mroth@nessie.de>
+
+Mon Sep 14 11:10:55 1998  Werner Koch  (wk@(none))
+
+       * blowfish.c (bf_setkey): Niklas Hernaeus patch to detect weak keys.
+
+Mon Sep 14 09:19:25 1998  Werner Koch  (wk@(none))
+
+       * dynload.c (RTLD_NOW): Now defined to 1 if it is undefined.
+
+Mon Sep  7 17:04:33 1998  Werner Koch  (wk@(none))
+
+       * Makefile.am: Fixes to allow a different build directory
+
+Thu Aug  6 17:25:38 1998  Werner Koch,mobil,,, (wk@tobold)
+
+       * random.c (get_random_byte): Removed and changed all callers
+       to use get_random_bits()
+
+Mon Jul 27 10:30:22 1998  Werner Koch  (wk@(none))
+
+       * cipher.c : Support for other blocksizes
+       (cipher_get_blocksize): New.
+       * twofish.c: New.
+       * Makefile.am: Add twofish module.
+
+Mon Jul 13 21:30:52 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * random.c (read_pool): Simple alloc if secure_alloc is not set.
+       (get_random_bits): Ditto.
+
+Thu Jul  9 13:01:14 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * dynload.c (load_extension): Function now nbails out if
+       the program is run setuid.
+
+Wed Jul  8 18:58:23 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rmd160.c (rmd160_hash_buffer): New.
+
+Thu Jul  2 10:50:30 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cipher.c (cipher_open): algos >=100 use standard CFB
+
+Thu Jun 25 11:18:25 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * Makefile.am: Support for extensions
+
+Thu Jun 18 12:09:38 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * random.c (mix_pool): simpler handling for level 0
+
+Mon Jun 15 14:40:48 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * tiger.c: Removed from dist, will reappear as dynload module
+
+Sat Jun 13 14:16:57 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * pubkey.c: Major changes to allow extensions. Changed the inteface
+       of all public key ciphers and added the ability to load extensions
+       on demand.
+
+       * misc.c: Removed.
+
+Wed Jun 10 07:52:08 1998  Werner Koch,mobil,,, (wk@tobold)
+
+       * dynload.c: New.
+       * cipher.c: Major changes to allow extensions.
+
+Mon Jun  8 22:43:00 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cipher.c: Major internal chnages to support extensions.
+       * blowfish.c (blowfish_get_info): New and made all internal
+       functions static, changed heder.
+       * cast5.c (cast5_get_info): Likewise.
+
+Mon Jun  8 12:27:52 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * tiger.c (transform): Fix for big endian
+
+       * cipher.c (do_cfb_decrypt): Big endian fix.
+
+Fri May 22 07:30:39 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c (md_get_oid): Add a new one for TIGER.
+
+Thu May 21 13:24:52 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cipher.c: Add support for a dummy cipher
+
+Thu May 14 15:40:36 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rmd160.c (transform): fixed sigbus - I should better
+       add Christian von Roques's new implemenation of rmd160_write.
+
+Fri May  8 18:07:44 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New
+       * random.c: Moved system specific functions to rand-****.c
+
+Fri May  8 14:01:17 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * random.c (fast_random_poll): add call to gethrtime.
+
+Tue May  5 21:28:55 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * elgamal.c (elg_generate): choosing x was not correct, could
+       yield 6 bytes which are not from the random pool, tsss, tsss..
+
+Tue May  5 14:09:06 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * primegen.c (generate_elg_prime): Add arg mode, changed all
+       callers and implemented mode 1.
+
+Mon Apr 27 14:41:58 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cipher.c (cipher_get_keylen): New.
+
+Sun Apr 26 14:44:52 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * tiger.c, tiger.h: New.
+
+Wed Apr  8 14:57:11 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * misc.c (check_pubkey_algo2): New.
+
+Tue Apr  7 18:46:49 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cipher.c: New
+       * misc.c (check_cipher_algo): Moved to cipher.c
+       * cast5.c: Moved many functions to cipher.c
+       * blowfish.c: Likewise.
+
+Sat Apr  4 19:52:08 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * cast5.c: Implemented and tested.
+
+Wed Apr  1 16:38:27 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * elgamal.c (elg_generate): Faster generation of x in some cases.
+
+Thu Mar 19 13:54:48 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * blowfish.c (blowfish_decode_cfb): changed XOR operation
+       (blowfish_encode_cfb): Ditto.
+
+Thu Mar 12 14:04:05 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * sha1.c (transform): Rewrote
+
+       * blowfish.c (encrypt): Unrolled for rounds == 16
+       (decrypt): Ditto.
+
+Tue Mar 10 16:32:08 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rmd160.c (transform): Unrolled the loop.
+
+Tue Mar 10 13:05:14 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * random.c (read_pool): Add pool_balance stuff.
+       (get_random_bits): New.
+
+       * elgamal.c (elg_generate): Now uses get_random_bits to generate x.
+
+
+Tue Mar 10 11:33:51 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c (md_digest_length): New.
+
+Tue Mar 10 11:27:41 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * dsa.c (dsa_verify): Works.
+
+Mon Mar  9 12:59:08 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * dsa.c, dsa.h: Removed some unused code.
+
+Wed Mar  4 10:39:22 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c (md_open): Add call to fast_random_poll.
+       blowfish.c (blowfish_setkey): Ditto.
+
+Tue Mar  3 13:32:54 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * rmd160.c (rmd160_mixblock): New.
+       * random.c: Restructured to start with a new RNG implementation.
+       * random.h: New.
+
+Mon Mar  2 19:21:46 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * gost.c, gost.h: Removed because they did only conatin trash.
+
+Sun Mar  1 16:42:29 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * random.c (fill_buffer): removed error message if n == -1.
+
+Fri Feb 27 16:39:34 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c (md_enable): No init if called twice.
+
+Thu Feb 26 07:57:02 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * primegen.c (generate_elg_prime): Changed the progress printing.
+       (gen_prime): Ditto.
+
+Tue Feb 24 12:28:42 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md5.c, md.5 : Replaced by a modified version of md5.c from
+       GNU textutils 1.22.
+
+Wed Feb 18 14:08:30 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * md.c, md.h : New debugging support
+
+Mon Feb 16 10:08:47 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+       * misc.c (cipher_algo_to_string): New
+       (pubkey_algo_to_string): New.
+       (digest_algo_to_string): New.
+
+
+
+ Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
new file mode 100644 (file)
index 0000000..83e8187
--- /dev/null
@@ -0,0 +1,114 @@
+# Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+#
+# This file is part of GnuPG.
+#
+# GnuPG is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 
+# GnuPG is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+
+## Process this file with automake to produce Makefile.in
+
+
+INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+
+noinst_LIBRARIES = libcipher.a
+
+# The configure script greps the module names from the EXTRA_PROGRAMS line
+EXTRA_PROGRAMS = rndlinux rndunix rndegd rndw32 sha1 rmd160 md5 tiger
+
+EXTRA_rndlinux_SOURCES = rndlinux.c
+EXTRA_rndunix_SOURCES = rndunix.c
+EXTRA_rndegd_SOURCES = rndegd.c
+EXTRA_rndw32_SOURCES = rndw32.c
+EXTRA_md5_SOURCES = md5.c
+EXTRA_rmd160_SOURCES = rmd160.c
+EXTRA_sha1_SOURCES = sha1.c
+EXTRA_tiger_SOURCES = tiger.c
+
+
+if ENABLE_GNUPG_EXTENSIONS
+pkglib_PROGRAMS  = @DYNAMIC_CIPHER_MODS@
+else
+pkglib_PROGRAMS  =
+endif
+
+
+DYNLINK_MOD_CFLAGS = -DIS_MODULE @DYNLINK_MOD_CFLAGS@
+
+#libcipher_a_LDFLAGS =
+libcipher_a_SOURCES = cipher.c \
+                pubkey.c       \
+                md.c           \
+                dynload.c      \
+                dynload.h      \
+                bithelp.h      \
+                des.c          \
+                des.h          \
+                twofish.c      \
+                blowfish.c     \
+                blowfish.h     \
+                cast5.c        \
+                cast5.h        \
+                rijndael.c     \
+                elgamal.c      \
+                elgamal.h      \
+                rsa.c rsa.h    \
+                primegen.c     \
+                random.h       \
+                random.c       \
+                rand-internal.h \
+                rmd.h          \
+                dsa.h          \
+                dsa.c          \
+                g10c.c         \
+                smallprime.c   \
+                construct.c
+
+# configure creates the constructor file
+BUILT_SOURCES = construct.c
+DISTCLEANFILES = construct.c
+
+libcipher_a_DEPENDENCIES = @STATIC_CIPHER_OBJS@
+libcipher_a_LIBADD =      @STATIC_CIPHER_OBJS@
+
+
+# If I remember it correct, automake 1.4 has a feature to set
+# fooFLAGS depending on the program.  So we should check it out.
+
+tiger$(EXEEXT): $(srcdir)/tiger.c
+       `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o tiger $(srcdir)/tiger.c | \
+           sed -e 's/-O[2-9s]*/-O/g' `
+
+tiger.o: $(srcdir)/tiger.c
+       `echo $(COMPILE) -c $(srcdir)/tiger.c | sed -e 's/-O[2-9s]*/-O1/g' `
+
+#twofish: $(srcdir)/twofish.c
+#       `echo $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c | \
+#           sed -e 's/-O[0-9s]*/  /g' `
+
+twofish: $(srcdir)/twofish.c
+       $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o twofish $(srcdir)/twofish.c
+
+#twofish.o: $(srcdir)/twofish.c
+#       `echo $(COMPILE) -c $(srcdir)/twofish.c | sed -e 's/-O[0-9s]*/  /g' `
+
+
+rndunix$(EXEEXT): $(srcdir)/rndunix.c
+       $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndunix $(srcdir)/rndunix.c
+
+rndlinux$(EXEEXT): $(srcdir)/rndlinux.c
+       $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndlinux $(srcdir)/rndlinux.c
+
+rndegd$(EXEEXT): $(srcdir)/rndegd.c
+       $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndegd $(srcdir)/rndegd.c
+
diff --git a/cipher/bithelp.h b/cipher/bithelp.h
new file mode 100644 (file)
index 0000000..188db16
--- /dev/null
@@ -0,0 +1,41 @@
+/* bithelp.h  -  Some bit manipulation helpers
+ *     Copyright (C) 1999 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_BITHELP_H
+#define G10_BITHELP_H
+
+
+/****************
+ * Rotate a 32 bit integer by n bytes
+ */
+#if defined(__GNUC__) && defined(__i386__)
+static inline u32
+rol( u32 x, int n)
+{
+       __asm__("roll %%cl,%0"
+               :"=r" (x)
+               :"0" (x),"c" (n));
+       return x;
+}
+#else
+  #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
+#endif
+
+
+#endif /*G10_BITHELP_H*/
diff --git a/cipher/blowfish.c b/cipher/blowfish.c
new file mode 100644 (file)
index 0000000..d8ad1d0
--- /dev/null
@@ -0,0 +1,633 @@
+/* blowfish.c  -  Blowfish encryption
+ *     Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ *
+ * For a description of the algorithm, see:
+ *   Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996.
+ *   ISBN 0-471-11709-9. Pages 336 ff.
+ */
+
+/* Test values:
+ * key   "abcdefghijklmnopqrstuvwxyz";
+ * plain  "BLOWFISH"
+ * cipher 32 4E D0 FE F4 13 A2 03
+ *
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "types.h"
+#include "errors.h"
+#include "blowfish.h"
+#include "dynload.h"
+
+
+
+#define CIPHER_ALGO_BLOWFISH    4  /* blowfish 128 bit key */
+
+#define BLOWFISH_BLOCKSIZE 8
+#define BLOWFISH_ROUNDS 16
+
+typedef struct {
+    u32 s0[256];
+    u32 s1[256];
+    u32 s2[256];
+    u32 s3[256];
+    u32 p[BLOWFISH_ROUNDS+2];
+} BLOWFISH_context;
+
+static int  bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen );
+static void encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
+static void decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf );
+
+
+/* precomputed S boxes */
+static const u32 ks0[256] = {
+    0xD1310BA6,0x98DFB5AC,0x2FFD72DB,0xD01ADFB7,0xB8E1AFED,0x6A267E96,
+    0xBA7C9045,0xF12C7F99,0x24A19947,0xB3916CF7,0x0801F2E2,0x858EFC16,
+    0x636920D8,0x71574E69,0xA458FEA3,0xF4933D7E,0x0D95748F,0x728EB658,
+    0x718BCD58,0x82154AEE,0x7B54A41D,0xC25A59B5,0x9C30D539,0x2AF26013,
+    0xC5D1B023,0x286085F0,0xCA417918,0xB8DB38EF,0x8E79DCB0,0x603A180E,
+    0x6C9E0E8B,0xB01E8A3E,0xD71577C1,0xBD314B27,0x78AF2FDA,0x55605C60,
+    0xE65525F3,0xAA55AB94,0x57489862,0x63E81440,0x55CA396A,0x2AAB10B6,
+    0xB4CC5C34,0x1141E8CE,0xA15486AF,0x7C72E993,0xB3EE1411,0x636FBC2A,
+    0x2BA9C55D,0x741831F6,0xCE5C3E16,0x9B87931E,0xAFD6BA33,0x6C24CF5C,
+    0x7A325381,0x28958677,0x3B8F4898,0x6B4BB9AF,0xC4BFE81B,0x66282193,
+    0x61D809CC,0xFB21A991,0x487CAC60,0x5DEC8032,0xEF845D5D,0xE98575B1,
+    0xDC262302,0xEB651B88,0x23893E81,0xD396ACC5,0x0F6D6FF3,0x83F44239,
+    0x2E0B4482,0xA4842004,0x69C8F04A,0x9E1F9B5E,0x21C66842,0xF6E96C9A,
+    0x670C9C61,0xABD388F0,0x6A51A0D2,0xD8542F68,0x960FA728,0xAB5133A3,
+    0x6EEF0B6C,0x137A3BE4,0xBA3BF050,0x7EFB2A98,0xA1F1651D,0x39AF0176,
+    0x66CA593E,0x82430E88,0x8CEE8619,0x456F9FB4,0x7D84A5C3,0x3B8B5EBE,
+    0xE06F75D8,0x85C12073,0x401A449F,0x56C16AA6,0x4ED3AA62,0x363F7706,
+    0x1BFEDF72,0x429B023D,0x37D0D724,0xD00A1248,0xDB0FEAD3,0x49F1C09B,
+    0x075372C9,0x80991B7B,0x25D479D8,0xF6E8DEF7,0xE3FE501A,0xB6794C3B,
+    0x976CE0BD,0x04C006BA,0xC1A94FB6,0x409F60C4,0x5E5C9EC2,0x196A2463,
+    0x68FB6FAF,0x3E6C53B5,0x1339B2EB,0x3B52EC6F,0x6DFC511F,0x9B30952C,
+    0xCC814544,0xAF5EBD09,0xBEE3D004,0xDE334AFD,0x660F2807,0x192E4BB3,
+    0xC0CBA857,0x45C8740F,0xD20B5F39,0xB9D3FBDB,0x5579C0BD,0x1A60320A,
+    0xD6A100C6,0x402C7279,0x679F25FE,0xFB1FA3CC,0x8EA5E9F8,0xDB3222F8,
+    0x3C7516DF,0xFD616B15,0x2F501EC8,0xAD0552AB,0x323DB5FA,0xFD238760,
+    0x53317B48,0x3E00DF82,0x9E5C57BB,0xCA6F8CA0,0x1A87562E,0xDF1769DB,
+    0xD542A8F6,0x287EFFC3,0xAC6732C6,0x8C4F5573,0x695B27B0,0xBBCA58C8,
+    0xE1FFA35D,0xB8F011A0,0x10FA3D98,0xFD2183B8,0x4AFCB56C,0x2DD1D35B,
+    0x9A53E479,0xB6F84565,0xD28E49BC,0x4BFB9790,0xE1DDF2DA,0xA4CB7E33,
+    0x62FB1341,0xCEE4C6E8,0xEF20CADA,0x36774C01,0xD07E9EFE,0x2BF11FB4,
+    0x95DBDA4D,0xAE909198,0xEAAD8E71,0x6B93D5A0,0xD08ED1D0,0xAFC725E0,
+    0x8E3C5B2F,0x8E7594B7,0x8FF6E2FB,0xF2122B64,0x8888B812,0x900DF01C,
+    0x4FAD5EA0,0x688FC31C,0xD1CFF191,0xB3A8C1AD,0x2F2F2218,0xBE0E1777,
+    0xEA752DFE,0x8B021FA1,0xE5A0CC0F,0xB56F74E8,0x18ACF3D6,0xCE89E299,
+    0xB4A84FE0,0xFD13E0B7,0x7CC43B81,0xD2ADA8D9,0x165FA266,0x80957705,
+    0x93CC7314,0x211A1477,0xE6AD2065,0x77B5FA86,0xC75442F5,0xFB9D35CF,
+    0xEBCDAF0C,0x7B3E89A0,0xD6411BD3,0xAE1E7E49,0x00250E2D,0x2071B35E,
+    0x226800BB,0x57B8E0AF,0x2464369B,0xF009B91E,0x5563911D,0x59DFA6AA,
+    0x78C14389,0xD95A537F,0x207D5BA2,0x02E5B9C5,0x83260376,0x6295CFA9,
+    0x11C81968,0x4E734A41,0xB3472DCA,0x7B14A94A,0x1B510052,0x9A532915,
+    0xD60F573F,0xBC9BC6E4,0x2B60A476,0x81E67400,0x08BA6FB5,0x571BE91F,
+    0xF296EC6B,0x2A0DD915,0xB6636521,0xE7B9F9B6,0xFF34052E,0xC5855664,
+    0x53B02D5D,0xA99F8FA1,0x08BA4799,0x6E85076A };
+
+static const u32 ks1[256] = {
+    0x4B7A70E9,0xB5B32944,0xDB75092E,0xC4192623,0xAD6EA6B0,0x49A7DF7D,
+    0x9CEE60B8,0x8FEDB266,0xECAA8C71,0x699A17FF,0x5664526C,0xC2B19EE1,
+    0x193602A5,0x75094C29,0xA0591340,0xE4183A3E,0x3F54989A,0x5B429D65,
+    0x6B8FE4D6,0x99F73FD6,0xA1D29C07,0xEFE830F5,0x4D2D38E6,0xF0255DC1,
+    0x4CDD2086,0x8470EB26,0x6382E9C6,0x021ECC5E,0x09686B3F,0x3EBAEFC9,
+    0x3C971814,0x6B6A70A1,0x687F3584,0x52A0E286,0xB79C5305,0xAA500737,
+    0x3E07841C,0x7FDEAE5C,0x8E7D44EC,0x5716F2B8,0xB03ADA37,0xF0500C0D,
+    0xF01C1F04,0x0200B3FF,0xAE0CF51A,0x3CB574B2,0x25837A58,0xDC0921BD,
+    0xD19113F9,0x7CA92FF6,0x94324773,0x22F54701,0x3AE5E581,0x37C2DADC,
+    0xC8B57634,0x9AF3DDA7,0xA9446146,0x0FD0030E,0xECC8C73E,0xA4751E41,
+    0xE238CD99,0x3BEA0E2F,0x3280BBA1,0x183EB331,0x4E548B38,0x4F6DB908,
+    0x6F420D03,0xF60A04BF,0x2CB81290,0x24977C79,0x5679B072,0xBCAF89AF,
+    0xDE9A771F,0xD9930810,0xB38BAE12,0xDCCF3F2E,0x5512721F,0x2E6B7124,
+    0x501ADDE6,0x9F84CD87,0x7A584718,0x7408DA17,0xBC9F9ABC,0xE94B7D8C,
+    0xEC7AEC3A,0xDB851DFA,0x63094366,0xC464C3D2,0xEF1C1847,0x3215D908,
+    0xDD433B37,0x24C2BA16,0x12A14D43,0x2A65C451,0x50940002,0x133AE4DD,
+    0x71DFF89E,0x10314E55,0x81AC77D6,0x5F11199B,0x043556F1,0xD7A3C76B,
+    0x3C11183B,0x5924A509,0xF28FE6ED,0x97F1FBFA,0x9EBABF2C,0x1E153C6E,
+    0x86E34570,0xEAE96FB1,0x860E5E0A,0x5A3E2AB3,0x771FE71C,0x4E3D06FA,
+    0x2965DCB9,0x99E71D0F,0x803E89D6,0x5266C825,0x2E4CC978,0x9C10B36A,
+    0xC6150EBA,0x94E2EA78,0xA5FC3C53,0x1E0A2DF4,0xF2F74EA7,0x361D2B3D,
+    0x1939260F,0x19C27960,0x5223A708,0xF71312B6,0xEBADFE6E,0xEAC31F66,
+    0xE3BC4595,0xA67BC883,0xB17F37D1,0x018CFF28,0xC332DDEF,0xBE6C5AA5,
+    0x65582185,0x68AB9802,0xEECEA50F,0xDB2F953B,0x2AEF7DAD,0x5B6E2F84,
+    0x1521B628,0x29076170,0xECDD4775,0x619F1510,0x13CCA830,0xEB61BD96,
+    0x0334FE1E,0xAA0363CF,0xB5735C90,0x4C70A239,0xD59E9E0B,0xCBAADE14,
+    0xEECC86BC,0x60622CA7,0x9CAB5CAB,0xB2F3846E,0x648B1EAF,0x19BDF0CA,
+    0xA02369B9,0x655ABB50,0x40685A32,0x3C2AB4B3,0x319EE9D5,0xC021B8F7,
+    0x9B540B19,0x875FA099,0x95F7997E,0x623D7DA8,0xF837889A,0x97E32D77,
+    0x11ED935F,0x16681281,0x0E358829,0xC7E61FD6,0x96DEDFA1,0x7858BA99,
+    0x57F584A5,0x1B227263,0x9B83C3FF,0x1AC24696,0xCDB30AEB,0x532E3054,
+    0x8FD948E4,0x6DBC3128,0x58EBF2EF,0x34C6FFEA,0xFE28ED61,0xEE7C3C73,
+    0x5D4A14D9,0xE864B7E3,0x42105D14,0x203E13E0,0x45EEE2B6,0xA3AAABEA,
+    0xDB6C4F15,0xFACB4FD0,0xC742F442,0xEF6ABBB5,0x654F3B1D,0x41CD2105,
+    0xD81E799E,0x86854DC7,0xE44B476A,0x3D816250,0xCF62A1F2,0x5B8D2646,
+    0xFC8883A0,0xC1C7B6A3,0x7F1524C3,0x69CB7492,0x47848A0B,0x5692B285,
+    0x095BBF00,0xAD19489D,0x1462B174,0x23820E00,0x58428D2A,0x0C55F5EA,
+    0x1DADF43E,0x233F7061,0x3372F092,0x8D937E41,0xD65FECF1,0x6C223BDB,
+    0x7CDE3759,0xCBEE7460,0x4085F2A7,0xCE77326E,0xA6078084,0x19F8509E,
+    0xE8EFD855,0x61D99735,0xA969A7AA,0xC50C06C2,0x5A04ABFC,0x800BCADC,
+    0x9E447A2E,0xC3453484,0xFDD56705,0x0E1E9EC9,0xDB73DBD3,0x105588CD,
+    0x675FDA79,0xE3674340,0xC5C43465,0x713E38D8,0x3D28F89E,0xF16DFF20,
+    0x153E21E7,0x8FB03D4A,0xE6E39F2B,0xDB83ADF7 };
+
+static const u32 ks2[256] = {
+    0xE93D5A68,0x948140F7,0xF64C261C,0x94692934,0x411520F7,0x7602D4F7,
+    0xBCF46B2E,0xD4A20068,0xD4082471,0x3320F46A,0x43B7D4B7,0x500061AF,
+    0x1E39F62E,0x97244546,0x14214F74,0xBF8B8840,0x4D95FC1D,0x96B591AF,
+    0x70F4DDD3,0x66A02F45,0xBFBC09EC,0x03BD9785,0x7FAC6DD0,0x31CB8504,
+    0x96EB27B3,0x55FD3941,0xDA2547E6,0xABCA0A9A,0x28507825,0x530429F4,
+    0x0A2C86DA,0xE9B66DFB,0x68DC1462,0xD7486900,0x680EC0A4,0x27A18DEE,
+    0x4F3FFEA2,0xE887AD8C,0xB58CE006,0x7AF4D6B6,0xAACE1E7C,0xD3375FEC,
+    0xCE78A399,0x406B2A42,0x20FE9E35,0xD9F385B9,0xEE39D7AB,0x3B124E8B,
+    0x1DC9FAF7,0x4B6D1856,0x26A36631,0xEAE397B2,0x3A6EFA74,0xDD5B4332,
+    0x6841E7F7,0xCA7820FB,0xFB0AF54E,0xD8FEB397,0x454056AC,0xBA489527,
+    0x55533A3A,0x20838D87,0xFE6BA9B7,0xD096954B,0x55A867BC,0xA1159A58,
+    0xCCA92963,0x99E1DB33,0xA62A4A56,0x3F3125F9,0x5EF47E1C,0x9029317C,
+    0xFDF8E802,0x04272F70,0x80BB155C,0x05282CE3,0x95C11548,0xE4C66D22,
+    0x48C1133F,0xC70F86DC,0x07F9C9EE,0x41041F0F,0x404779A4,0x5D886E17,
+    0x325F51EB,0xD59BC0D1,0xF2BCC18F,0x41113564,0x257B7834,0x602A9C60,
+    0xDFF8E8A3,0x1F636C1B,0x0E12B4C2,0x02E1329E,0xAF664FD1,0xCAD18115,
+    0x6B2395E0,0x333E92E1,0x3B240B62,0xEEBEB922,0x85B2A20E,0xE6BA0D99,
+    0xDE720C8C,0x2DA2F728,0xD0127845,0x95B794FD,0x647D0862,0xE7CCF5F0,
+    0x5449A36F,0x877D48FA,0xC39DFD27,0xF33E8D1E,0x0A476341,0x992EFF74,
+    0x3A6F6EAB,0xF4F8FD37,0xA812DC60,0xA1EBDDF8,0x991BE14C,0xDB6E6B0D,
+    0xC67B5510,0x6D672C37,0x2765D43B,0xDCD0E804,0xF1290DC7,0xCC00FFA3,
+    0xB5390F92,0x690FED0B,0x667B9FFB,0xCEDB7D9C,0xA091CF0B,0xD9155EA3,
+    0xBB132F88,0x515BAD24,0x7B9479BF,0x763BD6EB,0x37392EB3,0xCC115979,
+    0x8026E297,0xF42E312D,0x6842ADA7,0xC66A2B3B,0x12754CCC,0x782EF11C,
+    0x6A124237,0xB79251E7,0x06A1BBE6,0x4BFB6350,0x1A6B1018,0x11CAEDFA,
+    0x3D25BDD8,0xE2E1C3C9,0x44421659,0x0A121386,0xD90CEC6E,0xD5ABEA2A,
+    0x64AF674E,0xDA86A85F,0xBEBFE988,0x64E4C3FE,0x9DBC8057,0xF0F7C086,
+    0x60787BF8,0x6003604D,0xD1FD8346,0xF6381FB0,0x7745AE04,0xD736FCCC,
+    0x83426B33,0xF01EAB71,0xB0804187,0x3C005E5F,0x77A057BE,0xBDE8AE24,
+    0x55464299,0xBF582E61,0x4E58F48F,0xF2DDFDA2,0xF474EF38,0x8789BDC2,
+    0x5366F9C3,0xC8B38E74,0xB475F255,0x46FCD9B9,0x7AEB2661,0x8B1DDF84,
+    0x846A0E79,0x915F95E2,0x466E598E,0x20B45770,0x8CD55591,0xC902DE4C,
+    0xB90BACE1,0xBB8205D0,0x11A86248,0x7574A99E,0xB77F19B6,0xE0A9DC09,
+    0x662D09A1,0xC4324633,0xE85A1F02,0x09F0BE8C,0x4A99A025,0x1D6EFE10,
+    0x1AB93D1D,0x0BA5A4DF,0xA186F20F,0x2868F169,0xDCB7DA83,0x573906FE,
+    0xA1E2CE9B,0x4FCD7F52,0x50115E01,0xA70683FA,0xA002B5C4,0x0DE6D027,
+    0x9AF88C27,0x773F8641,0xC3604C06,0x61A806B5,0xF0177A28,0xC0F586E0,
+    0x006058AA,0x30DC7D62,0x11E69ED7,0x2338EA63,0x53C2DD94,0xC2C21634,
+    0xBBCBEE56,0x90BCB6DE,0xEBFC7DA1,0xCE591D76,0x6F05E409,0x4B7C0188,
+    0x39720A3D,0x7C927C24,0x86E3725F,0x724D9DB9,0x1AC15BB4,0xD39EB8FC,
+    0xED545578,0x08FCA5B5,0xD83D7CD3,0x4DAD0FC4,0x1E50EF5E,0xB161E6F8,
+    0xA28514D9,0x6C51133C,0x6FD5C7E7,0x56E14EC4,0x362ABFCE,0xDDC6C837,
+    0xD79A3234,0x92638212,0x670EFA8E,0x406000E0 };
+
+static const u32 ks3[256] = {
+    0x3A39CE37,0xD3FAF5CF,0xABC27737,0x5AC52D1B,0x5CB0679E,0x4FA33742,
+    0xD3822740,0x99BC9BBE,0xD5118E9D,0xBF0F7315,0xD62D1C7E,0xC700C47B,
+    0xB78C1B6B,0x21A19045,0xB26EB1BE,0x6A366EB4,0x5748AB2F,0xBC946E79,
+    0xC6A376D2,0x6549C2C8,0x530FF8EE,0x468DDE7D,0xD5730A1D,0x4CD04DC6,
+    0x2939BBDB,0xA9BA4650,0xAC9526E8,0xBE5EE304,0xA1FAD5F0,0x6A2D519A,
+    0x63EF8CE2,0x9A86EE22,0xC089C2B8,0x43242EF6,0xA51E03AA,0x9CF2D0A4,
+    0x83C061BA,0x9BE96A4D,0x8FE51550,0xBA645BD6,0x2826A2F9,0xA73A3AE1,
+    0x4BA99586,0xEF5562E9,0xC72FEFD3,0xF752F7DA,0x3F046F69,0x77FA0A59,
+    0x80E4A915,0x87B08601,0x9B09E6AD,0x3B3EE593,0xE990FD5A,0x9E34D797,
+    0x2CF0B7D9,0x022B8B51,0x96D5AC3A,0x017DA67D,0xD1CF3ED6,0x7C7D2D28,
+    0x1F9F25CF,0xADF2B89B,0x5AD6B472,0x5A88F54C,0xE029AC71,0xE019A5E6,
+    0x47B0ACFD,0xED93FA9B,0xE8D3C48D,0x283B57CC,0xF8D56629,0x79132E28,
+    0x785F0191,0xED756055,0xF7960E44,0xE3D35E8C,0x15056DD4,0x88F46DBA,
+    0x03A16125,0x0564F0BD,0xC3EB9E15,0x3C9057A2,0x97271AEC,0xA93A072A,
+    0x1B3F6D9B,0x1E6321F5,0xF59C66FB,0x26DCF319,0x7533D928,0xB155FDF5,
+    0x03563482,0x8ABA3CBB,0x28517711,0xC20AD9F8,0xABCC5167,0xCCAD925F,
+    0x4DE81751,0x3830DC8E,0x379D5862,0x9320F991,0xEA7A90C2,0xFB3E7BCE,
+    0x5121CE64,0x774FBE32,0xA8B6E37E,0xC3293D46,0x48DE5369,0x6413E680,
+    0xA2AE0810,0xDD6DB224,0x69852DFD,0x09072166,0xB39A460A,0x6445C0DD,
+    0x586CDECF,0x1C20C8AE,0x5BBEF7DD,0x1B588D40,0xCCD2017F,0x6BB4E3BB,
+    0xDDA26A7E,0x3A59FF45,0x3E350A44,0xBCB4CDD5,0x72EACEA8,0xFA6484BB,
+    0x8D6612AE,0xBF3C6F47,0xD29BE463,0x542F5D9E,0xAEC2771B,0xF64E6370,
+    0x740E0D8D,0xE75B1357,0xF8721671,0xAF537D5D,0x4040CB08,0x4EB4E2CC,
+    0x34D2466A,0x0115AF84,0xE1B00428,0x95983A1D,0x06B89FB4,0xCE6EA048,
+    0x6F3F3B82,0x3520AB82,0x011A1D4B,0x277227F8,0x611560B1,0xE7933FDC,
+    0xBB3A792B,0x344525BD,0xA08839E1,0x51CE794B,0x2F32C9B7,0xA01FBAC9,
+    0xE01CC87E,0xBCC7D1F6,0xCF0111C3,0xA1E8AAC7,0x1A908749,0xD44FBD9A,
+    0xD0DADECB,0xD50ADA38,0x0339C32A,0xC6913667,0x8DF9317C,0xE0B12B4F,
+    0xF79E59B7,0x43F5BB3A,0xF2D519FF,0x27D9459C,0xBF97222C,0x15E6FC2A,
+    0x0F91FC71,0x9B941525,0xFAE59361,0xCEB69CEB,0xC2A86459,0x12BAA8D1,
+    0xB6C1075E,0xE3056A0C,0x10D25065,0xCB03A442,0xE0EC6E0E,0x1698DB3B,
+    0x4C98A0BE,0x3278E964,0x9F1F9532,0xE0D392DF,0xD3A0342B,0x8971F21E,
+    0x1B0A7441,0x4BA3348C,0xC5BE7120,0xC37632D8,0xDF359F8D,0x9B992F2E,
+    0xE60B6F47,0x0FE3F11D,0xE54CDA54,0x1EDAD891,0xCE6279CF,0xCD3E7E6F,
+    0x1618B166,0xFD2C1D05,0x848FD2C5,0xF6FB2299,0xF523F357,0xA6327623,
+    0x93A83531,0x56CCCD02,0xACF08162,0x5A75EBB5,0x6E163697,0x88D273CC,
+    0xDE966292,0x81B949D0,0x4C50901B,0x71C65614,0xE6C6C7BD,0x327A140A,
+    0x45E1D006,0xC3F27B9A,0xC9AA53FD,0x62A80F00,0xBB25BFE2,0x35BDD2F6,
+    0x71126905,0xB2040222,0xB6CBCF7C,0xCD769C2B,0x53113EC0,0x1640E3D3,
+    0x38ABBD60,0x2547ADF0,0xBA38209C,0xF746CE76,0x77AFA1C5,0x20756060,
+    0x85CBFE4E,0x8AE88DD8,0x7AAAF9B0,0x4CF9AA7E,0x1948C25C,0x02FB8A8C,
+    0x01C36AE4,0xD6EBE1F9,0x90D4F869,0xA65CDEA0,0x3F09252D,0xC208E69F,
+    0xB74E6132,0xCE77E25B,0x578FDFE3,0x3AC372E6 };
+
+static const u32 ps[BLOWFISH_ROUNDS+2] = {
+    0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,0xA4093822,0x299F31D0,
+    0x082EFA98,0xEC4E6C89,0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
+    0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917,0x9216D5D9,0x8979FB1B };
+
+
+
+#if BLOWFISH_ROUNDS != 16
+static inline u32
+function_F( BLOWFISH_context *bc, u32 x )
+{
+    u16 a, b, c, d;
+
+  #ifdef BIG_ENDIAN_HOST
+    a = ((byte*)&x)[0];
+    b = ((byte*)&x)[1];
+    c = ((byte*)&x)[2];
+    d = ((byte*)&x)[3];
+  #else
+    a = ((byte*)&x)[3];
+    b = ((byte*)&x)[2];
+    c = ((byte*)&x)[1];
+    d = ((byte*)&x)[0];
+  #endif
+
+    return ((bc->s0[a] + bc->s1[b]) ^ bc->s2[c] ) + bc->s3[d];
+}
+#endif
+
+#ifdef BIG_ENDIAN_HOST
+  #define F(x) ((( s0[((byte*)&x)[0]] + s1[((byte*)&x)[1]])     \
+                  ^ s2[((byte*)&x)[2]]) + s3[((byte*)&x)[3]] )
+#else
+  #define F(x) ((( s0[((byte*)&x)[3]] + s1[((byte*)&x)[2]])     \
+                  ^ s2[((byte*)&x)[1]]) + s3[((byte*)&x)[0]] )
+#endif
+#define R(l,r,i)  do { l ^= p[i]; r ^= F(l); } while(0)
+
+static void
+burn_stack (int bytes)
+{
+    char buf[64];
+    
+    memset (buf, 0, sizeof buf);
+    bytes -= sizeof buf;
+    if (bytes > 0)
+        burn_stack (bytes);
+}
+
+
+static void
+do_encrypt(  BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
+{
+  #if BLOWFISH_ROUNDS == 16
+    u32 xl, xr, *s0, *s1, *s2, *s3, *p;
+
+    xl = *ret_xl;
+    xr = *ret_xr;
+    p = bc->p;
+    s0 = bc->s0;
+    s1 = bc->s1;
+    s2 = bc->s2;
+    s3 = bc->s3;
+
+    R( xl, xr, 0);
+    R( xr, xl, 1);
+    R( xl, xr, 2);
+    R( xr, xl, 3);
+    R( xl, xr, 4);
+    R( xr, xl, 5);
+    R( xl, xr, 6);
+    R( xr, xl, 7);
+    R( xl, xr, 8);
+    R( xr, xl, 9);
+    R( xl, xr, 10);
+    R( xr, xl, 11);
+    R( xl, xr, 12);
+    R( xr, xl, 13);
+    R( xl, xr, 14);
+    R( xr, xl, 15);
+
+    xl ^= p[BLOWFISH_ROUNDS];
+    xr ^= p[BLOWFISH_ROUNDS+1];
+
+    *ret_xl = xr;
+    *ret_xr = xl;
+
+  #else
+    u32 xl, xr, temp, *p;
+    int i;
+
+    xl = *ret_xl;
+    xr = *ret_xr;
+    p = bc->p;
+
+    for(i=0; i < BLOWFISH_ROUNDS; i++ ) {
+       xl ^= p[i];
+       xr ^= function_F(bc, xl);
+       temp = xl;
+       xl = xr;
+       xr = temp;
+    }
+    temp = xl;
+    xl = xr;
+    xr = temp;
+
+    xr ^= p[BLOWFISH_ROUNDS];
+    xl ^= p[BLOWFISH_ROUNDS+1];
+
+    *ret_xl = xl;
+    *ret_xr = xr;
+  #endif
+}
+
+
+static void
+decrypt(  BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
+{
+  #if BLOWFISH_ROUNDS == 16
+    u32 xl, xr, *s0, *s1, *s2, *s3, *p;
+
+    xl = *ret_xl;
+    xr = *ret_xr;
+    p = bc->p;
+    s0 = bc->s0;
+    s1 = bc->s1;
+    s2 = bc->s2;
+    s3 = bc->s3;
+
+    R( xl, xr, 17);
+    R( xr, xl, 16);
+    R( xl, xr, 15);
+    R( xr, xl, 14);
+    R( xl, xr, 13);
+    R( xr, xl, 12);
+    R( xl, xr, 11);
+    R( xr, xl, 10);
+    R( xl, xr, 9);
+    R( xr, xl, 8);
+    R( xl, xr, 7);
+    R( xr, xl, 6);
+    R( xl, xr, 5);
+    R( xr, xl, 4);
+    R( xl, xr, 3);
+    R( xr, xl, 2);
+
+    xl ^= p[1];
+    xr ^= p[0];
+
+    *ret_xl = xr;
+    *ret_xr = xl;
+
+  #else
+    u32 xl, xr, temp, *p;
+    int i;
+
+    xl = *ret_xl;
+    xr = *ret_xr;
+    p = bc->p;
+
+    for(i=BLOWFISH_ROUNDS+1; i > 1; i-- ) {
+       xl ^= p[i];
+       xr ^= function_F(bc, xl);
+       temp = xl;
+       xl = xr;
+       xr = temp;
+    }
+
+    temp = xl;
+    xl = xr;
+    xr = temp;
+
+    xr ^= p[1];
+    xl ^= p[0];
+
+    *ret_xl = xl;
+    *ret_xr = xr;
+  #endif
+}
+
+#undef F
+#undef R
+
+static void
+do_encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
+{
+    u32 d1, d2;
+
+    d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    do_encrypt( bc, &d1, &d2 );
+    outbuf[0] = (d1 >> 24) & 0xff;
+    outbuf[1] = (d1 >> 16) & 0xff;
+    outbuf[2] = (d1 >> 8) & 0xff;
+    outbuf[3] =  d1       & 0xff;
+    outbuf[4] = (d2 >> 24) & 0xff;
+    outbuf[5] = (d2 >> 16) & 0xff;
+    outbuf[6] = (d2 >> 8) & 0xff;
+    outbuf[7] =  d2       & 0xff;
+}
+
+static void
+encrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
+{
+    do_encrypt_block (bc, outbuf, inbuf);
+    burn_stack (64);
+}
+
+static void
+do_decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
+{
+    u32 d1, d2;
+
+    d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+    decrypt( bc, &d1, &d2 );
+    outbuf[0] = (d1 >> 24) & 0xff;
+    outbuf[1] = (d1 >> 16) & 0xff;
+    outbuf[2] = (d1 >> 8) & 0xff;
+    outbuf[3] =  d1       & 0xff;
+    outbuf[4] = (d2 >> 24) & 0xff;
+    outbuf[5] = (d2 >> 16) & 0xff;
+    outbuf[6] = (d2 >> 8) & 0xff;
+    outbuf[7] =  d2       & 0xff;
+}
+
+static void
+decrypt_block( BLOWFISH_context *bc, byte *outbuf, byte *inbuf )
+{
+    do_decrypt_block (bc, outbuf, inbuf);
+    burn_stack (64);
+}
+
+
+static const char*
+selftest(void)
+{
+    BLOWFISH_context c;
+    byte plain[] = "BLOWFISH";
+    byte buffer[8];
+    byte plain3[] = { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
+    byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 };
+    byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 };
+
+    bf_setkey( &c, "abcdefghijklmnopqrstuvwxyz", 26 );
+    encrypt_block( &c, buffer, plain );
+    if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) )
+       return "Blowfish selftest failed (1).";
+    decrypt_block( &c, buffer, buffer );
+    if( memcmp( buffer, plain, 8 ) )
+       return "Blowfish selftest failed (2).";
+
+    bf_setkey( &c, key3, 8 );
+    encrypt_block( &c, buffer, plain3 );
+    if( memcmp( buffer, cipher3, 8 ) )
+       return "Blowfish selftest failed (3).";
+    decrypt_block( &c, buffer, buffer );
+    if( memcmp( buffer, plain3, 8 ) )
+       return "Blowfish selftest failed (4).";
+    return NULL;
+}
+
+#ifdef __riscos__
+/* need to switch off CSE optimisation for Norcroft C (Acorn/Pace) */
+#pragma no_optimise_cse
+#endif /* __riscos__ */
+
+static int
+do_bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
+{
+    int i, j;
+    u32 data, datal, datar;
+    static int initialized;
+    static const char *selftest_failed;
+
+    if( !initialized ) {
+       initialized = 1;
+       selftest_failed = selftest();
+       if( selftest_failed )
+           fprintf(stderr,"%s\n", selftest_failed );
+    }
+    if( selftest_failed )
+       return G10ERR_SELFTEST_FAILED;
+
+    for(i=0; i < BLOWFISH_ROUNDS+2; i++ )
+       c->p[i] = ps[i];
+    for(i=0; i < 256; i++ ) {
+       c->s0[i] = ks0[i];
+       c->s1[i] = ks1[i];
+       c->s2[i] = ks2[i];
+       c->s3[i] = ks3[i];
+    }
+
+    for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) {
+      #ifdef BIG_ENDIAN_HOST
+       ((byte*)&data)[0] = key[j];
+       ((byte*)&data)[1] = key[(j+1)%keylen];
+       ((byte*)&data)[2] = key[(j+2)%keylen];
+       ((byte*)&data)[3] = key[(j+3)%keylen];
+      #else
+       ((byte*)&data)[3] = key[j];
+       ((byte*)&data)[2] = key[(j+1)%keylen];
+       ((byte*)&data)[1] = key[(j+2)%keylen];
+       ((byte*)&data)[0] = key[(j+3)%keylen];
+      #endif
+       c->p[i] ^= data;
+       j = (j+4) % keylen;
+    }
+
+    datal = datar = 0;
+    for(i=0; i < BLOWFISH_ROUNDS+2; i += 2 ) {
+       do_encrypt( c, &datal, &datar );
+       c->p[i]   = datal;
+       c->p[i+1] = datar;
+    }
+    for(i=0; i < 256; i += 2 ) {
+       do_encrypt( c, &datal, &datar );
+       c->s0[i]   = datal;
+       c->s0[i+1] = datar;
+    }
+    for(i=0; i < 256; i += 2 ) {
+       do_encrypt( c, &datal, &datar );
+       c->s1[i]   = datal;
+       c->s1[i+1] = datar;
+    }
+    for(i=0; i < 256; i += 2 ) {
+       do_encrypt( c, &datal, &datar );
+       c->s2[i]   = datal;
+       c->s2[i+1] = datar;
+    }
+    for(i=0; i < 256; i += 2 ) {
+       do_encrypt( c, &datal, &datar );
+       c->s3[i]   = datal;
+       c->s3[i+1] = datar;
+    }
+
+
+    /* Check for weak key.  A weak key is a key in which a value in */
+    /* the P-array (here c) occurs more than once per table.       */
+    for(i=0; i < 255; i++ ) {
+       for( j=i+1; j < 256; j++) {
+           if( (c->s0[i] == c->s0[j]) || (c->s1[i] == c->s1[j]) ||
+               (c->s2[i] == c->s2[j]) || (c->s3[i] == c->s3[j]) )
+               return G10ERR_WEAK_KEY;
+       }
+    }
+
+    return 0;
+}
+
+#ifdef __riscos__
+#pragma optimise_cse
+#endif /* __riscos__ */
+
+static int
+bf_setkey( BLOWFISH_context *c, byte *key, unsigned keylen )
+{
+    int rc = do_bf_setkey (c, key, keylen);
+    burn_stack (64);
+    return rc;
+}
+
+/****************
+ * Return some information about the algorithm.  We need algo here to
+ * distinguish different flavors of the algorithm.
+ * Returns: A pointer to string describing the algorithm or NULL if
+ *         the ALGO is invalid.
+ */
+const char *
+blowfish_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**r_setkey)( void *c, byte *key, unsigned keylen ),
+                  void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
+                )
+{
+    *keylen = 128;
+    *blocksize = BLOWFISH_BLOCKSIZE;
+    *contextsize = sizeof(BLOWFISH_context);
+    *(int  (**)(BLOWFISH_context*, byte*, unsigned))r_setkey
+                                                       = bf_setkey;
+    *(void (**)(BLOWFISH_context*, byte*, byte*))r_encrypt
+                                                       = encrypt_block;
+    *(void (**)(BLOWFISH_context*, byte*, byte*))r_decrypt
+                                                       = decrypt_block;
+
+    if( algo == CIPHER_ALGO_BLOWFISH )
+       return "BLOWFISH";
+    return NULL;
+}
+
diff --git a/cipher/blowfish.h b/cipher/blowfish.h
new file mode 100644 (file)
index 0000000..bed034c
--- /dev/null
@@ -0,0 +1,54 @@
+/* blowfish.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_BLOWFISH_H
+#define G10_BLOWFISH_H
+
+#include "types.h"
+
+
+const char *
+blowfish_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                  void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                );
+
+/* this is just a kludge for the time we have not yet chnaged the cipher
+ * stuff to the scheme we use for random and digests */
+const char *
+twofish_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                  void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                );
+
+/* this is just a kludge for the time we have not yet chnaged the cipher
+ * stuff to the scheme we use for random and digests */
+const char *
+rijndael_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                  void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                );
+
+#endif /*G10_BLOWFISH_H*/
diff --git a/cipher/cast5.c b/cipher/cast5.c
new file mode 100644 (file)
index 0000000..c99b47e
--- /dev/null
@@ -0,0 +1,654 @@
+/* cast5.c  -  CAST5 cipher (RFC2144)
+ *     Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Test vectors:
+ *
+ * 128-bit key        = 01 23 45 67 12 34 56 78 23 45 67 89 34 56 78 9A
+ *        plaintext   = 01 23 45 67 89 AB CD EF
+ *        ciphertext  = 23 8B 4F E5 84 7E 44 B2
+ *
+ * 80-bit  key        = 01 23 45 67 12 34 56 78 23 45
+ *                    = 01 23 45 67 12 34 56 78 23 45 00 00 00 00 00 00
+ *        plaintext   = 01 23 45 67 89 AB CD EF
+ *        ciphertext  = EB 6A 71 1A 2C 02 27 1B
+ *
+ * 40-bit  key        = 01 23 45 67 12
+ *                    = 01 23 45 67 12 00 00 00 00 00 00 00 00 00 00 00
+ *        plaintext   = 01 23 45 67 89 AB CD EF
+ *        ciphertext  = 7A C8 16 D1 6E 9B 30 2E
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "types.h"
+#include "errors.h"
+#include "cast5.h"
+
+
+#define CIPHER_ALGO_CAST5       3
+
+#define CAST5_BLOCKSIZE 8
+
+typedef struct {
+    u32  Km[16];
+    byte Kr[16];
+} CAST5_context;
+
+static int  cast_setkey( CAST5_context *c, byte *key, unsigned keylen );
+static void encrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
+static void decrypt_block( CAST5_context *bc, byte *outbuf, byte *inbuf );
+
+
+
+
+static const u32 s1[256] = {
+0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
+0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
+0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
+0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
+0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
+0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
+0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
+0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
+0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
+0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
+0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
+0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
+0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
+0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
+0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
+0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
+0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
+0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
+0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
+0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
+0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
+0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
+0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
+0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
+0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
+0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
+0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
+0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
+0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
+0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
+0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
+0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf
+};
+static const u32 s2[256] = {
+0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
+0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
+0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
+0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
+0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
+0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
+0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
+0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
+0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
+0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
+0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
+0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
+0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
+0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
+0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
+0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
+0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
+0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
+0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
+0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
+0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
+0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
+0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
+0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
+0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
+0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
+0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
+0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
+0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
+0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
+0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
+0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1
+};
+static const u32 s3[256] = {
+0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
+0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
+0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
+0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
+0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
+0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
+0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
+0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
+0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
+0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
+0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
+0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
+0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
+0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
+0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
+0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
+0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
+0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
+0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
+0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
+0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
+0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
+0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
+0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
+0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
+0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
+0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
+0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
+0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
+0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
+0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
+0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783
+};
+static const u32 s4[256] = {
+0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
+0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
+0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
+0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
+0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
+0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
+0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
+0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
+0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
+0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
+0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
+0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
+0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
+0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
+0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
+0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
+0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
+0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
+0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
+0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
+0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
+0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
+0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
+0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
+0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
+0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
+0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
+0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
+0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
+0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
+0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
+0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2
+};
+static const u32 s5[256] = {
+0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
+0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
+0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
+0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
+0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
+0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
+0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
+0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
+0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
+0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
+0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
+0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
+0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
+0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
+0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
+0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
+0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
+0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
+0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
+0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
+0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
+0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
+0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
+0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
+0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
+0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
+0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
+0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
+0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
+0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
+0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
+0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4
+};
+static const u32 s6[256] = {
+0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
+0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
+0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
+0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
+0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
+0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
+0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
+0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
+0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
+0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
+0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
+0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
+0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
+0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
+0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
+0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
+0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
+0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
+0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
+0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
+0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
+0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
+0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
+0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
+0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
+0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
+0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
+0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
+0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
+0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
+0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
+0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f
+};
+static const u32 s7[256] = {
+0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
+0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
+0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
+0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
+0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
+0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
+0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
+0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
+0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
+0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
+0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
+0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
+0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
+0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
+0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
+0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
+0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
+0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
+0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
+0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
+0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
+0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
+0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
+0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
+0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
+0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
+0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
+0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
+0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
+0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
+0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
+0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3
+};
+static const u32 s8[256] = {
+0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
+0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
+0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
+0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
+0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
+0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
+0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
+0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
+0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
+0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
+0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
+0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
+0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
+0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
+0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
+0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
+0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
+0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
+0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
+0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
+0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
+0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
+0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
+0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
+0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
+0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
+0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
+0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
+0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
+0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
+0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
+0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e
+};
+
+
+#if defined(__GNUC__) && defined(__i386__)
+static inline u32
+rol(int n, u32 x)
+{
+       __asm__("roll %%cl,%0"
+               :"=r" (x)
+               :"0" (x),"c" (n));
+       return x;
+}
+#else
+  #define rol(n,x) ( ((x) << (n)) | ((x) >> (32-(n))) )
+#endif
+
+#define F1(D,m,r)  (  (I = ((m) + (D))), (I=rol((r),I)),   \
+    (((s1[I >> 24] ^ s2[(I>>16)&0xff]) - s3[(I>>8)&0xff]) + s4[I&0xff]) )
+#define F2(D,m,r)  (  (I = ((m) ^ (D))), (I=rol((r),I)),   \
+    (((s1[I >> 24] - s2[(I>>16)&0xff]) + s3[(I>>8)&0xff]) ^ s4[I&0xff]) )
+#define F3(D,m,r)  (  (I = ((m) - (D))), (I=rol((r),I)),   \
+    (((s1[I >> 24] + s2[(I>>16)&0xff]) ^ s3[(I>>8)&0xff]) - s4[I&0xff]) )
+
+static void
+burn_stack (int bytes)
+{
+    char buf[64];
+    
+    memset (buf, 0, sizeof buf);
+    bytes -= sizeof buf;
+    if (bytes > 0)
+        burn_stack (bytes);
+}
+
+
+static void
+do_encrypt_block( CAST5_context *c, byte *outbuf, byte *inbuf )
+{
+    u32 l, r, t;
+    u32 I;   /* used by the Fx macros */
+    u32 *Km;
+    byte *Kr;
+
+    Km = c->Km;
+    Kr = c->Kr;
+
+    /* (L0,R0) <-- (m1...m64). (Split the plaintext into left and
+     * right 32-bit halves L0 = m1...m32 and R0 = m33...m64.)
+     */
+    l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+
+    /* (16 rounds) for i from 1 to 16, compute Li and Ri as follows:
+     * Li = Ri-1;
+     * Ri = Li-1 ^ f(Ri-1,Kmi,Kri), where f is defined in Section 2.2
+     * Rounds 1, 4, 7, 10, 13, and 16 use f function Type 1.
+     * Rounds 2, 5, 8, 11, and 14 use f function Type 2.
+     * Rounds 3, 6, 9, 12, and 15 use f function Type 3.
+     */
+
+    t = l; l = r; r = t ^ F1(r, Km[ 0], Kr[ 0]);
+    t = l; l = r; r = t ^ F2(r, Km[ 1], Kr[ 1]);
+    t = l; l = r; r = t ^ F3(r, Km[ 2], Kr[ 2]);
+    t = l; l = r; r = t ^ F1(r, Km[ 3], Kr[ 3]);
+    t = l; l = r; r = t ^ F2(r, Km[ 4], Kr[ 4]);
+    t = l; l = r; r = t ^ F3(r, Km[ 5], Kr[ 5]);
+    t = l; l = r; r = t ^ F1(r, Km[ 6], Kr[ 6]);
+    t = l; l = r; r = t ^ F2(r, Km[ 7], Kr[ 7]);
+    t = l; l = r; r = t ^ F3(r, Km[ 8], Kr[ 8]);
+    t = l; l = r; r = t ^ F1(r, Km[ 9], Kr[ 9]);
+    t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]);
+    t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]);
+    t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]);
+    t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]);
+    t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]);
+    t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]);
+
+    /* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and
+     * concatenate to form the ciphertext.) */
+    outbuf[0] = (r >> 24) & 0xff;
+    outbuf[1] = (r >> 16) & 0xff;
+    outbuf[2] = (r >>  8) & 0xff;
+    outbuf[3] =  r       & 0xff;
+    outbuf[4] = (l >> 24) & 0xff;
+    outbuf[5] = (l >> 16) & 0xff;
+    outbuf[6] = (l >>  8) & 0xff;
+    outbuf[7] =  l       & 0xff;
+}
+
+static void
+encrypt_block( CAST5_context *c, byte *outbuf, byte *inbuf )
+{
+    do_encrypt_block (c, outbuf, inbuf);
+    burn_stack (20+4*sizeof(void*));
+}
+
+static void
+do_decrypt_block (CAST5_context *c, byte *outbuf, byte *inbuf )
+{
+    u32 l, r, t;
+    u32 I;
+    u32 *Km;
+    byte *Kr;
+
+    Km = c->Km;
+    Kr = c->Kr;
+
+    l = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
+    r = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
+
+    t = l; l = r; r = t ^ F1(r, Km[15], Kr[15]);
+    t = l; l = r; r = t ^ F3(r, Km[14], Kr[14]);
+    t = l; l = r; r = t ^ F2(r, Km[13], Kr[13]);
+    t = l; l = r; r = t ^ F1(r, Km[12], Kr[12]);
+    t = l; l = r; r = t ^ F3(r, Km[11], Kr[11]);
+    t = l; l = r; r = t ^ F2(r, Km[10], Kr[10]);
+    t = l; l = r; r = t ^ F1(r, Km[ 9], Kr[ 9]);
+    t = l; l = r; r = t ^ F3(r, Km[ 8], Kr[ 8]);
+    t = l; l = r; r = t ^ F2(r, Km[ 7], Kr[ 7]);
+    t = l; l = r; r = t ^ F1(r, Km[ 6], Kr[ 6]);
+    t = l; l = r; r = t ^ F3(r, Km[ 5], Kr[ 5]);
+    t = l; l = r; r = t ^ F2(r, Km[ 4], Kr[ 4]);
+    t = l; l = r; r = t ^ F1(r, Km[ 3], Kr[ 3]);
+    t = l; l = r; r = t ^ F3(r, Km[ 2], Kr[ 2]);
+    t = l; l = r; r = t ^ F2(r, Km[ 1], Kr[ 1]);
+    t = l; l = r; r = t ^ F1(r, Km[ 0], Kr[ 0]);
+
+    outbuf[0] = (r >> 24) & 0xff;
+    outbuf[1] = (r >> 16) & 0xff;
+    outbuf[2] = (r >>  8) & 0xff;
+    outbuf[3] =  r       & 0xff;
+    outbuf[4] = (l >> 24) & 0xff;
+    outbuf[5] = (l >> 16) & 0xff;
+    outbuf[6] = (l >>  8) & 0xff;
+    outbuf[7] =  l       & 0xff;
+}
+
+static void
+decrypt_block( CAST5_context *c, byte *outbuf, byte *inbuf )
+{
+    do_decrypt_block (c, outbuf, inbuf);
+    burn_stack (20+4*sizeof(void*));
+}
+
+
+static const char*
+selftest(void)
+{
+    CAST5_context c;
+    byte key[16]  = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+                     0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A  };
+    byte plain[8] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
+    byte cipher[8]= { 0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2 };
+    byte buffer[8];
+
+    cast_setkey( &c, key, 16 );
+    encrypt_block( &c, buffer, plain );
+    if( memcmp( buffer, cipher, 8 ) )
+       return "1";
+    decrypt_block( &c, buffer, buffer );
+    if( memcmp( buffer, plain, 8 ) )
+       return "2";
+
+  #if 0 /* full maintenance test */
+    {
+       int i;
+       byte a0[16] = { 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+                       0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A };
+       byte b0[16] = { 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+                       0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A };
+       byte a1[16] = { 0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6,
+                       0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92 };
+       byte b1[16] = { 0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71,
+                       0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E };
+
+       for(i=0; i < 1000000; i++ ) {
+           cast_setkey( &c, b0, 16 );
+           encrypt_block( &c, a0, a0 );
+           encrypt_block( &c, a0+8, a0+8 );
+           cast_setkey( &c, a0, 16 );
+           encrypt_block( &c, b0, b0 );
+           encrypt_block( &c, b0+8, b0+8 );
+       }
+       if( memcmp( a0, a1, 16 ) || memcmp( b0, b1, 16 ) )
+           return "3";
+
+    }
+  #endif
+    return NULL;
+}
+
+
+static void
+key_schedule( u32 *x, u32 *z, u32 *k )
+{
+
+  #define xi(i)   ((x[(i)/4] >> (8*(3-((i)%4)))) & 0xff)
+  #define zi(i)   ((z[(i)/4] >> (8*(3-((i)%4)))) & 0xff)
+
+    z[0] = x[0] ^ s5[xi(13)]^s6[xi(15)]^s7[xi(12)]^s8[xi(14)]^s7[xi( 8)];
+    z[1] = x[2] ^ s5[zi( 0)]^s6[zi( 2)]^s7[zi( 1)]^s8[zi( 3)]^s8[xi(10)];
+    z[2] = x[3] ^ s5[zi( 7)]^s6[zi( 6)]^s7[zi( 5)]^s8[zi( 4)]^s5[xi( 9)];
+    z[3] = x[1] ^ s5[zi(10)]^s6[zi( 9)]^s7[zi(11)]^s8[zi( 8)]^s6[xi(11)];
+    k[0] = s5[zi( 8)]^s6[zi( 9)]^s7[zi( 7)]^s8[zi( 6)]^s5[zi( 2)];
+    k[1] = s5[zi(10)]^s6[zi(11)]^s7[zi( 5)]^s8[zi( 4)]^s6[zi( 6)];
+    k[2] = s5[zi(12)]^s6[zi(13)]^s7[zi( 3)]^s8[zi( 2)]^s7[zi( 9)];
+    k[3] = s5[zi(14)]^s6[zi(15)]^s7[zi( 1)]^s8[zi( 0)]^s8[zi(12)];
+
+    x[0] = z[2] ^ s5[zi( 5)]^s6[zi( 7)]^s7[zi( 4)]^s8[zi( 6)]^s7[zi( 0)];
+    x[1] = z[0] ^ s5[xi( 0)]^s6[xi( 2)]^s7[xi( 1)]^s8[xi( 3)]^s8[zi( 2)];
+    x[2] = z[1] ^ s5[xi( 7)]^s6[xi( 6)]^s7[xi( 5)]^s8[xi( 4)]^s5[zi( 1)];
+    x[3] = z[3] ^ s5[xi(10)]^s6[xi( 9)]^s7[xi(11)]^s8[xi( 8)]^s6[zi( 3)];
+    k[4] = s5[xi( 3)]^s6[xi( 2)]^s7[xi(12)]^s8[xi(13)]^s5[xi( 8)];
+    k[5] = s5[xi( 1)]^s6[xi( 0)]^s7[xi(14)]^s8[xi(15)]^s6[xi(13)];
+    k[6] = s5[xi( 7)]^s6[xi( 6)]^s7[xi( 8)]^s8[xi( 9)]^s7[xi( 3)];
+    k[7] = s5[xi( 5)]^s6[xi( 4)]^s7[xi(10)]^s8[xi(11)]^s8[xi( 7)];
+
+    z[0] = x[0] ^ s5[xi(13)]^s6[xi(15)]^s7[xi(12)]^s8[xi(14)]^s7[xi( 8)];
+    z[1] = x[2] ^ s5[zi( 0)]^s6[zi( 2)]^s7[zi( 1)]^s8[zi( 3)]^s8[xi(10)];
+    z[2] = x[3] ^ s5[zi( 7)]^s6[zi( 6)]^s7[zi( 5)]^s8[zi( 4)]^s5[xi( 9)];
+    z[3] = x[1] ^ s5[zi(10)]^s6[zi( 9)]^s7[zi(11)]^s8[zi( 8)]^s6[xi(11)];
+    k[8] = s5[zi( 3)]^s6[zi( 2)]^s7[zi(12)]^s8[zi(13)]^s5[zi( 9)];
+    k[9] = s5[zi( 1)]^s6[zi( 0)]^s7[zi(14)]^s8[zi(15)]^s6[zi(12)];
+    k[10]= s5[zi( 7)]^s6[zi( 6)]^s7[zi( 8)]^s8[zi( 9)]^s7[zi( 2)];
+    k[11]= s5[zi( 5)]^s6[zi( 4)]^s7[zi(10)]^s8[zi(11)]^s8[zi( 6)];
+
+    x[0] = z[2] ^ s5[zi( 5)]^s6[zi( 7)]^s7[zi( 4)]^s8[zi( 6)]^s7[zi( 0)];
+    x[1] = z[0] ^ s5[xi( 0)]^s6[xi( 2)]^s7[xi( 1)]^s8[xi( 3)]^s8[zi( 2)];
+    x[2] = z[1] ^ s5[xi( 7)]^s6[xi( 6)]^s7[xi( 5)]^s8[xi( 4)]^s5[zi( 1)];
+    x[3] = z[3] ^ s5[xi(10)]^s6[xi( 9)]^s7[xi(11)]^s8[xi( 8)]^s6[zi( 3)];
+    k[12]= s5[xi( 8)]^s6[xi( 9)]^s7[xi( 7)]^s8[xi( 6)]^s5[xi( 3)];
+    k[13]= s5[xi(10)]^s6[xi(11)]^s7[xi( 5)]^s8[xi( 4)]^s6[xi( 7)];
+    k[14]= s5[xi(12)]^s6[xi(13)]^s7[xi( 3)]^s8[xi( 2)]^s7[xi( 8)];
+    k[15]= s5[xi(14)]^s6[xi(15)]^s7[xi( 1)]^s8[xi( 0)]^s8[xi(13)];
+
+  #undef xi
+  #undef zi
+}
+
+
+static int
+do_cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
+{
+  static int initialized;
+  static const char* selftest_failed;
+    int i;
+    u32 x[4];
+    u32 z[4];
+    u32 k[16];
+
+    if( !initialized ) {
+       initialized = 1;
+       selftest_failed = selftest();
+       if( selftest_failed )
+           fprintf(stderr,"CAST5 selftest failed (%s).\n", selftest_failed );
+    }
+    if( selftest_failed )
+       return G10ERR_SELFTEST_FAILED;
+
+    if( keylen != 16 )
+       return G10ERR_WRONG_KEYLEN;
+
+    x[0] = key[0]  << 24 | key[1]  << 16 | key[2]  << 8 | key[3];
+    x[1] = key[4]  << 24 | key[5]  << 16 | key[6]  << 8 | key[7];
+    x[2] = key[8]  << 24 | key[9]  << 16 | key[10] << 8 | key[11];
+    x[3] = key[12] << 24 | key[13] << 16 | key[14] << 8 | key[15];
+
+    key_schedule( x, z, k );
+    for(i=0; i < 16; i++ )
+       c->Km[i] = k[i];
+    key_schedule( x, z, k );
+    for(i=0; i < 16; i++ )
+       c->Kr[i] = k[i] & 0x1f;
+
+    memset(&x,0, sizeof x);
+    memset(&z,0, sizeof z);
+    memset(&k,0, sizeof k);
+
+  #undef xi
+  #undef zi
+    return 0;
+}
+
+static int
+cast_setkey( CAST5_context *c, byte *key, unsigned keylen )
+{
+    int rc = do_cast_setkey (c, key, keylen);
+    burn_stack (96+7*sizeof(void*));
+    return rc;
+}
+
+/****************
+ * Return some information about the algorithm.  We need algo here to
+ * distinguish different flavors of the algorithm.
+ * Returns: A pointer to string describing the algorithm or NULL if
+ *         the ALGO is invalid.
+ */
+const char *
+cast5_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**r_setkey)( void *c, byte *key, unsigned keylen ),
+                  void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
+                )
+{
+    *keylen = 128;
+    *blocksize = CAST5_BLOCKSIZE;
+    *contextsize = sizeof(CAST5_context);
+    *(int  (**)(CAST5_context*, byte*, unsigned))r_setkey
+                                                       = cast_setkey;
+    *(void (**)(CAST5_context*, byte*, byte*))r_encrypt
+                                                       = encrypt_block;
+    *(void (**)(CAST5_context*, byte*, byte*))r_decrypt
+                                                       = decrypt_block;
+
+
+    if( algo == CIPHER_ALGO_CAST5 )
+       return "CAST5";
+    return NULL;
+}
+
diff --git a/cipher/cast5.h b/cipher/cast5.h
new file mode 100644 (file)
index 0000000..798eaa2
--- /dev/null
@@ -0,0 +1,33 @@
+/* cast5.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_CAST5_H
+#define G10_CAST5_H
+
+#include "types.h"
+
+const char *
+cast5_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                  void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                );
+
+#endif /*G10_CAST5_H*/
diff --git a/cipher/cipher.c b/cipher/cipher.c
new file mode 100644 (file)
index 0000000..2744f04
--- /dev/null
@@ -0,0 +1,712 @@
+/* cipher.c  - cipher dispatcher
+ *     Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+#include "util.h"
+#include "errors.h"
+#include "cipher.h"
+#include "des.h"
+#include "blowfish.h"
+#include "cast5.h"
+#include "dynload.h"
+
+
+#define MAX_BLOCKSIZE 16
+#define TABLE_SIZE 14
+
+struct cipher_table_s {
+    const char *name;
+    int algo;
+    size_t blocksize;
+    size_t keylen;
+    size_t contextsize; /* allocate this amount of context */
+    int  (*setkey)( void *c, byte *key, unsigned keylen );
+    void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
+    void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
+};
+
+static struct cipher_table_s cipher_table[TABLE_SIZE];
+static int disabled_algos[TABLE_SIZE];
+
+
+struct cipher_handle_s {
+    int  algo;
+    int  mode;
+    size_t blocksize;
+    byte iv[MAX_BLOCKSIZE];    /* (this should be ulong aligned) */
+    byte lastiv[MAX_BLOCKSIZE];
+    int  unused;  /* in IV */
+    int  (*setkey)( void *c, byte *key, unsigned keylen );
+    void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
+    void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
+    PROPERLY_ALIGNED_TYPE context;
+};
+
+
+#ifdef IS_DEVELOPMENT_VERSION
+static int
+dummy_setkey( void *c, byte *key, unsigned keylen ) { return 0; }
+static void
+dummy_encrypt_block( void *c, byte *outbuf, byte *inbuf ) { BUG(); }
+static void
+dummy_decrypt_block( void *c, byte *outbuf, byte *inbuf ) { BUG(); }
+#endif
+
+
+/****************
+ * Put the static entries into the table.
+ */
+static void
+setup_cipher_table(void)
+{
+
+    int i;
+
+    i = 0;
+    cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL;
+    cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL192;
+    cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_RIJNDAEL256;
+    cipher_table[i].name = rijndael_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_TWOFISH;
+    cipher_table[i].name = twofish_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_BLOWFISH;
+    cipher_table[i].name = blowfish_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_CAST5;
+    cipher_table[i].name = cast5_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+    cipher_table[i].algo = CIPHER_ALGO_3DES;
+    cipher_table[i].name = des_get_info( cipher_table[i].algo,
+                                        &cipher_table[i].keylen,
+                                        &cipher_table[i].blocksize,
+                                        &cipher_table[i].contextsize,
+                                        &cipher_table[i].setkey,
+                                        &cipher_table[i].encrypt,
+                                        &cipher_table[i].decrypt     );
+    if( !cipher_table[i].name )
+       BUG();
+    i++;
+
+#ifdef IS_DEVELOPMENT_VERSION
+    cipher_table[i].algo = CIPHER_ALGO_DUMMY;
+    cipher_table[i].name = "DUMMY";
+    cipher_table[i].blocksize = 8;
+    cipher_table[i].keylen = 128;
+    cipher_table[i].contextsize = 0;
+    cipher_table[i].setkey = dummy_setkey;
+    cipher_table[i].encrypt = dummy_encrypt_block;
+    cipher_table[i].decrypt = dummy_decrypt_block;
+    i++;
+#endif
+
+    for( ; i < TABLE_SIZE; i++ )
+       cipher_table[i].name = NULL;
+}
+
+
+/****************
+ * Try to load all modules and return true if new modules are available
+ */
+static int
+load_cipher_modules(void)
+{
+    static int done = 0;
+    static int initialized = 0;
+    void *context = NULL;
+    struct cipher_table_s *ct;
+    int ct_idx;
+    int i;
+    const char *name;
+    int any = 0;
+
+    if( !initialized ) {
+       cipher_modules_constructor();
+       setup_cipher_table(); /* load static modules on the first call */
+       initialized = 1;
+       return 1;
+    }
+
+    if( done )
+       return 0;
+    done = 1;
+
+    for(ct_idx=0, ct = cipher_table; ct_idx < TABLE_SIZE; ct_idx++,ct++ ) {
+       if( !ct->name )
+           break;
+    }
+    if( ct_idx >= TABLE_SIZE-1 )
+       BUG(); /* table already full */
+    /* now load all extensions */
+    while( (name = enum_gnupgext_ciphers( &context, &ct->algo,
+                               &ct->keylen, &ct->blocksize, &ct->contextsize,
+                               &ct->setkey, &ct->encrypt, &ct->decrypt)) ) {
+       if( ct->blocksize != 8 && ct->blocksize != 16 ) {
+           log_info("skipping cipher %d: unsupported blocksize\n", ct->algo);
+           continue;
+       }
+       for(i=0; cipher_table[i].name; i++ )
+           if( cipher_table[i].algo == ct->algo )
+               break;
+       if( cipher_table[i].name ) {
+           log_info("skipping cipher %d: already loaded\n", ct->algo );
+           continue;
+       }
+       /* put it into the table */
+       if( g10_opt_verbose > 1 )
+           log_info("loaded cipher %d (%s)\n", ct->algo, name);
+       ct->name = name;
+       ct_idx++;
+       ct++;
+       any = 1;
+       /* check whether there are more available table slots */
+       if( ct_idx >= TABLE_SIZE-1 ) {
+           log_info("cipher table full; ignoring other extensions\n");
+           break;
+       }
+    }
+    enum_gnupgext_ciphers( &context, NULL, NULL, NULL, NULL,
+                                          NULL, NULL, NULL );
+    return any;
+}
+
+
+
+
+
+
+
+/****************
+ * Map a string to the cipher algo
+ */
+int
+string_to_cipher_algo( const char *string )
+{
+  int i;
+  const char *s;
+
+  /* kludge to alias RIJNDAEL to AES */
+  if ( *string == 'R' || *string == 'r')
+    {
+      if (!ascii_strcasecmp (string, "RIJNDAEL"))
+        string = "AES";
+      else if (!ascii_strcasecmp (string, "RIJNDAEL192"))
+        string = "AES192";
+      else if (!ascii_strcasecmp (string, "RIJNDAEL256"))
+        string = "AES256";
+    }
+
+  do
+    {
+      for(i=0; (s=cipher_table[i].name); i++ ) 
+        {
+          if( !ascii_strcasecmp( s, string ) )
+            return cipher_table[i].algo;
+        }
+    } while( load_cipher_modules() );
+  return 0;
+}
+
+/****************
+ * Map a cipher algo to a string
+ */
+const char *
+cipher_algo_to_string( int algo )
+{
+    int i;
+
+    do {
+       for(i=0; cipher_table[i].name; i++ )
+           if( cipher_table[i].algo == algo )
+               return cipher_table[i].name;
+    } while( load_cipher_modules() );
+    return NULL;
+}
+
+
+void
+disable_cipher_algo( int algo )
+{
+    int i;
+
+    for(i=0; i < DIM(disabled_algos); i++ ) {
+       if( !disabled_algos[i] || disabled_algos[i] == algo ) {
+           disabled_algos[i] = algo;
+           return;
+       }
+    }
+    /* fixme: we should use a linked list */
+    log_fatal("can't disable cipher algo %d: table full\n", algo );
+}
+
+/****************
+ * Return 0 if the cipher algo is available
+ */
+int
+check_cipher_algo( int algo )
+{
+    int i;
+
+    do {
+       for(i=0; cipher_table[i].name; i++ )
+          if( cipher_table[i].algo == algo ) {
+               for(i=0; i < DIM(disabled_algos); i++ ) {
+                  if( disabled_algos[i] == algo )
+                      return G10ERR_CIPHER_ALGO;
+               }
+               return 0; /* okay */
+          }
+    } while( load_cipher_modules() );
+    return G10ERR_CIPHER_ALGO;
+}
+
+
+unsigned
+cipher_get_keylen( int algo )
+{
+    int i;
+    unsigned len = 0;
+
+    do {
+       for(i=0; cipher_table[i].name; i++ ) {
+           if( cipher_table[i].algo == algo ) {
+               len = cipher_table[i].keylen;
+               if( !len )
+                   log_bug("cipher %d w/o key length\n", algo );
+               return len;
+           }
+       }
+    } while( load_cipher_modules() );
+    log_bug("cipher %d not found\n", algo );
+    return 0;
+}
+
+unsigned
+cipher_get_blocksize( int algo )
+{
+    int i;
+    unsigned len = 0;
+
+    do {
+       for(i=0; cipher_table[i].name; i++ ) {
+           if( cipher_table[i].algo == algo ) {
+               len = cipher_table[i].blocksize;
+               if( !len )
+                   log_bug("cipher %d w/o blocksize\n", algo );
+               return len;
+           }
+       }
+    } while( load_cipher_modules() );
+    log_bug("cipher %d not found\n", algo );
+    return 0;
+}
+
+
+/****************
+ * Open a cipher handle for use with algorithm ALGO, in mode MODE
+ * and put it into secure memory if SECURE is true.
+ */
+CIPHER_HANDLE
+cipher_open( int algo, int mode, int secure )
+{
+    CIPHER_HANDLE hd;
+    int i;
+
+    fast_random_poll();
+    do {
+       for(i=0; cipher_table[i].name; i++ )
+           if( cipher_table[i].algo == algo )
+               break;
+    } while( !cipher_table[i].name && load_cipher_modules() );
+    if( !cipher_table[i].name ) {
+       log_fatal("cipher_open: algorithm %d not available\n", algo );
+       return NULL;
+    }
+
+    /* ? perform selftest here and mark this with a flag in cipher_table ? */
+
+    hd = secure ? m_alloc_secure_clear( sizeof *hd
+                                       + cipher_table[i].contextsize
+                                       - sizeof(PROPERLY_ALIGNED_TYPE) )
+               : m_alloc_clear( sizeof *hd + cipher_table[i].contextsize
+                                          - sizeof(PROPERLY_ALIGNED_TYPE)  );
+    hd->algo = algo;
+    hd->blocksize = cipher_table[i].blocksize;
+    hd->setkey = cipher_table[i].setkey;
+    hd->encrypt = cipher_table[i].encrypt;
+    hd->decrypt = cipher_table[i].decrypt;
+
+    if( mode == CIPHER_MODE_AUTO_CFB ) {
+       if( algo >= 100 )
+           hd->mode = CIPHER_MODE_CFB;
+       else
+           hd->mode = CIPHER_MODE_PHILS_CFB;
+    }
+    else
+       hd->mode = mode;
+
+#ifdef IS_DEVELOPMENT_VERSION
+    if( algo == CIPHER_ALGO_DUMMY )
+       hd->mode = CIPHER_MODE_DUMMY;
+#endif
+
+    return hd;
+}
+
+
+void
+cipher_close( CIPHER_HANDLE c )
+{
+    m_free(c);
+}
+
+
+int
+cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen )
+{
+    return (*c->setkey)( &c->context.c, key, keylen );
+}
+
+
+
+void
+cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
+{
+    memset( c->iv, 0, c->blocksize );
+    if( iv ) {
+       if( ivlen != c->blocksize )
+           log_info("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
+                                            ivlen, (unsigned)c->blocksize );
+       if( ivlen > c->blocksize )
+           ivlen = c->blocksize;
+       memcpy( c->iv, iv, ivlen );
+    }
+    c->unused = 0;
+}
+
+
+
+static void
+do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+    unsigned n;
+
+    for(n=0; n < nblocks; n++ ) {
+       (*c->encrypt)( &c->context.c, outbuf, inbuf );
+       inbuf  += c->blocksize;
+       outbuf += c->blocksize;
+    }
+}
+
+static void
+do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+    unsigned n;
+
+    for(n=0; n < nblocks; n++ ) {
+       (*c->decrypt)( &c->context.c, outbuf, inbuf );
+       inbuf  += c->blocksize;
+       outbuf += c->blocksize;
+    }
+}
+
+static void
+do_cbc_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+    unsigned int n;
+    byte *ivp;
+    int i;
+    size_t blocksize = c->blocksize;
+
+    for(n=0; n < nblocks; n++ ) {
+       /* fixme: the xor should works on words and not on
+        * bytes.  Maybe it is a good idea to enhance the cipher backend
+        * API to allow for CBC handling in the backend */
+       for(ivp=c->iv,i=0; i < blocksize; i++ )
+           outbuf[i] = inbuf[i] ^ *ivp++;
+       (*c->encrypt)( &c->context.c, outbuf, outbuf );
+       memcpy(c->iv, outbuf, blocksize );
+       inbuf  += c->blocksize;
+       outbuf += c->blocksize;
+    }
+}
+
+static void
+do_cbc_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+    unsigned int n;
+    byte *ivp;
+    int i;
+    size_t blocksize = c->blocksize;
+
+    for(n=0; n < nblocks; n++ ) {
+       /* because outbuf and inbuf might be the same, we have
+        * to save the original ciphertext block.  We use lastiv
+        * for this here because it is not used otherwise */
+       memcpy(c->lastiv, inbuf, blocksize );
+       (*c->decrypt)( &c->context.c, outbuf, inbuf );
+       for(ivp=c->iv,i=0; i < blocksize; i++ )
+           outbuf[i] ^= *ivp++;
+       memcpy(c->iv, c->lastiv, blocksize );
+       inbuf  += c->blocksize;
+       outbuf += c->blocksize;
+    }
+}
+
+
+static void
+do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
+{
+    byte *ivp;
+    size_t blocksize = c->blocksize;
+
+    if( nbytes <= c->unused ) {
+       /* short enough to be encoded by the remaining XOR mask */
+       /* XOR the input with the IV and store input into IV */
+       for(ivp=c->iv+c->blocksize - c->unused; nbytes; nbytes--, c->unused-- )
+           *outbuf++ = (*ivp++ ^= *inbuf++);
+       return;
+    }
+
+    if( c->unused ) {
+       /* XOR the input with the IV and store input into IV */
+       nbytes -= c->unused;
+       for(ivp=c->iv+blocksize - c->unused; c->unused; c->unused-- )
+           *outbuf++ = (*ivp++ ^= *inbuf++);
+    }
+
+    /* now we can process complete blocks */
+    while( nbytes >= blocksize ) {
+       int i;
+       /* encrypt the IV (and save the current one) */
+       memcpy( c->lastiv, c->iv, blocksize );
+       (*c->encrypt)( &c->context.c, c->iv, c->iv );
+       /* XOR the input with the IV and store input into IV */
+       for(ivp=c->iv,i=0; i < blocksize; i++ )
+           *outbuf++ = (*ivp++ ^= *inbuf++);
+       nbytes -= blocksize;
+    }
+    if( nbytes ) { /* process the remaining bytes */
+       /* encrypt the IV (and save the current one) */
+       memcpy( c->lastiv, c->iv, blocksize );
+       (*c->encrypt)( &c->context.c, c->iv, c->iv );
+       c->unused = blocksize;
+       /* and apply the xor */
+       c->unused -= nbytes;
+       for(ivp=c->iv; nbytes; nbytes-- )
+           *outbuf++ = (*ivp++ ^= *inbuf++);
+    }
+}
+
+static void
+do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
+{
+    byte *ivp;
+    ulong temp;
+    size_t blocksize = c->blocksize;
+
+    if( nbytes <= c->unused ) {
+       /* short enough to be encoded by the remaining XOR mask */
+       /* XOR the input with the IV and store input into IV */
+       for(ivp=c->iv+blocksize - c->unused; nbytes; nbytes--,c->unused--){
+           temp = *inbuf++;
+           *outbuf++ = *ivp ^ temp;
+           *ivp++ = temp;
+       }
+       return;
+    }
+
+    if( c->unused ) {
+       /* XOR the input with the IV and store input into IV */
+       nbytes -= c->unused;
+       for(ivp=c->iv+blocksize - c->unused; c->unused; c->unused-- ) {
+           temp = *inbuf++;
+           *outbuf++ = *ivp ^ temp;
+           *ivp++ = temp;
+       }
+    }
+
+    /* now we can process complete blocks */
+    while( nbytes >= blocksize ) {
+       int i;
+       /* encrypt the IV (and save the current one) */
+       memcpy( c->lastiv, c->iv, blocksize );
+       (*c->encrypt)( &c->context.c, c->iv, c->iv );
+       /* XOR the input with the IV and store input into IV */
+       for(ivp=c->iv,i=0; i < blocksize; i++ ) {
+           temp = *inbuf++;
+           *outbuf++ = *ivp ^ temp;
+           *ivp++ = temp;
+       }
+       nbytes -= blocksize;
+    }
+    if( nbytes ) { /* process the remaining bytes */
+       /* encrypt the IV (and save the current one) */
+       memcpy( c->lastiv, c->iv, blocksize );
+       (*c->encrypt)( &c->context.c, c->iv, c->iv );
+       c->unused = blocksize;
+       /* and apply the xor */
+       c->unused -= nbytes;
+       for(ivp=c->iv; nbytes; nbytes-- ) {
+           temp = *inbuf++;
+           *outbuf++ = *ivp ^ temp;
+           *ivp++ = temp;
+       }
+    }
+}
+
+
+/****************
+ * Encrypt INBUF to OUTBUF with the mode selected at open.
+ * inbuf and outbuf may overlap or be the same.
+ * Depending on the mode some some contraints apply to NBYTES.
+ */
+void
+cipher_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
+{
+    switch( c->mode ) {
+      case CIPHER_MODE_ECB:
+       assert(!(nbytes%c->blocksize));
+       do_ecb_encrypt(c, outbuf, inbuf, nbytes/c->blocksize );
+       break;
+      case CIPHER_MODE_CBC:
+       assert(!(nbytes%c->blocksize));  
+       do_cbc_encrypt(c, outbuf, inbuf, nbytes/c->blocksize );
+       break;
+      case CIPHER_MODE_CFB:
+      case CIPHER_MODE_PHILS_CFB:
+       do_cfb_encrypt(c, outbuf, inbuf, nbytes );
+       break;
+#ifdef IS_DEVELOPMENT_VERSION
+      case CIPHER_MODE_DUMMY:
+       if( inbuf != outbuf )
+           memmove( outbuf, inbuf, nbytes );
+       break;
+#endif
+      default: log_fatal("cipher_encrypt: invalid mode %d\n", c->mode );
+    }
+}
+
+
+/****************
+ * Decrypt INBUF to OUTBUF with the mode selected at open.
+ * inbuf and outbuf may overlap or be the same.
+ * Depending on the mode some some contraints apply to NBYTES.
+ */
+void
+cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
+{
+    switch( c->mode ) {
+      case CIPHER_MODE_ECB:
+       assert(!(nbytes%c->blocksize));
+       do_ecb_decrypt(c, outbuf, inbuf, nbytes/c->blocksize );
+       break;
+      case CIPHER_MODE_CBC:
+       assert(!(nbytes%c->blocksize));
+       do_cbc_decrypt(c, outbuf, inbuf, nbytes/c->blocksize );
+       break;
+      case CIPHER_MODE_CFB:
+      case CIPHER_MODE_PHILS_CFB:
+       do_cfb_decrypt(c, outbuf, inbuf, nbytes );
+       break;
+#ifdef IS_DEVELOPMENT_VERSION
+      case CIPHER_MODE_DUMMY:
+       if( inbuf != outbuf )
+           memmove( outbuf, inbuf, nbytes );
+       break;
+#endif
+      default: log_fatal("cipher_decrypt: invalid mode %d\n", c->mode );
+    }
+}
+
+
+
+/****************
+ * Used for PGP's somewhat strange CFB mode. Only works if
+ * the handle is in PHILS_CFB mode
+ */
+void
+cipher_sync( CIPHER_HANDLE c )
+{
+    if( c->mode == CIPHER_MODE_PHILS_CFB && c->unused ) {
+       memmove(c->iv + c->unused, c->iv, c->blocksize - c->unused );
+       memcpy(c->iv, c->lastiv + c->blocksize - c->unused, c->unused);
+       c->unused = 0;
+    }
+}
+
diff --git a/cipher/des.c b/cipher/des.c
new file mode 100644 (file)
index 0000000..90fd819
--- /dev/null
@@ -0,0 +1,1024 @@
+/* des.c - DES and Triple-DES encryption/decryption Algorithm
+ *     Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ *
+ *
+ * According to the definition of DES in FIPS PUB 46-2 from December 1993.
+ * For a description of triple encryption, see:
+ *   Bruce Schneier: Applied Cryptography. Second Edition.
+ *   John Wiley & Sons, 1996. ISBN 0-471-12845-7. Pages 358 ff.
+ */
+
+
+/*
+ * Written by Michael Roth <mroth@nessie.de>, September 1998
+ */
+
+
+/*
+ *  U S A G E
+ * ===========
+ *
+ * For DES or Triple-DES encryption/decryption you must initialize a proper
+ * encryption context with a key.
+ *
+ * A DES key is 64bit wide but only 56bits of the key are used. The remaining
+ * bits are parity bits and they will _not_ checked in this implementation, but
+ * simply ignored.
+ *
+ * For Tripple-DES you could use either two 64bit keys or three 64bit keys.
+ * The parity bits will _not_ checked, too.
+ *
+ * After initializing a context with a key you could use this context to
+ * encrypt or decrypt data in 64bit blocks in Electronic Codebook Mode.
+ *
+ * (In the examples below the slashes at the beginning and ending of comments
+ * are omited.)
+ *
+ * DES Example
+ * -----------
+ *     unsigned char key[8];
+ *     unsigned char plaintext[8];
+ *     unsigned char ciphertext[8];
+ *     unsigned char recoverd[8];
+ *     des_ctx context;
+ *
+ *     * Fill 'key' and 'plaintext' with some data *
+ *     ....
+ *
+ *     * Set up the DES encryption context *
+ *     des_setkey(context, key);
+ *
+ *     * Encrypt the plaintext *
+ *     des_ecb_encrypt(context, plaintext, ciphertext);
+ *
+ *     * To recover the orginal plaintext from ciphertext use: *
+ *     des_ecb_decrypt(context, ciphertext, recoverd);
+ *
+ *
+ * Triple-DES Example
+ * ------------------
+ *     unsigned char key1[8];
+ *     unsigned char key2[8];
+ *     unsigned char key3[8];
+ *     unsigned char plaintext[8];
+ *     unsigned char ciphertext[8];
+ *     unsigned char recoverd[8];
+ *     tripledes_ctx context;
+ *
+ *     * If you would like to use two 64bit keys, fill 'key1' and'key2'
+ *      then setup the encryption context: *
+ *     tripledes_set2keys(context, key1, key2);
+ *
+ *     * To use three 64bit keys with Triple-DES use: *
+ *     tripledes_set3keys(context, key1, key2, key3);
+ *
+ *     * Encrypting plaintext with Triple-DES *
+ *     tripledes_ecb_encrypt(context, plaintext, ciphertext);
+ *
+ *     * Decrypting ciphertext to recover the plaintext with Triple-DES *
+ *     tripledes_ecb_decrypt(context, ciphertext, recoverd);
+ *
+ *
+ * Selftest
+ * --------
+ *     char *error_msg;
+ *
+ *     * To perform a selftest of this DES/Triple-DES implementation use the
+ *      function selftest(). It will return an error string if their are
+ *      some problems with this library. *
+ *
+ *     if ( (error_msg = selftest()) )
+ *     {
+ *        fprintf(stderr, "An error in the DES/Tripple-DES implementation occured: %s\n", error_msg);
+ *        abort();
+ *     }
+ */
+
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>           /* memcpy, memcmp */
+#include "types.h"             /* for byte and u32 typedefs */
+#include "errors.h"
+#include "des.h"
+
+#if defined(__GNUC__) && defined(__GNU_LIBRARY__)
+#define working_memcmp memcmp
+#else
+/*
+ * According to the SunOS man page, memcmp returns indeterminate sign
+ * depending on whether characters are signed or not.
+ */
+int
+working_memcmp( const char *a, const char *b, size_t n )
+{
+    for( ; n; n--, a++, b++ )
+       if( *a != *b )
+           return (int)(*(byte*)a) - (int)(*(byte*)b);
+    return 0;
+}
+#endif
+
+
+
+/* Some defines/checks to support standalone modules */
+
+#ifndef CIPHER_ALGO_3DES
+  #define CIPHER_ALGO_3DES 2
+#elif CIPHER_ALGO_3DES != 2
+  #error CIPHER_ALGO_3DES is defined to a wrong value.
+#endif
+
+
+
+
+/*
+ * Encryption/Decryption context of DES
+ */
+typedef struct _des_ctx
+  {
+    u32 encrypt_subkeys[32];
+    u32 decrypt_subkeys[32];
+  }
+des_ctx[1];
+
+/*
+ * Encryption/Decryption context of Triple-DES
+ */
+typedef struct _tripledes_ctx
+  {
+    u32 encrypt_subkeys[96];
+    u32 decrypt_subkeys[96];
+  }
+tripledes_ctx[1];
+
+static const char *selftest_failed;
+
+static void des_key_schedule (const byte *, u32 *);
+static int des_setkey (struct _des_ctx *, const byte *);
+static int des_ecb_crypt (struct _des_ctx *, const byte *, byte *, int);
+static int tripledes_set2keys (struct _tripledes_ctx *, const byte *, const byte *);
+static int tripledes_set3keys (struct _tripledes_ctx *, const byte *, const byte *, const byte *);
+static int tripledes_ecb_crypt (struct _tripledes_ctx *, const byte *, byte *, int);
+static int is_weak_key ( const byte *key );
+static const char *selftest (void);
+
+
+
+
+
+
+/*
+ * The s-box values are permuted according to the 'primitive function P'
+ * and are rotated one bit to the left.
+ */
+static u32 sbox1[64] =
+{
+  0x01010400, 0x00000000, 0x00010000, 0x01010404, 0x01010004, 0x00010404, 0x00000004, 0x00010000,
+  0x00000400, 0x01010400, 0x01010404, 0x00000400, 0x01000404, 0x01010004, 0x01000000, 0x00000004,
+  0x00000404, 0x01000400, 0x01000400, 0x00010400, 0x00010400, 0x01010000, 0x01010000, 0x01000404,
+  0x00010004, 0x01000004, 0x01000004, 0x00010004, 0x00000000, 0x00000404, 0x00010404, 0x01000000,
+  0x00010000, 0x01010404, 0x00000004, 0x01010000, 0x01010400, 0x01000000, 0x01000000, 0x00000400,
+  0x01010004, 0x00010000, 0x00010400, 0x01000004, 0x00000400, 0x00000004, 0x01000404, 0x00010404,
+  0x01010404, 0x00010004, 0x01010000, 0x01000404, 0x01000004, 0x00000404, 0x00010404, 0x01010400,
+  0x00000404, 0x01000400, 0x01000400, 0x00000000, 0x00010004, 0x00010400, 0x00000000, 0x01010004
+};
+
+static u32 sbox2[64] =
+{
+  0x80108020, 0x80008000, 0x00008000, 0x00108020, 0x00100000, 0x00000020, 0x80100020, 0x80008020,
+  0x80000020, 0x80108020, 0x80108000, 0x80000000, 0x80008000, 0x00100000, 0x00000020, 0x80100020,
+  0x00108000, 0x00100020, 0x80008020, 0x00000000, 0x80000000, 0x00008000, 0x00108020, 0x80100000,
+  0x00100020, 0x80000020, 0x00000000, 0x00108000, 0x00008020, 0x80108000, 0x80100000, 0x00008020,
+  0x00000000, 0x00108020, 0x80100020, 0x00100000, 0x80008020, 0x80100000, 0x80108000, 0x00008000,
+  0x80100000, 0x80008000, 0x00000020, 0x80108020, 0x00108020, 0x00000020, 0x00008000, 0x80000000,
+  0x00008020, 0x80108000, 0x00100000, 0x80000020, 0x00100020, 0x80008020, 0x80000020, 0x00100020,
+  0x00108000, 0x00000000, 0x80008000, 0x00008020, 0x80000000, 0x80100020, 0x80108020, 0x00108000
+};
+
+static u32 sbox3[64] =
+{
+  0x00000208, 0x08020200, 0x00000000, 0x08020008, 0x08000200, 0x00000000, 0x00020208, 0x08000200,
+  0x00020008, 0x08000008, 0x08000008, 0x00020000, 0x08020208, 0x00020008, 0x08020000, 0x00000208,
+  0x08000000, 0x00000008, 0x08020200, 0x00000200, 0x00020200, 0x08020000, 0x08020008, 0x00020208,
+  0x08000208, 0x00020200, 0x00020000, 0x08000208, 0x00000008, 0x08020208, 0x00000200, 0x08000000,
+  0x08020200, 0x08000000, 0x00020008, 0x00000208, 0x00020000, 0x08020200, 0x08000200, 0x00000000,
+  0x00000200, 0x00020008, 0x08020208, 0x08000200, 0x08000008, 0x00000200, 0x00000000, 0x08020008,
+  0x08000208, 0x00020000, 0x08000000, 0x08020208, 0x00000008, 0x00020208, 0x00020200, 0x08000008,
+  0x08020000, 0x08000208, 0x00000208, 0x08020000, 0x00020208, 0x00000008, 0x08020008, 0x00020200
+};
+
+static u32 sbox4[64] =
+{
+  0x00802001, 0x00002081, 0x00002081, 0x00000080, 0x00802080, 0x00800081, 0x00800001, 0x00002001,
+  0x00000000, 0x00802000, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00800080, 0x00800001,
+  0x00000001, 0x00002000, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002001, 0x00002080,
+  0x00800081, 0x00000001, 0x00002080, 0x00800080, 0x00002000, 0x00802080, 0x00802081, 0x00000081,
+  0x00800080, 0x00800001, 0x00802000, 0x00802081, 0x00000081, 0x00000000, 0x00000000, 0x00802000,
+  0x00002080, 0x00800080, 0x00800081, 0x00000001, 0x00802001, 0x00002081, 0x00002081, 0x00000080,
+  0x00802081, 0x00000081, 0x00000001, 0x00002000, 0x00800001, 0x00002001, 0x00802080, 0x00800081,
+  0x00002001, 0x00002080, 0x00800000, 0x00802001, 0x00000080, 0x00800000, 0x00002000, 0x00802080
+};
+
+static u32 sbox5[64] =
+{
+  0x00000100, 0x02080100, 0x02080000, 0x42000100, 0x00080000, 0x00000100, 0x40000000, 0x02080000,
+  0x40080100, 0x00080000, 0x02000100, 0x40080100, 0x42000100, 0x42080000, 0x00080100, 0x40000000,
+  0x02000000, 0x40080000, 0x40080000, 0x00000000, 0x40000100, 0x42080100, 0x42080100, 0x02000100,
+  0x42080000, 0x40000100, 0x00000000, 0x42000000, 0x02080100, 0x02000000, 0x42000000, 0x00080100,
+  0x00080000, 0x42000100, 0x00000100, 0x02000000, 0x40000000, 0x02080000, 0x42000100, 0x40080100,
+  0x02000100, 0x40000000, 0x42080000, 0x02080100, 0x40080100, 0x00000100, 0x02000000, 0x42080000,
+  0x42080100, 0x00080100, 0x42000000, 0x42080100, 0x02080000, 0x00000000, 0x40080000, 0x42000000,
+  0x00080100, 0x02000100, 0x40000100, 0x00080000, 0x00000000, 0x40080000, 0x02080100, 0x40000100
+};
+
+static u32 sbox6[64] =
+{
+  0x20000010, 0x20400000, 0x00004000, 0x20404010, 0x20400000, 0x00000010, 0x20404010, 0x00400000,
+  0x20004000, 0x00404010, 0x00400000, 0x20000010, 0x00400010, 0x20004000, 0x20000000, 0x00004010,
+  0x00000000, 0x00400010, 0x20004010, 0x00004000, 0x00404000, 0x20004010, 0x00000010, 0x20400010,
+  0x20400010, 0x00000000, 0x00404010, 0x20404000, 0x00004010, 0x00404000, 0x20404000, 0x20000000,
+  0x20004000, 0x00000010, 0x20400010, 0x00404000, 0x20404010, 0x00400000, 0x00004010, 0x20000010,
+  0x00400000, 0x20004000, 0x20000000, 0x00004010, 0x20000010, 0x20404010, 0x00404000, 0x20400000,
+  0x00404010, 0x20404000, 0x00000000, 0x20400010, 0x00000010, 0x00004000, 0x20400000, 0x00404010,
+  0x00004000, 0x00400010, 0x20004010, 0x00000000, 0x20404000, 0x20000000, 0x00400010, 0x20004010
+};
+
+static u32 sbox7[64] =
+{
+  0x00200000, 0x04200002, 0x04000802, 0x00000000, 0x00000800, 0x04000802, 0x00200802, 0x04200800,
+  0x04200802, 0x00200000, 0x00000000, 0x04000002, 0x00000002, 0x04000000, 0x04200002, 0x00000802,
+  0x04000800, 0x00200802, 0x00200002, 0x04000800, 0x04000002, 0x04200000, 0x04200800, 0x00200002,
+  0x04200000, 0x00000800, 0x00000802, 0x04200802, 0x00200800, 0x00000002, 0x04000000, 0x00200800,
+  0x04000000, 0x00200800, 0x00200000, 0x04000802, 0x04000802, 0x04200002, 0x04200002, 0x00000002,
+  0x00200002, 0x04000000, 0x04000800, 0x00200000, 0x04200800, 0x00000802, 0x00200802, 0x04200800,
+  0x00000802, 0x04000002, 0x04200802, 0x04200000, 0x00200800, 0x00000000, 0x00000002, 0x04200802,
+  0x00000000, 0x00200802, 0x04200000, 0x00000800, 0x04000002, 0x04000800, 0x00000800, 0x00200002
+};
+
+static u32 sbox8[64] =
+{
+  0x10001040, 0x00001000, 0x00040000, 0x10041040, 0x10000000, 0x10001040, 0x00000040, 0x10000000,
+  0x00040040, 0x10040000, 0x10041040, 0x00041000, 0x10041000, 0x00041040, 0x00001000, 0x00000040,
+  0x10040000, 0x10000040, 0x10001000, 0x00001040, 0x00041000, 0x00040040, 0x10040040, 0x10041000,
+  0x00001040, 0x00000000, 0x00000000, 0x10040040, 0x10000040, 0x10001000, 0x00041040, 0x00040000,
+  0x00041040, 0x00040000, 0x10041000, 0x00001000, 0x00000040, 0x10040040, 0x00001000, 0x00041040,
+  0x10001000, 0x00000040, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x00040000, 0x10001040,
+  0x00000000, 0x10041040, 0x00040040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0x00000000,
+  0x10041040, 0x00041000, 0x00041000, 0x00001040, 0x00001040, 0x00040040, 0x10000000, 0x10041000
+};
+
+
+/*
+ * These two tables are part of the 'permuted choice 1' function.
+ * In this implementation several speed improvements are done.
+ */
+u32 leftkey_swap[16] =
+{
+  0x00000000, 0x00000001, 0x00000100, 0x00000101,
+  0x00010000, 0x00010001, 0x00010100, 0x00010101,
+  0x01000000, 0x01000001, 0x01000100, 0x01000101,
+  0x01010000, 0x01010001, 0x01010100, 0x01010101
+};
+
+u32 rightkey_swap[16] =
+{
+  0x00000000, 0x01000000, 0x00010000, 0x01010000,
+  0x00000100, 0x01000100, 0x00010100, 0x01010100,
+  0x00000001, 0x01000001, 0x00010001, 0x01010001,
+  0x00000101, 0x01000101, 0x00010101, 0x01010101,
+};
+
+
+
+/*
+ * Numbers of left shifts per round for encryption subkeys.
+ * To calculate the decryption subkeys we just reverse the
+ * ordering of the calculated encryption subkeys. So their
+ * is no need for a decryption rotate tab.
+ */
+static byte encrypt_rotate_tab[16] =
+{
+  1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
+};
+
+
+
+/*
+ * Table with weak DES keys sorted in ascending order.
+ * In DES their are 64 known keys wich are weak. They are weak
+ * because they produce only one, two or four different
+ * subkeys in the subkey scheduling process.
+ * The keys in this table have all their parity bits cleared.
+ */
+static byte weak_keys[64][8] =
+{
+  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },  { 0x00, 0x00, 0x1e, 0x1e, 0x00, 0x00, 0x0e, 0x0e },
+  { 0x00, 0x00, 0xe0, 0xe0, 0x00, 0x00, 0xf0, 0xf0 },  { 0x00, 0x00, 0xfe, 0xfe, 0x00, 0x00, 0xfe, 0xfe },
+  { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },  { 0x00, 0x1e, 0x1e, 0x00, 0x00, 0x0e, 0x0e, 0x00 },
+  { 0x00, 0x1e, 0xe0, 0xfe, 0x00, 0x0e, 0xf0, 0xfe },  { 0x00, 0x1e, 0xfe, 0xe0, 0x00, 0x0e, 0xfe, 0xf0 },
+  { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0 },  { 0x00, 0xe0, 0x1e, 0xfe, 0x00, 0xf0, 0x0e, 0xfe },
+  { 0x00, 0xe0, 0xe0, 0x00, 0x00, 0xf0, 0xf0, 0x00 },  { 0x00, 0xe0, 0xfe, 0x1e, 0x00, 0xf0, 0xfe, 0x0e },
+  { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },  { 0x00, 0xfe, 0x1e, 0xe0, 0x00, 0xfe, 0x0e, 0xf0 },
+  { 0x00, 0xfe, 0xe0, 0x1e, 0x00, 0xfe, 0xf0, 0x0e },  { 0x00, 0xfe, 0xfe, 0x00, 0x00, 0xfe, 0xfe, 0x00 },
+  { 0x0e, 0x0e, 0x0e, 0x0e, 0xf0, 0xf0, 0xf0, 0xf0 },  { 0x1e, 0x00, 0x00, 0x1e, 0x0e, 0x00, 0x00, 0x0e },
+  { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },  { 0x1e, 0x00, 0xe0, 0xfe, 0x0e, 0x00, 0xf0, 0xfe },
+  { 0x1e, 0x00, 0xfe, 0xe0, 0x0e, 0x00, 0xfe, 0xf0 },  { 0x1e, 0x1e, 0x00, 0x00, 0x0e, 0x0e, 0x00, 0x00 },
+  { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },  { 0x1e, 0x1e, 0xe0, 0xe0, 0x0e, 0x0e, 0xf0, 0xf0 },
+  { 0x1e, 0x1e, 0xfe, 0xfe, 0x0e, 0x0e, 0xfe, 0xfe },  { 0x1e, 0xe0, 0x00, 0xfe, 0x0e, 0xf0, 0x00, 0xfe },
+  { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },  { 0x1e, 0xe0, 0xe0, 0x1e, 0x0e, 0xf0, 0xf0, 0x0e },
+  { 0x1e, 0xe0, 0xfe, 0x00, 0x0e, 0xf0, 0xfe, 0x00 },  { 0x1e, 0xfe, 0x00, 0xe0, 0x0e, 0xfe, 0x00, 0xf0 },
+  { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },  { 0x1e, 0xfe, 0xe0, 0x00, 0x0e, 0xfe, 0xf0, 0x00 },
+  { 0x1e, 0xfe, 0xfe, 0x1e, 0x0e, 0xfe, 0xfe, 0x0e },  { 0xe0, 0x00, 0x00, 0xe0, 0xf0, 0x00, 0x00, 0xf0 },
+  { 0xe0, 0x00, 0x1e, 0xfe, 0xf0, 0x00, 0x0e, 0xfe },  { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
+  { 0xe0, 0x00, 0xfe, 0x1e, 0xf0, 0x00, 0xfe, 0x0e },  { 0xe0, 0x1e, 0x00, 0xfe, 0xf0, 0x0e, 0x00, 0xfe },
+  { 0xe0, 0x1e, 0x1e, 0xe0, 0xf0, 0x0e, 0x0e, 0xf0 },  { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
+  { 0xe0, 0x1e, 0xfe, 0x00, 0xf0, 0x0e, 0xfe, 0x00 },  { 0xe0, 0xe0, 0x00, 0x00, 0xf0, 0xf0, 0x00, 0x00 },
+  { 0xe0, 0xe0, 0x1e, 0x1e, 0xf0, 0xf0, 0x0e, 0x0e },  { 0xe0, 0xe0, 0xfe, 0xfe, 0xf0, 0xf0, 0xfe, 0xfe },
+  { 0xe0, 0xfe, 0x00, 0x1e, 0xf0, 0xfe, 0x00, 0x0e },  { 0xe0, 0xfe, 0x1e, 0x00, 0xf0, 0xfe, 0x0e, 0x00 },
+  { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },  { 0xe0, 0xfe, 0xfe, 0xe0, 0xf0, 0xfe, 0xfe, 0xf0 },
+  { 0xfe, 0x00, 0x00, 0xfe, 0xfe, 0x00, 0x00, 0xfe },  { 0xfe, 0x00, 0x1e, 0xe0, 0xfe, 0x00, 0x0e, 0xf0 },
+  { 0xfe, 0x00, 0xe0, 0x1e, 0xfe, 0x00, 0xf0, 0x0e },  { 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00 },
+  { 0xfe, 0x1e, 0x00, 0xe0, 0xfe, 0x0e, 0x00, 0xf0 },  { 0xfe, 0x1e, 0x1e, 0xfe, 0xfe, 0x0e, 0x0e, 0xfe },
+  { 0xfe, 0x1e, 0xe0, 0x00, 0xfe, 0x0e, 0xf0, 0x00 },  { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
+  { 0xfe, 0xe0, 0x00, 0x1e, 0xfe, 0xf0, 0x00, 0x0e },  { 0xfe, 0xe0, 0x1e, 0x00, 0xfe, 0xf0, 0x0e, 0x00 },
+  { 0xfe, 0xe0, 0xe0, 0xfe, 0xfe, 0xf0, 0xf0, 0xfe },  { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
+  { 0xfe, 0xfe, 0x00, 0x00, 0xfe, 0xfe, 0x00, 0x00 },  { 0xfe, 0xfe, 0x1e, 0x1e, 0xfe, 0xfe, 0x0e, 0x0e },
+  { 0xfe, 0xfe, 0xe0, 0xe0, 0xfe, 0xfe, 0xf0, 0xf0 },  { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe }
+};
+
+
+
+
+
+
+/*
+ * Macro to swap bits across two words.
+ */
+#define DO_PERMUTATION(a, temp, b, offset, mask)       \
+    temp = ((a>>offset) ^ b) & mask;                   \
+    b ^= temp;                                         \
+    a ^= temp<<offset;
+
+
+/*
+ * This performs the 'initial permutation' of the data to be encrypted
+ * or decrypted. Additionally the resulting two words are rotated one bit
+ * to the left.
+ */
+#define INITIAL_PERMUTATION(left, temp, right)         \
+    DO_PERMUTATION(left, temp, right, 4, 0x0f0f0f0f)   \
+    DO_PERMUTATION(left, temp, right, 16, 0x0000ffff)  \
+    DO_PERMUTATION(right, temp, left, 2, 0x33333333)   \
+    DO_PERMUTATION(right, temp, left, 8, 0x00ff00ff)   \
+    right =  (right << 1) | (right >> 31);             \
+    temp  =  (left ^ right) & 0xaaaaaaaa;              \
+    right ^= temp;                                     \
+    left  ^= temp;                                     \
+    left  =  (left << 1) | (left >> 31);
+
+/*
+ * The 'inverse initial permutation'.
+ */
+#define FINAL_PERMUTATION(left, temp, right)           \
+    left  =  (left << 31) | (left >> 1);               \
+    temp  =  (left ^ right) & 0xaaaaaaaa;              \
+    left  ^= temp;                                     \
+    right ^= temp;                                     \
+    right  =  (right << 31) | (right >> 1);            \
+    DO_PERMUTATION(right, temp, left, 8, 0x00ff00ff)   \
+    DO_PERMUTATION(right, temp, left, 2, 0x33333333)   \
+    DO_PERMUTATION(left, temp, right, 16, 0x0000ffff)  \
+    DO_PERMUTATION(left, temp, right, 4, 0x0f0f0f0f)
+
+
+/*
+ * A full DES round including 'expansion function', 'sbox substitution'
+ * and 'primitive function P' but without swapping the left and right word.
+ * Please note: The data in 'from' and 'to' is already rotated one bit to
+ * the left, done in the initial permutation.
+ */
+#define DES_ROUND(from, to, work, subkey)              \
+    work = from ^ *subkey++;                           \
+    to ^= sbox8[  work     & 0x3f ];                   \
+    to ^= sbox6[ (work>>8)  & 0x3f ];                  \
+    to ^= sbox4[ (work>>16) & 0x3f ];                  \
+    to ^= sbox2[ (work>>24) & 0x3f ];                  \
+    work = ((from << 28) | (from >> 4)) ^ *subkey++;   \
+    to ^= sbox7[  work     & 0x3f ];                   \
+    to ^= sbox5[ (work>>8)  & 0x3f ];                  \
+    to ^= sbox3[ (work>>16) & 0x3f ];                  \
+    to ^= sbox1[ (work>>24) & 0x3f ];
+
+/*
+ * Macros to convert 8 bytes from/to 32bit words.
+ */
+#define READ_64BIT_DATA(data, left, right)                                     \
+    left  = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];      \
+    right = (data[4] << 24) | (data[5] << 16) | (data[6] << 8) | data[7];
+
+#define WRITE_64BIT_DATA(data, left, right)                                    \
+    data[0] = (left >> 24) &0xff; data[1] = (left >> 16) &0xff;                \
+    data[2] = (left >> 8) &0xff; data[3] = left &0xff;                         \
+    data[4] = (right >> 24) &0xff; data[5] = (right >> 16) &0xff;              \
+    data[6] = (right >> 8) &0xff; data[7] = right &0xff;
+
+/*
+ * Handy macros for encryption and decryption of data
+ */
+#define des_ecb_encrypt(ctx, from, to)         des_ecb_crypt(ctx, from, to, 0)
+#define des_ecb_decrypt(ctx, from, to)         des_ecb_crypt(ctx, from, to, 1)
+#define tripledes_ecb_encrypt(ctx, from, to)   tripledes_ecb_crypt(ctx, from, to, 0)
+#define tripledes_ecb_decrypt(ctx, from, to)   tripledes_ecb_crypt(ctx, from, to, 1)
+
+
+static void
+burn_stack (int bytes)
+{
+    char buf[64];
+    
+    memset (buf, 0, sizeof buf);
+    bytes -= sizeof buf;
+    if (bytes > 0)
+        burn_stack (bytes);
+}
+
+/*
+ * des_key_schedule():   Calculate 16 subkeys pairs (even/odd) for
+ *                       16 encryption rounds.
+ *                       To calculate subkeys for decryption the caller
+ *                       have to reorder the generated subkeys.
+ *
+ *    rawkey:      8 Bytes of key data
+ *    subkey:      Array of at least 32 u32s. Will be filled
+ *                 with calculated subkeys.
+ *
+ */
+static void
+des_key_schedule (const byte * rawkey, u32 * subkey)
+{
+  u32 left, right, work;
+  int round;
+
+  READ_64BIT_DATA (rawkey, left, right)
+
+  DO_PERMUTATION (right, work, left, 4, 0x0f0f0f0f)
+  DO_PERMUTATION (right, work, left, 0, 0x10101010)
+
+  left = (leftkey_swap[(left >> 0) & 0xf] << 3) | (leftkey_swap[(left >> 8) & 0xf] << 2)
+    | (leftkey_swap[(left >> 16) & 0xf] << 1) | (leftkey_swap[(left >> 24) & 0xf])
+    | (leftkey_swap[(left >> 5) & 0xf] << 7) | (leftkey_swap[(left >> 13) & 0xf] << 6)
+    | (leftkey_swap[(left >> 21) & 0xf] << 5) | (leftkey_swap[(left >> 29) & 0xf] << 4);
+
+  left &= 0x0fffffff;
+
+  right = (rightkey_swap[(right >> 1) & 0xf] << 3) | (rightkey_swap[(right >> 9) & 0xf] << 2)
+    | (rightkey_swap[(right >> 17) & 0xf] << 1) | (rightkey_swap[(right >> 25) & 0xf])
+    | (rightkey_swap[(right >> 4) & 0xf] << 7) | (rightkey_swap[(right >> 12) & 0xf] << 6)
+    | (rightkey_swap[(right >> 20) & 0xf] << 5) | (rightkey_swap[(right >> 28) & 0xf] << 4);
+
+  right &= 0x0fffffff;
+
+  for (round = 0; round < 16; ++round)
+    {
+      left = ((left << encrypt_rotate_tab[round]) | (left >> (28 - encrypt_rotate_tab[round]))) & 0x0fffffff;
+      right = ((right << encrypt_rotate_tab[round]) | (right >> (28 - encrypt_rotate_tab[round]))) & 0x0fffffff;
+
+      *subkey++ = ((left << 4) & 0x24000000)
+       | ((left << 28) & 0x10000000)
+       | ((left << 14) & 0x08000000)
+       | ((left << 18) & 0x02080000)
+       | ((left << 6) & 0x01000000)
+       | ((left << 9) & 0x00200000)
+       | ((left >> 1) & 0x00100000)
+       | ((left << 10) & 0x00040000)
+       | ((left << 2) & 0x00020000)
+       | ((left >> 10) & 0x00010000)
+       | ((right >> 13) & 0x00002000)
+       | ((right >> 4) & 0x00001000)
+       | ((right << 6) & 0x00000800)
+       | ((right >> 1) & 0x00000400)
+       | ((right >> 14) & 0x00000200)
+       | (right & 0x00000100)
+       | ((right >> 5) & 0x00000020)
+       | ((right >> 10) & 0x00000010)
+       | ((right >> 3) & 0x00000008)
+       | ((right >> 18) & 0x00000004)
+       | ((right >> 26) & 0x00000002)
+       | ((right >> 24) & 0x00000001);
+
+      *subkey++ = ((left << 15) & 0x20000000)
+       | ((left << 17) & 0x10000000)
+       | ((left << 10) & 0x08000000)
+       | ((left << 22) & 0x04000000)
+       | ((left >> 2) & 0x02000000)
+       | ((left << 1) & 0x01000000)
+       | ((left << 16) & 0x00200000)
+       | ((left << 11) & 0x00100000)
+       | ((left << 3) & 0x00080000)
+       | ((left >> 6) & 0x00040000)
+       | ((left << 15) & 0x00020000)
+       | ((left >> 4) & 0x00010000)
+       | ((right >> 2) & 0x00002000)
+       | ((right << 8) & 0x00001000)
+       | ((right >> 14) & 0x00000808)
+       | ((right >> 9) & 0x00000400)
+       | ((right) & 0x00000200)
+       | ((right << 7) & 0x00000100)
+       | ((right >> 7) & 0x00000020)
+       | ((right >> 3) & 0x00000011)
+       | ((right << 2) & 0x00000004)
+       | ((right >> 21) & 0x00000002);
+    }
+}
+
+
+
+/*
+ * Fill a DES context with subkeys calculated from a 64bit key.
+ * Does not check parity bits, but simply ignore them.
+ * Does not check for weak keys.
+ */
+static int
+des_setkey (struct _des_ctx *ctx, const byte * key)
+{
+  int i;
+
+  if( selftest_failed )
+    return G10ERR_SELFTEST_FAILED;
+
+  des_key_schedule (key, ctx->encrypt_subkeys);
+  burn_stack (32);
+
+  for(i=0; i<32; i+=2)
+    {
+      ctx->decrypt_subkeys[i]  = ctx->encrypt_subkeys[30-i];
+      ctx->decrypt_subkeys[i+1] = ctx->encrypt_subkeys[31-i];
+    }
+
+  return 0;
+}
+
+
+
+/*
+ * Electronic Codebook Mode DES encryption/decryption of data according
+ * to 'mode'.
+ */
+static int
+des_ecb_crypt (struct _des_ctx *ctx, const byte * from, byte * to, int mode)
+{
+  u32 left, right, work;
+  u32 *keys;
+
+  keys = mode ? ctx->decrypt_subkeys : ctx->encrypt_subkeys;
+
+  READ_64BIT_DATA (from, left, right)
+  INITIAL_PERMUTATION (left, work, right)
+
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+
+  FINAL_PERMUTATION (right, work, left)
+  WRITE_64BIT_DATA (to, right, left)
+
+  return 0;
+}
+
+
+
+/*
+ * Fill a Triple-DES context with subkeys calculated from two 64bit keys.
+ * Does not check the parity bits of the keys, but simply ignore them.
+ * Does not check for weak keys.
+ */
+static int
+tripledes_set2keys (struct _tripledes_ctx *ctx,
+                   const byte * key1,
+                   const byte * key2)
+{
+  int i;
+
+  des_key_schedule (key1, ctx->encrypt_subkeys);
+  des_key_schedule (key2, &(ctx->decrypt_subkeys[32]));
+  burn_stack (32);
+
+  for(i=0; i<32; i+=2)
+    {
+      ctx->decrypt_subkeys[i]   = ctx->encrypt_subkeys[30-i];
+      ctx->decrypt_subkeys[i+1]  = ctx->encrypt_subkeys[31-i];
+
+      ctx->encrypt_subkeys[i+32] = ctx->decrypt_subkeys[62-i];
+      ctx->encrypt_subkeys[i+33] = ctx->decrypt_subkeys[63-i];
+
+      ctx->encrypt_subkeys[i+64] = ctx->encrypt_subkeys[i];
+      ctx->encrypt_subkeys[i+65] = ctx->encrypt_subkeys[i+1];
+
+      ctx->decrypt_subkeys[i+64] = ctx->decrypt_subkeys[i];
+      ctx->decrypt_subkeys[i+65] = ctx->decrypt_subkeys[i+1];
+    }
+
+  return 0;
+}
+
+
+
+/*
+ * Fill a Triple-DES context with subkeys calculated from three 64bit keys.
+ * Does not check the parity bits of the keys, but simply ignore them.
+ * Does not check for weak keys.
+ */
+static int
+tripledes_set3keys (struct _tripledes_ctx *ctx,
+                   const byte * key1,
+                   const byte * key2,
+                   const byte * key3)
+{
+  int i;
+
+  des_key_schedule (key1, ctx->encrypt_subkeys);
+  des_key_schedule (key2, &(ctx->decrypt_subkeys[32]));
+  des_key_schedule (key3, &(ctx->encrypt_subkeys[64]));
+  burn_stack (32);
+
+  for(i=0; i<32; i+=2)
+    {
+      ctx->decrypt_subkeys[i]   = ctx->encrypt_subkeys[94-i];
+      ctx->decrypt_subkeys[i+1]  = ctx->encrypt_subkeys[95-i];
+
+      ctx->encrypt_subkeys[i+32] = ctx->decrypt_subkeys[62-i];
+      ctx->encrypt_subkeys[i+33] = ctx->decrypt_subkeys[63-i];
+
+      ctx->decrypt_subkeys[i+64] = ctx->encrypt_subkeys[30-i];
+      ctx->decrypt_subkeys[i+65] = ctx->encrypt_subkeys[31-i];
+    }
+
+  return 0;
+}
+
+
+
+/*
+ * Electronic Codebook Mode Triple-DES encryption/decryption of data according to 'mode'.
+ * Sometimes this mode is named 'EDE' mode (Encryption-Decryption-Encryption).
+ */
+static int
+tripledes_ecb_crypt (struct _tripledes_ctx *ctx, const byte * from, byte * to, int mode)
+{
+  u32 left, right, work;
+  u32 *keys;
+
+  keys = mode ? ctx->decrypt_subkeys : ctx->encrypt_subkeys;
+
+  READ_64BIT_DATA (from, left, right)
+  INITIAL_PERMUTATION (left, work, right)
+
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+  DES_ROUND (left, right, work, keys) DES_ROUND (right, left, work, keys)
+
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+  DES_ROUND (right, left, work, keys) DES_ROUND (left, right, work, keys)
+
+  FINAL_PERMUTATION (right, work, left)
+  WRITE_64BIT_DATA (to, right, left)
+
+  return 0;
+}
+
+
+
+
+
+/*
+ * Check whether the 8 byte key is weak.
+ * Dose not check the parity bits of the key but simple ignore them.
+ */
+static int
+is_weak_key ( const byte *key )
+{
+  byte work[8];
+  int i, left, right, middle, cmp_result;
+
+  /* clear parity bits */
+  for(i=0; i<8; ++i)
+     work[i] = key[i] & 0xfe;
+
+  /* binary search in the weak key table */
+  left = 0;
+  right = 63;
+  while(left <= right)
+    {
+      middle = (left + right) / 2;
+
+      if ( !(cmp_result=working_memcmp(work, weak_keys[middle], 8)) )
+         return -1;
+
+      if ( cmp_result > 0 )
+         left = middle + 1;
+      else
+         right = middle - 1;
+    }
+
+  return 0;
+}
+
+
+
+/*
+ * Performs a selftest of this DES/Triple-DES implementation.
+ * Returns an string with the error text on failure.
+ * Returns NULL if all is ok.
+ */
+static const char *
+selftest (void)
+{
+  /*
+   * Check if 'u32' is really 32 bits wide. This DES / 3DES implementation
+   * need this.
+   */
+  if (sizeof (u32) != 4)
+       return "Wrong word size for DES configured.";
+
+  /*
+   * DES Maintenance Test
+   */
+  {
+    int i;
+    byte key[8] =
+    {0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55};
+    byte input[8] =
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+    byte result[8] =
+    {0x24, 0x6e, 0x9d, 0xb9, 0xc5, 0x50, 0x38, 0x1a};
+    byte temp1[8], temp2[8], temp3[8];
+    des_ctx des;
+
+    for (i = 0; i < 64; ++i)
+      {
+       des_setkey (des, key);
+       des_ecb_encrypt (des, input, temp1);
+       des_ecb_encrypt (des, temp1, temp2);
+       des_setkey (des, temp2);
+       des_ecb_decrypt (des, temp1, temp3);
+       memcpy (key, temp3, 8);
+       memcpy (input, temp1, 8);
+      }
+    if (memcmp (temp3, result, 8))
+      return "DES maintenance test failed.";
+  }
+
+
+  /*
+   * Self made Triple-DES test (Does somebody known an official test?)
+   */
+  {
+    int i;
+    byte input[8] =
+    {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
+    byte key1[8] =
+    {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0};
+    byte key2[8] =
+    {0x11, 0x22, 0x33, 0x44, 0xff, 0xaa, 0xcc, 0xdd};
+    byte result[8] =
+    {0x7b, 0x38, 0x3b, 0x23, 0xa2, 0x7d, 0x26, 0xd3};
+
+    tripledes_ctx des3;
+
+    for (i = 0; i < 16; ++i)
+      {
+       tripledes_set2keys (des3, key1, key2);
+       tripledes_ecb_encrypt (des3, input, key1);
+       tripledes_ecb_decrypt (des3, input, key2);
+       tripledes_set3keys (des3, key1, input, key2);
+       tripledes_ecb_encrypt (des3, input, input);
+      }
+    if (memcmp (input, result, 8))
+      return "Triple-DES test failed.";
+  }
+
+    /*
+     * More Triple-DES test.  These are testvectors as used by SSLeay,
+     * thanks to Jeroen C. van Gelderen.
+     */
+    {  struct { byte key[24]; byte plain[8]; byte cipher[8]; } testdata[] = {
+       { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01  },
+         { 0x95,0xF8,0xA5,0xE5,0xDD,0x31,0xD9,0x00  },
+         { 0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00  }
+       },
+
+       { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01  },
+         { 0x9D,0x64,0x55,0x5A,0x9A,0x10,0xB8,0x52, },
+         { 0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00  }
+       },
+       { { 0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
+           0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
+           0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E  },
+         { 0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A  },
+         { 0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A  }
+       },
+       { { 0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
+           0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
+           0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6  },
+         { 0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2  },
+         { 0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95  }
+       },
+       { { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+           0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+           0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF  },
+         { 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61  },
+         { 0x3D,0x12,0x4F,0xE2,0x19,0x8B,0xA3,0x18  }
+       },
+       { { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+           0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,
+           0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF  },
+         { 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61  },
+         { 0xFB,0xAB,0xA1,0xFF,0x9D,0x05,0xE9,0xB1  }
+       },
+       { { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+           0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,
+           0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10  },
+         { 0x73,0x6F,0x6D,0x65,0x64,0x61,0x74,0x61  },
+         { 0x18,0xd7,0x48,0xe5,0x63,0x62,0x05,0x72  }
+       },
+       { { 0x03,0x52,0x02,0x07,0x67,0x20,0x82,0x17,
+           0x86,0x02,0x87,0x66,0x59,0x08,0x21,0x98,
+           0x64,0x05,0x6A,0xBD,0xFE,0xA9,0x34,0x57  },
+         { 0x73,0x71,0x75,0x69,0x67,0x67,0x6C,0x65  },
+         { 0xc0,0x7d,0x2a,0x0f,0xa5,0x66,0xfa,0x30  }
+       },
+       { { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x80,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+           0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x02  },
+         { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00  },
+         { 0xe6,0xe6,0xdd,0x5b,0x7e,0x72,0x29,0x74  }
+       },
+       { { 0x10,0x46,0x10,0x34,0x89,0x98,0x80,0x20,
+           0x91,0x07,0xD0,0x15,0x89,0x19,0x01,0x01,
+           0x19,0x07,0x92,0x10,0x98,0x1A,0x01,0x01  },
+         { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00  },
+         { 0xe1,0xef,0x62,0xc3,0x32,0xfe,0x82,0x5b  }
+       }
+       };
+
+       byte            result[8];
+       int             i;
+       static char     error[80];
+       tripledes_ctx   des3;
+
+       for (i=0; i<sizeof(testdata)/sizeof(*testdata); ++i) {
+           tripledes_set3keys (des3, testdata[i].key, testdata[i].key + 8, testdata[i].key + 16);
+
+           tripledes_ecb_encrypt (des3, testdata[i].plain, result);
+           if (memcmp (testdata[i].cipher, result, 8)) {
+               sprintf (error, "Triple-DES SSLeay test pattern no. %d failend on encryption.", i+1);
+               return error;
+           }
+
+           tripledes_ecb_decrypt (des3, testdata[i].cipher, result);
+           if (memcmp (testdata[i].plain, result, 8)) {
+               sprintf (error, "Triple-DES SSLeay test pattern no. %d failend on decryption.", i+1);
+               return error;
+           }
+       }
+    }
+
+  /*
+   * Check the weak key detection. We simply assume that the table
+   * with weak keys is ok and check every key in the table if it is
+   * detected... (This test is a little bit stupid)
+   */
+  {
+    int i;
+
+    for (i = 0; i < 64; ++i)
+       if (!is_weak_key(weak_keys[i]))
+           return "DES weak key detection failed";
+  }
+
+  return 0;
+}
+
+
+static int
+do_tripledes_setkey ( struct _tripledes_ctx *ctx, byte *key, unsigned keylen )
+{
+    if( selftest_failed )
+       return G10ERR_SELFTEST_FAILED;
+    if( keylen != 24 )
+       return G10ERR_WRONG_KEYLEN;
+
+    tripledes_set3keys ( ctx, key, key+8, key+16);
+
+    if( is_weak_key( key ) || is_weak_key( key+8 ) || is_weak_key( key+16 ) ) {
+        burn_stack (64);
+       return G10ERR_WEAK_KEY;
+    }
+    burn_stack (64); 
+
+    return 0;
+}
+
+
+static void
+do_tripledes_encrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
+{
+    tripledes_ecb_encrypt ( ctx, inbuf, outbuf );
+    burn_stack (32);
+}
+
+static void
+do_tripledes_decrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
+{
+    tripledes_ecb_decrypt ( ctx, inbuf, outbuf );
+    burn_stack (32);
+}
+
+
+/****************
+ * Return some information about the algorithm.  We need algo here to
+ * distinguish different flavors of the algorithm.
+ * Returns: A pointer to string describing the algorithm or NULL if
+ *         the ALGO is invalid.
+ */
+const char *
+des_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**r_setkey)( void *c, byte *key, unsigned keylen ),
+                  void (**r_encrypt)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**r_decrypt)( void *c, byte *outbuf, byte *inbuf )
+                )
+{
+    static int did_selftest = 0;
+
+    if( !did_selftest ) {
+       const char *s = selftest();
+       did_selftest = 1;
+       if( s ) {
+           fprintf(stderr,"%s\n", s );
+           selftest_failed = s;
+           return NULL;
+       }
+    }
+
+    if( algo == CIPHER_ALGO_3DES ) {
+       *keylen = 192;
+       *blocksize = 8;
+       *contextsize = sizeof(struct _tripledes_ctx);
+       *(int  (**)(struct _tripledes_ctx*, byte*, unsigned))r_setkey
+                                                       = do_tripledes_setkey;
+       *(void (**)(struct _tripledes_ctx*, byte*, byte*))r_encrypt
+                                                       = do_tripledes_encrypt;
+       *(void (**)(struct _tripledes_ctx*, byte*, byte*))r_decrypt
+                                                       = do_tripledes_decrypt;
+       return "3DES";
+    }
+    return NULL;
+}
+
diff --git a/cipher/des.h b/cipher/des.h
new file mode 100644 (file)
index 0000000..f685606
--- /dev/null
@@ -0,0 +1,34 @@
+/* des.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_DES_H
+#define G10_DES_H
+
+#include "types.h"
+
+
+const char *
+des_get_info( int algo, size_t *keylen,
+                  size_t *blocksize, size_t *contextsize,
+                  int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                  void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                  void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                );
+
+#endif /*G10_DES_H*/
diff --git a/cipher/dsa.c b/cipher/dsa.c
new file mode 100644 (file)
index 0000000..d728a1b
--- /dev/null
@@ -0,0 +1,483 @@
+/* dsa.c  -  DSA signature algorithm
+ *     Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "util.h"
+#include "mpi.h"
+#include "cipher.h"
+#include "dsa.h"
+
+typedef struct {
+    MPI p;         /* prime */
+    MPI q;         /* group order */
+    MPI g;         /* group generator */
+    MPI y;         /* g^x mod p */
+} DSA_public_key;
+
+
+typedef struct {
+    MPI p;         /* prime */
+    MPI q;         /* group order */
+    MPI g;         /* group generator */
+    MPI y;         /* g^x mod p */
+    MPI x;         /* secret exponent */
+} DSA_secret_key;
+
+
+static MPI gen_k( MPI q );
+static void test_keys( DSA_secret_key *sk, unsigned qbits );
+static int  check_secret_key( DSA_secret_key *sk );
+static void generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors );
+static void sign(MPI r, MPI s, MPI input, DSA_secret_key *skey);
+static int  verify(MPI r, MPI s, MPI input, DSA_public_key *pkey);
+
+
+static void (*progress_cb) ( void *, int );
+static void *progress_cb_data;
+
+void
+register_pk_dsa_progress ( void (*cb)( void *, int), void *cb_data )
+{
+    progress_cb = cb;
+    progress_cb_data = cb_data;
+}
+
+
+static void
+progress( int c )
+{
+    if ( progress_cb )
+       progress_cb ( progress_cb_data, c );
+    else
+       fputc( c, stderr );
+}
+
+
+
+/****************
+ * Generate a random secret exponent k less than q
+ */
+static MPI
+gen_k( MPI q )
+{
+    MPI k = mpi_alloc_secure( mpi_get_nlimbs(q) );
+    unsigned int nbits = mpi_get_nbits(q);
+    unsigned int nbytes = (nbits+7)/8;
+    char *rndbuf = NULL;
+
+    if( DBG_CIPHER )
+       log_debug("choosing a random k ");
+    for(;;) {
+       if( DBG_CIPHER )
+           progress('.');
+
+       if( !rndbuf || nbits < 32 ) {
+           m_free(rndbuf);
+           rndbuf = get_random_bits( nbits, 1, 1 );
+       }
+       else { /* change only some of the higher bits */
+           /* we could imporove this by directly requesting more memory
+            * at the first call to get_random_bits() and use this the here
+            * maybe it is easier to do this directly in random.c */
+           char *pp = get_random_bits( 32, 1, 1 );
+           memcpy( rndbuf,pp, 4 );
+           m_free(pp);
+       }
+       mpi_set_buffer( k, rndbuf, nbytes, 0 );
+       if( mpi_test_bit( k, nbits-1 ) )
+           mpi_set_highbit( k, nbits-1 );
+       else {
+           mpi_set_highbit( k, nbits-1 );
+           mpi_clear_bit( k, nbits-1 );
+       }
+
+       if( !(mpi_cmp( k, q ) < 0) ) {  /* check: k < q */
+           if( DBG_CIPHER )
+               progress('+');
+           continue; /* no  */
+       }
+       if( !(mpi_cmp_ui( k, 0 ) > 0) ) { /* check: k > 0 */
+           if( DBG_CIPHER )
+               progress('-');
+           continue; /* no */
+       }
+       break;  /* okay */
+    }
+    m_free(rndbuf);
+    if( DBG_CIPHER )
+       progress('\n');
+
+    return k;
+}
+
+
+static void
+test_keys( DSA_secret_key *sk, unsigned qbits )
+{
+    DSA_public_key pk;
+    MPI test = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
+    MPI out1_a = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
+    MPI out1_b = mpi_alloc( qbits / BITS_PER_MPI_LIMB );
+
+    pk.p = sk->p;
+    pk.q = sk->q;
+    pk.g = sk->g;
+    pk.y = sk->y;
+    /*mpi_set_bytes( test, qbits, get_random_byte, 0 );*/
+    {  char *p = get_random_bits( qbits, 0, 0 );
+       mpi_set_buffer( test, p, (qbits+7)/8, 0 );
+       m_free(p);
+    }
+
+    sign( out1_a, out1_b, test, sk );
+    if( !verify( out1_a, out1_b, test, &pk ) )
+       log_fatal("DSA:: sign, verify failed\n");
+
+    mpi_free( test );
+    mpi_free( out1_a );
+    mpi_free( out1_b );
+}
+
+
+
+/****************
+ * Generate a DSA key pair with a key of size NBITS
+ * Returns: 2 structures filled with all needed values
+ *         and an array with the n-1 factors of (p-1)
+ */
+static void
+generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors )
+{
+    MPI p;    /* the prime */
+    MPI q;    /* the 160 bit prime factor */
+    MPI g;    /* the generator */
+    MPI y;    /* g^x mod p */
+    MPI x;    /* the secret exponent */
+    MPI h, e;  /* helper */
+    unsigned qbits;
+    byte *rndbuf;
+
+    assert( nbits >= 512 && nbits <= 1024 );
+
+    qbits = 160;
+    p = generate_elg_prime( 1, nbits, qbits, NULL, ret_factors );
+    /* get q out of factors */
+    q = mpi_copy((*ret_factors)[0]);
+    if( mpi_get_nbits(q) != qbits )
+       BUG();
+
+    /* find a generator g (h and e are helpers)*/
+    /* e = (p-1)/q */
+    e = mpi_alloc( mpi_get_nlimbs(p) );
+    mpi_sub_ui( e, p, 1 );
+    mpi_fdiv_q( e, e, q );
+    g = mpi_alloc( mpi_get_nlimbs(p) );
+    h = mpi_alloc_set_ui( 1 ); /* we start with 2 */
+    do {
+       mpi_add_ui( h, h, 1 );
+       /* g = h^e mod p */
+       mpi_powm( g, h, e, p );
+    } while( !mpi_cmp_ui( g, 1 ) );  /* continue until g != 1 */
+
+    /* select a random number which has these properties:
+     *  0 < x < q-1
+     * This must be a very good random number because this
+     * is the secret part. */
+    if( DBG_CIPHER )
+       log_debug("choosing a random x ");
+    assert( qbits >= 160 );
+    x = mpi_alloc_secure( mpi_get_nlimbs(q) );
+    mpi_sub_ui( h, q, 1 );  /* put q-1 into h */
+    rndbuf = NULL;
+    do {
+       if( DBG_CIPHER )
+           progress('.');
+       if( !rndbuf )
+           rndbuf = get_random_bits( qbits, 2, 1 );
+       else { /* change only some of the higher bits (= 2 bytes)*/
+           char *r = get_random_bits( 16, 2, 1 );
+           memcpy(rndbuf, r, 16/8 );
+           m_free(r);
+       }
+       mpi_set_buffer( x, rndbuf, (qbits+7)/8, 0 );
+       mpi_clear_highbit( x, qbits+1 );
+    } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, h )<0 ) );
+    m_free(rndbuf);
+    mpi_free( e );
+    mpi_free( h );
+
+    /* y = g^x mod p */
+    y = mpi_alloc( mpi_get_nlimbs(p) );
+    mpi_powm( y, g, x, p );
+
+    if( DBG_CIPHER ) {
+       progress('\n');
+       log_mpidump("dsa  p= ", p );
+       log_mpidump("dsa  q= ", q );
+       log_mpidump("dsa  g= ", g );
+       log_mpidump("dsa  y= ", y );
+       log_mpidump("dsa  x= ", x );
+    }
+
+    /* copy the stuff to the key structures */
+    sk->p = p;
+    sk->q = q;
+    sk->g = g;
+    sk->y = y;
+    sk->x = x;
+
+    /* now we can test our keys (this should never fail!) */
+    test_keys( sk, qbits );
+}
+
+
+
+/****************
+ * Test whether the secret key is valid.
+ * Returns: if this is a valid key.
+ */
+static int
+check_secret_key( DSA_secret_key *sk )
+{
+    int rc;
+    MPI y = mpi_alloc( mpi_get_nlimbs(sk->y) );
+
+    mpi_powm( y, sk->g, sk->x, sk->p );
+    rc = !mpi_cmp( y, sk->y );
+    mpi_free( y );
+    return rc;
+}
+
+
+
+/****************
+ * Make a DSA signature from HASH and put it into r and s.
+ *
+ * Without generating the k this function runs in 
+ * about 26ms on a 300 Mhz Mobile Pentium
+ */
+
+static void
+sign(MPI r, MPI s, MPI hash, DSA_secret_key *skey )
+{
+    MPI k;
+    MPI kinv;
+    MPI tmp;
+
+    /* select a random k with 0 < k < q */
+    k = gen_k( skey->q );
+
+    /* r = (a^k mod p) mod q */
+    mpi_powm( r, skey->g, k, skey->p );
+    mpi_fdiv_r( r, r, skey->q );
+
+    /* kinv = k^(-1) mod q */
+    kinv = mpi_alloc( mpi_get_nlimbs(k) );
+    mpi_invm(kinv, k, skey->q );
+
+    /* s = (kinv * ( hash + x * r)) mod q */
+    tmp = mpi_alloc( mpi_get_nlimbs(skey->p) );
+    mpi_mul( tmp, skey->x, r );
+    mpi_add( tmp, tmp, hash );
+    mpi_mulm( s , kinv, tmp, skey->q );
+
+    mpi_free(k);
+    mpi_free(kinv);
+    mpi_free(tmp);
+}
+
+
+/****************
+ * Returns true if the signature composed from R and S is valid.
+ *
+ * Without the checks this function runs in 
+ * about 31ms on a 300 Mhz Mobile Pentium
+ */
+static int
+verify(MPI r, MPI s, MPI hash, DSA_public_key *pkey )
+{
+    int rc;
+    MPI w, u1, u2, v;
+    MPI base[3];
+    MPI exp[3];
+
+
+    if( !(mpi_cmp_ui( r, 0 ) > 0 && mpi_cmp( r, pkey->q ) < 0) )
+       return 0; /* assertion  0 < r < q  failed */
+    if( !(mpi_cmp_ui( s, 0 ) > 0 && mpi_cmp( s, pkey->q ) < 0) )
+       return 0; /* assertion  0 < s < q  failed */
+
+    w  = mpi_alloc( mpi_get_nlimbs(pkey->q) );
+    u1 = mpi_alloc( mpi_get_nlimbs(pkey->q) );
+    u2 = mpi_alloc( mpi_get_nlimbs(pkey->q) );
+    v  = mpi_alloc( mpi_get_nlimbs(pkey->p) );
+
+    /* w = s^(-1) mod q */
+    mpi_invm( w, s, pkey->q );
+
+    /* u1 = (hash * w) mod q */
+    mpi_mulm( u1, hash, w, pkey->q );
+
+    /* u2 = r * w mod q  */
+    mpi_mulm( u2, r, w, pkey->q );
+
+    /* v =  g^u1 * y^u2 mod p mod q */
+    base[0] = pkey->g; exp[0] = u1;
+    base[1] = pkey->y; exp[1] = u2;
+    base[2] = NULL;    exp[2] = NULL;
+    mpi_mulpowm( v, base, exp, pkey->p );
+    mpi_fdiv_r( v, v, pkey->q );
+
+    rc = !mpi_cmp( v, r );
+
+    mpi_free(w);
+    mpi_free(u1);
+    mpi_free(u2);
+    mpi_free(v);
+    return rc;
+}
+
+
+/*********************************************
+ **************  interface  ******************
+ *********************************************/
+
+int
+dsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
+{
+    DSA_secret_key sk;
+
+    if( algo != PUBKEY_ALGO_DSA )
+       return G10ERR_PUBKEY_ALGO;
+
+    generate( &sk, nbits, retfactors );
+    skey[0] = sk.p;
+    skey[1] = sk.q;
+    skey[2] = sk.g;
+    skey[3] = sk.y;
+    skey[4] = sk.x;
+    return 0;
+}
+
+
+int
+dsa_check_secret_key( int algo, MPI *skey )
+{
+    DSA_secret_key sk;
+
+    if( algo != PUBKEY_ALGO_DSA )
+       return G10ERR_PUBKEY_ALGO;
+    if( !skey[0] || !skey[1] || !skey[2] || !skey[3] || !skey[4] )
+       return G10ERR_BAD_MPI;
+
+    sk.p = skey[0];
+    sk.q = skey[1];
+    sk.g = skey[2];
+    sk.y = skey[3];
+    sk.x = skey[4];
+    if( !check_secret_key( &sk ) )
+       return G10ERR_BAD_SECKEY;
+
+    return 0;
+}
+
+
+
+int
+dsa_sign( int algo, MPI *resarr, MPI data, MPI *skey )
+{
+    DSA_secret_key sk;
+
+    if( algo != PUBKEY_ALGO_DSA )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data || !skey[0] || !skey[1] || !skey[2] || !skey[3] || !skey[4] )
+       return G10ERR_BAD_MPI;
+
+    sk.p = skey[0];
+    sk.q = skey[1];
+    sk.g = skey[2];
+    sk.y = skey[3];
+    sk.x = skey[4];
+    resarr[0] = mpi_alloc( mpi_get_nlimbs( sk.p ) );
+    resarr[1] = mpi_alloc( mpi_get_nlimbs( sk.p ) );
+    sign( resarr[0], resarr[1], data, &sk );
+    return 0;
+}
+
+int
+dsa_verify( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev )
+{
+    DSA_public_key pk;
+
+    if( algo != PUBKEY_ALGO_DSA )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1] || !hash
+       || !pkey[0] || !pkey[1] || !pkey[2] || !pkey[3] )
+       return G10ERR_BAD_MPI;
+
+    pk.p = pkey[0];
+    pk.q = pkey[1];
+    pk.g = pkey[2];
+    pk.y = pkey[3];
+    if( !verify( data[0], data[1], hash, &pk ) )
+       return G10ERR_BAD_SIGN;
+    return 0;
+}
+
+
+
+unsigned
+dsa_get_nbits( int algo, MPI *pkey )
+{
+    if( algo != PUBKEY_ALGO_DSA )
+       return 0;
+    return mpi_get_nbits( pkey[0] );
+}
+
+
+/****************
+ * Return some information about the algorithm.  We need algo here to
+ * distinguish different flavors of the algorithm.
+ * Returns: A pointer to string describing the algorithm or NULL if
+ *         the ALGO is invalid.
+ * Usage: Bit 0 set : allows signing
+ *           1 set : allows encryption
+ */
+const char *
+dsa_get_info( int algo, int *npkey, int *nskey, int *nenc, int *nsig,
+                                                        int *use )
+{
+    *npkey = 4;
+    *nskey = 5;
+    *nenc = 0;
+    *nsig = 2;
+
+    switch( algo ) {
+      case PUBKEY_ALGO_DSA:   *use = PUBKEY_USAGE_SIG; return "DSA";
+      default: *use = 0; return NULL;
+    }
+}
+
+
diff --git a/cipher/dsa.h b/cipher/dsa.h
new file mode 100644 (file)
index 0000000..89fd1f5
--- /dev/null
@@ -0,0 +1,32 @@
+/* dsa.h  -  DSA signature algorithm
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_DSA_H
+#define G10_DSA_H
+
+int dsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
+int dsa_check_secret_key( int algo, MPI *skey );
+int dsa_sign( int algo, MPI *resarr, MPI data, MPI *skey );
+int dsa_verify( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev );
+unsigned dsa_get_nbits( int algo, MPI *pkey );
+const char *dsa_get_info( int algo, int *npkey, int *nskey,
+                                   int *nenc, int *nsig, int *use );
+
+#endif /*G10_DSA_H*/
diff --git a/cipher/dynload.c b/cipher/dynload.c
new file mode 100644 (file)
index 0000000..09cd136
--- /dev/null
@@ -0,0 +1,681 @@
+/* dynload.c - load cipher extensions
+ *     Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#ifdef HAVE_DL_DLOPEN
+  #include <dlfcn.h>
+#elif defined(HAVE_DLD_DLD_LINK)
+  #include <dld.h>
+#elif defined(HAVE_DL_SHL_LOAD)
+  #include <dl.h>
+  #include <errno.h>
+#endif
+#ifdef __MINGW32__
+  #include <windows.h>
+#endif
+#include "util.h"
+#include "cipher.h"
+#include "dynload.h"
+
+#ifdef WITH_SYMBOL_UNDERSCORE
+  #define SYMBOL_VERSION "_gnupgext_version"
+  #define SYMBOL_ENUM   "_gnupgext_enum_func"
+#else
+  #define SYMBOL_VERSION "gnupgext_version"
+  #define SYMBOL_ENUM   "gnupgext_enum_func"
+#endif
+
+
+#ifndef RTLD_NOW
+  #define RTLD_NOW  1
+#endif
+
+#ifdef HAVE_DL_SHL_LOAD  /* HPUX has shl_load instead of dlopen */
+#define HAVE_DL_DLOPEN
+#define dlopen(PATHNAME,MODE) \
+    ((void *) shl_load(PATHNAME, DYNAMIC_PATH | \
+             (((MODE) & RTLD_NOW) ? BIND_IMMEDIATE : BIND_DEFERRED), 0L))
+#define dlclose(HANDLE) shl_unload((shl_t) (HANDLE))
+#define dlerror() (errno == 0 ? NULL : strerror(errno))
+
+static void *
+dlsym(void *handle, char *name)
+{
+    void *addr;
+    if (shl_findsym((shl_t *)&handle,name,(short)TYPE_UNDEFINED,&addr) != 0) {
+      return NULL;
+    }
+    return addr;
+}
+#endif /*HAVE_DL_SHL_LOAD*/
+
+#ifdef __MINGW32__
+#define HAVE_DL_DLOPEN
+#define USE_DYNAMIC_LINKING
+
+static int last_error = 0;
+    
+void*
+dlopen(const char *pathname, int mode)
+{
+       void *h = LoadLibrary( pathname );
+       if (!h) {
+       log_error( "LoadLibrary failed ec=%d\n", (int)GetLastError() );
+       last_error = 1;
+       return NULL;
+       }
+       return h;
+}
+
+int
+dlclose( void *handle )
+{
+       last_error = 0;
+       return  FreeLibrary( handle );
+}
+
+char*
+dlerror(void)
+{
+       static char dlerrstr[10];
+       if (last_error) {
+       sprintf(dlerrstr, "%d", (int)GetLastError() );
+       return dlerrstr;
+       }
+       return NULL;
+}
+
+void*
+dlsym( void *handle, const char *name )
+{
+       void *h = GetProcAddress( handle, name );
+       if (!h) {
+       log_error( "GetProcAddress failed ec=%d\n", (int)GetLastError() );
+       last_error = 1;
+       return NULL;
+       }
+       return h;
+}
+#endif /*__MINGW32__*/
+
+
+
+
+
+typedef struct ext_list {
+    struct ext_list *next;
+    int internal;
+  #ifdef HAVE_DL_DLOPEN
+    void *handle; /* handle from dlopen() */
+  #else
+    int handle;   /* if the function has been loaded, this is true */
+  #endif
+    int  failed;  /* already tried but failed */
+    void * (*enumfunc)(int, int*, int*, int*);
+    char *hintstr; /* pointer into name */
+    char name[1];
+} *EXTLIST;
+
+static EXTLIST extensions;
+
+typedef struct {
+    EXTLIST r;
+    int seq1;
+    int seq2;
+    void *sym;
+    int reqalgo;
+} ENUMCONTEXT;
+
+
+#ifdef HAVE_DLD_DLD_LINK
+static char *mainpgm_path;
+static int did_dld_init;
+static int dld_available;
+#endif
+
+
+/****************
+ * Register an extension module.  The last registered module will
+ * be loaded first.  A name may have a list of classes
+ * appended; e.g:
+ *     mymodule.so(1:17,3:20,3:109)
+ * means that this module provides digest algorithm 17 and public key
+ * algorithms 20 and 109.  This is only a hint but if it is there the
+ * loader may decide to only load a module which claims to have a
+ * requested algorithm.
+ *
+ * mainpgm is the path to the program which wants to load a module
+ * it is only used in some environments.
+ */
+void
+register_cipher_extension( const char *mainpgm, const char *fname )
+{
+    EXTLIST r, el, intex;
+    char *p, *pe;
+
+  #ifdef HAVE_DLD_DLD_LINK
+    if( !mainpgm_path && mainpgm && *mainpgm )
+       mainpgm_path = m_strdup(mainpgm);
+  #endif
+    if( *fname != DIRSEP_C ) { /* do tilde expansion etc */
+       char *tmp;
+
+       if( strchr(fname, DIRSEP_C) )
+           tmp = make_filename(fname, NULL);
+       else
+           tmp = make_filename(GNUPG_LIBDIR, fname, NULL);
+       el = m_alloc_clear( sizeof *el + strlen(tmp) );
+       strcpy(el->name, tmp );
+       m_free(tmp);
+    }
+    else {
+       el = m_alloc_clear( sizeof *el + strlen(fname) );
+       strcpy(el->name, fname );
+    }
+    /* check whether we have a class hint */
+    if( (p=strchr(el->name,'(')) && (pe=strchr(p+1,')')) && !pe[1] ) {
+       *p = *pe = 0;
+       el->hintstr = p+1;
+    }
+    else
+       el->hintstr = NULL;
+
+    /* check that it is not already registered */
+    intex = NULL;
+    for(r = extensions; r; r = r->next ) {
+       if( !compare_filenames(r->name, el->name) ) {
+           log_info("extension `%s' already registered\n", el->name );
+           m_free(el);
+           return;
+       }
+       else if( r->internal )
+           intex = r;
+    }
+    /* and register */
+    /* we put them after the internal extension modules */
+    /* this is so that the external modules do not get loaded */
+    /* as soon as the internal modules are requested */
+    if( intex ) {
+       el->next = intex->next;
+       intex->next = el;
+    }
+    else {
+       el->next = extensions;
+       extensions = el;
+    }
+}
+
+void
+register_internal_cipher_extension(
+                       const char *module_id,
+                       void * (*enumfunc)(int, int*, int*, int*)
+                                 )
+{
+    EXTLIST r, el;
+
+    el = m_alloc_clear( sizeof *el + strlen(module_id) );
+    strcpy(el->name, module_id );
+    el->internal = 1;
+
+    /* check that it is not already registered */
+    for(r = extensions; r; r = r->next ) {
+       if( !compare_filenames(r->name, el->name) ) {
+           log_info("extension `%s' already registered\n", el->name );
+           m_free(el);
+           return;
+       }
+    }
+    /* and register */
+    el->enumfunc = enumfunc;
+  #ifdef HAVE_DL_DLOPEN
+    el->handle = (void*)1;
+  #else
+    el->handle = 1;
+  #endif
+    el->next = extensions;
+    extensions = el;
+}
+
+
+static int
+load_extension( EXTLIST el )
+{
+  #ifdef USE_DYNAMIC_LINKING
+    char **name;
+  #ifdef HAVE_DL_DLOPEN
+    const char *err;
+    int seq = 0;
+    int class, vers;
+    void *sym;
+  #else
+    unsigned long addr;
+    int rc;
+  #endif
+
+  #ifndef __MINGW32__
+    /* make sure we are not setuid */
+    if( getuid() != geteuid() )
+       log_bug("trying to load an extension while still setuid\n");
+  #endif
+
+    /* now that we are not setuid anymore, we can safely load modules */
+  #ifdef HAVE_DL_DLOPEN
+    el->handle = dlopen(el->name, RTLD_NOW);
+    if( !el->handle ) {
+       log_error("%s: error loading extension: %s\n", el->name, dlerror() );
+       goto failure;
+    }
+    name = (char**)dlsym(el->handle, SYMBOL_VERSION);
+    if( (err=dlerror()) ) {
+       log_error("%s: not a gnupg extension: %s\n", el->name, err );
+       goto failure;
+    }
+  #else /* have dld */
+    if( !did_dld_init ) {
+       did_dld_init = 1;
+       if( !mainpgm_path )
+           log_error("DLD is not correctly initialized\n");
+       else {
+           rc = dld_init( dld_find_executable(mainpgm_path) );
+           if( rc )
+               log_error("DLD init failed: %s\n", dld_strerror(rc) );
+           else
+               dld_available = 1;
+       }
+    }
+    if( !dld_available ) {
+       log_error("%s: DLD not available\n", el->name );
+       goto failure;
+    }
+
+    rc = dld_link( el->name );
+    if( rc ) {
+       log_error("%s: error loading extension: %s\n",
+                                   el->name, dld_strerror(rc) );
+       goto failure;
+    }
+    addr = dld_get_symbol(SYMBOL_VERSION);
+    if( !addr ) {
+       log_error("%s: not a gnupg extension: %s\n",
+                               el->name, dld_strerror(dld_errno) );
+       goto failure;
+    }
+    name = (char**)addr;
+  #endif
+
+    if( g10_opt_verbose > 1 )
+       log_info("%s: %s%s%s%s\n", el->name, *name,
+                 el->hintstr? " (":"",
+                 el->hintstr? el->hintstr:"",
+                 el->hintstr? ")":"");
+
+  #ifdef HAVE_DL_DLOPEN
+    sym = dlsym(el->handle, SYMBOL_ENUM);
+    if( (err=dlerror()) ) {
+       log_error("%s: invalid gnupg extension: %s\n", el->name, err );
+       goto failure;
+    }
+    el->enumfunc = (void *(*)(int,int*,int*,int*))sym;
+  #else /* dld */
+    addr = dld_get_func(SYMBOL_ENUM);
+    if( !addr ) {
+       log_error("%s: invalid gnupg extension: %s\n",
+                               el->name, dld_strerror(dld_errno) );
+       goto failure;
+    }
+    rc = dld_function_executable_p(SYMBOL_ENUM);
+    if( rc ) {
+       log_error("%s: extension function is not executable: %s\n",
+                                       el->name, dld_strerror(rc) );
+       goto failure;
+    }
+    el->enumfunc = (void *(*)(int,int*,int*,int*))addr;
+    el->handle = 1; /* mark as usable */
+  #endif
+
+  #ifdef HAVE_DL_DLOPEN
+    if( g10_opt_verbose > 2 ) {
+       /* list the contents of the module */
+       while( (sym = (*el->enumfunc)(0, &seq, &class, &vers)) ) {
+           if( vers != 1 ) {
+               log_info("%s: ignoring func with version %d\n",el->name,vers);
+               continue;
+           }
+           switch( class ) {
+             case 11:
+             case 21:
+             case 31:
+               log_info("%s: provides %s algorithm %d\n", el->name,
+                               class == 11? "md"     :
+                               class == 21? "cipher" : "pubkey",
+                                                      *(int*)sym);
+               break;
+             default:
+               /*log_debug("%s: skipping class %d\n", el->name, class);*/
+               break;
+           }
+       }
+    }
+  #endif
+    return 0;
+
+  failure:
+  #ifdef HAVE_DL_DLOPEN
+    if( el->handle ) {
+       dlclose(el->handle);
+       el->handle = NULL;
+    }
+  #endif
+    el->failed = 1;
+  #endif /*USE_DYNAMIC_LINKING*/
+    return -1;
+}
+
+#ifdef __riscos__
+typedef
+const char *(*DIGESTS_CAST)(int, size_t*,byte**, int*, int*,
+                            void (**)(void*),
+                            void (**)(void*,byte*,size_t),
+                            void (**)(void*),byte *(**)(void*));
+#endif /* __riscos__ */
+
+int
+enum_gnupgext_digests( void **enum_context,
+           int *algo,
+           const char *(**r_get_info)( int, size_t*,byte**, int*, int*,
+                                      void (**)(void*),
+                                      void (**)(void*,byte*,size_t),
+                                      void (**)(void*),byte *(**)(void*)) )
+{
+    EXTLIST r;
+    ENUMCONTEXT *ctx;
+
+    if( !*enum_context ) { /* init context */
+       ctx = m_alloc_clear( sizeof( *ctx ) );
+       ctx->r = extensions;
+       ctx->reqalgo = *algo;
+       *enum_context = ctx;
+    }
+    else if( !algo ) { /* release the context */
+       m_free(*enum_context);
+       *enum_context = NULL;
+       return 0;
+    }
+    else
+       ctx = *enum_context;
+
+    for( r = ctx->r; r; r = r->next )  {
+       int class, vers;
+
+       if( r->failed )
+           continue;
+       if( !r->handle && load_extension(r) )
+           continue;
+       /* get a digest info function */
+       if( ctx->sym )
+           goto inner_loop;
+       while( (ctx->sym = (*r->enumfunc)(10, &ctx->seq1, &class, &vers)) ) {
+           void *sym;
+           /* must check class because enumfunc may be wrong coded */
+           if( vers != 1 || class != 10 )
+               continue;
+         inner_loop:
+#ifndef __riscos__
+           *r_get_info = ctx->sym;
+#else /* __riscos__ */
+           *r_get_info = (DIGESTS_CAST) ctx->sym;
+#endif /* __riscos__ */
+           while( (sym = (*r->enumfunc)(11, &ctx->seq2, &class, &vers)) ) {
+               if( vers != 1 || class != 11 )
+                   continue;
+               *algo = *(int*)sym;
+               ctx->r = r;
+               return 1;
+           }
+           ctx->seq2 = 0;
+       }
+       ctx->seq1 = 0;
+    }
+    ctx->r = r;
+    return 0;
+}
+
+#ifdef __riscos__
+typedef
+const char *(*CIPHERS_CAST)(int, size_t*, size_t*, size_t*,
+                            int  (**)( void *, byte *, unsigned),
+                            void (**)( void *, byte *, byte *),
+                            void (**)( void *, byte *, byte *));
+#endif /* __riscos__ */
+
+const char *
+enum_gnupgext_ciphers( void **enum_context, int *algo,
+                      size_t *keylen, size_t *blocksize, size_t *contextsize,
+                      int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                      void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                      void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                    )
+{
+    EXTLIST r;
+    ENUMCONTEXT *ctx;
+    const char * (*finfo)(int, size_t*, size_t*, size_t*,
+                         int  (**)( void *, byte *, unsigned),
+                         void (**)( void *, byte *, byte *),
+                         void (**)( void *, byte *, byte *));
+
+    if( !*enum_context ) { /* init context */
+       ctx = m_alloc_clear( sizeof( *ctx ) );
+       ctx->r = extensions;
+       *enum_context = ctx;
+    }
+    else if( !algo ) { /* release the context */
+       m_free(*enum_context);
+       *enum_context = NULL;
+       return NULL;
+    }
+    else
+       ctx = *enum_context;
+
+    for( r = ctx->r; r; r = r->next )  {
+       int class, vers;
+
+       if( r->failed )
+           continue;
+       if( !r->handle && load_extension(r) )
+           continue;
+       /* get a cipher info function */
+       if( ctx->sym )
+           goto inner_loop;
+       while( (ctx->sym = (*r->enumfunc)(20, &ctx->seq1, &class, &vers)) ) {
+           void *sym;
+           /* must check class because enumfunc may be wrong coded */
+           if( vers != 1 || class != 20 )
+               continue;
+         inner_loop:
+#ifndef __riscos__
+           finfo = ctx->sym;
+#else /* __riscos__ */
+           finfo = (CIPHERS_CAST) ctx->sym;
+#endif /* __riscos__ */
+           while( (sym = (*r->enumfunc)(21, &ctx->seq2, &class, &vers)) ) {
+               const char *algname;
+               if( vers != 1 || class != 21 )
+                   continue;
+               *algo = *(int*)sym;
+               algname = (*finfo)( *algo, keylen, blocksize, contextsize,
+                                   setkeyf, encryptf, decryptf );
+               if( algname ) {
+                   ctx->r = r;
+                   return algname;
+               }
+           }
+           ctx->seq2 = 0;
+       }
+       ctx->seq1 = 0;
+    }
+    ctx->r = r;
+    return NULL;
+}
+
+#ifdef __riscos__
+typedef
+const char *(*PUBKEYS_CAST)(int, int *, int *, int *, int *, int *,
+                            int (**)(int, unsigned, MPI *, MPI **),
+                            int (**)(int, MPI *),
+                            int (**)(int, MPI *, MPI , MPI *),
+                            int (**)(int, MPI *, MPI *, MPI *),
+                            int (**)(int, MPI *, MPI , MPI *),
+                            int (**)(int, MPI , MPI *, MPI *,
+                                    int (*)(void*,MPI), void *),
+                            unsigned (**)( int , MPI *));
+#endif /* __riscos__ */
+
+const char *
+enum_gnupgext_pubkeys( void **enum_context, int *algo,
+    int *npkey, int *nskey, int *nenc, int *nsig, int *use,
+    int (**generate)( int algo, unsigned nbits, MPI *skey, MPI **retfactors ),
+    int (**check_secret_key)( int algo, MPI *skey ),
+    int (**encryptf)( int algo, MPI *resarr, MPI data, MPI *pkey ),
+    int (**decryptf)( int algo, MPI *result, MPI *data, MPI *skey ),
+    int (**sign)( int algo, MPI *resarr, MPI data, MPI *skey ),
+    int (**verify)( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev ),
+    unsigned (**get_nbits)( int algo, MPI *pkey ) )
+{
+    EXTLIST r;
+    ENUMCONTEXT *ctx;
+    const char * (*finfo)( int, int *, int *, int *, int *, int *,
+                          int (**)( int, unsigned, MPI *, MPI **),
+                          int (**)( int, MPI * ),
+                          int (**)( int, MPI *, MPI , MPI * ),
+                          int (**)( int, MPI *, MPI *, MPI * ),
+                          int (**)( int, MPI *, MPI , MPI * ),
+                          int (**)( int, MPI , MPI *, MPI *,
+                                           int (*)(void*,MPI), void *),
+                          unsigned (**)( int , MPI * ) );
+
+    if( !*enum_context ) { /* init context */
+       ctx = m_alloc_clear( sizeof( *ctx ) );
+       ctx->r = extensions;
+       *enum_context = ctx;
+    }
+    else if( !algo ) { /* release the context */
+       m_free(*enum_context);
+       *enum_context = NULL;
+       return NULL;
+    }
+    else
+       ctx = *enum_context;
+
+    for( r = ctx->r; r; r = r->next )  {
+       int class, vers;
+
+       if( r->failed )
+           continue;
+       if( !r->handle && load_extension(r) )
+           continue;
+       /* get a pubkey info function */
+       if( ctx->sym )
+           goto inner_loop;
+       while( (ctx->sym = (*r->enumfunc)(30, &ctx->seq1, &class, &vers)) ) {
+           void *sym;
+           if( vers != 1 || class != 30 )
+               continue;
+         inner_loop:
+#ifndef __riscos__
+           finfo = ctx->sym;
+#else /* __riscos__ */
+           finfo = (PUBKEYS_CAST) ctx->sym;
+#endif /* __riscos__ */
+           while( (sym = (*r->enumfunc)(31, &ctx->seq2, &class, &vers)) ) {
+               const char *algname;
+               if( vers != 1 || class != 31 )
+                   continue;
+               *algo = *(int*)sym;
+               algname = (*finfo)( *algo, npkey, nskey, nenc, nsig, use,
+                                   generate, check_secret_key, encryptf,
+                                   decryptf, sign, verify, get_nbits );
+               if( algname ) {
+                   ctx->r = r;
+                   return algname;
+               }
+           }
+           ctx->seq2 = 0;
+       }
+       ctx->seq1 = 0;
+    }
+    ctx->r = r;
+    return NULL;
+}
+
+
+int (*
+dynload_getfnc_gather_random())(void (*)(const void*, size_t, int), int,
+                                                           size_t, int)
+{
+    EXTLIST r;
+    void *sym;
+
+    for( r = extensions; r; r = r->next )  {
+       int seq, class, vers;
+
+       if( r->failed )
+           continue;
+       if( !r->handle && load_extension(r) )
+           continue;
+       seq = 0;
+       while( (sym = (*r->enumfunc)(40, &seq, &class, &vers)) ) {
+           if( vers != 1 || class != 40 )
+               continue;
+           return (int (*)(void (*)(const void*, size_t, int), int,
+                                                       size_t, int))sym;
+       }
+    }
+    return NULL;
+}
+
+
+void (*
+dynload_getfnc_fast_random_poll())( void (*)(const void*, size_t, int), int)
+{
+    EXTLIST r;
+    void *sym;
+
+    for( r = extensions; r; r = r->next )  {
+       int seq, class, vers;
+
+       if( r->failed )
+           continue;
+       if( !r->handle && load_extension(r) )
+           continue;
+       seq = 0;
+       while( (sym = (*r->enumfunc)(41, &seq, &class, &vers)) ) {
+           if( vers != 1 || class != 41 )
+               continue;
+           return (void (*)( void (*)(const void*, size_t, int), int))sym;
+       }
+    }
+    return NULL;
+}
+
diff --git a/cipher/dynload.h b/cipher/dynload.h
new file mode 100644 (file)
index 0000000..328a719
--- /dev/null
@@ -0,0 +1,68 @@
+/* dynload.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_CIPHER_DYNLOAD_H
+#define G10_CIPHER_DYNLOAD_H
+
+#include "mpi.h"
+
+
+void register_internal_cipher_extension( const char *module_id,
+                             void * (*enumfunc)(int, int*, int*, int*) );
+
+int
+enum_gnupgext_digests( void **enum_context,
+           int *algo,
+           const char *(**r_get_info)( int, size_t*,byte**, int*, int*,
+                                      void (**)(void*),
+                                      void (**)(void*,byte*,size_t),
+                                      void (**)(void*),byte *(**)(void*)) );
+
+const char *
+enum_gnupgext_ciphers( void **enum_context, int *algo,
+                      size_t *keylen, size_t *blocksize, size_t *contextsize,
+                      int  (**setkeyf)( void *c, byte *key, unsigned keylen ),
+                      void (**encryptf)( void *c, byte *outbuf, byte *inbuf ),
+                      void (**decryptf)( void *c, byte *outbuf, byte *inbuf )
+                    );
+
+
+const char *
+enum_gnupgext_pubkeys( void **enum_context, int *algo,
+    int *npkey, int *nskey, int *nenc, int *nsig, int *use,
+    int (**generate)( int algo, unsigned nbits, MPI *skey, MPI **retfactors ),
+    int (**check_secret_key)( int algo, MPI *skey ),
+    int (**encryptf)( int algo, MPI *resarr, MPI data, MPI *pkey ),
+    int (**decryptf)( int algo, MPI *result, MPI *data, MPI *skey ),
+    int (**sign)( int algo, MPI *resarr, MPI data, MPI *skey ),
+    int (**verify)( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev ),
+    unsigned (**get_nbits)( int algo, MPI *pkey ) );
+
+
+int (*dynload_getfnc_gather_random(void))( void (*)(const void*, size_t, int),
+                                          int, size_t, int);
+void (*dynload_getfnc_fast_random_poll(void)
+                               )( void (*)(const void*, size_t, int), int );
+
+
+/** This function is in construct.c **/
+void cipher_modules_constructor(void);
+
+#endif /*G10_CIPHER_DYNLOAD_H*/
diff --git a/cipher/elgamal.c b/cipher/elgamal.c
new file mode 100644 (file)
index 0000000..b4563cd
--- /dev/null
@@ -0,0 +1,666 @@
+/* elgamal.c  -  ElGamal Public Key encryption
+ *     Copyright (C) 1998, 2000, 2001 Free Software Foundation, Inc.
+ *
+ * For a description of the algorithm, see:
+ *   Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996.
+ *   ISBN 0-471-11709-9. Pages 476 ff.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "util.h"
+#include "mpi.h"
+#include "cipher.h"
+#include "elgamal.h"
+
+typedef struct {
+    MPI p;         /* prime */
+    MPI g;         /* group generator */
+    MPI y;         /* g^x mod p */
+} ELG_public_key;
+
+
+typedef struct {
+    MPI p;         /* prime */
+    MPI g;         /* group generator */
+    MPI y;         /* g^x mod p */
+    MPI x;         /* secret exponent */
+} ELG_secret_key;
+
+
+static void test_keys( ELG_secret_key *sk, unsigned nbits );
+static MPI gen_k( MPI p );
+static void generate( ELG_secret_key *sk, unsigned nbits, MPI **factors );
+static int  check_secret_key( ELG_secret_key *sk );
+static void do_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey );
+static void decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey );
+static void sign(MPI a, MPI b, MPI input, ELG_secret_key *skey);
+static int  verify(MPI a, MPI b, MPI input, ELG_public_key *pkey);
+
+
+static void (*progress_cb) ( void *, int );
+static void *progress_cb_data;
+
+void
+register_pk_elg_progress ( void (*cb)( void *, int), void *cb_data )
+{
+    progress_cb = cb;
+    progress_cb_data = cb_data;
+}
+
+
+static void
+progress( int c )
+{
+    if ( progress_cb )
+       progress_cb ( progress_cb_data, c );
+    else
+       fputc( c, stderr );
+}
+
+
+/****************
+ * Michael Wiener's table about subgroup sizes to match field sizes
+ * (floating around somewhere - Fixme: need a reference)
+ */
+static unsigned int
+wiener_map( unsigned int n )
+{
+    static struct { unsigned int p_n, q_n; } t[] =
+    {  /*   p    q      attack cost */
+       {  512, 119 },  /* 9 x 10^17 */
+       {  768, 145 },  /* 6 x 10^21 */
+       { 1024, 165 },  /* 7 x 10^24 */
+       { 1280, 183 },  /* 3 x 10^27 */
+       { 1536, 198 },  /* 7 x 10^29 */
+       { 1792, 212 },  /* 9 x 10^31 */
+       { 2048, 225 },  /* 8 x 10^33 */
+       { 2304, 237 },  /* 5 x 10^35 */
+       { 2560, 249 },  /* 3 x 10^37 */
+       { 2816, 259 },  /* 1 x 10^39 */
+       { 3072, 269 },  /* 3 x 10^40 */
+       { 3328, 279 },  /* 8 x 10^41 */
+       { 3584, 288 },  /* 2 x 10^43 */
+       { 3840, 296 },  /* 4 x 10^44 */
+       { 4096, 305 },  /* 7 x 10^45 */
+       { 4352, 313 },  /* 1 x 10^47 */
+       { 4608, 320 },  /* 2 x 10^48 */
+       { 4864, 328 },  /* 2 x 10^49 */
+       { 5120, 335 },  /* 3 x 10^50 */
+       { 0, 0 }
+    };
+    int i;
+
+    for(i=0; t[i].p_n; i++ )  {
+       if( n <= t[i].p_n )
+           return t[i].q_n;
+    }
+    /* not in table - use some arbitrary high number ;-) */
+    return  n / 8 + 200;
+}
+
+static void
+test_keys( ELG_secret_key *sk, unsigned nbits )
+{
+    ELG_public_key pk;
+    MPI test = mpi_alloc( 0 );
+    MPI out1_a = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
+    MPI out1_b = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
+    MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
+
+    pk.p = sk->p;
+    pk.g = sk->g;
+    pk.y = sk->y;
+
+    /*mpi_set_bytes( test, nbits, get_random_byte, 0 );*/
+    {  char *p = get_random_bits( nbits, 0, 0 );
+       mpi_set_buffer( test, p, (nbits+7)/8, 0 );
+       m_free(p);
+    }
+
+    do_encrypt( out1_a, out1_b, test, &pk );
+    decrypt( out2, out1_a, out1_b, sk );
+    if( mpi_cmp( test, out2 ) )
+       log_fatal("ElGamal operation: encrypt, decrypt failed\n");
+
+    sign( out1_a, out1_b, test, sk );
+    if( !verify( out1_a, out1_b, test, &pk ) )
+       log_fatal("ElGamal operation: sign, verify failed\n");
+
+    mpi_free( test );
+    mpi_free( out1_a );
+    mpi_free( out1_b );
+    mpi_free( out2 );
+}
+
+
+/****************
+ * generate a random secret exponent k from prime p, so
+ * that k is relatively prime to p-1
+ */
+static MPI
+gen_k( MPI p )
+{
+    MPI k = mpi_alloc_secure( 0 );
+    MPI temp = mpi_alloc( mpi_get_nlimbs(p) );
+    MPI p_1 = mpi_copy(p);
+    unsigned int orig_nbits = mpi_get_nbits(p);
+    unsigned int nbits;
+    unsigned int nbytes;
+    char *rndbuf = NULL;
+
+    /* IMO using a k much lesser than p is sufficient and it greatly
+     * improves the encryption performance.  We use Wiener's table
+     * and add a large safety margin.
+     */
+    nbits = wiener_map( orig_nbits ) * 3 / 2;
+    if( nbits >= orig_nbits )
+       BUG();
+
+    nbytes = (nbits+7)/8;
+    if( DBG_CIPHER )
+       log_debug("choosing a random k of %u bits", nbits);
+    mpi_sub_ui( p_1, p, 1);
+    for(;;) {
+       if( !rndbuf || nbits < 32 ) {
+           m_free(rndbuf);
+           rndbuf = get_random_bits( nbits, 1, 1 );
+       }
+       else { /* change only some of the higher bits */
+           /* we could impprove this by directly requesting more memory
+            * at the first call to get_random_bits() and use this the here
+            * maybe it is easier to do this directly in random.c
+            * Anyway, it is highly inlikely that we will ever reach this code
+            */
+           char *pp = get_random_bits( 32, 1, 1 );
+           memcpy( rndbuf,pp, 4 );
+           m_free(pp);
+           log_debug("gen_k: tsss, never expected to reach this\n");
+       }
+       mpi_set_buffer( k, rndbuf, nbytes, 0 );
+
+       for(;;) {
+           /* Hmm, actually we don't need this step here
+            * because we use k much smaller than p - we do it anyway
+            * just in case the keep on adding a one to k ;) */
+           if( !(mpi_cmp( k, p_1 ) < 0) ) {  /* check: k < (p-1) */
+               if( DBG_CIPHER )
+                   progress('+');
+               break; /* no  */
+           }
+           if( !(mpi_cmp_ui( k, 0 ) > 0) ) { /* check: k > 0 */
+               if( DBG_CIPHER )
+                   progress('-');
+               break; /* no */
+           }
+           if( mpi_gcd( temp, k, p_1 ) )
+               goto found;  /* okay, k is relatively prime to (p-1) */
+           mpi_add_ui( k, k, 1 );
+           if( DBG_CIPHER )
+               progress('.');
+       }
+    }
+  found:
+    m_free(rndbuf);
+    if( DBG_CIPHER )
+       progress('\n');
+    mpi_free(p_1);
+    mpi_free(temp);
+
+    return k;
+}
+
+/****************
+ * Generate a key pair with a key of size NBITS
+ * Returns: 2 structures filles with all needed values
+ *         and an array with n-1 factors of (p-1)
+ */
+static void
+generate(  ELG_secret_key *sk, unsigned int nbits, MPI **ret_factors )
+{
+    MPI p;    /* the prime */
+    MPI p_min1;
+    MPI g;
+    MPI x;    /* the secret exponent */
+    MPI y;
+    MPI temp;
+    unsigned int qbits;
+    unsigned int xbits;
+    byte *rndbuf;
+
+    p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+    temp   = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+    qbits = wiener_map( nbits );
+    if( qbits & 1 ) /* better have a even one */
+       qbits++;
+    g = mpi_alloc(1);
+    p = generate_elg_prime( 0, nbits, qbits, g, ret_factors );
+    mpi_sub_ui(p_min1, p, 1);
+
+
+    /* select a random number which has these properties:
+     *  0 < x < p-1
+     * This must be a very good random number because this is the
+     * secret part.  The prime is public and may be shared anyway,
+     * so a random generator level of 1 is used for the prime.
+     *
+     * I don't see a reason to have a x of about the same size
+     * as the p.  It should be sufficient to have one about the size
+     * of q or the later used k plus a large safety margin. Decryption
+     * will be much faster with such an x.
+     */
+    xbits = qbits * 3 / 2;
+    if( xbits >= nbits )
+       BUG();
+    x = mpi_alloc_secure( xbits/BITS_PER_MPI_LIMB );
+    if( DBG_CIPHER )
+       log_debug("choosing a random x of size %u", xbits );
+    rndbuf = NULL;
+    do {
+       if( DBG_CIPHER )
+           progress('.');
+       if( rndbuf ) { /* change only some of the higher bits */
+           if( xbits < 16 ) {/* should never happen ... */
+               m_free(rndbuf);
+               rndbuf = get_random_bits( xbits, 2, 1 );
+           }
+           else {
+               char *r = get_random_bits( 16, 2, 1 );
+               memcpy(rndbuf, r, 16/8 );
+               m_free(r);
+           }
+       }
+       else
+           rndbuf = get_random_bits( xbits, 2, 1 );
+       mpi_set_buffer( x, rndbuf, (xbits+7)/8, 0 );
+       mpi_clear_highbit( x, xbits+1 );
+    } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) );
+    m_free(rndbuf);
+
+    y = mpi_alloc(nbits/BITS_PER_MPI_LIMB);
+    mpi_powm( y, g, x, p );
+
+    if( DBG_CIPHER ) {
+       progress('\n');
+       log_mpidump("elg  p= ", p );
+       log_mpidump("elg  g= ", g );
+       log_mpidump("elg  y= ", y );
+       log_mpidump("elg  x= ", x );
+    }
+
+    /* copy the stuff to the key structures */
+    sk->p = p;
+    sk->g = g;
+    sk->y = y;
+    sk->x = x;
+
+    /* now we can test our keys (this should never fail!) */
+    test_keys( sk, nbits - 64 );
+
+    mpi_free( p_min1 );
+    mpi_free( temp   );
+}
+
+
+/****************
+ * Test whether the secret key is valid.
+ * Returns: if this is a valid key.
+ */
+static int
+check_secret_key( ELG_secret_key *sk )
+{
+    int rc;
+    MPI y = mpi_alloc( mpi_get_nlimbs(sk->y) );
+
+    mpi_powm( y, sk->g, sk->x, sk->p );
+    rc = !mpi_cmp( y, sk->y );
+    mpi_free( y );
+    return rc;
+}
+
+
+static void
+do_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey )
+{
+    MPI k;
+
+    /* Note: maybe we should change the interface, so that it
+     * is possible to check that input is < p and return an
+     * error code.
+     */
+
+    k = gen_k( pkey->p );
+    mpi_powm( a, pkey->g, k, pkey->p );
+    /* b = (y^k * input) mod p
+     *  = ((y^k mod p) * (input mod p)) mod p
+     * and because input is < p
+     *  = ((y^k mod p) * input) mod p
+     */
+    mpi_powm( b, pkey->y, k, pkey->p );
+    mpi_mulm( b, b, input, pkey->p );
+  #if 0
+    if( DBG_CIPHER ) {
+       log_mpidump("elg encrypted y= ", pkey->y);
+       log_mpidump("elg encrypted p= ", pkey->p);
+       log_mpidump("elg encrypted k= ", k);
+       log_mpidump("elg encrypted M= ", input);
+       log_mpidump("elg encrypted a= ", a);
+       log_mpidump("elg encrypted b= ", b);
+    }
+  #endif
+    mpi_free(k);
+}
+
+
+
+
+static void
+decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey )
+{
+    MPI t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) );
+
+    /* output = b/(a^x) mod p */
+    mpi_powm( t1, a, skey->x, skey->p );
+    mpi_invm( t1, t1, skey->p );
+    mpi_mulm( output, b, t1, skey->p );
+  #if 0
+    if( DBG_CIPHER ) {
+       log_mpidump("elg decrypted x= ", skey->x);
+       log_mpidump("elg decrypted p= ", skey->p);
+       log_mpidump("elg decrypted a= ", a);
+       log_mpidump("elg decrypted b= ", b);
+       log_mpidump("elg decrypted M= ", output);
+    }
+  #endif
+    mpi_free(t1);
+}
+
+
+/****************
+ * Make an Elgamal signature out of INPUT
+ */
+
+static void
+sign(MPI a, MPI b, MPI input, ELG_secret_key *skey )
+{
+    MPI k;
+    MPI t   = mpi_alloc( mpi_get_nlimbs(a) );
+    MPI inv = mpi_alloc( mpi_get_nlimbs(a) );
+    MPI p_1 = mpi_copy(skey->p);
+
+   /*
+    * b = (t * inv) mod (p-1)
+    * b = (t * inv(k,(p-1),(p-1)) mod (p-1)
+    * b = (((M-x*a) mod (p-1)) * inv(k,(p-1),(p-1))) mod (p-1)
+    *
+    */
+    mpi_sub_ui(p_1, p_1, 1);
+    k = gen_k( skey->p );
+    mpi_powm( a, skey->g, k, skey->p );
+    mpi_mul(t, skey->x, a );
+    mpi_subm(t, input, t, p_1 );
+    while( mpi_is_neg(t) ) {
+       BUG();  /* That is nonsense code - left over from a very early test?*/
+       mpi_add(t, t, p_1);
+    }
+    mpi_invm(inv, k, p_1 );
+    mpi_mulm(b, t, inv, p_1 );
+
+  #if 0
+    if( DBG_CIPHER ) {
+       log_mpidump("elg sign p= ", skey->p);
+       log_mpidump("elg sign g= ", skey->g);
+       log_mpidump("elg sign y= ", skey->y);
+       log_mpidump("elg sign x= ", skey->x);
+       log_mpidump("elg sign k= ", k);
+       log_mpidump("elg sign M= ", input);
+       log_mpidump("elg sign a= ", a);
+       log_mpidump("elg sign b= ", b);
+    }
+  #endif
+    mpi_free(k);
+    mpi_free(t);
+    mpi_free(inv);
+    mpi_free(p_1);
+}
+
+
+/****************
+ * Returns true if the signature composed of A and B is valid.
+ */
+static int
+verify(MPI a, MPI b, MPI input, ELG_public_key *pkey )
+{
+    int rc;
+    MPI t1;
+    MPI t2;
+    MPI base[4];
+    MPI exp[4];
+
+    if( !(mpi_cmp_ui( a, 0 ) > 0 && mpi_cmp( a, pkey->p ) < 0) )
+       return 0; /* assertion  0 < a < p  failed */
+
+    t1 = mpi_alloc( mpi_get_nlimbs(a) );
+    t2 = mpi_alloc( mpi_get_nlimbs(a) );
+
+  #if 0
+    /* t1 = (y^a mod p) * (a^b mod p) mod p */
+    mpi_powm( t1, pkey->y, a, pkey->p );
+    mpi_powm( t2, a, b, pkey->p );
+    mpi_mulm( t1, t1, t2, pkey->p );
+
+    /* t2 = g ^ input mod p */
+    mpi_powm( t2, pkey->g, input, pkey->p );
+
+    rc = !mpi_cmp( t1, t2 );
+  #elif 0
+    /* t1 = (y^a mod p) * (a^b mod p) mod p */
+    base[0] = pkey->y; exp[0] = a;
+    base[1] = a;       exp[1] = b;
+    base[2] = NULL;    exp[2] = NULL;
+    mpi_mulpowm( t1, base, exp, pkey->p );
+
+    /* t2 = g ^ input mod p */
+    mpi_powm( t2, pkey->g, input, pkey->p );
+
+    rc = !mpi_cmp( t1, t2 );
+  #else
+    /* t1 = g ^ - input * y ^ a * a ^ b  mod p */
+    mpi_invm(t2, pkey->g, pkey->p );
+    base[0] = t2     ; exp[0] = input;
+    base[1] = pkey->y; exp[1] = a;
+    base[2] = a;       exp[2] = b;
+    base[3] = NULL;    exp[3] = NULL;
+    mpi_mulpowm( t1, base, exp, pkey->p );
+    rc = !mpi_cmp_ui( t1, 1 );
+
+  #endif
+
+    mpi_free(t1);
+    mpi_free(t2);
+    return rc;
+}
+
+/*********************************************
+ **************  interface  ******************
+ *********************************************/
+
+int
+elg_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
+{
+    ELG_secret_key sk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+
+    generate( &sk, nbits, retfactors );
+    skey[0] = sk.p;
+    skey[1] = sk.g;
+    skey[2] = sk.y;
+    skey[3] = sk.x;
+    return 0;
+}
+
+
+int
+elg_check_secret_key( int algo, MPI *skey )
+{
+    ELG_secret_key sk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+    if( !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+       return G10ERR_BAD_MPI;
+
+    sk.p = skey[0];
+    sk.g = skey[1];
+    sk.y = skey[2];
+    sk.x = skey[3];
+    if( !check_secret_key( &sk ) )
+       return G10ERR_BAD_SECKEY;
+
+    return 0;
+}
+
+
+
+int
+elg_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
+{
+    ELG_public_key pk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data || !pkey[0] || !pkey[1] || !pkey[2] )
+       return G10ERR_BAD_MPI;
+
+    pk.p = pkey[0];
+    pk.g = pkey[1];
+    pk.y = pkey[2];
+    resarr[0] = mpi_alloc( mpi_get_nlimbs( pk.p ) );
+    resarr[1] = mpi_alloc( mpi_get_nlimbs( pk.p ) );
+    do_encrypt( resarr[0], resarr[1], data, &pk );
+    return 0;
+}
+
+int
+elg_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
+{
+    ELG_secret_key sk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1]
+       || !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+       return G10ERR_BAD_MPI;
+
+    sk.p = skey[0];
+    sk.g = skey[1];
+    sk.y = skey[2];
+    sk.x = skey[3];
+    *result = mpi_alloc_secure( mpi_get_nlimbs( sk.p ) );
+    decrypt( *result, data[0], data[1], &sk );
+    return 0;
+}
+
+int
+elg_sign( int algo, MPI *resarr, MPI data, MPI *skey )
+{
+    ELG_secret_key sk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data || !skey[0] || !skey[1] || !skey[2] || !skey[3] )
+       return G10ERR_BAD_MPI;
+
+    sk.p = skey[0];
+    sk.g = skey[1];
+    sk.y = skey[2];
+    sk.x = skey[3];
+    resarr[0] = mpi_alloc( mpi_get_nlimbs( sk.p ) );
+    resarr[1] = mpi_alloc( mpi_get_nlimbs( sk.p ) );
+    sign( resarr[0], resarr[1], data, &sk );
+    return 0;
+}
+
+int
+elg_verify( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev )
+{
+    ELG_public_key pk;
+
+    if( !is_ELGAMAL(algo) )
+       return G10ERR_PUBKEY_ALGO;
+    if( !data[0] || !data[1] || !hash
+       || !pkey[0] || !pkey[1] || !pkey[2] )
+       return G10ERR_BAD_MPI;
+
+    pk.p = pkey[0];
+    pk.g = pkey[1];
+    pk.y = pkey[2];
+    if( !verify( data[0], data[1], hash, &pk ) )
+       return G10ERR_BAD_SIGN;
+    return 0;
+}
+
+
+
+unsigned int
+elg_get_nbits( int algo, MPI *pkey )
+{
+    if( !is_ELGAMAL(algo) )
+       return 0;
+    return mpi_get_nbits( pkey[0] );
+}
+
+
+/****************
+ * Return some information about the algorithm.  We need algo here to
+ * distinguish different flavors of the algorithm.
+ * Returns: A pointer to string describing the algorithm or NULL if
+ *         the ALGO is invalid.
+ * Usage: Bit 0 set : allows signing
+ *           1 set : allows encryption
+ * NOTE: This function allows signing also for ELG-E, which is not
+ * okay but a bad hack to allow to work with old gpg keys. The real check
+ * is done in the gnupg ocde depending on the packet version.
+ */
+const char *
+elg_get_info( int algo, int *npkey, int *nskey, int *nenc, int *nsig,
+                                                        int *use )
+{
+    *npkey = 3;
+    *nskey = 4;
+    *nenc = 2;
+    *nsig = 2;
+
+    switch( algo ) {
+      case PUBKEY_ALGO_ELGAMAL:
+       *use = PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC;
+       return "ELG";
+      case PUBKEY_ALGO_ELGAMAL_E:
+       *use = PUBKEY_USAGE_SIG|PUBKEY_USAGE_ENC;
+       return "ELG-E";
+      default: *use = 0; return NULL;
+    }
+}
+
+
diff --git a/cipher/elgamal.h b/cipher/elgamal.h
new file mode 100644 (file)
index 0000000..f104c2a
--- /dev/null
@@ -0,0 +1,35 @@
+/* elgamal.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_ELGAMAL_H
+#define G10_ELGAMAL_H
+
+int elg_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors );
+int elg_check_secret_key( int algo, MPI *skey );
+int elg_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey );
+int elg_decrypt( int algo, MPI *result, MPI *data, MPI *skey );
+int elg_sign( int algo, MPI *resarr, MPI data, MPI *skey );
+int elg_verify( int algo, MPI hash, MPI *data, MPI *pkey,
+                   int (*cmp)(void *, MPI), void *opaquev );
+unsigned elg_get_nbits( int algo, MPI *pkey );
+const char *elg_get_info( int algo, int *npkey, int *nskey,
+                                   int *nenc, int *nsig, int *use );
+
+
+#endif /*G10_ELGAMAL_H*/
diff --git a/cipher/g10c.c b/cipher/g10c.c
new file mode 100644 (file)
index 0000000..7b0f4fa
--- /dev/null
@@ -0,0 +1,46 @@
+/* g10c.c  -  Wrapper for cipher functions
+ *     Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "mpi.h"
+#include "random.h"
+#include "cipher.h"
+
+
+/* FIXME: The modules should use functions from libgcrypt */
+
+
+const char *g10c_revision_string(int dummy) { return "$Revision$"; }
+
+MPI
+g10c_generate_secret_prime( unsigned nbits )
+{
+    return generate_secret_prime( nbits );
+}
+
+
+char *
+g10c_get_random_bits( unsigned nbits, int level, int secure )
+{
+    return (char*)get_random_bits( nbits, level, secure );
+}
+
diff --git a/cipher/gost.c b/cipher/gost.c
new file mode 100644 (file)
index 0000000..4a52772
--- /dev/null
@@ -0,0 +1,76 @@
+/* gost.c  -  GOST encryption
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * The description of GOST (and the used S-boxes) are taken from:
+ *   Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996.
+ *   ISBN 0-471-11709-9. .
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "util.h"
+#include "types.h"
+#include "gost.h"
+
+#error don't use this
+
+
+void
+gost_setkey( GOST_context *c, byte *key )
+{
+}
+
+void
+gost_setiv( GOST_context *c, byte *iv )
+{
+}
+
+
+void
+gost_encode( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+}
+
+
+void
+gost_decode( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nblocks )
+{
+}
+
+
+static void
+cfbshift( byte *iv, byte *buf, unsigned count)
+{
+}
+
+
+
+void
+gost_encode_cfb( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nbytes)
+{
+}
+
+
+void
+gost_decode_cfb( GOST_context *c, byte *outbuf, byte *inbuf, unsigned nbytes)
+{
+}
+
diff --git a/cipher/gost.h b/cipher/gost.h
new file mode 100644 (file)
index 0000000..d8e7ebf
--- /dev/null
@@ -0,0 +1,46 @@
+/* gost.h
+ *     Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_GOST_H
+#define G10_GOST_H
+
+#include "types.h"
+
+#define GOST_KEYSIZE 16
+#define GOST_BLOCKSIZE 8
+#define GOST_ROUNDS 8
+#define GOST_KEYLEN (6*GOST_ROUNDS+4)
+
+typedef struct {
+    u16 ek[GOST_KEYLEN];
+    u16 dk[GOST_KEYLEN];
+    byte iv[GOST_BLOCKSIZE];
+} GOST_context;
+
+void gost_setkey( GOST_context *c, byte *key );
+void gost_setiv( GOST_context *c, byte *iv );
+void gost_encode( GOST_context *c, byte *out, byte *in, unsigned nblocks );
+void gost_decode( GOST_context *c, byte *out, byte *in, unsigned nblocks );
+void gost_encode_cfb( GOST_context *c, byte *outbuf,
+                                      byte *inbuf, unsigned nbytes);
+void gost_decode_cfb( GOST_context *c, byte *outbuf,
+                                      byte *inbuf, unsigned nbytes);
+
+
+#endif /*G10_GOST_H*/
diff --git a/cipher/md.c b/cipher/md.c
new file mode 100644 (file)
index 0000000..4972863
--- /dev/null
@@ -0,0 +1,524 @@
+/* md.c  -  message digest dispatcher
+ *     Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+#include "util.h"
+#include "cipher.h"
+#include "errors.h"
+#include "dynload.h"
+#include "rmd.h"
+
+
+/****************
+ * This structure is used for the list of available algorithms
+ * and for the list of algorithms in MD_HANDLE.
+ */
+struct md_digest_list_s {
+    struct md_digest_list_s *next;
+    const char *name;
+    int algo;
+    byte *asnoid;
+    int asnlen;
+    int mdlen;
+    void (*init)( void *c );
+    void (*write)( void *c, byte *buf, size_t nbytes );
+    void (*final)( void *c );
+    byte *(*read)( void *c );
+    size_t contextsize; /* allocate this amount of context */
+    PROPERLY_ALIGNED_TYPE context;
+};
+
+static struct md_digest_list_s *digest_list;
+
+
+static struct md_digest_list_s *
+new_list_item( int algo,
+              const char *(*get_info)( int, size_t*,byte**, int*, int*,
+                                      void (**)(void*),
+                                      void (**)(void*,byte*,size_t),
+                                      void (**)(void*),byte *(**)(void*)) )
+{
+    struct md_digest_list_s *r;
+
+    r = m_alloc_clear( sizeof *r );
+    r->algo = algo,
+    r->name = (*get_info)( algo, &r->contextsize,
+                          &r->asnoid, &r->asnlen, &r->mdlen,
+                          &r->init, &r->write, &r->final, &r->read );
+    if( !r->name ) {
+       m_free(r);
+       r = NULL;
+    }
+    return r;
+}
+
+
+
+/****************
+ * Try to load the modules with the requeste algorithm
+ * and return true if new modules are available
+ * If req_alog is -1 try to load all digest algorithms.
+ */
+static int
+load_digest_module( int req_algo )
+{
+    static int initialized = 0;
+    static u32 checked_algos[256/32];
+    static int checked_all = 0;
+    struct md_digest_list_s *r;
+    void *context = NULL;
+    int algo;
+    int any = 0;
+    const char *(*get_info)( int, size_t*,byte**, int*, int*,
+                           void (**)(void*),
+                           void (**)(void*,byte*,size_t),
+                           void (**)(void*),byte *(**)(void*));
+
+    if( !initialized ) {
+       cipher_modules_constructor();
+       initialized = 1;
+    }
+    algo = req_algo;
+    if( algo > 255 || !algo )
+       return 0; /* algorithm number too high (does not fit into out bitmap)*/
+    if( checked_all )
+       return 0; /* already called with -1 */
+    if( algo < 0 )
+       checked_all = 1;
+    else if( (checked_algos[algo/32] & (1 << (algo%32))) )
+       return 0; /* already checked and not found */
+    else
+       checked_algos[algo/32] |= (1 << (algo%32));
+
+    while( enum_gnupgext_digests( &context, &algo, &get_info ) ) {
+       if( req_algo != -1 && algo != req_algo )
+           continue;
+       for(r=digest_list; r; r = r->next )
+           if( r->algo == algo )
+               break;
+       if( r ) {
+           log_info("skipping digest %d: already loaded\n", algo );
+           continue;
+       }
+       r = new_list_item( algo, get_info );
+       if( ! r ) {
+           log_info("skipping digest %d: no name\n", algo );
+           continue;
+       }
+       /* put it into the list */
+       if( g10_opt_verbose > 1 )
+           log_info("loaded digest %d\n", algo);
+       r->next = digest_list;
+       digest_list = r;
+       any = 1;
+       if( req_algo != -1 )
+           break;
+    }
+    enum_gnupgext_digests( &context, NULL, NULL );
+    return any;
+}
+
+
+
+/****************
+ * Map a string to the digest algo
+ */
+int
+string_to_digest_algo( const char *string )
+{
+    struct md_digest_list_s *r;
+
+    do {
+       for(r = digest_list; r; r = r->next )
+           if( !ascii_strcasecmp( r->name, string ) )
+               return r->algo;
+    } while( !r && load_digest_module(-1) );
+    return 0;
+}
+
+
+/****************
+ * Map a digest algo to a string
+ */
+const char *
+digest_algo_to_string( int algo )
+{
+    struct md_digest_list_s *r;
+
+    do {
+       for(r = digest_list; r; r = r->next )
+           if( r->algo == algo )
+               return r->name;
+    } while( !r && load_digest_module( algo ) );
+    return NULL;
+}
+
+
+int
+check_digest_algo( int algo )
+{
+    struct md_digest_list_s *r;
+
+    do {
+       for(r = digest_list; r; r = r->next )
+           if( r->algo == algo )
+               return 0;
+    } while( !r && load_digest_module(algo) );
+    return G10ERR_DIGEST_ALGO;
+}
+
+
+
+/****************
+ * Open a message digest handle for use with algorithm ALGO.
+ * More algorithms may be added by md_enable(). The initial algorithm
+ * may be 0.
+ */
+MD_HANDLE
+md_open( int algo, int secure )
+{
+    MD_HANDLE hd;
+    int bufsize;
+
+    if( secure ) {
+       bufsize = 512 - sizeof( *hd );
+       hd = m_alloc_secure_clear( sizeof *hd + bufsize );
+    }
+    else {
+       bufsize = 1024 - sizeof( *hd );
+       hd = m_alloc_clear( sizeof *hd + bufsize );
+    }
+
+    hd->bufsize = bufsize+1; /* hd has already one byte allocated */
+    hd->secure = secure;
+    if( algo )
+       md_enable( hd, algo );
+    fast_random_poll();
+    return hd;
+}
+
+void
+md_enable( MD_HANDLE h, int algo )
+{
+    struct md_digest_list_s *r, *ac;
+
+    for( ac=h->list; ac; ac = ac->next )
+       if( ac->algo == algo )
+           return ; /* already enabled */
+    /* find the algorithm */
+    do {
+       for(r = digest_list; r; r = r->next )
+           if( r->algo == algo )
+               break;
+    } while( !r && load_digest_module( algo ) );
+    if( !r ) {
+       log_error("md_enable: algorithm %d not available\n", algo );
+       return;
+    }
+    /* and allocate a new list entry */
+    ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize
+                                              - sizeof(r->context) )
+                 : m_alloc( sizeof *ac + r->contextsize
+                                              - sizeof(r->context) );
+    *ac = *r;
+    ac->next = h->list;
+    h->list = ac;
+    /* and init this instance */
+    (*ac->init)( &ac->context.c );
+}
+
+
+MD_HANDLE
+md_copy( MD_HANDLE a )
+{
+    MD_HANDLE b;
+    struct md_digest_list_s *ar, *br;
+
+    if( a->bufcount )
+       md_write( a, NULL, 0 );
+    b = a->secure ? m_alloc_secure( sizeof *b + a->bufsize - 1 )
+                 : m_alloc( sizeof *b + a->bufsize - 1 );
+    memcpy( b, a, sizeof *a + a->bufsize - 1 );
+    b->list = NULL;
+    b->debug = NULL;
+    /* and now copy the complete list of algorithms */
+    /* I know that the copied list is reversed, but that doesn't matter */
+    for( ar=a->list; ar; ar = ar->next ) {
+       br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize
+                                              - sizeo