ADDED   CommonCrypto.xcodeproj/project.pbxproj
Index: CommonCrypto.xcodeproj/project.pbxproj
==================================================================
--- /dev/null
+++ CommonCrypto.xcodeproj/project.pbxproj
@@ -0,0 +1,1891 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 42;
+	objects = {
+
+/* Begin PBXAggregateTarget section */
+		054BBEB705F6A93300344873 /* world */ = {
+			isa = PBXAggregateTarget;
+			buildConfigurationList = C27AD08D0987FCDA001272E0 /* Build configuration list for PBXAggregateTarget "world" */;
+			buildPhases = (
+				D6658DC80BD817B600D18063 /* CopyFiles */,
+			);
+			dependencies = (
+				054BBEFB05F6AAC800344873 /* PBXTargetDependency */,
+				054BBEFD05F6AAC800344873 /* PBXTargetDependency */,
+				055688220640139D0048BE18 /* PBXTargetDependency */,
+				050678EB064015C1001640AF /* PBXTargetDependency */,
+				0511C4630A3785340028BFC3 /* PBXTargetDependency */,
+			);
+			name = world;
+			productName = world;
+		};
+		05CE94290A3784D4007C91D6 /* Copy Open Source Docs */ = {
+			isa = PBXAggregateTarget;
+			buildConfigurationList = 05CE94300A37850A007C91D6 /* Build configuration list for PBXAggregateTarget "Copy Open Source Docs" */;
+			buildPhases = (
+				05CE94280A3784D4007C91D6 /* CopyFiles */,
+				05CE942F0A37850A007C91D6 /* CopyFiles */,
+			);
+			dependencies = (
+			);
+			name = "Copy Open Source Docs";
+			productName = "Copy Open Source Docs";
+		};
+/* End PBXAggregateTarget section */
+
+/* Begin PBXBuildFile section */
+		05067905064025DD001640AF /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
+		05067906064025DE001640AF /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
+		05067908064025E2001640AF /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
+		05067909064025E3001640AF /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
+		0506790A064025E4001640AF /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
+		0506790B064025E5001640AF /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
+		0506790C064025E6001640AF /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
+		0506790D064025E7001640AF /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
+		0506790E064025E7001640AF /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
+		0506790F064025E8001640AF /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
+		05067910064025E9001640AF /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
+		05067911064025EA001640AF /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
+		050737DB09E4172A005E9620 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
+		050737EF09E41958005E9620 /* CommonHMAC.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		050737F009E41969005E9620 /* CommonHMAC.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		0511C47E0A37892C0028BFC3 /* CommonCrypto.txt in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05CE942C0A37850A007C91D6 /* CommonCrypto.txt */; };
+		052049F909D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
+		052049FA09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
+		052049FB09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
+		052049FC09D1A6CC00A0D022 /* BlockCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 052049F809D1A6CC00A0D022 /* BlockCipher.c */; };
+		052F6C7609DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		052F6C7709DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
+		052F6C7809DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
+		052F6C7909DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		052F6C7A09DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
+		052F6C7B09DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
+		052F6C7C09DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		052F6C7D09DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
+		052F6C7E09DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
+		052F6C7F09DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		052F6C8009DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
+		052F6C8109DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
+		052F6C8209DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		052F6C8309DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
+		052F6C8409DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
+		052F6C8509DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		052F6C8609DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
+		052F6C8709DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
+		052F6C8809DB207F00EE63A4 /* aes.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		052F6C8909DB207F00EE63A4 /* aescrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7109DB207F00EE63A4 /* aescrypt.c */; };
+		052F6C8A09DB207F00EE63A4 /* aeskey.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7209DB207F00EE63A4 /* aeskey.c */; };
+		052F6C8B09DB207F00EE63A4 /* aesopt.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		052F6C8C09DB207F00EE63A4 /* aestab.c in Sources */ = {isa = PBXBuildFile; fileRef = 052F6C7409DB207F00EE63A4 /* aestab.c */; };
+		052F6C8D09DB207F00EE63A4 /* aestab.h in Headers */ = {isa = PBXBuildFile; fileRef = 052F6C7509DB207F00EE63A4 /* aestab.h */; };
+		0539DC2809D4919D00AB7F89 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
+		0539DC2909D4919D00AB7F89 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		054BBECE05F6AA7200344873 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; settings = {ATTRIBUTES = (); }; };
+		054BBECF05F6AA7200344873 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
+		054BBEDD05F6AA8900344873 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
+		054BBEDE05F6AA8900344873 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
+		054BBEDF05F6AA8900344873 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
+		054BBEE005F6AA8900344873 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
+		054BBEE105F6AA8900344873 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
+		054BBEE205F6AA8900344873 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
+		054BBEE305F6AA8900344873 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
+		054BBEE505F6AA8900344873 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
+		054BBEE705F6AA8900344873 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
+		054BBEE805F6AA8900344873 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
+		054BBEE905F6AA8900344873 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
+		054BBEEA05F6AA8900344873 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
+		054BBEEB05F6AA8900344873 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
+		054BBEEC05F6AA8900344873 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
+		054BBEED05F6AA8900344873 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
+		054BBEEE05F6AA8900344873 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
+		054BBEF005F6AA8900344873 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
+		054BBEF205F6AA8900344873 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
+		05568801064012FF0048BE18 /* CommonDigest.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
+		05568802064012FF0048BE18 /* CommonDigestPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED205F6AA8900344873 /* CommonDigestPriv.h */; };
+		05568803064013000048BE18 /* md2_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED305F6AA8900344873 /* md2_dgst.c */; };
+		05568804064013010048BE18 /* md32_common.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED805F6AA8900344873 /* md32_common.h */; };
+		05568805064013020048BE18 /* md4_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED405F6AA8900344873 /* md4_dgst.c */; };
+		05568806064013030048BE18 /* md4_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED505F6AA8900344873 /* md4_locl.h */; };
+		05568807064013030048BE18 /* md5_dgst.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBED605F6AA8900344873 /* md5_dgst.c */; };
+		05568808064013040048BE18 /* md5_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBED705F6AA8900344873 /* md5_locl.h */; };
+		05568809064013040048BE18 /* sha1.c in Sources */ = {isa = PBXBuildFile; fileRef = 054BBEDC05F6AA8900344873 /* sha1.c */; };
+		0556880A064013050048BE18 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
+		0556880B064013060048BE18 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
+		0556880C064013060048BE18 /* sha_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 054BBEDA05F6AA8900344873 /* sha_locl.h */; };
+		0585FE1909DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
+		0585FE1A09DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
+		0585FE1B09DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
+		0585FE1C09DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		0585FE1D09DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
+		0585FE1E09DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
+		0585FE1F09DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
+		0585FE2009DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
+		0585FE2109DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
+		0585FE2209DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
+		0585FE2309DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		0585FE2409DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
+		0585FE2509DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
+		0585FE2609DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
+		0585FE2709DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
+		0585FE2809DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
+		0585FE2909DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
+		0585FE2A09DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		0585FE2B09DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
+		0585FE2C09DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
+		0585FE2D09DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
+		0585FE2E09DC9873001762F6 /* c_ecb.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1209DC9873001762F6 /* c_ecb.c */; };
+		0585FE2F09DC9873001762F6 /* c_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1309DC9873001762F6 /* c_enc.c */; };
+		0585FE3009DC9873001762F6 /* c_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1409DC9873001762F6 /* c_skey.c */; };
+		0585FE3109DC9873001762F6 /* cast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		0585FE3209DC9873001762F6 /* cast_lcl.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1609DC9873001762F6 /* cast_lcl.h */; };
+		0585FE3309DC9873001762F6 /* cast_s.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE1709DC9873001762F6 /* cast_s.h */; };
+		0585FE3409DC9873001762F6 /* ccCast.c in Sources */ = {isa = PBXBuildFile; fileRef = 0585FE1809DC9873001762F6 /* ccCast.c */; };
+		0585FE4109DC9A1F001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		0585FE4209DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		0585FE4309DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		0585FE4409DC9A20001762F6 /* ccCast.h in Headers */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		05A3762A061228FA009C43A6 /* CommonDigest.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
+		05C4414409D49F28002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
+		05C4414509D49F29002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
+		05C4414609D49F29002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
+		05C4416F09D4BACE002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
+		05C4417309D4BB0B002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
+		05C441AB09D4E04F002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
+		05C441AC09D4E04F002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
+		05C441AD09D4E050002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
+		05C441AE09D4E051002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
+		05C441AF09D4E052002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
+		05C441B009D4E052002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
+		05C441B109D4E053002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		05C441B209D4E053002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
+		05C441B309D4E054002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
+		05C441B409D4E057002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
+		05C441B509D4E058002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
+		05C441B609D4E058002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
+		05C441B709D4E059002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
+		05C441B809D4E05A002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
+		05C441B909D4E05A002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
+		05C441BA09D4E05B002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		05C441BB09D4E05C002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
+		05C441BC09D4E05C002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
+		05C441BD09D4E060002066D1 /* des.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E409D468E200CFE5CB /* des.h */; };
+		05C441BE09D4E061002066D1 /* des_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0E509D468E200CFE5CB /* des_enc.c */; };
+		05C441BF09D4E061002066D1 /* des_locl.h in Headers */ = {isa = PBXBuildFile; fileRef = 05ECA0E609D468E200CFE5CB /* des_locl.h */; };
+		05C441C009D4E062002066D1 /* e_os2.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4416E09D4BACE002066D1 /* e_os2.h */; };
+		05C441C109D4E063002066D1 /* opensslconf.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C4417209D4BB0B002066D1 /* opensslconf.h */; };
+		05C441C209D4E063002066D1 /* opensslDES.c in Sources */ = {isa = PBXBuildFile; fileRef = 0539DC2609D4919D00AB7F89 /* opensslDES.c */; };
+		05C441C309D4E064002066D1 /* opensslDES.h in Headers */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		05C441C409D4E065002066D1 /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
+		05C441C509D4E065002066D1 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
+		05C70C5509D471C30004B8F4 /* spr.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C70C5309D471C30004B8F4 /* spr.h */; };
+		05C91AC309E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
+		05C91AC409E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
+		05C91AC509E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
+		05C91AC609E47E9B007CCD4E /* BlockCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91AC209E47E9A007CCD4E /* BlockCipher.h */; };
+		05C91ACF09E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
+		05C91AD009E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
+		05C91AD109E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
+		05C91AD209E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
+		05C91AD309E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
+		05C91AD409E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
+		05C91AD509E47F93007CCD4E /* StreamCipher.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91ACD09E47F93007CCD4E /* StreamCipher.h */; };
+		05C91AD609E47F93007CCD4E /* StreamCipher.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91ACE09E47F93007CCD4E /* StreamCipher.c */; };
+		05C91AFA09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
+		05C91AFB09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
+		05C91AFC09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
+		05C91AFD09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
+		05C91AFE09E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
+		05C91AFF09E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
+		05C91B0009E48079007CCD4E /* rc4_enc.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF809E48079007CCD4E /* rc4_enc.c */; };
+		05C91B0109E48079007CCD4E /* rc4_skey.c in Sources */ = {isa = PBXBuildFile; fileRef = 05C91AF909E48079007CCD4E /* rc4_skey.c */; };
+		05C91B0309E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05C91B0409E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05C91B0509E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05C91B0609E480A1007CCD4E /* rc4.h in Headers */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05C91B1C09E481AA007CCD4E /* rc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05C91B1D09E481B4007CCD4E /* rc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05C91B0209E480A1007CCD4E /* rc4.h */; };
+		05CE942D0A37850A007C91D6 /* CommonCrypto.plist in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05CE942B0A37850A007C91D6 /* CommonCrypto.plist */; };
+		05D5045C09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
+		05D5045D09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
+		05D5045E09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
+		05D5045F09DC5F7A00F47E19 /* ccNewGladman.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */; };
+		05D8D97D09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		05D8D97E09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		05D8D97F09E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		05D8D98009E411AB00E03504 /* CommonHMAC.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D8D97C09E411AA00E03504 /* CommonHMAC.h */; };
+		05D9F61009D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
+		05D9F61109D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
+		05D9F61209D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
+		05D9F61309D85F2C00AD30A7 /* CommonCryptor.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */; };
+		05D9F61709D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F61809D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F61909D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F61A09D85F4A00AD30A7 /* CommonCryptor.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F62309D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
+		05D9F62409D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
+		05D9F62509D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
+		05D9F62609D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */; };
+		05D9F62D09D8745E00AD30A7 /* CommonCryptor.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F62E09D8746300AD30A7 /* CommonCryptor.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */; };
+		05D9F64F09D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
+		05D9F65009D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
+		05D9F65209D87ED000AD30A7 /* CommonHMAC.c in Sources */ = {isa = PBXBuildFile; fileRef = 05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */; };
+		05E0A12209DD99D8005F54BA /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		05E0A12309DD99D8005F54BA /* aesopt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		05E0A12409DD99D8005F54BA /* cast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		05E0A12509DD99D8005F54BA /* ccCast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		05E0A12609DD99D8005F54BA /* opensslDES.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		05E0A12909DD9A0D005F54BA /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7009DB207F00EE63A4 /* aes.h */; };
+		05E0A12A09DD9A0D005F54BA /* aesopt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 052F6C7309DB207F00EE63A4 /* aesopt.h */; };
+		05E0A12B09DD9A0D005F54BA /* cast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE1509DC9873001762F6 /* cast.h */; };
+		05E0A12C09DD9A0D005F54BA /* ccCast.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0585FE4009DC9A1F001762F6 /* ccCast.h */; };
+		05E0A12D09DD9A0D005F54BA /* opensslDES.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 0539DC2709D4919D00AB7F89 /* opensslDES.h */; };
+		05E0A14509DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E0A14609DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E0A14709DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E0A14809DD9F84005F54BA /* CommonCryptoPriv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E0A1DD09DDA766005F54BA /* CommonCryptoPriv.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E0A1DE09DDA774005F54BA /* CommonCryptoPriv.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */; };
+		05E319BA063890C100C4AD24 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
+		05E319BD063890C100C4AD24 /* sha2.c in Sources */ = {isa = PBXBuildFile; fileRef = 05E319B7063890C100C4AD24 /* sha2.c */; };
+		05E319DD0638913700C4AD24 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
+		05E319DE0638913700C4AD24 /* sha2Priv.h in Headers */ = {isa = PBXBuildFile; fileRef = 05E319DC0638913700C4AD24 /* sha2Priv.h */; };
+		05ECA0EE09D469A100CFE5CB /* set_key.c in Sources */ = {isa = PBXBuildFile; fileRef = 05ECA0ED09D469A100CFE5CB /* set_key.c */; };
+		4C0889EA06EFE058009F3789 /* CommonDigest.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 054BBECD05F6AA7200344873 /* CommonDigest.h */; };
+		58226EAE0D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
+		58226EAF0D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
+		58226EB10D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
+		58226EB20D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
+		58226EB40D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
+		58226EB50D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
+		58226EB70D35835700B35CC2 /* AES.c in Sources */ = {isa = PBXBuildFile; fileRef = 58226EAB0D35835700B35CC2 /* AES.c */; settings = {COMPILER_FLAGS = "-std=c99"; }; };
+		58226EB80D35835700B35CC2 /* AESAssembly.h in Headers */ = {isa = PBXBuildFile; fileRef = 58226EAC0D35835700B35CC2 /* AESAssembly.h */; };
+		5855FFD50D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
+		5855FFD60D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
+		5855FFD70D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
+		5855FFD80D3ECE2000D5D39C /* AES.s in Sources */ = {isa = PBXBuildFile; fileRef = 5855FFD40D3ECE2000D5D39C /* AES.s */; };
+		58B40ECF0D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
+		58B40ED00D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
+		58B40ED10D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
+		58B40ED20D49459900557D7E /* EncryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ECE0D49459900557D7E /* EncryptCBC.s */; };
+		58B40ED40D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
+		58B40ED50D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
+		58B40ED60D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
+		58B40ED70D494A1800557D7E /* DecryptCBC.s in Sources */ = {isa = PBXBuildFile; fileRef = 58B40ED30D494A1800557D7E /* DecryptCBC.s */; };
+		795CA41E0D34459D00BAE6A2 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
+		795CA41F0D34459D00BAE6A2 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
+		795CA4210D3445EB00BAE6A2 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
+		795CA4220D3445EB00BAE6A2 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
+		AA43AB740D7DE2440047D941 /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
+		AA43AB750D7DE2440047D941 /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
+		AAAF0B9E0DC7A3DA0044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
+		AAAF0B9F0DC7A3DA0044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
+		AAAF0BA10DC7A3F70044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
+		AAAF0BA20DC7A3F70044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
+		AAAF0BA30DC7A4020044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
+		AAAF0BA40DC7A4020044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
+		AAAF0BA50DC7A42A0044DA03 /* sha1edpBigEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */; };
+		AAAF0BA60DC7A42A0044DA03 /* sha1edpLittleEndian.s in Sources */ = {isa = PBXBuildFile; fileRef = AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */; };
+		AAD42CD30D7DE027000BCEBF /* ccRC2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FD0D34431400BAE6A2 /* ccRC2.c */; };
+		AAD42CD40D7DE027000BCEBF /* rc2.c in Sources */ = {isa = PBXBuildFile; fileRef = 795CA3FE0D34431400BAE6A2 /* rc2.c */; };
+		D6658D950BD8178400D18063 /* CC_crypto.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */; };
+		D6658D960BD8178400D18063 /* CC_MD2.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B60BC6D67000878B42 /* CC_MD2.3cc */; };
+		D6658D970BD8178400D18063 /* CC_MD2_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */; };
+		D6658D980BD8178400D18063 /* CC_MD2_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */; };
+		D6658D990BD8178400D18063 /* CC_MD2_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */; };
+		D6658D9A0BD8178400D18063 /* CC_MD4.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */; };
+		D6658D9B0BD8178400D18063 /* CC_MD4_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */; };
+		D6658D9C0BD8178400D18063 /* CC_MD4_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */; };
+		D6658D9D0BD8178400D18063 /* CC_MD4_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */; };
+		D6658D9E0BD8178400D18063 /* CC_MD5.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */; };
+		D6658D9F0BD8178400D18063 /* CC_MD5_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */; };
+		D6658DA00BD8178400D18063 /* CC_MD5_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */; };
+		D6658DA10BD8178400D18063 /* CC_MD5_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */; };
+		D6658DA20BD8178400D18063 /* CC_SHA.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = 05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */; };
+		D6658DA30BD8178400D18063 /* CC_SHA1.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */; };
+		D6658DA40BD8178400D18063 /* CC_SHA1_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */; };
+		D6658DA50BD8178400D18063 /* CC_SHA1_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */; };
+		D6658DA60BD8178400D18063 /* CC_SHA1_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */; };
+		D6658DA70BD8178400D18063 /* CC_SHA224.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */; };
+		D6658DA80BD8178400D18063 /* CC_SHA224_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */; };
+		D6658DA90BD8178400D18063 /* CC_SHA224_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */; };
+		D6658DAA0BD8178400D18063 /* CC_SHA224_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */; };
+		D6658DAB0BD8178400D18063 /* CC_SHA256.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */; };
+		D6658DAC0BD8178400D18063 /* CC_SHA256_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */; };
+		D6658DAD0BD8178400D18063 /* CC_SHA256_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */; };
+		D6658DAE0BD8178400D18063 /* CC_SHA256_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */; };
+		D6658DAF0BD8178400D18063 /* CC_SHA384.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */; };
+		D6658DB00BD8178400D18063 /* CC_SHA384_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */; };
+		D6658DB10BD8178400D18063 /* CC_SHA384_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */; };
+		D6658DB20BD8178400D18063 /* CC_SHA384_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */; };
+		D6658DB30BD8178400D18063 /* CC_SHA512.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */; };
+		D6658DB40BD8178400D18063 /* CC_SHA512_Final.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */; };
+		D6658DB50BD8178400D18063 /* CC_SHA512_Init.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */; };
+		D6658DB60BD8178400D18063 /* CC_SHA512_Update.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */; };
+		D6658DB70BD8178400D18063 /* CCCrypt.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D50BC6D67000878B42 /* CCCrypt.3cc */; };
+		D6658DB80BD8178400D18063 /* CCCryptor.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D60BC6D67000878B42 /* CCCryptor.3cc */; };
+		D6658DB90BD8178400D18063 /* CCCryptorCreate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */; };
+		D6658DBA0BD8178400D18063 /* CCCryptorFinal.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */; };
+		D6658DBB0BD8178400D18063 /* CCCryptorGetOutputLength.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */; };
+		D6658DBC0BD8178400D18063 /* CCCryptorRelease.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */; };
+		D6658DBD0BD8178400D18063 /* CCCryptorReset.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */; };
+		D6658DBE0BD8178400D18063 /* CCCryptorUpdate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */; };
+		D6658DBF0BD8178400D18063 /* CCHmac.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DD0BC6D67000878B42 /* CCHmac.3cc */; };
+		D6658DC00BD8178400D18063 /* CCHmacFinal.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */; };
+		D6658DC10BD8178400D18063 /* CCHmacInit.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */; };
+		D6658DC20BD8178400D18063 /* CCHmacUpdate.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */; };
+		D6658DC30BD8178400D18063 /* CCryptorCreateFromData.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */; };
+		D6658DC40BD8178400D18063 /* Common Crypto.3cc in CopyFiles */ = {isa = PBXBuildFile; fileRef = D671B5E20BC6D67000878B42 /* Common Crypto.3cc */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXBuildRule section */
+		B125268E0713742A00BB8157 /* PBXBuildRule */ = {
+			isa = PBXBuildRule;
+			compilerSpec = com.apple.compilers.gcc;
+			fileType = sourcecode.c;
+			isEditable = 1;
+			outputFiles = (
+			);
+		};
+		B125268F0713744500BB8157 /* PBXBuildRule */ = {
+			isa = PBXBuildRule;
+			compilerSpec = com.apple.compilers.gcc;
+			fileType = sourcecode.c;
+			isEditable = 1;
+			outputFiles = (
+			);
+		};
+		B12526900713744F00BB8157 /* PBXBuildRule */ = {
+			isa = PBXBuildRule;
+			compilerSpec = com.apple.compilers.gcc;
+			fileType = sourcecode.c;
+			isEditable = 1;
+			outputFiles = (
+			);
+		};
+		B12526910713745B00BB8157 /* PBXBuildRule */ = {
+			isa = PBXBuildRule;
+			compilerSpec = com.apple.compilers.gcc;
+			fileType = sourcecode.c;
+			isEditable = 1;
+			outputFiles = (
+			);
+		};
+/* End PBXBuildRule section */
+
+/* Begin PBXContainerItemProxy section */
+		050678EA064015C1001640AF /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 05067903064025BF001640AF;
+			remoteInfo = commonCrypto_profile;
+		};
+		0511C4620A3785340028BFC3 /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 05CE94290A3784D4007C91D6;
+			remoteInfo = "Copy Open Source Docs";
+		};
+		054BBEFA05F6AAC800344873 /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 054BBEBD05F6A97700344873;
+			remoteInfo = commonCrypto;
+		};
+		054BBEFC05F6AAC800344873 /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 054BBEC505F6A98900344873;
+			remoteInfo = commonCryptoStatic;
+		};
+		055688210640139D0048BE18 /* PBXContainerItemProxy */ = {
+			isa = PBXContainerItemProxy;
+			containerPortal = 054BBEA605F6A8DE00344873 /* Project object */;
+			proxyType = 1;
+			remoteGlobalIDString = 055687FF064012D40048BE18;
+			remoteInfo = commonCrypto_debug;
+		};
+/* End PBXContainerItemProxy section */
+
+/* Begin PBXCopyFilesBuildPhase section */
+		05A376200612288F009C43A6 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = /usr/include/CommonCrypto;
+			dstSubfolderSpec = 0;
+			files = (
+				05D9F62D09D8745E00AD30A7 /* CommonCryptor.h in CopyFiles */,
+				050737EF09E41958005E9620 /* CommonHMAC.h in CopyFiles */,
+				05A3762A061228FA009C43A6 /* CommonDigest.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+		05CE94280A3784D4007C91D6 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = /usr/local/OpenSourceVersions/;
+			dstSubfolderSpec = 0;
+			files = (
+				05CE942D0A37850A007C91D6 /* CommonCrypto.plist in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+		05CE942F0A37850A007C91D6 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = /usr/local/OpenSourceLicenses/;
+			dstSubfolderSpec = 0;
+			files = (
+				0511C47E0A37892C0028BFC3 /* CommonCrypto.txt in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+		05E0A12709DD99EC005F54BA /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = /usr/local/include/CommonCrypto;
+			dstSubfolderSpec = 0;
+			files = (
+				05E0A1DD09DDA766005F54BA /* CommonCryptoPriv.h in CopyFiles */,
+				05E0A12909DD9A0D005F54BA /* aes.h in CopyFiles */,
+				05E0A12A09DD9A0D005F54BA /* aesopt.h in CopyFiles */,
+				05E0A12B09DD9A0D005F54BA /* cast.h in CopyFiles */,
+				05E0A12C09DD9A0D005F54BA /* ccCast.h in CopyFiles */,
+				05E0A12D09DD9A0D005F54BA /* opensslDES.h in CopyFiles */,
+				05C91B1C09E481AA007CCD4E /* rc4.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+		4C0889E706EFE038009F3789 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 2147483647;
+			dstPath = include/CommonCrypto;
+			dstSubfolderSpec = 16;
+			files = (
+				05E0A1DE09DDA774005F54BA /* CommonCryptoPriv.h in CopyFiles */,
+				05D9F62E09D8746300AD30A7 /* CommonCryptor.h in CopyFiles */,
+				050737F009E41969005E9620 /* CommonHMAC.h in CopyFiles */,
+				4C0889EA06EFE058009F3789 /* CommonDigest.h in CopyFiles */,
+				05E0A12209DD99D8005F54BA /* aes.h in CopyFiles */,
+				05E0A12309DD99D8005F54BA /* aesopt.h in CopyFiles */,
+				05E0A12409DD99D8005F54BA /* cast.h in CopyFiles */,
+				05E0A12509DD99D8005F54BA /* ccCast.h in CopyFiles */,
+				05E0A12609DD99D8005F54BA /* opensslDES.h in CopyFiles */,
+				05C91B1D09E481B4007CCD4E /* rc4.h in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		D6658DC80BD817B600D18063 /* CopyFiles */ = {
+			isa = PBXCopyFilesBuildPhase;
+			buildActionMask = 8;
+			dstPath = /usr/share/man/man3;
+			dstSubfolderSpec = 0;
+			files = (
+				D6658D950BD8178400D18063 /* CC_crypto.3cc in CopyFiles */,
+				D6658D960BD8178400D18063 /* CC_MD2.3cc in CopyFiles */,
+				D6658D970BD8178400D18063 /* CC_MD2_Final.3cc in CopyFiles */,
+				D6658D980BD8178400D18063 /* CC_MD2_Init.3cc in CopyFiles */,
+				D6658D990BD8178400D18063 /* CC_MD2_Update.3cc in CopyFiles */,
+				D6658D9A0BD8178400D18063 /* CC_MD4.3cc in CopyFiles */,
+				D6658D9B0BD8178400D18063 /* CC_MD4_Final.3cc in CopyFiles */,
+				D6658D9C0BD8178400D18063 /* CC_MD4_Init.3cc in CopyFiles */,
+				D6658D9D0BD8178400D18063 /* CC_MD4_Update.3cc in CopyFiles */,
+				D6658D9E0BD8178400D18063 /* CC_MD5.3cc in CopyFiles */,
+				D6658D9F0BD8178400D18063 /* CC_MD5_Final.3cc in CopyFiles */,
+				D6658DA00BD8178400D18063 /* CC_MD5_Init.3cc in CopyFiles */,
+				D6658DA10BD8178400D18063 /* CC_MD5_Update.3cc in CopyFiles */,
+				D6658DA20BD8178400D18063 /* CC_SHA.3cc in CopyFiles */,
+				D6658DA30BD8178400D18063 /* CC_SHA1.3cc in CopyFiles */,
+				D6658DA40BD8178400D18063 /* CC_SHA1_Final.3cc in CopyFiles */,
+				D6658DA50BD8178400D18063 /* CC_SHA1_Init.3cc in CopyFiles */,
+				D6658DA60BD8178400D18063 /* CC_SHA1_Update.3cc in CopyFiles */,
+				D6658DA70BD8178400D18063 /* CC_SHA224.3cc in CopyFiles */,
+				D6658DA80BD8178400D18063 /* CC_SHA224_Final.3cc in CopyFiles */,
+				D6658DA90BD8178400D18063 /* CC_SHA224_Init.3cc in CopyFiles */,
+				D6658DAA0BD8178400D18063 /* CC_SHA224_Update.3cc in CopyFiles */,
+				D6658DAB0BD8178400D18063 /* CC_SHA256.3cc in CopyFiles */,
+				D6658DAC0BD8178400D18063 /* CC_SHA256_Final.3cc in CopyFiles */,
+				D6658DAD0BD8178400D18063 /* CC_SHA256_Init.3cc in CopyFiles */,
+				D6658DAE0BD8178400D18063 /* CC_SHA256_Update.3cc in CopyFiles */,
+				D6658DAF0BD8178400D18063 /* CC_SHA384.3cc in CopyFiles */,
+				D6658DB00BD8178400D18063 /* CC_SHA384_Final.3cc in CopyFiles */,
+				D6658DB10BD8178400D18063 /* CC_SHA384_Init.3cc in CopyFiles */,
+				D6658DB20BD8178400D18063 /* CC_SHA384_Update.3cc in CopyFiles */,
+				D6658DB30BD8178400D18063 /* CC_SHA512.3cc in CopyFiles */,
+				D6658DB40BD8178400D18063 /* CC_SHA512_Final.3cc in CopyFiles */,
+				D6658DB50BD8178400D18063 /* CC_SHA512_Init.3cc in CopyFiles */,
+				D6658DB60BD8178400D18063 /* CC_SHA512_Update.3cc in CopyFiles */,
+				D6658DB70BD8178400D18063 /* CCCrypt.3cc in CopyFiles */,
+				D6658DB80BD8178400D18063 /* CCCryptor.3cc in CopyFiles */,
+				D6658DB90BD8178400D18063 /* CCCryptorCreate.3cc in CopyFiles */,
+				D6658DBA0BD8178400D18063 /* CCCryptorFinal.3cc in CopyFiles */,
+				D6658DBB0BD8178400D18063 /* CCCryptorGetOutputLength.3cc in CopyFiles */,
+				D6658DBC0BD8178400D18063 /* CCCryptorRelease.3cc in CopyFiles */,
+				D6658DBD0BD8178400D18063 /* CCCryptorReset.3cc in CopyFiles */,
+				D6658DBE0BD8178400D18063 /* CCCryptorUpdate.3cc in CopyFiles */,
+				D6658DBF0BD8178400D18063 /* CCHmac.3cc in CopyFiles */,
+				D6658DC00BD8178400D18063 /* CCHmacFinal.3cc in CopyFiles */,
+				D6658DC10BD8178400D18063 /* CCHmacInit.3cc in CopyFiles */,
+				D6658DC20BD8178400D18063 /* CCHmacUpdate.3cc in CopyFiles */,
+				D6658DC30BD8178400D18063 /* CCryptorCreateFromData.3cc in CopyFiles */,
+				D6658DC40BD8178400D18063 /* Common Crypto.3cc in CopyFiles */,
+			);
+			runOnlyForDeploymentPostprocessing = 1;
+		};
+/* End PBXCopyFilesBuildPhase section */
+
+/* Begin PBXFileReference section */
+		05067904064025BF001640AF /* libcommonCrypto_profile.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto_profile.a; sourceTree = BUILT_PRODUCTS_DIR; };
+		052049F809D1A6CC00A0D022 /* BlockCipher.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = BlockCipher.c; sourceTree = "<group>"; };
+		052F6C7009DB207F00EE63A4 /* aes.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aes.h; sourceTree = "<group>"; };
+		052F6C7109DB207F00EE63A4 /* aescrypt.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aescrypt.c; sourceTree = "<group>"; };
+		052F6C7209DB207F00EE63A4 /* aeskey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aeskey.c; sourceTree = "<group>"; };
+		052F6C7309DB207F00EE63A4 /* aesopt.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aesopt.h; sourceTree = "<group>"; };
+		052F6C7409DB207F00EE63A4 /* aestab.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = aestab.c; sourceTree = "<group>"; };
+		052F6C7509DB207F00EE63A4 /* aestab.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = aestab.h; sourceTree = "<group>"; };
+		0539DC2609D4919D00AB7F89 /* opensslDES.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = opensslDES.c; sourceTree = "<group>"; };
+		0539DC2709D4919D00AB7F89 /* opensslDES.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = opensslDES.h; sourceTree = "<group>"; };
+		054BBEBE05F6A97700344873 /* libcommonCrypto.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto.a; sourceTree = BUILT_PRODUCTS_DIR; };
+		054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCryptoStatic.a; sourceTree = BUILT_PRODUCTS_DIR; };
+		054BBECD05F6AA7200344873 /* CommonDigest.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonDigest.h; sourceTree = "<group>"; };
+		054BBED205F6AA8900344873 /* CommonDigestPriv.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonDigestPriv.h; sourceTree = "<group>"; };
+		054BBED305F6AA8900344873 /* md2_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md2_dgst.c; sourceTree = "<group>"; };
+		054BBED405F6AA8900344873 /* md4_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md4_dgst.c; sourceTree = "<group>"; };
+		054BBED505F6AA8900344873 /* md4_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md4_locl.h; sourceTree = "<group>"; };
+		054BBED605F6AA8900344873 /* md5_dgst.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = md5_dgst.c; sourceTree = "<group>"; };
+		054BBED705F6AA8900344873 /* md5_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md5_locl.h; sourceTree = "<group>"; };
+		054BBED805F6AA8900344873 /* md32_common.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = md32_common.h; sourceTree = "<group>"; };
+		054BBEDA05F6AA8900344873 /* sha_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = sha_locl.h; sourceTree = "<group>"; };
+		054BBEDC05F6AA8900344873 /* sha1.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = sha1.c; sourceTree = "<group>"; };
+		05568800064012D40048BE18 /* libcommonCrypto_debug.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libcommonCrypto_debug.a; sourceTree = BUILT_PRODUCTS_DIR; };
+		0585FE1209DC9873001762F6 /* c_ecb.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_ecb.c; sourceTree = "<group>"; };
+		0585FE1309DC9873001762F6 /* c_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_enc.c; sourceTree = "<group>"; };
+		0585FE1409DC9873001762F6 /* c_skey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = c_skey.c; sourceTree = "<group>"; };
+		0585FE1509DC9873001762F6 /* cast.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast.h; sourceTree = "<group>"; };
+		0585FE1609DC9873001762F6 /* cast_lcl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast_lcl.h; sourceTree = "<group>"; };
+		0585FE1709DC9873001762F6 /* cast_s.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = cast_s.h; sourceTree = "<group>"; };
+		0585FE1809DC9873001762F6 /* ccCast.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = ccCast.c; sourceTree = "<group>"; };
+		0585FE4009DC9A1F001762F6 /* ccCast.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ccCast.h; sourceTree = "<group>"; };
+		05C4416E09D4BACE002066D1 /* e_os2.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = e_os2.h; sourceTree = "<group>"; };
+		05C4417209D4BB0B002066D1 /* opensslconf.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = opensslconf.h; sourceTree = "<group>"; };
+		05C70C5309D471C30004B8F4 /* spr.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = spr.h; sourceTree = "<group>"; };
+		05C91AC209E47E9A007CCD4E /* BlockCipher.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BlockCipher.h; sourceTree = "<group>"; };
+		05C91ACD09E47F93007CCD4E /* StreamCipher.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = StreamCipher.h; sourceTree = "<group>"; };
+		05C91ACE09E47F93007CCD4E /* StreamCipher.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = StreamCipher.c; sourceTree = "<group>"; };
+		05C91AF809E48079007CCD4E /* rc4_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = rc4_enc.c; sourceTree = "<group>"; };
+		05C91AF909E48079007CCD4E /* rc4_skey.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = rc4_skey.c; sourceTree = "<group>"; };
+		05C91B0209E480A1007CCD4E /* rc4.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = rc4.h; sourceTree = "<group>"; };
+		05CE942B0A37850A007C91D6 /* CommonCrypto.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; name = CommonCrypto.plist; path = doc/CommonCrypto.plist; sourceTree = "<group>"; };
+		05CE942C0A37850A007C91D6 /* CommonCrypto.txt */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CommonCrypto.txt; path = doc/CommonCrypto.txt; sourceTree = "<group>"; };
+		05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ccNewGladman.c; sourceTree = "<group>"; };
+		05D8D97C09E411AA00E03504 /* CommonHMAC.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonHMAC.h; sourceTree = "<group>"; };
+		05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = CommonCryptor.c; sourceTree = "<group>"; };
+		05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptor.h; sourceTree = "<group>"; };
+		05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonCryptorPriv.h; sourceTree = "<group>"; };
+		05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = CommonHMAC.c; sourceTree = "<group>"; };
+		05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_crypto.3cc; path = doc/CC_crypto.3cc; sourceTree = "<group>"; };
+		05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5.3cc; path = doc/CC_MD5.3cc; sourceTree = "<group>"; };
+		05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA.3cc; path = doc/CC_SHA.3cc; sourceTree = "<group>"; };
+		05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CommonCryptoPriv.h; sourceTree = "<group>"; };
+		05E319B7063890C100C4AD24 /* sha2.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = sha2.c; sourceTree = "<group>"; };
+		05E319DC0638913700C4AD24 /* sha2Priv.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sha2Priv.h; sourceTree = "<group>"; };
+		05ECA0E409D468E200CFE5CB /* des.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = des.h; sourceTree = "<group>"; };
+		05ECA0E509D468E200CFE5CB /* des_enc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = des_enc.c; sourceTree = "<group>"; };
+		05ECA0E609D468E200CFE5CB /* des_locl.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = des_locl.h; sourceTree = "<group>"; };
+		05ECA0ED09D469A100CFE5CB /* set_key.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; path = set_key.c; sourceTree = "<group>"; };
+		58226EAB0D35835700B35CC2 /* AES.c */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.c; fileEncoding = 4; includeInIndex = 1; name = AES.c; path = AESedp/AES.c; sourceTree = "<group>"; };
+		58226EAC0D35835700B35CC2 /* AESAssembly.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AESAssembly.h; path = AESedp/AESAssembly.h; sourceTree = "<group>"; };
+		5855FFD40D3ECE2000D5D39C /* AES.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = AES.s; path = AESedp/Intel/AES.s; sourceTree = "<group>"; };
+		58B40ECE0D49459900557D7E /* EncryptCBC.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = EncryptCBC.s; path = AESedp/Intel/EncryptCBC.s; sourceTree = "<group>"; };
+		58B40ED30D494A1800557D7E /* DecryptCBC.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; name = DecryptCBC.s; path = AESedp/Intel/DecryptCBC.s; sourceTree = "<group>"; };
+		795CA3FD0D34431400BAE6A2 /* ccRC2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ccRC2.c; sourceTree = "<group>"; };
+		795CA3FE0D34431400BAE6A2 /* rc2.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = rc2.c; sourceTree = "<group>"; };
+		795CA4010D34433300BAE6A2 /* rc2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = rc2.h; sourceTree = "<group>"; };
+		795CA4080D34444000BAE6A2 /* ccRC2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ccRC2.h; sourceTree = "<group>"; };
+		AAB5CBCC0DC6AB6D0019E0E6 /* sha1edp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sha1edp.h; sourceTree = "<group>"; };
+		AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; path = sha1edpBigEndian.s; sourceTree = "<group>"; };
+		AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.asm; path = sha1edpLittleEndian.s; sourceTree = "<group>"; };
+		D671B5B60BC6D67000878B42 /* CC_MD2.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2.3cc; path = doc/CC_MD2.3cc; sourceTree = "<group>"; };
+		D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Final.3cc; path = doc/CC_MD2_Final.3cc; sourceTree = "<group>"; };
+		D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Init.3cc; path = doc/CC_MD2_Init.3cc; sourceTree = "<group>"; };
+		D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD2_Update.3cc; path = doc/CC_MD2_Update.3cc; sourceTree = "<group>"; };
+		D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4.3cc; path = doc/CC_MD4.3cc; sourceTree = "<group>"; };
+		D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Final.3cc; path = doc/CC_MD4_Final.3cc; sourceTree = "<group>"; };
+		D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Init.3cc; path = doc/CC_MD4_Init.3cc; sourceTree = "<group>"; };
+		D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD4_Update.3cc; path = doc/CC_MD4_Update.3cc; sourceTree = "<group>"; };
+		D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Final.3cc; path = doc/CC_MD5_Final.3cc; sourceTree = "<group>"; };
+		D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Init.3cc; path = doc/CC_MD5_Init.3cc; sourceTree = "<group>"; };
+		D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_MD5_Update.3cc; path = doc/CC_MD5_Update.3cc; sourceTree = "<group>"; };
+		D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1.3cc; path = doc/CC_SHA1.3cc; sourceTree = "<group>"; };
+		D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Final.3cc; path = doc/CC_SHA1_Final.3cc; sourceTree = "<group>"; };
+		D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Init.3cc; path = doc/CC_SHA1_Init.3cc; sourceTree = "<group>"; };
+		D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA1_Update.3cc; path = doc/CC_SHA1_Update.3cc; sourceTree = "<group>"; };
+		D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224.3cc; path = doc/CC_SHA224.3cc; sourceTree = "<group>"; };
+		D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Final.3cc; path = doc/CC_SHA224_Final.3cc; sourceTree = "<group>"; };
+		D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Init.3cc; path = doc/CC_SHA224_Init.3cc; sourceTree = "<group>"; };
+		D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA224_Update.3cc; path = doc/CC_SHA224_Update.3cc; sourceTree = "<group>"; };
+		D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256.3cc; path = doc/CC_SHA256.3cc; sourceTree = "<group>"; };
+		D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Final.3cc; path = doc/CC_SHA256_Final.3cc; sourceTree = "<group>"; };
+		D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Init.3cc; path = doc/CC_SHA256_Init.3cc; sourceTree = "<group>"; };
+		D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA256_Update.3cc; path = doc/CC_SHA256_Update.3cc; sourceTree = "<group>"; };
+		D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384.3cc; path = doc/CC_SHA384.3cc; sourceTree = "<group>"; };
+		D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Final.3cc; path = doc/CC_SHA384_Final.3cc; sourceTree = "<group>"; };
+		D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Init.3cc; path = doc/CC_SHA384_Init.3cc; sourceTree = "<group>"; };
+		D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA384_Update.3cc; path = doc/CC_SHA384_Update.3cc; sourceTree = "<group>"; };
+		D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512.3cc; path = doc/CC_SHA512.3cc; sourceTree = "<group>"; };
+		D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Final.3cc; path = doc/CC_SHA512_Final.3cc; sourceTree = "<group>"; };
+		D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Init.3cc; path = doc/CC_SHA512_Init.3cc; sourceTree = "<group>"; };
+		D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CC_SHA512_Update.3cc; path = doc/CC_SHA512_Update.3cc; sourceTree = "<group>"; };
+		D671B5D50BC6D67000878B42 /* CCCrypt.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCrypt.3cc; path = doc/CCCrypt.3cc; sourceTree = "<group>"; };
+		D671B5D60BC6D67000878B42 /* CCCryptor.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptor.3cc; path = doc/CCCryptor.3cc; sourceTree = "<group>"; };
+		D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorCreate.3cc; path = doc/CCCryptorCreate.3cc; sourceTree = "<group>"; };
+		D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorFinal.3cc; path = doc/CCCryptorFinal.3cc; sourceTree = "<group>"; };
+		D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorGetOutputLength.3cc; path = doc/CCCryptorGetOutputLength.3cc; sourceTree = "<group>"; };
+		D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorRelease.3cc; path = doc/CCCryptorRelease.3cc; sourceTree = "<group>"; };
+		D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorReset.3cc; path = doc/CCCryptorReset.3cc; sourceTree = "<group>"; };
+		D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCCryptorUpdate.3cc; path = doc/CCCryptorUpdate.3cc; sourceTree = "<group>"; };
+		D671B5DD0BC6D67000878B42 /* CCHmac.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmac.3cc; path = doc/CCHmac.3cc; sourceTree = "<group>"; };
+		D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacFinal.3cc; path = doc/CCHmacFinal.3cc; sourceTree = "<group>"; };
+		D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacInit.3cc; path = doc/CCHmacInit.3cc; sourceTree = "<group>"; };
+		D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCHmacUpdate.3cc; path = doc/CCHmacUpdate.3cc; sourceTree = "<group>"; };
+		D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = CCryptorCreateFromData.3cc; path = doc/CCryptorCreateFromData.3cc; sourceTree = "<group>"; };
+		D671B5E20BC6D67000878B42 /* Common Crypto.3cc */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; name = "Common Crypto.3cc"; path = "doc/Common Crypto.3cc"; sourceTree = "<group>"; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		05067902064025BF001640AF /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEBC05F6A97700344873 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEC405F6A98900344873 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		055687FE064012D40048BE18 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		052F6C6D09DB204800EE63A4 /* GladmanAES */ = {
+			isa = PBXGroup;
+			children = (
+				052F6C7109DB207F00EE63A4 /* aescrypt.c */,
+				052F6C7209DB207F00EE63A4 /* aeskey.c */,
+				052F6C7409DB207F00EE63A4 /* aestab.c */,
+				052F6C7509DB207F00EE63A4 /* aestab.h */,
+				05D5045B09DC5F7A00F47E19 /* ccNewGladman.c */,
+			);
+			path = GladmanAES;
+			sourceTree = "<group>";
+		};
+		054BBEA205F6A8DE00344873 = {
+			isa = PBXGroup;
+			children = (
+				054BBEB105F6A90E00344873 /* Public Headers */,
+				054BBEB405F6A91E00344873 /* Source */,
+				05DF6D0E09CF2D5B00D9A3E8 /* doc */,
+				054BBEBF05F6A97700344873 /* Products */,
+			);
+			sourceTree = "<group>";
+		};
+		054BBEB105F6A90E00344873 /* Public Headers */ = {
+			isa = PBXGroup;
+			children = (
+				054BBECD05F6AA7200344873 /* CommonDigest.h */,
+				05D9F61609D85F4A00AD30A7 /* CommonCryptor.h */,
+				05D8D97C09E411AA00E03504 /* CommonHMAC.h */,
+			);
+			name = "Public Headers";
+			path = CommonCrypto;
+			sourceTree = "<group>";
+		};
+		054BBEB405F6A91E00344873 /* Source */ = {
+			isa = PBXGroup;
+			children = (
+				58226EAA0D35832B00B35CC2 /* AESedp */,
+				05E0A0EA09DD9603005F54BA /* SPI Headers */,
+				0585FE1109DC9850001762F6 /* CAST */,
+				052F6C6D09DB204800EE63A4 /* GladmanAES */,
+				05C91ADE09E48026007CCD4E /* RC4 */,
+				795CA3FC0D34431400BAE6A2 /* RC2 */,
+				05D9F60109D85DA100AD30A7 /* Digest */,
+				05ECA0E309D468BF00CFE5CB /* ccOpenssl */,
+				05D9F60F09D85F2C00AD30A7 /* CommonCryptor.c */,
+				054BBED205F6AA8900344873 /* CommonDigestPriv.h */,
+				052049F809D1A6CC00A0D022 /* BlockCipher.c */,
+				05C91AC209E47E9A007CCD4E /* BlockCipher.h */,
+				05D9F62209D8696B00AD30A7 /* CommonCryptorPriv.h */,
+				05D9F64E09D87ED000AD30A7 /* CommonHMAC.c */,
+				05C91ACD09E47F93007CCD4E /* StreamCipher.h */,
+				05C91ACE09E47F93007CCD4E /* StreamCipher.c */,
+			);
+			path = Source;
+			sourceTree = "<group>";
+		};
+		054BBEBF05F6A97700344873 /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				054BBEBE05F6A97700344873 /* libcommonCrypto.a */,
+				054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */,
+				05568800064012D40048BE18 /* libcommonCrypto_debug.a */,
+				05067904064025BF001640AF /* libcommonCrypto_profile.a */,
+			);
+			name = Products;
+			sourceTree = "<group>";
+		};
+		0585FE1109DC9850001762F6 /* CAST */ = {
+			isa = PBXGroup;
+			children = (
+				0585FE1209DC9873001762F6 /* c_ecb.c */,
+				0585FE1309DC9873001762F6 /* c_enc.c */,
+				0585FE1409DC9873001762F6 /* c_skey.c */,
+				0585FE1609DC9873001762F6 /* cast_lcl.h */,
+				0585FE1709DC9873001762F6 /* cast_s.h */,
+				0585FE1809DC9873001762F6 /* ccCast.c */,
+			);
+			path = CAST;
+			sourceTree = "<group>";
+		};
+		05C91ADE09E48026007CCD4E /* RC4 */ = {
+			isa = PBXGroup;
+			children = (
+				05C91AF809E48079007CCD4E /* rc4_enc.c */,
+				05C91AF909E48079007CCD4E /* rc4_skey.c */,
+			);
+			path = RC4;
+			sourceTree = "<group>";
+		};
+		05D9F60109D85DA100AD30A7 /* Digest */ = {
+			isa = PBXGroup;
+			children = (
+				AAB5CBCC0DC6AB6D0019E0E6 /* sha1edp.h */,
+				AAB5CBCD0DC6AB6D0019E0E6 /* sha1edpBigEndian.s */,
+				AAB5CBCE0DC6AB6D0019E0E6 /* sha1edpLittleEndian.s */,
+				054BBED305F6AA8900344873 /* md2_dgst.c */,
+				054BBED405F6AA8900344873 /* md4_dgst.c */,
+				054BBED505F6AA8900344873 /* md4_locl.h */,
+				054BBED605F6AA8900344873 /* md5_dgst.c */,
+				054BBED705F6AA8900344873 /* md5_locl.h */,
+				054BBED805F6AA8900344873 /* md32_common.h */,
+				054BBEDA05F6AA8900344873 /* sha_locl.h */,
+				054BBEDC05F6AA8900344873 /* sha1.c */,
+				05E319B7063890C100C4AD24 /* sha2.c */,
+				05E319DC0638913700C4AD24 /* sha2Priv.h */,
+			);
+			path = Digest;
+			sourceTree = "<group>";
+		};
+		05DF6D0E09CF2D5B00D9A3E8 /* doc */ = {
+			isa = PBXGroup;
+			children = (
+				D671B5B60BC6D67000878B42 /* CC_MD2.3cc */,
+				D671B5B70BC6D67000878B42 /* CC_MD2_Final.3cc */,
+				D671B5B80BC6D67000878B42 /* CC_MD2_Init.3cc */,
+				D671B5B90BC6D67000878B42 /* CC_MD2_Update.3cc */,
+				D671B5BA0BC6D67000878B42 /* CC_MD4.3cc */,
+				D671B5BB0BC6D67000878B42 /* CC_MD4_Final.3cc */,
+				D671B5BC0BC6D67000878B42 /* CC_MD4_Init.3cc */,
+				D671B5BD0BC6D67000878B42 /* CC_MD4_Update.3cc */,
+				D671B5BE0BC6D67000878B42 /* CC_MD5_Final.3cc */,
+				D671B5BF0BC6D67000878B42 /* CC_MD5_Init.3cc */,
+				D671B5C00BC6D67000878B42 /* CC_MD5_Update.3cc */,
+				D671B5C10BC6D67000878B42 /* CC_SHA1.3cc */,
+				D671B5C20BC6D67000878B42 /* CC_SHA1_Final.3cc */,
+				D671B5C30BC6D67000878B42 /* CC_SHA1_Init.3cc */,
+				D671B5C40BC6D67000878B42 /* CC_SHA1_Update.3cc */,
+				D671B5C50BC6D67000878B42 /* CC_SHA224.3cc */,
+				D671B5C60BC6D67000878B42 /* CC_SHA224_Final.3cc */,
+				D671B5C70BC6D67000878B42 /* CC_SHA224_Init.3cc */,
+				D671B5C80BC6D67000878B42 /* CC_SHA224_Update.3cc */,
+				D671B5C90BC6D67000878B42 /* CC_SHA256.3cc */,
+				D671B5CA0BC6D67000878B42 /* CC_SHA256_Final.3cc */,
+				D671B5CB0BC6D67000878B42 /* CC_SHA256_Init.3cc */,
+				D671B5CC0BC6D67000878B42 /* CC_SHA256_Update.3cc */,
+				D671B5CD0BC6D67000878B42 /* CC_SHA384.3cc */,
+				D671B5CE0BC6D67000878B42 /* CC_SHA384_Final.3cc */,
+				D671B5CF0BC6D67000878B42 /* CC_SHA384_Init.3cc */,
+				D671B5D00BC6D67000878B42 /* CC_SHA384_Update.3cc */,
+				D671B5D10BC6D67000878B42 /* CC_SHA512.3cc */,
+				D671B5D20BC6D67000878B42 /* CC_SHA512_Final.3cc */,
+				D671B5D30BC6D67000878B42 /* CC_SHA512_Init.3cc */,
+				D671B5D40BC6D67000878B42 /* CC_SHA512_Update.3cc */,
+				D671B5D50BC6D67000878B42 /* CCCrypt.3cc */,
+				D671B5D60BC6D67000878B42 /* CCCryptor.3cc */,
+				D671B5D70BC6D67000878B42 /* CCCryptorCreate.3cc */,
+				D671B5D80BC6D67000878B42 /* CCCryptorFinal.3cc */,
+				D671B5D90BC6D67000878B42 /* CCCryptorGetOutputLength.3cc */,
+				D671B5DA0BC6D67000878B42 /* CCCryptorRelease.3cc */,
+				D671B5DB0BC6D67000878B42 /* CCCryptorReset.3cc */,
+				D671B5DC0BC6D67000878B42 /* CCCryptorUpdate.3cc */,
+				D671B5DD0BC6D67000878B42 /* CCHmac.3cc */,
+				D671B5DE0BC6D67000878B42 /* CCHmacFinal.3cc */,
+				D671B5DF0BC6D67000878B42 /* CCHmacInit.3cc */,
+				D671B5E00BC6D67000878B42 /* CCHmacUpdate.3cc */,
+				D671B5E10BC6D67000878B42 /* CCryptorCreateFromData.3cc */,
+				D671B5E20BC6D67000878B42 /* Common Crypto.3cc */,
+				05CE942B0A37850A007C91D6 /* CommonCrypto.plist */,
+				05CE942C0A37850A007C91D6 /* CommonCrypto.txt */,
+				05DF6D1109CF2D7200D9A3E8 /* CC_crypto.3cc */,
+				05DF6D1209CF2D7200D9A3E8 /* CC_MD5.3cc */,
+				05DF6D1309CF2D7200D9A3E8 /* CC_SHA.3cc */,
+			);
+			name = doc;
+			sourceTree = "<group>";
+		};
+		05E0A0EA09DD9603005F54BA /* SPI Headers */ = {
+			isa = PBXGroup;
+			children = (
+				795CA4080D34444000BAE6A2 /* ccRC2.h */,
+				052F6C7009DB207F00EE63A4 /* aes.h */,
+				052F6C7309DB207F00EE63A4 /* aesopt.h */,
+				0585FE1509DC9873001762F6 /* cast.h */,
+				0585FE4009DC9A1F001762F6 /* ccCast.h */,
+				0539DC2709D4919D00AB7F89 /* opensslDES.h */,
+				05E0A14409DD9F84005F54BA /* CommonCryptoPriv.h */,
+				05C91B0209E480A1007CCD4E /* rc4.h */,
+				795CA4010D34433300BAE6A2 /* rc2.h */,
+			);
+			name = "SPI Headers";
+			path = CommonCrypto;
+			sourceTree = "<group>";
+		};
+		05ECA0E309D468BF00CFE5CB /* ccOpenssl */ = {
+			isa = PBXGroup;
+			children = (
+				05ECA0E409D468E200CFE5CB /* des.h */,
+				05C4417209D4BB0B002066D1 /* opensslconf.h */,
+				05ECA0ED09D469A100CFE5CB /* set_key.c */,
+				05ECA0E509D468E200CFE5CB /* des_enc.c */,
+				0539DC2609D4919D00AB7F89 /* opensslDES.c */,
+				05C70C5309D471C30004B8F4 /* spr.h */,
+				05ECA0E609D468E200CFE5CB /* des_locl.h */,
+				05C4416E09D4BACE002066D1 /* e_os2.h */,
+			);
+			path = ccOpenssl;
+			sourceTree = "<group>";
+		};
+		58226EAA0D35832B00B35CC2 /* AESedp */ = {
+			isa = PBXGroup;
+			children = (
+				58226EAB0D35835700B35CC2 /* AES.c */,
+				58226EAC0D35835700B35CC2 /* AESAssembly.h */,
+				5855FFD30D3ECE0400D5D39C /* Intel */,
+			);
+			name = AESedp;
+			sourceTree = "<group>";
+		};
+		5855FFD30D3ECE0400D5D39C /* Intel */ = {
+			isa = PBXGroup;
+			children = (
+				58B40ED30D494A1800557D7E /* DecryptCBC.s */,
+				58B40ECE0D49459900557D7E /* EncryptCBC.s */,
+				5855FFD40D3ECE2000D5D39C /* AES.s */,
+			);
+			name = Intel;
+			sourceTree = "<group>";
+		};
+		795CA3FC0D34431400BAE6A2 /* RC2 */ = {
+			isa = PBXGroup;
+			children = (
+				795CA3FD0D34431400BAE6A2 /* ccRC2.c */,
+				795CA3FE0D34431400BAE6A2 /* rc2.c */,
+			);
+			path = RC2;
+			sourceTree = "<group>";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXHeadersBuildPhase section */
+		05067900064025BF001640AF /* Headers */ = {
+			isa = PBXHeadersBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				05067905064025DD001640AF /* CommonDigest.h in Headers */,
+				05067906064025DE001640AF /* CommonDigestPriv.h in Headers */,
+				05067909064025E3001640AF /* md32_common.h in Headers */,
+				0506790B064025E5001640AF /* md4_locl.h in Headers */,
+				0506790D064025E7001640AF /* md5_locl.h in Headers */,
+				05067910064025E9001640AF /* sha2Priv.h in Headers */,
+				05067911064025EA001640AF /* sha_locl.h in Headers */,
+				05C441BD09D4E060002066D1 /* des.h in Headers */,
+				05C441BF09D4E061002066D1 /* des_locl.h in Headers */,
+				05C441C009D4E062002066D1 /* e_os2.h in Headers */,
+				05C441C109D4E063002066D1 /* opensslconf.h in Headers */,
+				05C441C309D4E064002066D1 /* opensslDES.h in Headers */,
+				05C441C509D4E065002066D1 /* spr.h in Headers */,
+				05D9F61A09D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
+				05D9F62609D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
+				052F6C8809DB207F00EE63A4 /* aes.h in Headers */,
+				052F6C8B09DB207F00EE63A4 /* aesopt.h in Headers */,
+				052F6C8D09DB207F00EE63A4 /* aestab.h in Headers */,
+				0585FE3109DC9873001762F6 /* cast.h in Headers */,
+				0585FE3209DC9873001762F6 /* cast_lcl.h in Headers */,
+				0585FE3309DC9873001762F6 /* cast_s.h in Headers */,
+				0585FE4409DC9A20001762F6 /* ccCast.h in Headers */,
+				05E0A14809DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
+				05D8D98009E411AB00E03504 /* CommonHMAC.h in Headers */,
+				05C91AC609E47E9B007CCD4E /* BlockCipher.h in Headers */,
+				05C91AD309E47F93007CCD4E /* StreamCipher.h in Headers */,
+				05C91B0509E480A1007CCD4E /* rc4.h in Headers */,
+				58226EB80D35835700B35CC2 /* AESAssembly.h in Headers */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEBA05F6A97700344873 /* Headers */ = {
+			isa = PBXHeadersBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				054BBECE05F6AA7200344873 /* CommonDigest.h in Headers */,
+				054BBEDD05F6AA8900344873 /* CommonDigestPriv.h in Headers */,
+				054BBEE005F6AA8900344873 /* md4_locl.h in Headers */,
+				054BBEE205F6AA8900344873 /* md5_locl.h in Headers */,
+				054BBEE305F6AA8900344873 /* md32_common.h in Headers */,
+				054BBEE505F6AA8900344873 /* sha_locl.h in Headers */,
+				05E319DD0638913700C4AD24 /* sha2Priv.h in Headers */,
+				05C70C5509D471C30004B8F4 /* spr.h in Headers */,
+				0539DC2909D4919D00AB7F89 /* opensslDES.h in Headers */,
+				05C4414409D49F28002066D1 /* des.h in Headers */,
+				05C4414609D49F29002066D1 /* des_locl.h in Headers */,
+				05C4416F09D4BACE002066D1 /* e_os2.h in Headers */,
+				05C4417309D4BB0B002066D1 /* opensslconf.h in Headers */,
+				05D9F61909D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
+				05D9F62509D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
+				052F6C8209DB207F00EE63A4 /* aes.h in Headers */,
+				052F6C8509DB207F00EE63A4 /* aesopt.h in Headers */,
+				052F6C8709DB207F00EE63A4 /* aestab.h in Headers */,
+				0585FE1C09DC9873001762F6 /* cast.h in Headers */,
+				0585FE1D09DC9873001762F6 /* cast_lcl.h in Headers */,
+				0585FE1E09DC9873001762F6 /* cast_s.h in Headers */,
+				0585FE4109DC9A1F001762F6 /* ccCast.h in Headers */,
+				05E0A14509DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
+				05D8D97D09E411AB00E03504 /* CommonHMAC.h in Headers */,
+				05C91AC309E47E9B007CCD4E /* BlockCipher.h in Headers */,
+				05C91ACF09E47F93007CCD4E /* StreamCipher.h in Headers */,
+				05C91B0309E480A1007CCD4E /* rc4.h in Headers */,
+				58226EAF0D35835700B35CC2 /* AESAssembly.h in Headers */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEC205F6A98900344873 /* Headers */ = {
+			isa = PBXHeadersBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				054BBECF05F6AA7200344873 /* CommonDigest.h in Headers */,
+				054BBEE805F6AA8900344873 /* CommonDigestPriv.h in Headers */,
+				054BBEEB05F6AA8900344873 /* md4_locl.h in Headers */,
+				054BBEED05F6AA8900344873 /* md5_locl.h in Headers */,
+				054BBEEE05F6AA8900344873 /* md32_common.h in Headers */,
+				054BBEF005F6AA8900344873 /* sha_locl.h in Headers */,
+				05E319DE0638913700C4AD24 /* sha2Priv.h in Headers */,
+				05C441AB09D4E04F002066D1 /* des.h in Headers */,
+				05C441AD09D4E050002066D1 /* des_locl.h in Headers */,
+				05C441AE09D4E051002066D1 /* e_os2.h in Headers */,
+				05C441AF09D4E052002066D1 /* opensslconf.h in Headers */,
+				05C441B109D4E053002066D1 /* opensslDES.h in Headers */,
+				05C441B309D4E054002066D1 /* spr.h in Headers */,
+				05D9F61709D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
+				05D9F62309D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
+				052F6C7609DB207F00EE63A4 /* aes.h in Headers */,
+				052F6C7909DB207F00EE63A4 /* aesopt.h in Headers */,
+				052F6C7B09DB207F00EE63A4 /* aestab.h in Headers */,
+				0585FE2309DC9873001762F6 /* cast.h in Headers */,
+				0585FE2409DC9873001762F6 /* cast_lcl.h in Headers */,
+				0585FE2509DC9873001762F6 /* cast_s.h in Headers */,
+				0585FE4209DC9A20001762F6 /* ccCast.h in Headers */,
+				05E0A14609DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
+				05D8D97E09E411AB00E03504 /* CommonHMAC.h in Headers */,
+				05C91AC409E47E9B007CCD4E /* BlockCipher.h in Headers */,
+				05C91AD109E47F93007CCD4E /* StreamCipher.h in Headers */,
+				05C91B0409E480A1007CCD4E /* rc4.h in Headers */,
+				58226EB20D35835700B35CC2 /* AESAssembly.h in Headers */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		055687FC064012D40048BE18 /* Headers */ = {
+			isa = PBXHeadersBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				05568801064012FF0048BE18 /* CommonDigest.h in Headers */,
+				05568802064012FF0048BE18 /* CommonDigestPriv.h in Headers */,
+				05568804064013010048BE18 /* md32_common.h in Headers */,
+				05568806064013030048BE18 /* md4_locl.h in Headers */,
+				05568808064013040048BE18 /* md5_locl.h in Headers */,
+				0556880B064013060048BE18 /* sha2Priv.h in Headers */,
+				0556880C064013060048BE18 /* sha_locl.h in Headers */,
+				05C441B409D4E057002066D1 /* des.h in Headers */,
+				05C441B609D4E058002066D1 /* des_locl.h in Headers */,
+				05C441B709D4E059002066D1 /* e_os2.h in Headers */,
+				05C441B809D4E05A002066D1 /* opensslconf.h in Headers */,
+				05C441BA09D4E05B002066D1 /* opensslDES.h in Headers */,
+				05C441BC09D4E05C002066D1 /* spr.h in Headers */,
+				05D9F61809D85F4A00AD30A7 /* CommonCryptor.h in Headers */,
+				05D9F62409D8696B00AD30A7 /* CommonCryptorPriv.h in Headers */,
+				052F6C7C09DB207F00EE63A4 /* aes.h in Headers */,
+				052F6C7F09DB207F00EE63A4 /* aesopt.h in Headers */,
+				052F6C8109DB207F00EE63A4 /* aestab.h in Headers */,
+				0585FE2A09DC9873001762F6 /* cast.h in Headers */,
+				0585FE2B09DC9873001762F6 /* cast_lcl.h in Headers */,
+				0585FE2C09DC9873001762F6 /* cast_s.h in Headers */,
+				0585FE4309DC9A20001762F6 /* ccCast.h in Headers */,
+				05E0A14709DD9F84005F54BA /* CommonCryptoPriv.h in Headers */,
+				05D8D97F09E411AB00E03504 /* CommonHMAC.h in Headers */,
+				05C91AC509E47E9B007CCD4E /* BlockCipher.h in Headers */,
+				05C91AD509E47F93007CCD4E /* StreamCipher.h in Headers */,
+				05C91B0609E480A1007CCD4E /* rc4.h in Headers */,
+				58226EB50D35835700B35CC2 /* AESAssembly.h in Headers */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXHeadersBuildPhase section */
+
+/* Begin PBXNativeTarget section */
+		05067903064025BF001640AF /* commonCrypto_profile */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = C27AD0890987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_profile" */;
+			buildPhases = (
+				05067900064025BF001640AF /* Headers */,
+				05067901064025BF001640AF /* Sources */,
+				05067902064025BF001640AF /* Frameworks */,
+			);
+			buildRules = (
+				B12526910713745B00BB8157 /* PBXBuildRule */,
+			);
+			dependencies = (
+			);
+			name = commonCrypto_profile;
+			productName = commonCrypto_profile;
+			productReference = 05067904064025BF001640AF /* libcommonCrypto_profile.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+		054BBEBD05F6A97700344873 /* commonCrypto */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = C27AD07D0987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto" */;
+			buildPhases = (
+				054BBEBA05F6A97700344873 /* Headers */,
+				054BBEBB05F6A97700344873 /* Sources */,
+				05A376200612288F009C43A6 /* CopyFiles */,
+				05E0A12709DD99EC005F54BA /* CopyFiles */,
+				4C0889E706EFE038009F3789 /* CopyFiles */,
+				054BBEBC05F6A97700344873 /* Frameworks */,
+			);
+			buildRules = (
+				B125268E0713742A00BB8157 /* PBXBuildRule */,
+			);
+			dependencies = (
+			);
+			name = commonCrypto;
+			productName = commonCrypto;
+			productReference = 054BBEBE05F6A97700344873 /* libcommonCrypto.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+		054BBEC505F6A98900344873 /* commonCryptoStatic */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = C27AD0810987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCryptoStatic" */;
+			buildPhases = (
+				054BBEC205F6A98900344873 /* Headers */,
+				054BBEC305F6A98900344873 /* Sources */,
+				054BBEC405F6A98900344873 /* Frameworks */,
+			);
+			buildRules = (
+				B125268F0713744500BB8157 /* PBXBuildRule */,
+			);
+			dependencies = (
+			);
+			name = commonCryptoStatic;
+			productName = commonCryptoStatic;
+			productReference = 054BBEC605F6A98900344873 /* libcommonCryptoStatic.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+		055687FF064012D40048BE18 /* commonCrypto_debug */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = C27AD0850987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_debug" */;
+			buildPhases = (
+				055687FC064012D40048BE18 /* Headers */,
+				055687FD064012D40048BE18 /* Sources */,
+				055687FE064012D40048BE18 /* Frameworks */,
+			);
+			buildRules = (
+				B12526900713744F00BB8157 /* PBXBuildRule */,
+			);
+			dependencies = (
+			);
+			name = commonCrypto_debug;
+			productName = commonCrypto_debug;
+			productReference = 05568800064012D40048BE18 /* libcommonCrypto_debug.a */;
+			productType = "com.apple.product-type.library.static";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		054BBEA605F6A8DE00344873 /* Project object */ = {
+			isa = PBXProject;
+			buildConfigurationList = C27AD0910987FCDA001272E0 /* Build configuration list for PBXProject "CommonCrypto" */;
+			compatibilityVersion = "Xcode 2.4";
+			hasScannedForEncodings = 1;
+			mainGroup = 054BBEA205F6A8DE00344873;
+			productRefGroup = 054BBEBF05F6A97700344873 /* Products */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				054BBEB705F6A93300344873 /* world */,
+				054BBEBD05F6A97700344873 /* commonCrypto */,
+				054BBEC505F6A98900344873 /* commonCryptoStatic */,
+				055687FF064012D40048BE18 /* commonCrypto_debug */,
+				05067903064025BF001640AF /* commonCrypto_profile */,
+				05CE94290A3784D4007C91D6 /* Copy Open Source Docs */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXSourcesBuildPhase section */
+		05067901064025BF001640AF /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				AAAF0BA50DC7A42A0044DA03 /* sha1edpBigEndian.s in Sources */,
+				AAAF0BA60DC7A42A0044DA03 /* sha1edpLittleEndian.s in Sources */,
+				05067908064025E2001640AF /* md2_dgst.c in Sources */,
+				0506790A064025E4001640AF /* md4_dgst.c in Sources */,
+				0506790C064025E6001640AF /* md5_dgst.c in Sources */,
+				0506790E064025E7001640AF /* sha1.c in Sources */,
+				0506790F064025E8001640AF /* sha2.c in Sources */,
+				052049F909D1A6CC00A0D022 /* BlockCipher.c in Sources */,
+				05C441BE09D4E061002066D1 /* des_enc.c in Sources */,
+				05C441C209D4E063002066D1 /* opensslDES.c in Sources */,
+				05C441C409D4E065002066D1 /* set_key.c in Sources */,
+				05D9F61309D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
+				05D9F65209D87ED000AD30A7 /* CommonHMAC.c in Sources */,
+				052F6C8909DB207F00EE63A4 /* aescrypt.c in Sources */,
+				052F6C8A09DB207F00EE63A4 /* aeskey.c in Sources */,
+				052F6C8C09DB207F00EE63A4 /* aestab.c in Sources */,
+				05D5045F09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
+				0585FE2E09DC9873001762F6 /* c_ecb.c in Sources */,
+				0585FE2F09DC9873001762F6 /* c_enc.c in Sources */,
+				0585FE3009DC9873001762F6 /* c_skey.c in Sources */,
+				0585FE3409DC9873001762F6 /* ccCast.c in Sources */,
+				05C91AD409E47F93007CCD4E /* StreamCipher.c in Sources */,
+				05C91AFE09E48079007CCD4E /* rc4_enc.c in Sources */,
+				05C91AFF09E48079007CCD4E /* rc4_skey.c in Sources */,
+				58226EB70D35835700B35CC2 /* AES.c in Sources */,
+				5855FFD80D3ECE2000D5D39C /* AES.s in Sources */,
+				58B40ED20D49459900557D7E /* EncryptCBC.s in Sources */,
+				58B40ED70D494A1800557D7E /* DecryptCBC.s in Sources */,
+				AAD42CD30D7DE027000BCEBF /* ccRC2.c in Sources */,
+				AAD42CD40D7DE027000BCEBF /* rc2.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEBB05F6A97700344873 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				AAAF0B9E0DC7A3DA0044DA03 /* sha1edpBigEndian.s in Sources */,
+				AAAF0B9F0DC7A3DA0044DA03 /* sha1edpLittleEndian.s in Sources */,
+				054BBEDE05F6AA8900344873 /* md2_dgst.c in Sources */,
+				054BBEDF05F6AA8900344873 /* md4_dgst.c in Sources */,
+				054BBEE105F6AA8900344873 /* md5_dgst.c in Sources */,
+				054BBEE705F6AA8900344873 /* sha1.c in Sources */,
+				05E319BD063890C100C4AD24 /* sha2.c in Sources */,
+				052049FA09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
+				05ECA0EE09D469A100CFE5CB /* set_key.c in Sources */,
+				0539DC2809D4919D00AB7F89 /* opensslDES.c in Sources */,
+				05C4414509D49F29002066D1 /* des_enc.c in Sources */,
+				05D9F61009D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
+				052F6C8309DB207F00EE63A4 /* aescrypt.c in Sources */,
+				052F6C8409DB207F00EE63A4 /* aeskey.c in Sources */,
+				052F6C8609DB207F00EE63A4 /* aestab.c in Sources */,
+				05D5045C09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
+				0585FE1909DC9873001762F6 /* c_ecb.c in Sources */,
+				0585FE1A09DC9873001762F6 /* c_enc.c in Sources */,
+				0585FE1B09DC9873001762F6 /* c_skey.c in Sources */,
+				0585FE1F09DC9873001762F6 /* ccCast.c in Sources */,
+				050737DB09E4172A005E9620 /* CommonHMAC.c in Sources */,
+				05C91AD009E47F93007CCD4E /* StreamCipher.c in Sources */,
+				05C91AFA09E48079007CCD4E /* rc4_enc.c in Sources */,
+				05C91AFB09E48079007CCD4E /* rc4_skey.c in Sources */,
+				795CA41E0D34459D00BAE6A2 /* ccRC2.c in Sources */,
+				795CA41F0D34459D00BAE6A2 /* rc2.c in Sources */,
+				58226EAE0D35835700B35CC2 /* AES.c in Sources */,
+				5855FFD50D3ECE2000D5D39C /* AES.s in Sources */,
+				58B40ECF0D49459900557D7E /* EncryptCBC.s in Sources */,
+				58B40ED40D494A1800557D7E /* DecryptCBC.s in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		054BBEC305F6A98900344873 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				AAAF0BA10DC7A3F70044DA03 /* sha1edpBigEndian.s in Sources */,
+				AAAF0BA20DC7A3F70044DA03 /* sha1edpLittleEndian.s in Sources */,
+				795CA4210D3445EB00BAE6A2 /* ccRC2.c in Sources */,
+				795CA4220D3445EB00BAE6A2 /* rc2.c in Sources */,
+				054BBEE905F6AA8900344873 /* md2_dgst.c in Sources */,
+				054BBEEA05F6AA8900344873 /* md4_dgst.c in Sources */,
+				054BBEEC05F6AA8900344873 /* md5_dgst.c in Sources */,
+				054BBEF205F6AA8900344873 /* sha1.c in Sources */,
+				05E319BA063890C100C4AD24 /* sha2.c in Sources */,
+				052049FB09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
+				05C441AC09D4E04F002066D1 /* des_enc.c in Sources */,
+				05C441B009D4E052002066D1 /* opensslDES.c in Sources */,
+				05C441B209D4E053002066D1 /* set_key.c in Sources */,
+				05D9F61109D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
+				05D9F64F09D87ED000AD30A7 /* CommonHMAC.c in Sources */,
+				052F6C7709DB207F00EE63A4 /* aescrypt.c in Sources */,
+				052F6C7809DB207F00EE63A4 /* aeskey.c in Sources */,
+				052F6C7A09DB207F00EE63A4 /* aestab.c in Sources */,
+				05D5045D09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
+				0585FE2009DC9873001762F6 /* c_ecb.c in Sources */,
+				0585FE2109DC9873001762F6 /* c_enc.c in Sources */,
+				0585FE2209DC9873001762F6 /* c_skey.c in Sources */,
+				0585FE2609DC9873001762F6 /* ccCast.c in Sources */,
+				05C91AD209E47F93007CCD4E /* StreamCipher.c in Sources */,
+				05C91AFC09E48079007CCD4E /* rc4_enc.c in Sources */,
+				05C91AFD09E48079007CCD4E /* rc4_skey.c in Sources */,
+				58226EB10D35835700B35CC2 /* AES.c in Sources */,
+				5855FFD60D3ECE2000D5D39C /* AES.s in Sources */,
+				58B40ED00D49459900557D7E /* EncryptCBC.s in Sources */,
+				58B40ED50D494A1800557D7E /* DecryptCBC.s in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+		055687FD064012D40048BE18 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				AAAF0BA30DC7A4020044DA03 /* sha1edpBigEndian.s in Sources */,
+				AAAF0BA40DC7A4020044DA03 /* sha1edpLittleEndian.s in Sources */,
+				AA43AB740D7DE2440047D941 /* ccRC2.c in Sources */,
+				AA43AB750D7DE2440047D941 /* rc2.c in Sources */,
+				05568803064013000048BE18 /* md2_dgst.c in Sources */,
+				05568805064013020048BE18 /* md4_dgst.c in Sources */,
+				05568807064013030048BE18 /* md5_dgst.c in Sources */,
+				05568809064013040048BE18 /* sha1.c in Sources */,
+				0556880A064013050048BE18 /* sha2.c in Sources */,
+				052049FC09D1A6CC00A0D022 /* BlockCipher.c in Sources */,
+				05C441B509D4E058002066D1 /* des_enc.c in Sources */,
+				05C441B909D4E05A002066D1 /* opensslDES.c in Sources */,
+				05C441BB09D4E05C002066D1 /* set_key.c in Sources */,
+				05D9F61209D85F2C00AD30A7 /* CommonCryptor.c in Sources */,
+				05D9F65009D87ED000AD30A7 /* CommonHMAC.c in Sources */,
+				052F6C7D09DB207F00EE63A4 /* aescrypt.c in Sources */,
+				052F6C7E09DB207F00EE63A4 /* aeskey.c in Sources */,
+				052F6C8009DB207F00EE63A4 /* aestab.c in Sources */,
+				05D5045E09DC5F7A00F47E19 /* ccNewGladman.c in Sources */,
+				0585FE2709DC9873001762F6 /* c_ecb.c in Sources */,
+				0585FE2809DC9873001762F6 /* c_enc.c in Sources */,
+				0585FE2909DC9873001762F6 /* c_skey.c in Sources */,
+				0585FE2D09DC9873001762F6 /* ccCast.c in Sources */,
+				05C91AD609E47F93007CCD4E /* StreamCipher.c in Sources */,
+				05C91B0009E48079007CCD4E /* rc4_enc.c in Sources */,
+				05C91B0109E48079007CCD4E /* rc4_skey.c in Sources */,
+				58226EB40D35835700B35CC2 /* AES.c in Sources */,
+				5855FFD70D3ECE2000D5D39C /* AES.s in Sources */,
+				58B40ED10D49459900557D7E /* EncryptCBC.s in Sources */,
+				58B40ED60D494A1800557D7E /* DecryptCBC.s in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin PBXTargetDependency section */
+		050678EB064015C1001640AF /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 05067903064025BF001640AF /* commonCrypto_profile */;
+			targetProxy = 050678EA064015C1001640AF /* PBXContainerItemProxy */;
+		};
+		0511C4630A3785340028BFC3 /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 05CE94290A3784D4007C91D6 /* Copy Open Source Docs */;
+			targetProxy = 0511C4620A3785340028BFC3 /* PBXContainerItemProxy */;
+		};
+		054BBEFB05F6AAC800344873 /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 054BBEBD05F6A97700344873 /* commonCrypto */;
+			targetProxy = 054BBEFA05F6AAC800344873 /* PBXContainerItemProxy */;
+		};
+		054BBEFD05F6AAC800344873 /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 054BBEC505F6A98900344873 /* commonCryptoStatic */;
+			targetProxy = 054BBEFC05F6AAC800344873 /* PBXContainerItemProxy */;
+		};
+		055688220640139D0048BE18 /* PBXTargetDependency */ = {
+			isa = PBXTargetDependency;
+			target = 055687FF064012D40048BE18 /* commonCrypto_debug */;
+			targetProxy = 055688210640139D0048BE18 /* PBXContainerItemProxy */;
+		};
+/* End PBXTargetDependency section */
+
+/* Begin XCBuildConfiguration section */
+		05CE94310A37850A007C91D6 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				PRODUCT_NAME = "Copy Open Source Docs";
+			};
+			name = Development;
+		};
+		05CE94320A37850A007C91D6 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				GCC_GENERATE_DEBUGGING_SYMBOLS = NO;
+				PRODUCT_NAME = "Copy Open Source Docs";
+				ZERO_LINK = NO;
+			};
+			name = Deployment;
+		};
+		05CE94330A37850A007C91D6 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				PRODUCT_NAME = "Copy Open Source Docs";
+			};
+			name = Default;
+		};
+		C27AD07E0987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				CURRENT_PROJECT_VERSION = 36064;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = 1;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALLHDRS_COPY_PHASE = YES;
+				INSTALL_GROUP = wheel;
+				INSTALL_OWNER = root;
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = YES;
+				PRODUCT_NAME = commonCrypto;
+				PUBLIC_HEADERS_FOLDER_PATH = /;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				VERSIONING_SYSTEM = "apple-generic";
+				WARNING_CFLAGS = (
+					"-Wall",
+					"-Werror",
+				);
+			};
+			name = Development;
+		};
+		C27AD07F0987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				CURRENT_PROJECT_VERSION = 36064;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALLHDRS_COPY_PHASE = YES;
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-DNDEBUG";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = YES;
+				PRODUCT_NAME = commonCrypto;
+				PUBLIC_HEADERS_FOLDER_PATH = /;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				VERSIONING_SYSTEM = "apple-generic";
+				WARNING_CFLAGS = (
+					"-Wall",
+					"-Werror",
+				);
+			};
+			name = Deployment;
+		};
+		C27AD0800987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				CURRENT_PROJECT_VERSION = 36064;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALLHDRS_COPY_PHASE = YES;
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-DNDEBUG";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = YES;
+				PRODUCT_NAME = commonCrypto;
+				PUBLIC_HEADERS_FOLDER_PATH = /;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				VERSIONING_SYSTEM = "apple-generic";
+				WARNING_CFLAGS = (
+					"-Wall",
+					"-Werror",
+				);
+			};
+			name = Default;
+		};
+		C27AD0820987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = 1;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-static";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCryptoStatic;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = "-Wmost";
+			};
+			name = Development;
+		};
+		C27AD0830987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-static";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCryptoStatic;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = "-Wmost";
+			};
+			name = Deployment;
+		};
+		C27AD0840987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_WARN_FOUR_CHARACTER_CONSTANTS = NO;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-static";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCryptoStatic;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = "-Wmost";
+			};
+			name = Default;
+		};
+		C27AD0860987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = 1;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_debug;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Development;
+		};
+		C27AD0870987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_debug;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Deployment;
+		};
+		C27AD0880987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_debug;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Default;
+		};
+		C27AD08A0987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = 1;
+				GCC_PRECOMPILE_PREFIX_HEADER = YES;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-pg";
+				OTHER_LDFLAGS = (
+					"-framework",
+					Carbon,
+				);
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_profile;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Development;
+		};
+		C27AD08B0987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_PRECOMPILE_PREFIX_HEADER = YES;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-pg";
+				OTHER_LDFLAGS = (
+					"-framework",
+					Carbon,
+				);
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_profile;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Deployment;
+		};
+		C27AD08C0987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				GCC_MODEL_TUNING = G5;
+				GCC_OPTIMIZATION_LEVEL = s;
+				GCC_PRECOMPILE_PREFIX_HEADER = YES;
+				HEADER_SEARCH_PATHS = (
+					"$(SRCROOT)/Source",
+					"$(SRCROOT)",
+				);
+				INSTALL_PATH = /usr/local/lib/system;
+				LIBRARY_STYLE = STATIC;
+				OTHER_CFLAGS = "-pg";
+				OTHER_LDFLAGS = (
+					"-framework",
+					Carbon,
+				);
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = commonCrypto_profile;
+				SECTORDER_FLAGS = "";
+				USE_HEADERMAP = NO;
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Default;
+		};
+		C27AD08E0987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = NO;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				INSTALL_GROUP = wheel;
+				INSTALL_OWNER = root;
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = world;
+				SECTORDER_FLAGS = "";
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Development;
+		};
+		C27AD08F0987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				COPY_PHASE_STRIP = YES;
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = world;
+				SECTORDER_FLAGS = "";
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Deployment;
+		};
+		C27AD0900987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				OTHER_CFLAGS = "";
+				OTHER_LDFLAGS = "";
+				OTHER_REZFLAGS = "";
+				PRODUCT_NAME = world;
+				SECTORDER_FLAGS = "";
+				WARNING_CFLAGS = (
+					"-Wmost",
+					"-Wno-four-char-constants",
+					"-Wno-unknown-pragmas",
+				);
+			};
+			name = Default;
+		};
+		C27AD0920987FCDA001272E0 /* Development */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
+				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_FUNCTION = YES;
+				GCC_WARN_UNUSED_LABEL = YES;
+				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
+				OTHER_CFLAGS = "$(OTHER_CFLAGS)";
+				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
+				VERSIONING_SYSTEM = "apple-generic";
+			};
+			name = Development;
+		};
+		C27AD0930987FCDA001272E0 /* Deployment */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
+				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_FUNCTION = YES;
+				GCC_WARN_UNUSED_LABEL = YES;
+				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
+				OTHER_CFLAGS = (
+					"$(OTHER_CFLAGS)",
+					"-DNDEBUG",
+				);
+				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
+				VERSIONING_SYSTEM = "apple-generic";
+			};
+			name = Deployment;
+		};
+		C27AD0940987FCDA001272E0 /* Default */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+				CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+				GCC_PREPROCESSOR_DEFINITIONS = "$(GCC_PREPROCESSOR_DEFINITIONS)";
+				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES;
+				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES;
+				GCC_WARN_UNUSED_FUNCTION = YES;
+				GCC_WARN_UNUSED_LABEL = YES;
+				HEADER_SEARCH_PATHS = "$(SRCROOT)/Source";
+				OTHER_CFLAGS = (
+					"$(OTHER_CFLAGS)",
+					"-DNDEBUG",
+				);
+				OTHER_CPLUSPLUSFLAGS = "$(OTHER_CFLAGS)";
+				UNSTRIPPED_PRODUCT = YES;
+				VERSIONING_SYSTEM = "apple-generic";
+			};
+			name = Default;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		05CE94300A37850A007C91D6 /* Build configuration list for PBXAggregateTarget "Copy Open Source Docs" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				05CE94310A37850A007C91D6 /* Development */,
+				05CE94320A37850A007C91D6 /* Deployment */,
+				05CE94330A37850A007C91D6 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD07D0987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD07E0987FCDA001272E0 /* Development */,
+				C27AD07F0987FCDA001272E0 /* Deployment */,
+				C27AD0800987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD0810987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCryptoStatic" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD0820987FCDA001272E0 /* Development */,
+				C27AD0830987FCDA001272E0 /* Deployment */,
+				C27AD0840987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD0850987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_debug" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD0860987FCDA001272E0 /* Development */,
+				C27AD0870987FCDA001272E0 /* Deployment */,
+				C27AD0880987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD0890987FCDA001272E0 /* Build configuration list for PBXNativeTarget "commonCrypto_profile" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD08A0987FCDA001272E0 /* Development */,
+				C27AD08B0987FCDA001272E0 /* Deployment */,
+				C27AD08C0987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD08D0987FCDA001272E0 /* Build configuration list for PBXAggregateTarget "world" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD08E0987FCDA001272E0 /* Development */,
+				C27AD08F0987FCDA001272E0 /* Deployment */,
+				C27AD0900987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+		C27AD0910987FCDA001272E0 /* Build configuration list for PBXProject "CommonCrypto" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				C27AD0920987FCDA001272E0 /* Development */,
+				C27AD0930987FCDA001272E0 /* Deployment */,
+				C27AD0940987FCDA001272E0 /* Default */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Default;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 054BBEA605F6A8DE00344873 /* Project object */;
+}

ADDED   CommonCrypto/CommonCryptor.h
Index: CommonCrypto/CommonCryptor.h
==================================================================
--- /dev/null
+++ CommonCrypto/CommonCryptor.h
@@ -0,0 +1,610 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*!
+	@header		CommonCryptor.h
+	@abstract	Generic interface for symmetric encryption. 
+	
+	@discussion	This interface provides access to a number of symmetric encryption
+				algorithms. Symmetric encryption algorithms come in two "flavors" - 
+				block ciphers, and stream ciphers. Block ciphers process data
+				(while both encrypting and decrypting) in discrete chunks of 
+				data called blocks; stream ciphers operate on arbitrary sized
+				data. 
+				
+				The object declared in this interface, CCCryptor, provides
+				access to both block ciphers and stream ciphers with the same
+				API; however some options are available for block ciphers that
+				do not apply to stream ciphers. 
+				
+				The general operation of a CCCryptor is: initialize it
+				with raw key data and other optional fields with CCCryptorCreate(); 
+				process input data via one or more calls to CCCryptorUpdate(), 
+				each of which may result in output data being written to 
+				caller-supplied memory; and obtain possible remaining output data 
+				with CCCryptorFinal(). The CCCryptor is disposed of via 
+				CCCryptorRelease(), or it can be reused (with the same key data 
+				as provided to CCCryptorCreate()) by calling CCCryptorReset(). 
+				
+				CCCryptors can be dynamically allocated by this module, or 
+				their memory can be allocated by the caller. See discussion for
+				CCCryptorCreate() and CCCryptorCreateFromData() for information 
+				on CCCryptor allocation.
+				
+				One option for block ciphers is padding, as defined in PKCS7;
+				when padding is enabled, the total amount of data encrypted
+				does not have to be an even multiple of the block size, and 
+				the actual length of plaintext is calculated during decryption. 
+				
+				Another option for block ciphers is Cipher Block Chaining, known
+				as CBC mode. When using CBC mode, an Initialization Vector (IV)
+				is provided along with the key when starting an encrypt
+				or decrypt operation. If CBC mode is selected and no IV is 
+				provided, an IV of all zeroes will be used. 
+				
+				CCCryptor also implements block bufferring, so that individual
+				calls to CCCryptorUpdate() do not have to provide data whose length
+				is aligned to the block size. (If padding is disabled, encrypting
+				with block ciphers does require that the *total* length of data
+				input to CCCryptorUpdate() call(s) be aligned to the block size.)
+	
+				A given CCCryptor can only be used by one thread at a time;
+				multiple threads can use safely different CCCryptors at the
+				same time. 				
+*/
+
+#ifndef	_CC_COMMON_CRYPTOR_
+#define	_CC_COMMON_CRYPTOR_
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*!
+	@typedef	CCCryptorRef
+	@abstract	Opaque reference to a CCCryptor object.
+ */
+typedef struct _CCCryptor *CCCryptorRef;
+
+/*!
+	@enum		CCCryptorStatus
+	@abstract	Return values from CommonCryptor operations.
+	
+	@constant	kCCSuccess			Operation completed normally.
+	@constant	kCCParamError		Illegal parameter value.
+	@constant	kCCBufferTooSmall	Insufficent buffer provided for specified operation.
+	@constant	kCCMemoryFailure	Memory allocation failure. 
+	@constant	kCCAlignmentError	Input size was not aligned properly. 
+	@constant	kCCDecodeError		Input data did not decode or decrypt properly.
+	@constant	kCCUnimplemented	Function not implemented for the current algorithm.
+ */
+enum {
+	kCCSuccess			= 0,
+	kCCParamError		= -4300,
+	kCCBufferTooSmall	= -4301,
+	kCCMemoryFailure	= -4302,
+	kCCAlignmentError	= -4303,
+	kCCDecodeError		= -4304,
+	kCCUnimplemented	= -4305
+};
+typedef int32_t CCCryptorStatus;
+
+/*!
+	@enum		CCOperation
+	@abstract	Operations that an CCCryptor can perform.
+	
+	@constant	kCCEncrypt	Symmetric encryption.
+	@constant	kCCDecrypt	Symmetric decryption.
+*/
+enum {
+	kCCEncrypt = 0,	
+	kCCDecrypt,		
+};
+typedef uint32_t CCOperation;
+
+/*!
+	@enum		CCAlgorithm
+	@abstract	Encryption algorithms implemented by this module.
+	
+	@constant	kCCAlgorithmAES128	Advanced Encryption Standard, 128-bit block
+	@constant	kCCAlgorithmDES		Data Encryption Standard
+	@constant	kCCAlgorithm3DES	Triple-DES, three key, EDE configuration
+	@constant	kCCAlgorithmCAST	CAST
+	@constant	kCCAlgorithmRC4		RC4 stream cipher
+*/
+enum {
+	kCCAlgorithmAES128 = 0,
+	kCCAlgorithmDES,		
+	kCCAlgorithm3DES,		
+	kCCAlgorithmCAST,		
+	kCCAlgorithmRC4,
+	kCCAlgorithmRC2		
+};
+typedef uint32_t CCAlgorithm;
+
+/*!
+	@enum		CCOptions
+	@abstract	Options flags, passed to CCCryptorCreate().
+	
+	@constant	kCCOptionPKCS7Padding	Perform PKCS7 padding. 
+	@constant	kCCOptionECBMode		Electronic Code Book Mode. 
+										Default is CBC.
+*/
+enum {
+	/* options for block ciphers */
+	kCCOptionPKCS7Padding	= 0x0001,
+	kCCOptionECBMode		= 0x0002
+	/* stream ciphers currently have no options */
+};
+typedef uint32_t CCOptions;
+
+/*!
+	@enum			Key sizes
+	
+	@discussion		Key sizes, in bytes, for supported algorithms. 
+	
+	@constant kCCKeySizeAES128		128 bit AES key size.
+	@constant kCCKeySizeAES192		192 bit AES key size.
+	@constant kCCKeySizeAES256		256 bit AES key size.
+	@constant kCCKeySizeDES			DES key size.
+	@constant kCCKeySize3DES		Triple DES key size.
+	@constant kCCKeySizeMinCAST		CAST minimum key size.
+	@constant kCCKeySizeMaxCAST		CAST maximum key size.
+	@constant kCCKeySizeMinRC4		RC4 minimum key size.
+	@constant kCCKeySizeMaxRC4		RC4 maximum key size.
+	
+	@discussion		DES and TripleDES have fixed key sizes.
+					AES has three discrete key sizes.
+					CAST and RC4 have variable key sizes.
+*/
+enum {
+	kCCKeySizeAES128	= 16,
+	kCCKeySizeAES192	= 24,
+	kCCKeySizeAES256	= 32,
+	kCCKeySizeDES		= 8,
+	kCCKeySize3DES		= 24,
+	kCCKeySizeMinCAST	= 5,
+	kCCKeySizeMaxCAST	= 16,
+	kCCKeySizeMinRC4	= 1,
+	kCCKeySizeMaxRC4	= 512,
+	kCCKeySizeMinRC2	= 1,
+	kCCKeySizeMaxRC2	= 128
+};
+
+/*!
+	@enum			Block sizes
+	
+	@discussion		Block sizes, in bytes, for supported algorithms. 
+	
+	@constant kCCBlockSizeAES128	AES block size (currently, only 128-bit 
+									blocks are supported).
+	@constant kCCBlockSizeDES		DES block size.
+	@constant kCCBlockSize3DES		Triple DES block size.
+	@constant kCCBlockSizeCAST		CAST block size.
+*/
+enum {
+	/* AES */
+	kCCBlockSizeAES128	= 16,
+	/* DES */
+	kCCBlockSizeDES		= 8,
+	/* 3DES */
+	kCCBlockSize3DES	= 8,
+	/* CAST */
+	kCCBlockSizeCAST	= 8,
+	kCCBlockSizeRC2		= 8,
+};
+
+/*!
+	@enum		Minimum context sizes
+	@discussion	Minimum context sizes, for caller-allocated CCCryptorRefs.
+				To minimize dynamic allocation memory, a caller can create 
+				a CCCryptorRef by passing caller-supplied memory to the 
+				CCCryptorCreateFromData() function.
+	
+				These constants define the minimum amount of memory, in 
+				bytes, needed for CCCryptorRefs for each supported algorithm. 
+	
+				Note: these constants are valid for the current version of 
+				this library; they may change in subsequent releases, so 
+				applications wishing to allocate their own memory for use 
+				in creating CCCryptorRefs must be prepared to deal with 
+				a kCCBufferTooSmall return from CCCryptorCreateFromData().
+				See discussion for the CCCryptorCreateFromData() function.
+	
+	@constant kCCContextSizeAES128		Minimum context size for kCCAlgorithmAES128.
+	@constant kCCContextSizeDES			Minimum context size for kCCAlgorithmAES128.
+	@constant kCCContextSize3DES		Minimum context size for kCCAlgorithmAES128.
+	@constant kCCContextSizeCAST		Minimum context size for kCCAlgorithmCAST.
+	@constant kCCContextSizeRC4			Minimum context size for kCCAlgorithmRC4.
+*/
+enum {
+	kCCContextSizeAES128	= 404,
+	kCCContextSizeDES		= 240,
+	kCCContextSize3DES		= 496,
+	kCCContextSizeCAST		= 240,
+	kCCContextSizeRC4		= 1072
+};
+
+/*!
+	@function	CCCryptorCreate
+	@abstract	Create a cryptographic context. 
+	
+	@param		op			Defines the basic operation: kCCEncrypt or kCCDecrypt.
+	
+	@param		alg			Defines the algorithm.
+	
+	@param		options		A word of flags defining options. See discussion
+							for the CCOptions type.
+							
+	@param		key			Raw key material, length keyLength bytes. 
+	
+	@param		keyLength	Length of key material. Must be appropriate 
+							for	the selected operation and algorithm. Some 
+							algorithms  provide for varying key lengths.
+
+	@param		iv			Initialization vector, optional. Used by 
+							block ciphers when Cipher Block Chaining (CBC) 
+							mode is enabled. If present, must be the same
+							length as the selected algorithm's block size. 
+							If CBC mode is selected (by the absence of the 
+							kCCOptionECBMode bit in the options flags) and no 
+							IV is present, a NULL (all zeroes) IV will be used. 
+							This parameter is ignored if ECB mode is used or
+							if a stream cipher algorithm is selected. 
+
+	@param		cryptorRef	A (required) pointer to the returned CCCryptorRef. 
+
+	@result		Possible error returns are kCCParamError and kCCMemoryFailure.
+*/
+CCCryptorStatus CCCryptorCreate(
+	CCOperation op,             /* kCCEncrypt, etc. */
+	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
+	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
+	const void *key,            /* raw key material */
+	size_t keyLength,	
+	const void *iv,             /* optional initialization vector */
+	CCCryptorRef *cryptorRef);  /* RETURNED */
+
+/*!
+	@function	CCCryptorCreateFromData
+	@abstract	Create a cryptographic context using caller-supplied memory. 
+	
+	@param		op			Defines the basic operation: kCCEncrypt or kCCDecrypt.
+	
+	@param		alg			Defines the algorithm.
+	
+	@param		options		A word of flags defining options. See discussion
+							for the CCOptions type.
+							
+	@param		key			Raw key material, length keyLength bytes. 
+	
+	@param		keyLength	Length of key material. Must be appropriate 
+							for	the selected operation and algorithm. Some 
+							algorithms  provide for varying key lengths.
+
+	@param		iv			Initialization vector, optional. Used by 
+							block ciphers when Cipher Block Chaining (CBC) 
+							mode is enabled. If present, must be the same
+							length as the selected algorithm's block size. 
+							If CBC mode is selected (by the absence of the 
+							kCCOptionECBMode bit in the options flags) and no 
+							IV is present, a NULL (all zeroes) IV will be used. 
+							This parameter is ignored if ECB mode is used or
+							if a stream cipher algorithm is selected. 
+
+	@param		data		A pointer to caller-supplied memory from which the 
+							CCCryptorRef will be created. 
+							
+	@param		dataLength	The size of the caller-supplied memory in bytes. 
+	
+	@param		cryptorRef	A (required) pointer to the returned CCCryptorRef. 
+	
+	@param		dataUsed	Optional. If present, the actual number of bytes of 
+							the caller-supplied memory which was consumed by
+							creation of the CCCryptorRef is returned here. Also,
+							if the supplied memory is of insufficent size to create
+							a CCCryptorRef, kCCBufferTooSmall is returned, and
+							the minimum required buffer size is returned via this
+							parameter if present. 
+								
+	@result		Possible error returns are kCCParamError and kCCBufferTooSmall.
+				
+	@discussion	The CCCryptorRef created by this function *may* be disposed of
+				via CCCRyptorRelease; that call is not strictly necessary, but
+				if it's not performed, good security practice dictates that the
+				caller should zero the memory provided to create the CCCryptorRef
+				when the caller is finished using the CCCryptorRef. 
+*/
+CCCryptorStatus CCCryptorCreateFromData(
+	CCOperation op,             /* kCCEncrypt, etc. */
+	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
+	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
+	const void *key,            /* raw key material */
+	size_t keyLength,	
+	const void *iv,             /* optional initialization vector */
+	const void *data,			/* caller-supplied memory */
+	size_t dataLength,			/* length of data in bytes */
+	CCCryptorRef *cryptorRef,   /* RETURNED */
+	size_t *dataUsed);			/* optional, RETURNED */
+
+/*!
+	@function	CCCryptorRelease
+	@abstract	Free a context created by CCCryptorCreate or 
+				CCCryptorCreateFromData().
+	
+	@param		cryptorRef	The CCCryptorRef to release.
+	
+	@result		The only possible error return is kCCParamError resulting
+				from passing in a null CCCryptorRef. 
+*/
+CCCryptorStatus CCCryptorRelease(
+	CCCryptorRef cryptorRef);
+	
+/*!
+	@function	CCCryptorUpdate
+	@abstract	Process (encrypt, decrypt) some data. The result, if any,
+				is written to a caller-provided buffer. 
+				
+	@param		cryptorRef		A CCCryptorRef created via CCCryptorCreate() or
+								CCCryptorCreateFromData().
+	@param		dataIn			Data to process, length dataInLength bytes.
+	@param		dataInLength	Length of data to process.
+	@param		dataOut			Result is written here. Allocated by caller. 
+								Encryption and decryption can be performed
+								"in-place", with the same buffer used for 
+								input and output. 
+	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
+	@param		dataOutMoved	On successful return, the number of bytes written 
+								to dataOut.
+								
+	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
+								buffer. The caller can use CCCryptorGetOutputLength() 
+								to determine the required output buffer size in this 
+								case. The operation can be retried; no state is lost 
+								when this is returned. 
+								
+	@discussion	This routine can be called multiple times. The caller does
+				not need to align input data lengths to block sizes; input is
+				bufferred as necessary for block ciphers. 
+				 
+				When performing symmetric encryption with block ciphers,
+				and padding is enabled via kCCOptionPKCS7Padding, the total
+				number of bytes provided by all the calls to this function 
+				when encrypting can be arbitrary (i.e., the total number
+				of bytes does not have to be block aligned). However if
+				padding is disabled, or when decrypting, the total number
+				of bytes does have to be aligned to the block size; otherwise
+				CCCryptFinal() will return kCCAlignmentError. 
+				
+				A general rule for the size of the output buffer which must be
+				provided by the caller is that for block ciphers, the output 
+				length is never larger than the input length plus the block size.
+				For stream ciphers, the output length is always exactly the same
+				as the input length. See the discussion for CCCryptorGetOutputLength()
+				for more information on this topic. 
+				 
+				Generally, when all data has been processed, call CCCryptorFinal().
+				In the following cases, the CCCryptorFinal() is superfluous as
+				it will not yield any data nor return an error:
+				1. Encrypting or decrypting with a block cipher with padding 
+				   disabled, when the total amount of data provided to 
+				   CCCryptorUpdate() is an integral multiple of the block size. 
+				2. Encrypting or decrypting with a stream cipher. 
+ */
+CCCryptorStatus CCCryptorUpdate(
+	CCCryptorRef cryptorRef,
+	const void *dataIn,
+	size_t dataInLength,
+	void *dataOut,				/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved);		/* number of bytes written */
+
+/*!
+	@function	CCCryptorFinal
+	@abstract	Finish an encrypt or decrypt operation, and obtain the (possible)
+				final data output. 
+			
+	@param		cryptorRef		A CCCryptorRef created via CCCryptorCreate() or
+								CCCryptorCreateFromData().
+	@param		dataOut			Result is written here. Allocated by caller. 
+	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
+	@param		dataOutMoved	On successful return, the number of bytes written 
+								to dataOut.
+		
+	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
+								buffer. The caller can use CCCryptorGetOutputLength() 
+								to determine the required output buffer size in this 
+								case. The operation can be retried; no state is lost 
+								when this is returned. 
+				kCCAlignmentError When decrypting, or when encrypting with a
+								block cipher with padding disabled, 
+								kCCAlignmentError will be returned if the total 
+								number of bytes provided to CCCryptUpdate() is 
+								not an integral multiple of	the current 
+								algorithm's block size. 
+				kCCDecodeError  Indicates garbled ciphertext or the 
+								wrong key during decryption. This can only
+								be returned while decrypting with padding
+								enabled. 
+								
+	@discussion	Except when kCCBufferTooSmall is returned, the CCCryptorRef
+				can no longer be used for subsequent operations unless
+				CCCryptorReset() is called on it. 
+				
+				It is not necessary to call CCCryptorFinal() when performing 
+				symmetric encryption or decryption if padding is disabled, or
+				when using a stream cipher.  
+				
+				It is not necessary to call CCCryptorFinal() prior to 
+				CCCryptorRelease() when aborting an operation.
+ */
+CCCryptorStatus CCCryptorFinal(
+	CCCryptorRef cryptorRef,
+	void *dataOut,
+	size_t dataOutAvailable,
+	size_t *dataOutMoved);		/* number of bytes written */
+
+/*!
+	@function	CCCryptorGetOutputLength
+	@abstract	Determine output buffer size required to process a given input size. 
+	
+	@param		cryptorRef	A CCCryptorRef created via CCCryptorCreate() or
+							CCCryptorCreateFromData().
+	@param		inputLength	The length of data which will be provided to 
+							CCCryptorUpdate().
+	@param		final		If false, the returned value will indicate the output 
+							buffer space needed when 'inputLength' bytes are 
+							provided to	CCCryptorUpdate(). When 'final' is true, 
+							the returned value will indicate the total combined 
+							buffer space needed when 'inputLength' bytes are 
+							provided to	CCCryptorUpdate() and then CCCryptorFinal()
+							is called. 
+							
+	@result The maximum buffer space need to perform CCCryptorUpdate() and optionally
+			CCCryptorFinal(). 
+			
+	@discussion	Some general rules apply that allow clients of this module to
+				know a priori how much output buffer space will be required
+				in a given situation. For stream ciphers, the output size is
+				always equal to the input size, and CCCryptorFinal() never 
+				produces any data. For block ciphers, the output size will
+				always be less than or equal to the input size plus the size
+				of one block. For block ciphers, if the input size provided 
+				to each call to CCCryptorUpdate() is is an integral multiple 
+				of the block size, then the output size for each call to 
+				CCCryptorUpdate() is less than or equal to the input size
+				for that call to CCCryptorUpdate(). CCCryptorFinal() only 
+				produces output when using a block cipher with padding enabled. 
+*/
+size_t CCCryptorGetOutputLength(
+	CCCryptorRef cryptorRef,
+	size_t inputLength,
+	bool final);
+	
+/*!
+	@function	CCCryptorReset
+	@abstract	Reinitializes an existing CCCryptorRef with a (possibly)
+				new initialization vector. The CCCryptorRef's key is
+				unchanged. Not implemented for stream ciphers. 
+				
+	@param		cryptorRef	A CCCryptorRef created via CCCryptorCreate() or
+							CCCryptorCreateFromData().
+	@param		iv			Optional initialization vector; if present, must
+							be the same size as the current algorithm's block
+							size. 
+							
+	@result		The the only possible errors are kCCParamError and 
+				kCCUnimplemented.
+	
+	@discussion This can be called on a CCCryptorRef with data pending (i.e.
+				in a padded mode operation before CCCryptFinal is called); 
+				however any pending data will be lost in that case. 
+*/
+CCCryptorStatus CCCryptorReset(
+	CCCryptorRef cryptorRef,
+	const void *iv);
+
+/*!
+	@function	CCCrypt
+	@abstract	Stateless, one-shot encrypt or decrypt operation.
+				This basically performs a sequence of CCCrytorCreate(),
+				CCCryptorUpdate(), CCCryptorFinal(), and CCCryptorRelease().
+	
+	@param		alg				Defines the encryption algorithm.
+	
+	
+	@param		op				Defines the basic operation: kCCEncrypt or kCCDecrypt.
+	
+	@param		options			A word of flags defining options. See discussion
+								for the CCOptions type.
+	
+	@param		key				Raw key material, length keyLength bytes. 
+	
+	@param		keyLength		Length of key material. Must be appropriate 
+								for	the select algorithm. Some algorithms may 
+								provide for varying key lengths.
+	
+	@param		iv				Initialization vector, optional. Used for 
+								Cipher Block Chaining (CBC) mode. If present, 
+								must be the same length as the selected 
+								algorithm's block size. If CBC mode is
+								selected (by the absence of any mode bits in 
+								the options	flags) and no IV is present, a 
+								NULL (all zeroes) IV will be used. This is 
+								ignored if ECB mode is used or if a stream 
+								cipher algorithm is selected. 
+	
+	@param		dataIn			Data to encrypt or decrypt, length dataInLength 
+								bytes. 
+	
+	@param		dataInLength	Length of data to encrypt or decrypt.
+	
+	@param		dataOut			Result is written here. Allocated by caller. 
+								Encryption and decryption can be performed
+								"in-place", with the same buffer used for 
+								input and output. 
+	
+	@param		dataOutAvailable The size of the dataOut buffer in bytes.  
+	
+	@param		dataOutMoved	On successful return, the number of bytes written 
+								to dataOut. If kCCBufferTooSmall is returned as 
+								a result of insufficient buffer space being 
+								provided, the required buffer space is returned
+								here. 
+		
+	@result		kCCBufferTooSmall indicates insufficent space in the dataOut
+								buffer. In this case, the *dataOutMoved 
+								parameter will indicate the size of the buffer
+								needed to complete the operation. The 
+								operation can be retried with minimal runtime 
+								penalty. 
+				kCCAlignmentError indicates that dataInLength was not properly 
+								algined. This can only be returned for block 
+								ciphers, and then only when decrypting or when 
+								encrypting with block with padding disabled. 
+				kCCDecodeError	Indicates improperly formatted ciphertext or
+								a "wrong key" error; occurs only during decrypt
+								operations. 
+ */
+CCCryptorStatus CCCrypt(
+	CCOperation op,			/* kCCEncrypt, etc. */
+	CCAlgorithm alg,		/* kCCAlgorithmAES128, etc. */
+	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
+	const void *key,
+	size_t keyLength,
+	const void *iv,			/* optional initialization vector */
+	const void *dataIn,		/* optional per op and alg */
+	size_t dataInLength,
+	void *dataOut,			/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved);	
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_COMMON_CRYPTOR_ */

ADDED   CommonCrypto/CommonDigest.h
Index: CommonCrypto/CommonDigest.h
==================================================================
--- /dev/null
+++ CommonCrypto/CommonDigest.h
@@ -0,0 +1,269 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CommonDigest.h - common digest routines: MD2, MD4, MD5, SHA1.
+ */
+ 
+#ifndef	_CC_COMMON_DIGEST_H_
+#define _CC_COMMON_DIGEST_H_
+
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * For compatibility with legacy implementations, the *Init(), *Update(),
+ * and *Final() functions declared here *always* return a value of 1 (one). 
+ * This corresponds to "success" in the similar openssl implementations. 
+ * There are no errors of any kind which can be, or are, reported here, 
+ * so you can safely ignore the return values of all of these functions 
+ * if you are implementing new code.
+ *
+ * The one-shot functions (CC_MD2(), CC_SHA1(), etc.) perform digest
+ * calculation and place the result in the caller-supplied buffer
+ * indicated by the md parameter. They return the md parameter.
+ * Unlike the opensssl counterparts, these one-shot functions require
+ * a non-NULL md pointer. Passing in NULL for the md parameter 
+ * results in a NULL return and no digest calculation. 
+ */
+ 
+typedef uint32_t CC_LONG;		/* 32 bit unsigned integer */
+typedef uint64_t CC_LONG64;		/* 64 bit unsigned integer */
+
+/*** MD2 ***/
+
+#define CC_MD2_DIGEST_LENGTH	16			/* digest length in bytes */
+#define CC_MD2_BLOCK_BYTES		64			/* block size in bytes */
+#define CC_MD2_BLOCK_LONG       (CC_MD2_BLOCK_BYTES / sizeof(CC_LONG))
+
+typedef struct CC_MD2state_st
+{
+    int num;
+    unsigned char data[CC_MD2_DIGEST_LENGTH];
+    CC_LONG cksm[CC_MD2_BLOCK_LONG];
+	CC_LONG state[CC_MD2_BLOCK_LONG];
+} CC_MD2_CTX;
+
+extern int CC_MD2_Init(CC_MD2_CTX *c);
+extern int CC_MD2_Update(CC_MD2_CTX *c, const void *data, CC_LONG len);
+extern int CC_MD2_Final(unsigned char *md, CC_MD2_CTX *c);
+extern unsigned char *CC_MD2(const void *data, CC_LONG len, unsigned char *md);
+
+/*** MD4 ***/
+
+#define CC_MD4_DIGEST_LENGTH	16			/* digest length in bytes */
+#define CC_MD4_BLOCK_BYTES		64			/* block size in bytes */
+#define CC_MD4_BLOCK_LONG       (CC_MD4_BLOCK_BYTES / sizeof(CC_LONG))
+
+typedef struct CC_MD4state_st
+{
+	CC_LONG A,B,C,D;
+	CC_LONG Nl,Nh;
+	CC_LONG data[CC_MD4_BLOCK_LONG];
+	int num;
+} CC_MD4_CTX;
+
+extern int CC_MD4_Init(CC_MD4_CTX *c);
+extern int CC_MD4_Update(CC_MD4_CTX *c, const void *data, CC_LONG len);
+extern int CC_MD4_Final(unsigned char *md, CC_MD4_CTX *c);
+extern unsigned char *CC_MD4(const void *data, CC_LONG len, unsigned char *md);
+
+/*** MD5 ***/
+
+#define CC_MD5_DIGEST_LENGTH	16			/* digest length in bytes */
+#define CC_MD5_BLOCK_BYTES		64			/* block size in bytes */
+#define CC_MD5_BLOCK_LONG       (CC_MD5_BLOCK_BYTES / sizeof(CC_LONG))
+
+typedef struct CC_MD5state_st
+{
+	CC_LONG A,B,C,D;
+	CC_LONG Nl,Nh;
+	CC_LONG data[CC_MD5_BLOCK_LONG];
+	int num;
+} CC_MD5_CTX;
+
+extern int CC_MD5_Init(CC_MD5_CTX *c);
+extern int CC_MD5_Update(CC_MD5_CTX *c, const void *data, CC_LONG len);
+extern int CC_MD5_Final(unsigned char *md, CC_MD5_CTX *c);
+extern unsigned char *CC_MD5(const void *data, CC_LONG len, unsigned char *md);
+
+/*** SHA1 ***/
+
+#define CC_SHA1_DIGEST_LENGTH	20			/* digest length in bytes */
+#define CC_SHA1_BLOCK_BYTES		64			/* block size in bytes */
+#define CC_SHA1_BLOCK_LONG      (CC_SHA1_BLOCK_BYTES / sizeof(CC_LONG))
+
+typedef struct CC_SHA1state_st
+{
+	CC_LONG h0,h1,h2,h3,h4;
+	CC_LONG Nl,Nh;
+	CC_LONG data[CC_SHA1_BLOCK_LONG];
+	int num;
+} CC_SHA1_CTX;
+
+extern int CC_SHA1_Init(CC_SHA1_CTX *c);
+extern int CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len);
+extern int CC_SHA1_Final(unsigned char *md, CC_SHA1_CTX *c);
+extern unsigned char *CC_SHA1(const void *data, CC_LONG len, unsigned char *md);
+
+/*** SHA224 ***/
+#define CC_SHA224_DIGEST_LENGTH		28			/* digest length in bytes */
+#define CC_SHA224_BLOCK_BYTES		64			/* block size in bytes */
+
+/* same context struct is used for SHA224 and SHA256 */
+typedef struct CC_SHA256state_st
+{   CC_LONG count[2];
+    CC_LONG hash[8];
+    CC_LONG wbuf[16];
+} CC_SHA256_CTX;
+
+extern int CC_SHA224_Init(CC_SHA256_CTX *c);
+extern int CC_SHA224_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len);
+extern int CC_SHA224_Final(unsigned char *md, CC_SHA256_CTX *c);
+extern unsigned char *CC_SHA224(const void *data, CC_LONG len, unsigned char *md);
+
+/*** SHA256 ***/
+
+#define CC_SHA256_DIGEST_LENGTH		32			/* digest length in bytes */
+#define CC_SHA256_BLOCK_BYTES		64			/* block size in bytes */
+
+extern int CC_SHA256_Init(CC_SHA256_CTX *c);
+extern int CC_SHA256_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len);
+extern int CC_SHA256_Final(unsigned char *md, CC_SHA256_CTX *c);
+extern unsigned char *CC_SHA256(const void *data, CC_LONG len, unsigned char *md);
+
+/*** SHA384 ***/
+
+#define CC_SHA384_DIGEST_LENGTH		48			/* digest length in bytes */
+#define CC_SHA384_BLOCK_BYTES      128			/* block size in bytes */
+
+/* same context struct is used for SHA384 and SHA512 */
+typedef struct CC_SHA512state_st
+{   CC_LONG64 count[2];
+    CC_LONG64 hash[8];
+    CC_LONG64 wbuf[16];
+} CC_SHA512_CTX;
+
+extern int CC_SHA384_Init(CC_SHA512_CTX *c);
+extern int CC_SHA384_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len);
+extern int CC_SHA384_Final(unsigned char *md, CC_SHA512_CTX *c);
+extern unsigned char *CC_SHA384(const void *data, CC_LONG len, unsigned char *md);
+
+/*** SHA512 ***/
+
+#define CC_SHA512_DIGEST_LENGTH		64			/* digest length in bytes */
+#define CC_SHA512_BLOCK_BYTES      128			/* block size in bytes */
+
+extern int CC_SHA512_Init(CC_SHA512_CTX *c);
+extern int CC_SHA512_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len);
+extern int CC_SHA512_Final(unsigned char *md, CC_SHA512_CTX *c);
+extern unsigned char *CC_SHA512(const void *data, CC_LONG len, unsigned char *md);
+
+/*
+ * To use the above digest functions with existing code which uses
+ * the corresponding openssl functions, #define the symbol 
+ * COMMON_DIGEST_FOR_OPENSSL in your client code (BEFORE including
+ * this file), and simply link against libSystem (or System.framework)
+ * instead of libcrypto.
+ *
+ * You can *NOT* mix and match functions operating on a given data
+ * type from the two implementations; i.e., if you do a CC_MD5_Init()
+ * on a CC_MD5_CTX object, do not assume that you can do an openssl-style
+ * MD5_Update() on that same context.
+ */
+ 
+#ifdef	COMMON_DIGEST_FOR_OPENSSL
+
+#define MD2_DIGEST_LENGTH			CC_MD2_DIGEST_LENGTH
+#define MD2_CTX						CC_MD2_CTX
+#define MD2_Init					CC_MD2_Init
+#define MD2_Update					CC_MD2_Update
+#define MD2_Final					CC_MD2_Final
+
+#define MD4_DIGEST_LENGTH			CC_MD4_DIGEST_LENGTH
+#define MD4_CTX						CC_MD4_CTX
+#define MD4_Init					CC_MD4_Init
+#define MD4_Update					CC_MD4_Update
+#define MD4_Final					CC_MD4_Final
+
+#define MD5_DIGEST_LENGTH			CC_MD5_DIGEST_LENGTH
+#define MD5_CTX						CC_MD5_CTX
+#define MD5_Init					CC_MD5_Init
+#define MD5_Update					CC_MD5_Update
+#define MD5_Final					CC_MD5_Final
+
+#define SHA_DIGEST_LENGTH			CC_SHA1_DIGEST_LENGTH
+#define SHA_CTX						CC_SHA1_CTX
+#define SHA1_Init					CC_SHA1_Init
+#define SHA1_Update					CC_SHA1_Update
+#define SHA1_Final					CC_SHA1_Final
+
+#define SHA224_DIGEST_LENGTH		CC_SHA224_DIGEST_LENGTH
+#define SHA256_CTX					CC_SHA256_CTX
+#define SHA224_Init					CC_SHA224_Init
+#define SHA224_Update				CC_SHA224_Update
+#define SHA224_Final				CC_SHA224_Final
+
+#define SHA256_DIGEST_LENGTH		CC_SHA256_DIGEST_LENGTH
+#define SHA256_Init					CC_SHA256_Init
+#define SHA256_Update				CC_SHA256_Update
+#define SHA256_Final				CC_SHA256_Final
+
+#define SHA384_DIGEST_LENGTH		CC_SHA384_DIGEST_LENGTH
+#define SHA512_CTX					CC_SHA512_CTX
+#define SHA384_Init					CC_SHA384_Init
+#define SHA384_Update				CC_SHA384_Update
+#define SHA384_Final				CC_SHA384_Final
+
+#define SHA512_DIGEST_LENGTH		CC_SHA512_DIGEST_LENGTH
+#define SHA512_Init					CC_SHA512_Init
+#define SHA512_Update				CC_SHA512_Update
+#define SHA512_Final				CC_SHA512_Final
+
+
+#endif	/* COMMON_DIGEST_FOR_OPENSSL */
+
+/*
+ * In a manner similar to that described above for openssl 
+ * compatibility, these macros can be used to provide compatiblity 
+ * with legacy implementations of MD5 using the interface defined 
+ * in RFC 1321.
+ */
+ 
+#ifdef	COMMON_DIGEST_FOR_RFC_1321
+
+#define MD5_CTX						CC_MD5_CTX
+#define MD5Init						CC_MD5_Init
+#define MD5Update					CC_MD5_Update
+void MD5Final (unsigned char [16], MD5_CTX *);
+
+#endif	/* COMMON_DIGEST_FOR_RFC_1321 */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_COMMON_DIGEST_H_ */

ADDED   CommonCrypto/CommonHMAC.h
Index: CommonCrypto/CommonHMAC.h
==================================================================
--- /dev/null
+++ CommonCrypto/CommonHMAC.h
@@ -0,0 +1,134 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*!
+	@header		CommonHMAC.h
+	@abstract	Keyed Message Authentication Code (HMAC) functions.
+ */
+ 
+#ifndef	_CC_COMMON_HMAC_H_
+#define _CC_COMMON_HMAC_H_
+
+#include <CommonCrypto/CommonDigest.h>
+#include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*!
+	@enum		CCHmacAlgorithm
+	@abstract	Algorithms implemented in this module.
+
+	@constant	kCCHmacAlgSHA1		HMAC with SHA1 digest
+	@constant	kCCHmacAlgMD5		HMAC with MD5 digest
+	@constant	kCCHmacAlgSHA256	HMAC with SHA256 digest
+	@constant	kCCHmacAlgSHA384	HMAC with SHA384 digest
+	@constant	kCCHmacAlgSHA512	HMAC with SHA512 digest
+	@constant	kCCHmacAlgSHA224	HMAC with SHA224 digest
+ */
+enum {
+	kCCHmacAlgSHA1,
+	kCCHmacAlgMD5,
+	kCCHmacAlgSHA256,
+	kCCHmacAlgSHA384,
+	kCCHmacAlgSHA512,
+	kCCHmacAlgSHA224
+};
+typedef uint32_t CCHmacAlgorithm;
+
+/*!
+	@typedef	CCHmacContext
+	@abstract	HMAC context. 
+ */
+#define CC_HMAC_CONTEXT_SIZE	96	
+typedef struct {
+	uint32_t			ctx[CC_HMAC_CONTEXT_SIZE];
+} CCHmacContext;
+
+/*!
+	@function	CCHmacInit
+	@abstract	Initialize an CCHmacContext with provided raw key bytes.
+	
+	@param		ctx			An HMAC context.
+	@param		algorithm	HMAC algorithm to perform. 
+	@param		key			Raw key bytes.
+	@param		keyLength	Length of raw key bytes; can be any 
+							length including zero. 
+ */
+void CCHmacInit(
+	CCHmacContext *ctx, 
+	CCHmacAlgorithm algorithm,	
+	const void *key,
+	size_t keyLength);			
+	
+/*!
+	@function	CCHmacUpdate
+	@abstract	Process some data.
+	
+	@param		ctx			An HMAC context.
+	@param		data		Data to process.
+	@param		dataLength	Length of data to process, in bytes.
+	
+	@discussion	This can be called multiple times.
+ */
+void CCHmacUpdate(
+	CCHmacContext *ctx, 
+	const void *data,
+	size_t dataLength);		
+	
+/*!
+	@function	CCHmacFinal
+	@abstract	Obtain the final Message Authentication Code.
+	
+	@param		ctx			An HMAC context.
+	@param		macOut		Destination of MAC; allocated by caller. 
+	
+	@discussion	The length of the MAC written to *macOut is the same as 
+				the digest length associated with the HMAC algorithm:
+	
+				kCCHmacSHA1 : CC_SHA1_DIGEST_LENGTH
+				
+				kCCHmacMD5  : CC_MD5_DIGEST_LENGTH
+ */
+void CCHmacFinal(
+	CCHmacContext *ctx, 
+	void *macOut);		
+	
+/*
+ * Stateless, one-shot HMAC function. 
+ * Output is written to caller-supplied buffer, as in CCHmacFinal().
+ */
+void CCHmac(
+	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
+	const void *key,
+	size_t keyLength,			/* length of key in bytes */
+	const void *data,
+	size_t dataLength,			/* length of data in bytes */
+	void *macOut);				/* MAC written here */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_COMMON_HMAC_H_ */

ADDED   LocalTests/ccSymTest.cpp
Index: LocalTests/ccSymTest.cpp
==================================================================
--- /dev/null
+++ LocalTests/ccSymTest.cpp
@@ -0,0 +1,780 @@
+/* Copyright 2006 Apple Computer, Inc.
+ *
+ * ccSymTest.c - test CommonCrypto symmetric encrypt/decrypt.
+ */
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <CommonCrypto/CommonCryptor.h>
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacErrors.h>
+#include "common.h"
+
+/*
+ * Defaults.
+ */
+#define LOOPS_DEF		500
+#define MIN_DATA_SIZE	8
+#define MAX_DATA_SIZE	10000						/* bytes */
+#define MAX_KEY_SIZE	kCCKeySizeMaxRC4			/* bytes */
+#define MAX_BLOCK_SIZE	kCCBlockSizeAES128			/* bytes */
+#define LOOP_NOTIFY		250
+
+/*
+ * Enumerate algs our own way to allow iteration.
+ */
+typedef enum {
+	ALG_AES_128 = 1,	/* 128 bit block, 128 bit key */
+	ALG_AES_192,		/* 128 bit block, 192 bit key */
+	ALG_AES_256,		/* 128 bit block, 256 bit key */
+	ALG_DES,
+	ALG_3DES,
+	ALG_CAST,
+	ALG_RC4,
+	/* these aren't in CommonCrypto (yet?) */
+	ALG_RC2,
+	ALG_RC5,
+	ALG_BFISH,
+	ALG_ASC,
+	ALG_NULL					/* normally not used */
+} SymAlg;
+#define ALG_FIRST			ALG_AES_128
+#define ALG_LAST			ALG_RC4
+
+
+#define LOG_SIZE			0
+#if		LOG_SIZE
+#define logSize(s)	printf s
+#else
+#define logSize(s)
+#endif
+
+static void usage(char **argv)
+{
+	printf("usage: %s [options]\n", argv[0]);
+	printf("   Options:\n");
+	printf("   a=algorithm (d=DES; 3=3DES; a=AES128; n=AES192; A=AES256; \n");
+	printf("     c=CAST; 4=RC4; default=all)\n");
+	printf("   l=loops (default=%d; 0=forever)\n", LOOPS_DEF);
+	printf("   m=maxPtextSize (default=%d)\n", MAX_DATA_SIZE);
+	printf("   n=minPtextSize (default=%d)\n", MIN_DATA_SIZE);
+	printf("   k=keySizeInBytes\n");
+	printf("   p=pauseInterval (default=0, no pause)\n");
+	printf("   o (no padding, well-aligned plaintext)\n");
+	printf("   e (ECB only)\n");
+	printf("   E (CBC only, no ECB)\n");
+	printf("   u (no multi-update ops)\n");
+	printf("   U (only multi-update ops)\n");
+	printf("   x (always allocate context)\n");
+	printf("   X (never allocate context)\n");
+	printf("   v(erbose)\n");
+	printf("   q(uiet)\n");
+	printf("   h(elp)\n");
+	exit(1);
+}
+
+static void printCCError(const char *str, CCCryptorStatus crtn)
+{
+	const char *errStr;
+	char unknownStr[200];
+	
+	switch(crtn) {
+		case kCCSuccess: errStr = "kCCSuccess"; break;
+		case kCCParamError: errStr = "kCCParamError"; break;
+		case kCCBufferTooSmall: errStr = "kCCBufferTooSmall"; break;
+		case kCCMemoryFailure: errStr = "kCCMemoryFailure"; break;
+		case kCCAlignmentError: errStr = "kCCAlignmentError"; break;
+		case kCCDecodeError: errStr = "kCCDecodeError"; break;
+		case kCCUnimplemented: errStr = "kCCUnimplemented"; break;
+		default:
+			sprintf(unknownStr, "Unknown(%ld)\n", (long)crtn);
+			errStr = unknownStr;
+			break;
+	}
+	printf("***%s returned %s\n", str, errStr);
+}
+
+/* max context size */
+#define CC_MAX_CTX_SIZE	kCCContextSizeRC4
+
+/* 
+ * We write a marker at end of expected output and at end of caller-allocated 
+ * CCCryptorRef, and check at the end to make sure they weren't written 
+ */
+#define MARKER_LENGTH	8
+#define MARKER_BYTE		0x7e
+
+/* 
+ * Test harness for CCCryptor with lots of options. 
+ */
+CCCryptorStatus doCCCrypt(
+	bool forEncrypt,
+	CCAlgorithm encrAlg,			
+	bool doCbc,
+	bool doPadding,
+	const void *keyBytes, size_t keyLen,
+	const void *iv,
+	bool randUpdates,
+	bool inPlace,								/* !doPadding only */
+	size_t ctxSize,								/* if nonzero, we allocate ctx */
+	bool askOutSize,
+	const uint8_t *inText, size_t inTextLen,
+	uint8_t **outText, size_t *outTextLen)		/* both returned, WE malloc */
+{
+	CCCryptorRef	cryptor = NULL;
+	CCCryptorStatus crtn;
+	CCOperation		op = forEncrypt ? kCCEncrypt : kCCDecrypt;
+	CCOptions		options = 0;
+	uint8_t			*outBuf = NULL;			/* mallocd output buffer */
+	uint8_t			*outp;					/* running ptr into outBuf */
+	const uint8		*inp;					/* running ptr into inText */
+	size_t			outLen;					/* bytes remaining in outBuf */
+	size_t			toMove;					/* bytes remaining in inText */
+	size_t			thisMoveOut;			/* output from CCCryptUpdate()/CCCryptFinal() */
+	size_t			outBytes;				/* total bytes actually produced in outBuf */
+	char			ctx[CC_MAX_CTX_SIZE];	/* for CCCryptorCreateFromData() */
+	uint8_t			*textMarker = NULL;		/* 8 bytes of marker here after expected end of 
+											 * output */
+	char			*ctxMarker = NULL;		/* ditto for caller-provided context */
+	unsigned		dex;
+	size_t			askedOutSize;			/* from the lib */
+	size_t			thisOutLen;				/* dataOutAvailable we use */
+	
+	if(ctxSize > CC_MAX_CTX_SIZE) {
+		printf("***HEY! Adjust CC_MAX_CTX_SIZE!\n");
+		exit(1);
+	}
+	if(!doCbc) {
+		options |= kCCOptionECBMode;
+	}
+	if(doPadding) {
+		options |= kCCOptionPKCS7Padding;
+	}
+	
+	/* just hack this one */
+	outLen = inTextLen;
+	if(forEncrypt) {
+		outLen += MAX_BLOCK_SIZE;
+	}
+	
+	outBuf = (uint8_t *)malloc(outLen + MARKER_LENGTH);
+	memset(outBuf, 0xEE, outLen + MARKER_LENGTH);
+	
+	/* library should not touch this memory */
+	textMarker = outBuf + outLen;
+	memset(textMarker, MARKER_BYTE, MARKER_LENGTH);
+	
+	/* subsequent errors to errOut: */
+
+	if(inPlace) {
+		memmove(outBuf, inText, inTextLen);
+		inp = outBuf;
+	}
+	else {
+		inp = inText;
+	}
+
+	if(!randUpdates) {
+		/* one shot */
+		if(askOutSize) {
+			crtn = CCCrypt(op, encrAlg, options,
+				keyBytes, keyLen, iv,
+				inp, inTextLen,
+				outBuf, 0, &askedOutSize);
+			if(crtn != kCCBufferTooSmall) {
+				printf("***Did not get kCCBufferTooSmall as expected\n");
+				printf("   alg %d inTextLen %lu cbc %d padding %d keyLen %lu\n",
+					(int)encrAlg, (unsigned long)inTextLen, (int)doCbc, (int)doPadding,
+					(unsigned long)keyLen);
+				printCCError("CCCrypt", crtn);
+				crtn = -1;
+				goto errOut;
+			}
+			outLen = askedOutSize;
+		}
+		crtn = CCCrypt(op, encrAlg, options,
+			keyBytes, keyLen, iv,
+			inp, inTextLen,
+			outBuf, outLen, &outLen);
+		if(crtn) {
+			printCCError("CCCrypt", crtn);
+			goto errOut;
+		}
+		*outText = outBuf;
+		*outTextLen = outLen;
+		goto errOut;
+	}
+	
+	/* random multi updates */
+	if(ctxSize) {
+		size_t ctxSizeCreated;
+		
+		if(askOutSize) {
+			crtn = CCCryptorCreateFromData(op, encrAlg, options,
+				keyBytes, keyLen, iv,
+				ctx, 0 /* ctxSize */,
+				&cryptor, &askedOutSize);
+			if(crtn != kCCBufferTooSmall) {
+				printf("***Did not get kCCBufferTooSmall as expected\n");
+				printCCError("CCCryptorCreateFromData", crtn);
+				crtn = -1;
+				goto errOut;
+			}
+			ctxSize = askedOutSize;
+		}
+		crtn = CCCryptorCreateFromData(op, encrAlg, options,
+			keyBytes, keyLen, iv,
+			ctx, ctxSize, &cryptor, &ctxSizeCreated);
+		if(crtn) {
+			printCCError("CCCryptorCreateFromData", crtn);
+			return crtn;
+		}
+		ctxMarker = ctx + ctxSizeCreated;
+		memset(ctxMarker, MARKER_BYTE, MARKER_LENGTH);
+	}
+	else {
+		crtn = CCCryptorCreate(op, encrAlg, options,
+			keyBytes, keyLen, iv,
+			&cryptor);
+		if(crtn) {
+			printCCError("CCCryptorCreate", crtn);
+			return crtn;
+		}
+	}
+	
+	toMove = inTextLen;		/* total to go */
+	outp = outBuf;
+	outBytes = 0;			/* bytes actually produced in outBuf */
+	
+	while(toMove) {
+		uint32 thisMoveIn;			/* input to CCryptUpdate() */
+		
+		thisMoveIn = genRand(1, toMove);
+		logSize(("###ptext segment len %lu\n", (unsigned long)thisMoveIn)); 
+		if(askOutSize) {
+			thisOutLen = CCCryptorGetOutputLength(cryptor, thisMoveIn, false);
+		}
+		else {
+			thisOutLen = outLen;
+		}
+		crtn = CCCryptorUpdate(cryptor, inp, thisMoveIn,
+			outp, thisOutLen, &thisMoveOut);
+		if(crtn) {
+			printCCError("CCCryptorUpdate", crtn);
+			goto errOut;
+		}
+		inp			+= thisMoveIn;
+		toMove		-= thisMoveIn;
+		outp		+= thisMoveOut;
+		outLen   	-= thisMoveOut;
+		outBytes	+= thisMoveOut;
+	}
+	
+	if(doPadding) {
+		/* Final is not needed if padding is disabled */
+		if(askOutSize) {
+			thisOutLen = CCCryptorGetOutputLength(cryptor, 0, true);
+		}
+		else {
+			thisOutLen = outLen;
+		}
+		crtn = CCCryptorFinal(cryptor, outp, thisOutLen, &thisMoveOut);
+	}
+	else {
+		thisMoveOut = 0;
+		crtn = kCCSuccess;
+	}
+	
+	if(crtn) {
+		printCCError("CCCryptorFinal", crtn);
+		goto errOut;
+	}
+	
+	outBytes += thisMoveOut;
+	*outText = outBuf;
+	*outTextLen = outBytes;
+	crtn = kCCSuccess;
+
+	for(dex=0; dex<MARKER_LENGTH; dex++) {
+		if(textMarker[dex] != MARKER_BYTE) {
+			printf("***lib scribbled on our textMarker memory (op=%s)!\n",
+				forEncrypt ? "encrypt" : "decrypt");
+			crtn = (CCCryptorStatus)-1;
+		}
+	}
+	if(ctxSize) {
+		for(dex=0; dex<MARKER_LENGTH; dex++) {
+			if(ctxMarker[dex] != MARKER_BYTE) {
+				printf("***lib scribbled on our ctxMarker memory (op=%s)!\n",
+					forEncrypt ? "encrypt" : "decrypt");
+				crtn = (CCCryptorStatus)-1;
+			}
+		}
+	}
+	
+errOut:
+	if(crtn) {
+		if(outBuf) {
+			free(outBuf);
+		}
+	}
+	if(cryptor) {
+		CCCryptorRelease(cryptor);
+	}
+	return crtn;
+}
+
+static int doTest(const uint8_t *ptext,
+	size_t ptextLen,
+	CCAlgorithm encrAlg,			
+	bool doCbc,
+	bool doPadding,
+	bool nullIV,			/* if CBC, use NULL IV */
+	uint32 keySizeInBytes,
+	bool stagedEncr,
+	bool stagedDecr,
+	bool inPlace,	
+	size_t ctxSize,		
+	bool askOutSize,
+	bool quiet)
+{
+	uint8_t			keyBytes[MAX_KEY_SIZE];
+	uint8_t			iv[MAX_BLOCK_SIZE];
+	uint8_t			*ivPtrEncrypt;
+	uint8_t			*ivPtrDecrypt;
+	uint8_t			*ctext = NULL;		/* mallocd by doCCCrypt */
+	size_t			ctextLen = 0;
+	uint8_t			*rptext = NULL;		/* mallocd by doCCCrypt */
+	size_t			rptextLen;
+	CCCryptorStatus	crtn;
+	int				rtn = 0;
+	
+	/* random key */
+	appGetRandomBytes(keyBytes, keySizeInBytes);
+	
+	/* random IV if needed */
+	if(doCbc) {
+		if(nullIV) {
+			memset(iv, 0, MAX_BLOCK_SIZE);
+			
+			/* flip a coin, give one side NULL, the other size zeroes */
+			if(genRand(1,2) == 1) {
+				ivPtrEncrypt = NULL;
+				ivPtrDecrypt = iv;
+			}
+			else {
+				ivPtrEncrypt = iv;
+				ivPtrDecrypt = NULL;
+			}
+		}
+		else {
+			appGetRandomBytes(iv, MAX_BLOCK_SIZE);
+			ivPtrEncrypt = iv;
+			ivPtrDecrypt = iv;
+		}
+	}	
+	else {
+		ivPtrEncrypt = NULL;
+		ivPtrDecrypt = NULL;
+	}
+
+	crtn = doCCCrypt(true, encrAlg, doCbc, doPadding,
+		keyBytes, keySizeInBytes, ivPtrEncrypt,
+		stagedEncr, inPlace, ctxSize, askOutSize,
+		ptext, ptextLen,
+		&ctext, &ctextLen);
+	if(crtn) {
+		rtn = testError(quiet);
+		if(rtn) {
+			goto abort;
+		}
+	}
+	
+	logSize(("###ctext len %lu\n", ctextLen)); 
+	
+	crtn = doCCCrypt(false, encrAlg, doCbc, doPadding,
+		keyBytes, keySizeInBytes, ivPtrDecrypt,
+		stagedDecr, inPlace, ctxSize, askOutSize,
+		ctext, ctextLen,
+		&rptext, &rptextLen);
+	if(crtn) {
+		rtn = testError(quiet);
+		if(rtn) {
+			goto abort;
+		}
+	}
+
+	logSize(("###rptext len %lu\n", rptextLen)); 
+	
+	/* compare ptext, rptext */
+	if(ptextLen != rptextLen) {
+		printf("Ptext length mismatch: expect %lu, got %lu\n", ptextLen, rptextLen);
+		rtn = testError(quiet);
+		if(rtn) {
+			goto abort;
+		}
+	}
+	if(memcmp(ptext, rptext, ptextLen)) {
+		printf("***data miscompare\n");
+		rtn = testError(quiet);
+	}
+abort:
+	if(ctext) {
+		free(ctext);
+	}
+	if(rptext) {
+		free(rptext);
+	}
+	return rtn;
+}
+
+bool isBitSet(unsigned bit, unsigned word) 
+{
+	if(bit > 31) {
+		printf("We don't have that many bits\n");
+		exit(1);
+	}
+	unsigned mask = 1 << bit;
+	return (word & mask) ? true : false;
+}
+
+int main(int argc, char **argv)
+{
+	int					arg;
+	char				*argp;
+	unsigned			loop;
+	uint8				*ptext;
+	size_t				ptextLen;
+	bool				stagedEncr = false;
+	bool				stagedDecr = false;
+	bool				doPadding;
+	bool				doCbc = false;
+	bool				nullIV;
+	const char			*algStr;
+	CCAlgorithm			encrAlg;	
+	int					i;
+	int					currAlg;		// ALG_xxx
+	uint32				minKeySizeInBytes;
+	uint32				maxKeySizeInBytes;
+	uint32				keySizeInBytes = 0;
+	int					rtn = 0;
+	uint32				blockSize;		// for noPadding case
+	size_t				ctxSize;		// always set per alg
+	size_t				ctxSizeUsed;	// passed to doTest
+	bool				askOutSize;		// inquire output size each op
+	
+	/*
+	 * User-spec'd params
+	 */
+	bool		keySizeSpec = false;		// false: use rand key size
+	SymAlg		minAlg = ALG_FIRST;
+	SymAlg		maxAlg = ALG_LAST;
+	unsigned	loops = LOOPS_DEF;
+	bool		verbose = false;
+	size_t		minPtextSize = MIN_DATA_SIZE;
+	size_t		maxPtextSize = MAX_DATA_SIZE;
+	bool		quiet = false;
+	unsigned	pauseInterval = 0;
+	bool		paddingSpec = false;		// true: user calls doPadding, const
+	bool		cbcSpec = false;			// ditto for doCbc
+	bool		stagedSpec = false;			// ditto for stagedEncr and stagedDecr
+	bool		inPlace = false;			// en/decrypt in place for ECB
+	bool		allocCtxSpec = false;		// use allocCtx
+	bool		allocCtx = false;			// allocate context ourself
+	
+	for(arg=1; arg<argc; arg++) {
+		argp = argv[arg];
+		switch(argp[0]) {
+			case 'a':
+				if(argp[1] != '=') {
+					usage(argv);
+				}
+				switch(argp[2]) {
+					case 's':
+						minAlg = maxAlg = ALG_ASC;
+						break;
+					case 'd':
+						minAlg = maxAlg = ALG_DES;
+						break;
+					case '3':
+						minAlg = maxAlg = ALG_3DES;
+						break;
+					case '2':
+						minAlg = maxAlg = ALG_RC2;
+						break;
+					case '4':
+						minAlg = maxAlg = ALG_RC4;
+						break;
+					case '5':
+						minAlg = maxAlg = ALG_RC5;
+						break;
+					case 'a':
+						minAlg = maxAlg = ALG_AES_128;
+						break;
+					case 'n':
+						minAlg = maxAlg = ALG_AES_192;
+						break;
+					case 'A':
+						minAlg = maxAlg = ALG_AES_256;
+						break;
+					case 'b':
+						minAlg = maxAlg = ALG_BFISH;
+						break;
+					case 'c':
+						minAlg = maxAlg = ALG_CAST;
+						break;
+					default:
+						usage(argv);
+				}
+				if(maxAlg > ALG_LAST) {
+					/* we left them in the switch but we can't use them */
+					usage(argv);
+				}
+				break;
+		    case 'l':
+				loops = atoi(&argp[2]);
+				break;
+		    case 'n':
+				minPtextSize = atoi(&argp[2]);
+				break;
+		    case 'm':
+				maxPtextSize = atoi(&argp[2]);
+				break;
+		    case 'k':
+		    	minKeySizeInBytes = maxKeySizeInBytes = atoi(&argp[2]);
+		    	keySizeSpec = true;
+				break;
+			case 'x':
+				allocCtxSpec = true;
+				allocCtx = true;
+				break;
+			case 'X':
+				allocCtxSpec = true;
+				allocCtx = false;
+				break;
+		    case 'v':
+		    	verbose = true;
+				break;
+		    case 'q':
+		    	quiet = true;
+				break;
+		    case 'p':
+		    	pauseInterval = atoi(&argp[2]);;
+				break;
+			case 'o':
+				doPadding = false;
+				paddingSpec = true;
+				break;
+			case 'e':
+				doCbc = false;
+				cbcSpec = true;
+				break;
+			case 'E':
+				doCbc = true;
+				cbcSpec = true;
+				break;
+		    case 'u':
+		    	stagedEncr = false;
+		    	stagedDecr = false;
+				stagedSpec = true;
+				break;
+		    case 'U':
+		    	stagedEncr = true;
+		    	stagedDecr = true;
+				stagedSpec = true;
+				break;
+		    case 'h':
+		    default:
+				usage(argv);
+		}
+	}
+	ptext = (uint8 *)malloc(maxPtextSize);
+	if(ptext == NULL) {
+		printf("Insufficient heap space\n");
+		exit(1);
+	}
+	/* ptext length set in test loop */
+	
+	printf("Starting ccSymTest; args: ");
+	for(i=1; i<argc; i++) {
+		printf("%s ", argv[i]);
+	}
+	printf("\n");
+	
+	if(pauseInterval) {
+		fpurge(stdin);
+		printf("Top of test; hit CR to proceed: ");
+		getchar();
+	}
+
+	for(currAlg=minAlg; currAlg<=maxAlg; currAlg++) {
+		switch(currAlg) {
+			case ALG_DES:
+				encrAlg = kCCAlgorithmDES;
+				blockSize = kCCBlockSizeDES;
+				minKeySizeInBytes = kCCKeySizeDES;
+				maxKeySizeInBytes = minKeySizeInBytes;
+				ctxSize = kCCContextSizeDES;
+				algStr = "DES";
+				break;
+			case ALG_3DES:
+				encrAlg = kCCAlgorithm3DES;
+				blockSize = kCCBlockSize3DES;
+				minKeySizeInBytes = kCCKeySize3DES;
+				maxKeySizeInBytes = minKeySizeInBytes;
+				ctxSize = kCCContextSize3DES;
+				
+				algStr = "3DES";
+				break;
+			case ALG_AES_128:
+				encrAlg = kCCAlgorithmAES128;
+				blockSize = kCCBlockSizeAES128;
+				minKeySizeInBytes = kCCKeySizeAES128;
+				maxKeySizeInBytes = minKeySizeInBytes;
+				ctxSize = kCCContextSizeAES128;
+				algStr = "AES128";
+				break;
+			case ALG_AES_192:
+				encrAlg = kCCAlgorithmAES128;
+				blockSize = kCCBlockSizeAES128;
+				minKeySizeInBytes = kCCKeySizeAES192;
+				maxKeySizeInBytes = minKeySizeInBytes;
+				ctxSize = kCCContextSizeAES128;
+				algStr = "AES192";
+				break;
+			case ALG_AES_256:
+				encrAlg = kCCAlgorithmAES128;
+				blockSize = kCCBlockSizeAES128;
+				minKeySizeInBytes = kCCKeySizeAES256;
+				maxKeySizeInBytes = minKeySizeInBytes;
+				ctxSize = kCCContextSizeAES128;
+				algStr = "AES256";
+				break;
+			case ALG_CAST:
+				encrAlg = kCCAlgorithmCAST;
+				blockSize = kCCBlockSizeCAST;
+				minKeySizeInBytes = kCCKeySizeMinCAST;
+				maxKeySizeInBytes = kCCKeySizeMaxCAST;
+				ctxSize = kCCContextSizeCAST;
+				algStr = "CAST";
+				break;
+			case ALG_RC4:
+				encrAlg = kCCAlgorithmRC4;
+				blockSize = 0;
+				minKeySizeInBytes = kCCKeySizeMinRC4;
+				maxKeySizeInBytes = kCCKeySizeMaxRC4;
+				ctxSize = kCCContextSizeRC4;
+				algStr = "RC4";
+				break;
+			default:
+				printf("***BRRZAP!\n");
+				exit(1);
+		}
+		if(!quiet || verbose) {
+			printf("Testing alg %s\n", algStr);
+		}
+		for(loop=1; ; loop++) {
+			ptextLen = genRand(minPtextSize, maxPtextSize);
+			appGetRandomBytes(ptext, ptextLen);
+			
+			/* per-loop settings */
+			if(!keySizeSpec) {
+				if(minKeySizeInBytes == maxKeySizeInBytes) {
+					keySizeInBytes = minKeySizeInBytes;
+				}
+				else {
+					keySizeInBytes = genRand(minKeySizeInBytes, maxKeySizeInBytes);
+				}
+			}
+			if(blockSize == 0) {
+				/* stream cipher */
+				doCbc = false;
+				doPadding = false;
+			}
+			else {
+				if(!cbcSpec) {
+					doCbc = isBitSet(0, loop);
+				}
+				if(!paddingSpec) {
+					doPadding = isBitSet(1, loop);
+				}
+			}
+			if(!doPadding && (blockSize != 0)) {
+				/* align plaintext */
+				ptextLen = (ptextLen / blockSize) * blockSize;
+				if(ptextLen == 0) {
+					ptextLen = blockSize;
+				}
+			}
+			if(!stagedSpec) {
+				stagedEncr = isBitSet(2, loop);
+				stagedDecr = isBitSet(3, loop);
+			}
+			if(doCbc) {
+				nullIV = isBitSet(4, loop);
+			}
+			else {
+				nullIV = false;
+			}
+			inPlace = isBitSet(5, loop);
+			if(allocCtxSpec) {
+				ctxSizeUsed = allocCtx ? ctxSize : 0;
+			}
+			else if(isBitSet(6, loop)) {
+				ctxSizeUsed = ctxSize;
+			}
+			else {
+				ctxSizeUsed = 0;
+			}
+			askOutSize = isBitSet(7, loop);
+			if(!quiet) {
+			   	if(verbose || ((loop % LOOP_NOTIFY) == 0)) {
+					printf("..loop %3d ptextLen %lu keyLen %d cbc=%d padding=%d stagedEncr=%d "
+							"stagedDecr=%d\n",
+						loop, (unsigned long)ptextLen, (int)keySizeInBytes, 
+						(int)doCbc, (int)doPadding,
+					 	(int)stagedEncr, (int)stagedDecr);
+					printf("           nullIV %d inPlace %d ctxSize %d askOutSize %d\n",
+						(int)nullIV, (int)inPlace, (int)ctxSizeUsed, (int)askOutSize);
+				}
+			}
+			
+			if(doTest(ptext, ptextLen,
+					encrAlg, doCbc, doPadding, nullIV,
+					keySizeInBytes,
+					stagedEncr,	stagedDecr, inPlace, ctxSizeUsed, askOutSize,
+					quiet)) {
+				rtn = 1;
+				break;
+			}
+			if(pauseInterval && ((loop % pauseInterval) == 0)) {
+				char c;
+				fpurge(stdin);
+				printf("Hit CR to proceed, q to abort: ");
+				c = getchar();
+				if(c == 'q') {
+					goto testDone;
+				}
+			}
+			if(loops && (loop == loops)) {
+				break;
+			}
+		}	/* main loop */
+		if(rtn) {
+			break;
+		}
+		
+	}	/* for algs */
+	
+testDone:
+	if(pauseInterval) {
+		fpurge(stdin);
+		printf("ModuleDetach/Unload complete; hit CR to exit: ");
+		getchar();
+	}
+	if((rtn == 0) && !quiet) {
+		printf("%s test complete\n", argv[0]);
+	}
+	free(ptext);
+	return rtn;
+}

ADDED   LocalTests/utilLib/Makefile
Index: LocalTests/utilLib/Makefile
==================================================================
--- /dev/null
+++ LocalTests/utilLib/Makefile
@@ -0,0 +1,59 @@
+# name of executable to build
+EXECUTABLE=libcsputils.a
+# C++ source (with .cpp extension)
+CPSOURCE= commonCpp.cpp nssAppUtils.cpp ssleayUtils.cpp
+# C source (.c extension)
+CSOURCE= common.c cspwrap.c fileIo.c bsafeUtils.c t_stdlib.c rijndael-alg-ref.c \
+	rijndaelApi.c cputime.c
+
+#
+# project-specific libraries, e.g., -lstdc++
+#
+PROJ_LIBS= 
+#
+# Optional lib search paths
+#
+PROJ_LIBPATH=
+#
+# choose one for cc
+#
+VERBOSE=
+#VERBOSE=-v
+
+#
+# Other files to remove at 'make clean' time
+#
+OTHER_TO_CLEAN=
+
+#
+# non-standard frameworks (e.g., -framework foo)
+#
+PROJ_FRAMEWORKS=
+
+#
+# project-specific includes, with leading -I
+#
+PROJ_INCLUDES= 
+
+#
+# Optional C flags (warnings, optimizations, etc.)
+#
+#PROJ_CFLAGS= -Os
+PROJ_CFLAGS= 
+
+#
+# Optional link flags (using cc, not ld)
+#
+PROJ_LDFLAGS=
+
+#
+# Optional dependencies
+#
+PROJ_DEPENDS=
+
+include ../Makefile.lib
+
+# Special case for this object file...normally we ignore header dependencies, but
+# this header is auto generated on a regular basis. 
+$(OBJROOT)/commonCpp.o: commonCpp.cpp cssmErrorStrings.h
+	$(CC) $(ALL_CFLAGS) -c -o $(OBJROOT)/commonCpp.o commonCpp.cpp

ADDED   LocalTests/utilLib/boxes-ref.h
Index: LocalTests/utilLib/boxes-ref.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/boxes-ref.h
@@ -0,0 +1,85 @@
+static const word8 Logtable[256] = {
+  0,   0,  25,   1,  50,   2,  26, 198,  75, 199,  27, 104,  51, 238, 223,   3, 
+100,   4, 224,  14,  52, 141, 129, 239,  76, 113,   8, 200, 248, 105,  28, 193, 
+125, 194,  29, 181, 249, 185,  39, 106,  77, 228, 166, 114, 154, 201,   9, 120, 
+101,  47, 138,   5,  33,  15, 225,  36,  18, 240, 130,  69,  53, 147, 218, 142, 
+150, 143, 219, 189,  54, 208, 206, 148,  19,  92, 210, 241,  64,  70, 131,  56, 
+102, 221, 253,  48, 191,   6, 139,  98, 179,  37, 226, 152,  34, 136, 145,  16, 
+126, 110,  72, 195, 163, 182,  30,  66,  58, 107,  40,  84, 250, 133,  61, 186, 
+ 43, 121,  10,  21, 155, 159,  94, 202,  78, 212, 172, 229, 243, 115, 167,  87, 
+175,  88, 168,  80, 244, 234, 214, 116,  79, 174, 233, 213, 231, 230, 173, 232, 
+ 44, 215, 117, 122, 235,  22,  11, 245,  89, 203,  95, 176, 156, 169,  81, 160, 
+127,  12, 246, 111,  23, 196,  73, 236, 216,  67,  31,  45, 164, 118, 123, 183, 
+204, 187,  62,  90, 251,  96, 177, 134,  59,  82, 161, 108, 170,  85,  41, 157, 
+151, 178, 135, 144,  97, 190, 220, 252, 188, 149, 207, 205,  55,  63,  91, 209, 
+ 83,  57, 132,  60,  65, 162, 109,  71,  20,  42, 158,  93,  86, 242, 211, 171, 
+ 68,  17, 146, 217,  35,  32,  46, 137, 180, 124, 184,  38, 119, 153, 227, 165, 
+103,  74, 237, 222, 197,  49, 254,  24,  13,  99, 140, 128, 192, 247, 112,   7, 
+};
+
+static const word8 Alogtable[256] = {
+  1,   3,   5,  15,  17,  51,  85, 255,  26,  46, 114, 150, 161, 248,  19,  53, 
+ 95, 225,  56,  72, 216, 115, 149, 164, 247,   2,   6,  10,  30,  34, 102, 170, 
+229,  52,  92, 228,  55,  89, 235,  38, 106, 190, 217, 112, 144, 171, 230,  49, 
+ 83, 245,   4,  12,  20,  60,  68, 204,  79, 209, 104, 184, 211, 110, 178, 205, 
+ 76, 212, 103, 169, 224,  59,  77, 215,  98, 166, 241,   8,  24,  40, 120, 136, 
+131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206,  73, 219, 118, 154, 
+181, 196,  87, 249,  16,  48,  80, 240,  11,  29,  39, 105, 187, 214,  97, 163, 
+254,  25,  43, 125, 135, 146, 173, 236,  47, 113, 147, 174, 233,  32,  96, 160, 
+251,  22,  58,  78, 210, 109, 183, 194,  93, 231,  50,  86, 250,  21,  63,  65, 
+195,  94, 226,  61,  71, 201,  64, 192,  91, 237,  44, 116, 156, 191, 218, 117, 
+159, 186, 213, 100, 172, 239,  42, 126, 130, 157, 188, 223, 122, 142, 137, 128, 
+155, 182, 193,  88, 232,  35, 101, 175, 234,  37, 111, 177, 200,  67, 197,  84, 
+252,  31,  33,  99, 165, 244,   7,   9,  27,  45, 119, 153, 176, 203,  70, 202, 
+ 69, 207,  74, 222, 121, 139, 134, 145, 168, 227,  62,  66, 198,  81, 243,  14, 
+ 18,  54,  90, 238,  41, 123, 141, 140, 143, 138, 133, 148, 167, 242,  13,  23, 
+ 57,  75, 221, 124, 132, 151, 162, 253,  28,  36, 108, 180, 199,  82, 246,   1, 
+};
+
+static const word8 S[256] = {
+ 99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118, 
+202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192, 
+183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21, 
+  4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117, 
+  9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132, 
+ 83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207, 
+208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168, 
+ 81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210, 
+205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115, 
+ 96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219, 
+224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121, 
+231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8, 
+186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138, 
+112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158, 
+225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223, 
+140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22, 
+};
+
+static const word8 Si[256] = {
+ 82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251, 
+124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203, 
+ 84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78, 
+  8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37, 
+114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146, 
+108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132, 
+144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6, 
+208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107, 
+ 58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, 
+150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110, 
+ 71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27, 
+252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244, 
+ 31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95, 
+ 96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239, 
+160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97, 
+ 23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125, 
+};
+
+static const word8 iG[4][4] = {
+{ 0x0e, 0x09, 0x0d, 0x0b }, 
+{ 0x0b, 0x0e, 0x09, 0x0d },
+{ 0x0d, 0x0b, 0x0e, 0x09 }, 
+{ 0x09, 0x0d, 0x0b, 0x0e } 
+};
+
+static const word32 rcon[30] = { 
+  0x01,0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91, };

ADDED   LocalTests/utilLib/bsafeUtils.c
Index: LocalTests/utilLib/bsafeUtils.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/bsafeUtils.c
@@ -0,0 +1,980 @@
+/*
+ * bsafeUtils.c - common routines for CDSA/BSAFE compatibility testing
+ */
+ 
+#include <stdlib.h>
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#include <security_bsafe/bsafe.h>
+#include <security_bsafe/aglobal.h>
+#include "bsafeUtils.h"
+#include <Security/cssmerr.h>
+#include "common.h"
+
+/*
+ * Convert between BSAFE ITEM and CSSM_DATA
+ */
+static inline void buItemToCssmData(
+	const ITEM 		*item,
+	CSSM_DATA_PTR	cdata)
+{
+	cdata->Data   = item->data;
+	cdata->Length = item->len;
+}
+
+static inline void buCssmDataToItem(
+	const CSSM_DATA		*cdata,
+	ITEM 				*item)
+{
+	item->data = cdata->Data;
+	item->len  = cdata->Length;
+}
+
+/*
+ * BSafe's Chooser table - all we'll ever need.
+ */
+/*static*/ B_ALGORITHM_METHOD *BSAFE_ALGORITHM_CHOOSER[] = {
+    // digests
+    &AM_SHA,
+    &AM_MD5,
+	&AM_MD2,
+
+    // organizational
+    &AM_CBC_ENCRYPT,
+    &AM_CBC_DECRYPT,
+    &AM_ECB_ENCRYPT,
+    &AM_ECB_DECRYPT,
+    &AM_OFB_ENCRYPT,
+    &AM_OFB_DECRYPT,
+
+    // DES & variants
+    &AM_DES_ENCRYPT,
+    &AM_DES_DECRYPT,
+    &AM_DESX_ENCRYPT,
+    &AM_DESX_DECRYPT,
+    &AM_DES_EDE_ENCRYPT,
+    &AM_DES_EDE_DECRYPT,
+
+    // RCn stuff
+    &AM_RC2_CBC_ENCRYPT,
+    &AM_RC2_CBC_DECRYPT,
+    &AM_RC2_ENCRYPT,
+    &AM_RC2_DECRYPT,
+    &AM_RC4_ENCRYPT,
+    &AM_RC4_DECRYPT,
+    &AM_RC5_ENCRYPT,
+    &AM_RC5_DECRYPT,
+    &AM_RC5_CBC_ENCRYPT,
+    &AM_RC5_CBC_DECRYPT,
+
+    // RSA
+    &AM_RSA_STRONG_KEY_GEN,
+    &AM_RSA_KEY_GEN,
+    &AM_RSA_CRT_ENCRYPT_BLIND,
+    &AM_RSA_CRT_DECRYPT_BLIND,
+    &AM_RSA_ENCRYPT,
+    &AM_RSA_DECRYPT,
+
+    // DSA
+    &AM_DSA_PARAM_GEN,
+    &AM_DSA_KEY_GEN,
+
+    // signatures
+    &AM_DSA_SIGN,
+    &AM_DSA_VERIFY,
+
+    // random number generation
+    &AM_MD5_RANDOM,
+    &AM_SHA_RANDOM,
+
+    // sentinel
+    (B_ALGORITHM_METHOD *)NULL_PTR
+};
+
+/* 
+ * Convert a BSAFE return to a CSSM error and optionally print the error msg with 
+ * the op in which the error occurred.
+ */
+static CSSM_RETURN buBsafeErrToCssm(
+	int brtn, 
+	const char *op)
+{
+	char *errStr = NULL;
+	CSSM_RETURN crtn;
+	
+    switch (brtn) {
+		case 0:
+			return CSSM_OK;
+		case BE_ALLOC:
+			crtn = CSSMERR_CSSM_MEMORY_ERROR;
+			errStr = "BE_ALLOC";
+			break;
+		case BE_SIGNATURE:
+			crtn = CSSMERR_CSP_VERIFY_FAILED;
+			errStr = "BE_SIGNATURE";
+			break;
+		case BE_OUTPUT_LEN:
+			crtn = CSSMERR_CSP_OUTPUT_LENGTH_ERROR;
+			errStr = "BE_OUTPUT_LEN";
+			break;
+		case BE_INPUT_LEN:
+			crtn = CSSMERR_CSP_INPUT_LENGTH_ERROR;
+			errStr = "BE_INPUT_LEN";
+			break;
+		case BE_EXPONENT_EVEN:
+			crtn = CSSMERR_CSP_INVALID_KEY;
+			errStr = "BE_EXPONENT_EVEN";
+			break;
+		case BE_EXPONENT_LEN:
+			crtn = CSSMERR_CSP_INVALID_KEY;
+			errStr = "BE_EXPONENT_LEN";
+			break;
+		case BE_EXPONENT_ONE:
+			crtn = CSSMERR_CSP_INVALID_KEY;
+			errStr = "BE_EXPONENT_ONE";
+			break;
+		case BE_DATA:
+			crtn = CSSMERR_CSP_INVALID_DATA;
+			errStr = "BE_DATA";
+			break;
+		case BE_INPUT_DATA:
+			crtn = CSSMERR_CSP_INVALID_DATA;
+			errStr = "BE_INPUT_DATA";
+			break;
+		case BE_WRONG_KEY_INFO:
+			crtn = CSSMERR_CSP_INVALID_KEY;
+			errStr = "BE_WRONG_KEY_INFO";
+			break;
+        default:
+			//@@@ translate BSafe errors intelligently
+ 			crtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			errStr = "Other BSAFE error";
+			break;
+    }
+	if(op != NULL) {
+		printf("%s: BSAFE error %d (%s)\n", op, brtn, errStr);
+	}
+	return crtn;
+}
+
+/*
+ * Non-thread-safe global random B_ALGORITHM_OBJ and a reusable init for it.
+ */
+static B_ALGORITHM_OBJ 	bsafeRng = NULL;
+#define BSAFE_RANDSIZE	64
+
+static B_ALGORITHM_OBJ buGetRng()
+{
+	int brtn;
+	uint8 seed[BSAFE_RANDSIZE];
+	
+	if(bsafeRng != NULL) {
+		return bsafeRng;
+	}
+	brtn = B_CreateAlgorithmObject(&bsafeRng);
+	if(brtn) {
+		buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject(&bsafeRng)");
+		return NULL;
+	}
+	brtn = B_SetAlgorithmInfo(bsafeRng, AI_X962Random_V0, NULL_PTR);
+	if(brtn) {
+		buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
+		return NULL;
+	}
+	brtn = B_RandomInit(bsafeRng, BSAFE_ALGORITHM_CHOOSER, NULL);
+ 	if(brtn) {
+		buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
+		return NULL;
+	}
+	appGetRandomBytes(seed, BSAFE_RANDSIZE);
+	brtn = B_RandomUpdate(bsafeRng, seed, BSAFE_RANDSIZE, NULL);
+	if(brtn) {
+		buBsafeErrToCssm(brtn, "B_RandomUpdate");
+		return NULL;
+	}
+	return bsafeRng;
+}
+
+/*
+ * Create a symmetric key.
+ */
+CSSM_RETURN  buGenSymKey(
+	uint32			keySizeInBits,
+	const CSSM_DATA	*keyData,
+	BU_KEY			*key)			// RETURNED
+{
+	int				brtn;
+	B_KEY_OBJ		bkey = NULL;
+	ITEM			item;
+	unsigned		keyBytes = (keySizeInBits + 7) / 8;
+	
+	if(keyBytes > keyData->Length) {
+		/* note it's OK to give us too much key data */
+		printf("***buGenSymKey: Insufficient keyData\n");
+		return CSSM_ERRCODE_INTERNAL_ERROR;
+	}
+
+	/* create a BSAFE key */
+	brtn = B_CreateKeyObject(&bkey);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
+	}
+	
+	/* assign data to the key */
+	item.data = keyData->Data;
+	item.len = keyBytes;
+	brtn = B_SetKeyInfo(bkey, KI_Item, (POINTER)&item);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
+	}
+	else {
+		*key = bkey;
+		return CSSM_OK;
+	}
+}
+
+/*
+ * Create asymmetric key pair.
+ * FIXME - additional params (e.g. DSA params, RSA exponent)?
+ */
+CSSM_RETURN buGenKeyPair(
+	uint32			keySizeInBits,
+	CSSM_ALGORITHMS	keyAlg,			// CSSM_ALGID_{RSA,DSA}
+	BU_KEY			*pubKey,		// RETURNED
+	BU_KEY			*privKey)		// RETURNED
+{
+	int						brtn;
+	B_KEY_OBJ				bPubkey = NULL;
+	B_KEY_OBJ				bPrivkey = NULL;
+	B_ALGORITHM_OBJ			keypairGen = NULL;
+	char					*op = NULL;
+	A_RSA_KEY_GEN_PARAMS	params;
+	unsigned char 			exp[1] = { 3 };
+    B_ALGORITHM_OBJ 		genDsaAlg = NULL;
+    B_ALGORITHM_OBJ 		dsaResult = NULL;
+	B_DSA_PARAM_GEN_PARAMS 	dsaParams;
+	A_DSA_PARAMS 			*kParams = NULL;
+	
+	/* create algorithm object */
+	brtn = B_CreateAlgorithmObject(&keypairGen);
+	if(brtn) {
+		return CSSMERR_CSSM_MEMORY_ERROR;
+	}
+	
+	/* create two BSAFE keys */
+	brtn = B_CreateKeyObject(&bPubkey);
+	if(brtn) {
+		op ="B_CreateKeyObject";
+		goto abort;
+	}
+	brtn = B_CreateKeyObject(&bPrivkey);
+	if(brtn) {
+		op ="B_CreateKeyObject";
+		goto abort;
+	}
+	switch(keyAlg) {
+		case CSSM_ALGID_RSA:
+		{
+			/* set RSA-specific params */
+			params.modulusBits = keySizeInBits;
+			/* hack - parameterize? */
+			params.publicExponent.data = exp;
+			params.publicExponent.len = 1;
+			brtn = B_SetAlgorithmInfo(keypairGen, AI_RSAKeyGen, 
+				(POINTER)&params);
+			if(brtn) {
+				op ="B_SetAlgorithmInfo(AI_RSAKeyGen)";
+			}
+			break;
+		}
+		case CSSM_ALGID_DSA:	
+		{
+			/* jump through hoops generating parameters */
+			brtn = B_CreateAlgorithmObject(&genDsaAlg);
+			if(brtn) {
+				op ="B_CreateAlgorithmObject";
+				break;
+			}
+			dsaParams.primeBits = keySizeInBits;
+        	brtn = B_SetAlgorithmInfo(genDsaAlg, AI_DSAParamGen, (POINTER)&dsaParams);
+			if(brtn) {
+				op = "B_SetAlgorithmInfo(AI_DSAParamGen)";
+				break;
+			}
+			brtn = B_GenerateInit(genDsaAlg, BSAFE_ALGORITHM_CHOOSER, NULL);
+			if(brtn) {
+				op = "B_GenerateInit(AI_DSAParamGen)";
+				break;
+			}
+        	brtn = B_CreateAlgorithmObject(&dsaResult);
+			if(brtn) {
+				op = "B_CreateAlgorithmObject";
+				break;
+			}
+        	brtn = B_GenerateParameters(genDsaAlg, dsaResult, buGetRng(), NULL);
+			if(brtn) {
+				op = "B_GenerateParameters";
+				break;
+			}
+			
+			/* dsaResult now has the parameters, which we must extract and then
+			 * apply to the keypairGen object. Cool, huh? */
+			brtn = B_GetAlgorithmInfo((POINTER *)&kParams, dsaResult, AI_DSAKeyGen);
+			if(brtn) {
+				op = "B_GetAlgorithmInfo(AI_DSAKeyGen)";
+				break;
+			}
+			brtn = B_SetAlgorithmInfo(keypairGen, AI_DSAKeyGen, (POINTER)kParams);
+			if(brtn) {
+				op ="B_SetAlgorithmInfo(AI_DSAKeyGen)";
+			}
+			break;
+		}
+		default:
+			printf("buGenKeyPair: algorithm not supported\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	if(brtn) {
+		goto abort;
+	}
+	
+	/* keypairGen all set to go. */
+	brtn = B_GenerateInit(keypairGen, 
+		BSAFE_ALGORITHM_CHOOSER,
+		(A_SURRENDER_CTX *)NULL);
+	if(brtn) {
+		op = "B_GenerateInit";
+		goto abort;
+	}
+	brtn = B_GenerateKeypair(keypairGen,
+		bPubkey,
+		bPrivkey,
+		buGetRng(),
+		NULL);
+	if(brtn) {
+		op = "B_GenerateInit";
+	}
+abort:
+	B_DestroyAlgorithmObject(&keypairGen);
+	B_DestroyAlgorithmObject(&genDsaAlg);
+	B_DestroyAlgorithmObject(&dsaResult);
+	if(brtn) {
+		B_DestroyKeyObject(&bPubkey);
+		B_DestroyKeyObject(&bPrivkey);
+		return buBsafeErrToCssm(brtn, op);
+	}
+	else {
+		*pubKey = bPubkey;
+		*privKey = bPrivkey;
+		return CSSM_OK;
+	}
+}
+
+/*
+ * Free a key created in buGenSymKey or buGenKeyPair
+ */
+CSSM_RETURN buFreeKey(
+	BU_KEY			key)
+{
+	B_KEY_OBJ bkey = (B_KEY_OBJ)key;
+	B_DestroyKeyObject(&bkey);
+	return CSSM_OK;
+}
+
+/*
+ * encrypt/decrypt
+ */
+CSSM_RETURN buEncryptDecrypt(
+	BU_KEY				key,
+	CSSM_BOOL			forEncrypt,
+	CSSM_ALGORITHMS		encrAlg,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC, etc.
+	const CSSM_DATA		*iv,				//Êoptional per mode
+	uint32				effectiveKeyBits,	// optional per key alg (actually just RC2)
+											// for RSA, key size in bits
+	uint32				rounds,				// optional, RC5 only
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData)			// mallocd and RETURNED
+{
+	B_ALGORITHM_OBJ		alg;
+	int 				brtn;
+	char				fbCipher = 1;
+	uint32				blockSize = 0;
+	unsigned			outBufLen;
+	unsigned			bytesMoved;
+	CSSM_RETURN			crtn;
+	char				useIv;
+	
+	// these variables are used in the switch below and need to 
+	// live until after setAlgorithm()
+	ITEM	 			bsIv;
+    B_BLK_CIPHER_W_FEEDBACK_PARAMS spec;
+	A_RC5_PARAMS		rc5Params;
+	A_RC2_PARAMS		rc2Params;
+	
+	brtn = B_CreateAlgorithmObject(&alg);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
+	}
+	
+	/* per-alg setup */
+	switch(encrAlg) {
+		case CSSM_ALGID_RC4:
+			/* the easy one */
+			brtn = B_SetAlgorithmInfo(alg, AI_RC4, NULL);
+			if(brtn) {
+				crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+				goto abort;
+			}
+			fbCipher = 0;
+			break;
+			
+		case CSSM_ALGID_RSA:
+			/* assume encrypt via publicm decrypt via private */
+			if(forEncrypt) {
+				brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPublic, NULL);
+			}
+			else {
+				brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPrivate, NULL);
+			}
+			if(brtn) {
+				crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(RSA)");
+				goto abort;
+			}
+			blockSize = (effectiveKeyBits + 7) / 8;
+			fbCipher = 0;
+			break;
+			
+		/* common code using AI_FeebackCipher */
+        case CSSM_ALGID_DES:
+            spec.encryptionMethodName = (POINTER)"des";
+			blockSize = 8;
+            break;
+        case CSSM_ALGID_DESX:
+            spec.encryptionMethodName = (POINTER)"desx";
+ 			blockSize = 8;
+			break;
+        case CSSM_ALGID_3DES_3KEY_EDE:
+            spec.encryptionMethodName = (POINTER)"des_ede";
+			blockSize = 8;
+            break;
+        case CSSM_ALGID_RC5:
+            spec.encryptionMethodName = (POINTER)"rc5";
+			spec.encryptionParams = (POINTER)&rc5Params;
+			rc5Params.version = 0x10;
+			rc5Params.rounds = rounds;
+			rc5Params.wordSizeInBits = 32;
+			blockSize = 8;
+            break;
+        case CSSM_ALGID_RC2:
+            spec.encryptionMethodName = (POINTER)"rc2";
+			spec.encryptionParams = (POINTER)&rc2Params;
+			rc2Params.effectiveKeyBits = effectiveKeyBits;
+ 			blockSize = 8;
+           break;
+		/* add other non-AI_FeebackCipher algorithms here */
+		default:
+			printf("buEncryptDecrypt: unknown algorithm\n");
+			return CSSM_ERRCODE_INTERNAL_ERROR;
+	}
+	if(fbCipher) {
+		useIv = 1;		// default, except for ECB
+		switch(mode) {
+			case CSSM_ALGMODE_CBCPadIV8:
+				spec.feedbackMethodName = (POINTER)"cbc";
+				spec.paddingMethodName = (POINTER)"pad";
+				break;
+			case CSSM_ALGMODE_CBC_IV8: 
+				spec.feedbackMethodName = (POINTER)"cbc";
+				spec.paddingMethodName = (POINTER)"nopad";
+				break;
+			case CSSM_ALGMODE_OFB_IV8: 
+				spec.feedbackMethodName = (POINTER)"cbc";
+				spec.paddingMethodName = (POINTER)"nopad";
+				break;
+			case CSSM_ALGMODE_ECB: 
+				/* this does not seem to work yet - need info from 
+				 * RSA. Specify block size as the feedbackParams (per manual)
+				 * and get a memmove error trying to copy from address 8; specify
+				 * an IV and get BSAFE error 524 (BE_INPUT_DATA) error on the
+				 * EncryptInit.
+				 */
+				spec.feedbackMethodName = (POINTER)"ecb";
+				spec.paddingMethodName = (POINTER)"nopad";
+				//useIv = 0;
+				//spec.feedbackParams = (POINTER)8;
+				break;
+			default:
+				printf("buEncryptDecrypt: unknown mode\n");
+				return CSSM_ERRCODE_INTERNAL_ERROR;
+		}
+		if(useIv && (iv != NULL)) {
+			buCssmDataToItem(iv, &bsIv);
+			spec.feedbackParams = (POINTER)&bsIv;
+		}
+		
+		brtn = B_SetAlgorithmInfo(alg, AI_FeedbackCipher, (POINTER)&spec);
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+			goto abort;
+		}
+	}
+	
+	/*
+	 * OK, one way or another we have an algorithm object. Set up
+	 * output buffer.
+	 */
+	if(forEncrypt) {
+		outBufLen = inData->Length + blockSize;
+	}
+	else {
+		outBufLen = inData->Length;
+	}
+	outData->Length = 0;
+	outData->Data = NULL;
+	crtn = appSetupCssmData(outData, outBufLen);
+	if(crtn) {
+		goto abort;
+	}
+	if(forEncrypt) {
+		brtn = B_EncryptInit(alg, 
+			(B_KEY_OBJ)key,
+			BSAFE_ALGORITHM_CHOOSER,
+			(A_SURRENDER_CTX *)NULL);
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
+			goto abort;
+		}
+		brtn = B_EncryptUpdate(alg,
+			outData->Data,
+			&bytesMoved,
+			outBufLen,
+			inData->Data,
+			inData->Length,
+			buGetRng(),		// randAlg
+			NULL);			// surrender
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
+			goto abort;
+		}
+		outData->Length = bytesMoved;
+		brtn = B_EncryptFinal(alg,
+			outData->Data + bytesMoved,
+			&bytesMoved,
+			outBufLen - outData->Length,
+			buGetRng(),		// randAlg
+			NULL);			// surrender
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_EncryptFinal");
+			goto abort;
+		}
+		outData->Length += bytesMoved;
+		crtn = CSSM_OK;
+	}
+	else {
+		brtn = B_DecryptInit(alg, 
+			(B_KEY_OBJ)key,
+			BSAFE_ALGORITHM_CHOOSER,
+			(A_SURRENDER_CTX *)NULL);
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_DecryptInit");
+			goto abort;
+		}
+		brtn = B_DecryptUpdate(alg,
+			outData->Data,
+			&bytesMoved,
+			outBufLen,
+			inData->Data,
+			inData->Length,
+			NULL,			// randAlg
+			NULL);			// surrender
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_DecryptUpdate");
+			goto abort;
+		}
+		outData->Length = bytesMoved;
+		brtn = B_DecryptFinal(alg,
+			outData->Data + bytesMoved,
+			&bytesMoved,
+			outBufLen - outData->Length,
+			NULL,			// randAlg
+			NULL);			// surrender
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_DecryptFinal");
+			goto abort;
+		}
+		outData->Length += bytesMoved;
+		crtn = CSSM_OK;
+	}
+abort:
+	B_DestroyAlgorithmObject(&alg);
+	return crtn;
+}
+
+/* CSSM sig alg --> B_INFO_TYPE */
+static CSSM_RETURN cssmSigAlgToInfoType(
+	CSSM_ALGORITHMS cssmAlg,
+	B_INFO_TYPE		*infoType)
+{
+	switch(cssmAlg) {
+		case CSSM_ALGID_SHA1WithRSA:
+			*infoType = AI_SHA1WithRSAEncryption;
+			break;
+		case CSSM_ALGID_MD5WithRSA:
+			*infoType = AI_MD5WithRSAEncryption;
+			break;
+		case CSSM_ALGID_SHA1WithDSA:
+			*infoType = AI_DSAWithSHA1;
+			break;
+		default:
+			printf("cssmSigAlgToInfoType: unknown algorithm\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	return CSSM_OK;
+}
+
+/*
+ * Sign/verify
+ */
+CSSM_RETURN buSign(
+	BU_KEY				key,
+	CSSM_ALGORITHMS		sigAlg,
+	const CSSM_DATA		*ptext,
+	uint32				keySizeInBits,		// to set up sig
+	CSSM_DATA_PTR		sig)				// mallocd and RETURNED
+{
+	B_ALGORITHM_OBJ		alg = NULL;
+	int 				brtn;
+	B_INFO_TYPE			infoType;
+	CSSM_RETURN			crtn;
+	unsigned			sigBytes;
+	
+	brtn = B_CreateAlgorithmObject(&alg);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
+	}
+	crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
+	if(crtn) {
+		return crtn;
+	}
+	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+		goto abort;
+	}
+	brtn = B_SignInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SignInit");
+		goto abort;
+	}
+	brtn = B_SignUpdate(alg, ptext->Data, ptext->Length, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SignUpdate");
+		goto abort;
+	}
+	
+	/* prepare for sig, size of key */
+	sigBytes = (keySizeInBits + 7) / 8;
+	sig->Data = (uint8 *)CSSM_MALLOC(sigBytes);
+	sig->Length = sigBytes;
+	
+	brtn = B_SignFinal(alg, sig->Data, &sigBytes, sigBytes, buGetRng(), NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SignFinal");
+		goto abort;
+	}
+	sig->Length = sigBytes;
+	crtn = CSSM_OK;
+abort:
+	B_DestroyAlgorithmObject(&alg);
+	return crtn;
+}
+
+CSSM_RETURN buVerify(
+	BU_KEY				key,
+	CSSM_ALGORITHMS		sigAlg,
+	const CSSM_DATA		*ptext,
+	const CSSM_DATA		*sig)				// mallocd and RETURNED
+{
+	B_ALGORITHM_OBJ		alg = NULL;
+	int 				brtn;
+	B_INFO_TYPE			infoType;
+	CSSM_RETURN			crtn;
+	
+	brtn = B_CreateAlgorithmObject(&alg);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
+	}
+	crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
+	if(crtn) {
+		return crtn;
+	}
+	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+		goto abort;
+	}
+	brtn = B_VerifyInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_VerifyInit");
+		goto abort;
+	}
+	brtn = B_VerifyUpdate(alg, ptext->Data, ptext->Length, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_VerifyUpdate");
+		goto abort;
+	}
+	brtn = B_VerifyFinal(alg, sig->Data, sig->Length, buGetRng(), NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_VerifyFinal");
+		goto abort;
+	}
+	crtn = CSSM_OK;
+abort:
+	B_DestroyAlgorithmObject(&alg);
+	return crtn;
+}
+
+/* 
+ * generate MAC either one update (updateSizes == NULL) or 
+ * specified set of update sizes.
+ */
+#define MAX_MAC_SIZE	20
+
+CSSM_RETURN buGenMac(
+	BU_KEY				key,				// any key, any size
+	CSSM_ALGORITHMS		macAlg,				// only CSSM_ALGID_SHA1HMAC for now
+	const CSSM_DATA		*ptext,
+	unsigned			*updateSizes,		// NULL --> random updates
+											// else null-terminated list of sizes
+	CSSM_DATA_PTR		mac)				// mallocd and RETURNED 
+{
+	B_ALGORITHM_OBJ		alg = NULL;
+	int 				brtn;
+	CSSM_RETURN			crtn;
+	B_DIGEST_SPECIFIER	digestInfo;
+	B_INFO_TYPE			infoType;
+	unsigned			macBytes;
+	
+	brtn = B_CreateAlgorithmObject(&alg);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
+	}
+	switch(macAlg) {
+		case CSSM_ALGID_SHA1HMAC:
+		case CSSM_ALGID_SHA1HMAC_LEGACY:
+			digestInfo.digestInfoType = AI_SHA1;
+			infoType = AI_HMAC;
+			break;
+		default:
+			printf("buGenMac: alg not supported\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	digestInfo.digestInfoParams = NULL;
+	brtn = B_SetAlgorithmInfo(alg, infoType, (POINTER)&digestInfo);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+		goto abort;
+	}
+	brtn = B_DigestInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
+		goto abort;
+	}
+	if(updateSizes) {
+		uint8 *currData = ptext->Data;
+		while(*updateSizes) {
+			brtn = B_DigestUpdate(alg, currData, *updateSizes, NULL);
+			if(brtn) {
+				crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
+				goto abort;
+			}
+			currData += *updateSizes;
+			updateSizes++;
+		}
+	}
+	else {
+		/* one-shot */
+		brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
+		if(brtn) {
+			crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
+			goto abort;
+		}
+	}
+	/* prepare for mac, magically gleaned max size */
+	macBytes = MAX_MAC_SIZE;
+	mac->Data = (uint8 *)CSSM_MALLOC(macBytes);
+	mac->Length = macBytes;
+	
+	brtn = B_DigestFinal(alg, mac->Data, &macBytes, macBytes, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
+		goto abort;
+	}
+	mac->Length = macBytes;
+	crtn = CSSM_OK;
+abort:
+	B_DestroyAlgorithmObject(&alg);
+	return crtn;
+
+}
+
+/* generate digest */
+#define MAX_DIGEST_SIZE		20
+
+CSSM_RETURN buGenDigest(
+	CSSM_ALGORITHMS		macAlg,				// CSSM_ALGID_SHA1, etc. */
+	const CSSM_DATA		*ptext,
+	CSSM_DATA_PTR		digest)				// mallocd and RETURNED 
+{
+	B_ALGORITHM_OBJ		alg = NULL;
+	int 				brtn;
+	CSSM_RETURN			crtn;
+	B_INFO_TYPE			infoType;
+	unsigned			hashBytes;
+	
+	brtn = B_CreateAlgorithmObject(&alg);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
+	}
+	switch(macAlg) {
+		case CSSM_ALGID_SHA1:
+			infoType = AI_SHA1;
+			break;
+		case CSSM_ALGID_MD5:
+			infoType = AI_MD5;
+			break;
+		case CSSM_ALGID_MD2:
+			infoType = AI_MD2;
+			break;
+		default:
+			printf("buGenDigest: alg not supported\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
+		goto abort;
+	}
+	brtn = B_DigestInit(alg, NULL, BSAFE_ALGORITHM_CHOOSER, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
+		goto abort;
+	}
+	brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
+		goto abort;
+	}
+	
+	/* prepare for digest, magically gleaned max size */
+	hashBytes = MAX_DIGEST_SIZE;
+	digest->Data = (uint8 *)CSSM_MALLOC(hashBytes);
+	digest->Length = hashBytes;
+	
+	brtn = B_DigestFinal(alg, digest->Data, &hashBytes, hashBytes, NULL);
+	if(brtn) {
+		crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
+		goto abort;
+	}
+	digest->Length = hashBytes;
+	crtn = CSSM_OK;
+abort:
+	B_DestroyAlgorithmObject(&alg);
+	return crtn;
+
+}
+
+/*
+ * Convert between BSAFE and CDSA private keys
+ */
+CSSM_RETURN buBsafePrivKeyToCdsa(
+	CSSM_ALGORITHMS		keyAlg,
+	uint32				keySizeInBits,
+	BU_KEY				bsafePrivKey,
+	CSSM_KEY_PTR		cdsaPrivKey)
+{
+	B_INFO_TYPE			infoType;
+	ITEM				*keyBlob;
+	int					brtn;
+	CSSM_KEYBLOB_FORMAT	format;
+	CSSM_KEYHEADER_PTR	hdr = &cdsaPrivKey->KeyHeader;
+	
+	/* what kind of info? */
+	switch(keyAlg) {
+		case CSSM_ALGID_RSA:
+			infoType = KI_PKCS_RSAPrivateBER;
+			format = CSSM_KEYBLOB_RAW_FORMAT_PKCS8;
+			break;
+		case CSSM_ALGID_DSA:
+			infoType = KI_DSAPrivateBER;
+			format = CSSM_KEYBLOB_RAW_FORMAT_FIPS186;
+			break;
+		default:
+			printf("***buBsafePrivKeyToCdsa: bogus keyAlg\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	
+	/* get the blob */
+	brtn = B_GetKeyInfo((POINTER *)&keyBlob,
+		(B_KEY_OBJ)bsafePrivKey,
+		infoType);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_GetKeyInfo");
+	}
+	
+	/* copy blob to CDSA key */
+	cdsaPrivKey->KeyData.Data = (uint8 *)CSSM_MALLOC(keyBlob->len);
+	cdsaPrivKey->KeyData.Length = keyBlob->len;
+	memmove(cdsaPrivKey->KeyData.Data, keyBlob->data, keyBlob->len);
+	
+	/* set up CSSM key header */
+	memset(hdr, 0, sizeof(CSSM_KEYHEADER));
+	hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
+	hdr->BlobType = CSSM_KEYBLOB_RAW;
+	hdr->Format = format;
+	hdr->AlgorithmId = keyAlg;
+	hdr->KeyClass = CSSM_KEYCLASS_PRIVATE_KEY;
+	hdr->LogicalKeySizeInBits = keySizeInBits;
+	hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
+	hdr->KeyUsage = CSSM_KEYUSE_ANY;
+	return CSSM_OK;
+}
+
+CSSM_RETURN buCdsaPrivKeyToBsafe(
+	CSSM_KEY_PTR		cdsaPrivKey,
+	BU_KEY				*bsafePrivKey)
+{
+	int 		brtn;
+	B_KEY_OBJ	privKey = NULL;
+	ITEM		keyBlob;
+	B_INFO_TYPE	infoType;
+	
+	/* what kind of info? */
+	switch(cdsaPrivKey->KeyHeader.AlgorithmId) {
+		case CSSM_ALGID_RSA:
+			infoType = KI_PKCS_RSAPrivateBER;
+			break;
+		case CSSM_ALGID_DSA:
+			infoType = KI_DSAPrivateBER;
+			break;
+		default:
+			printf("***buCdsaPrivKeyToCssm: bogus keyAlg\n");
+			return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
+	}
+	
+	/* create caller's key, assign blob to it */
+	brtn = B_CreateKeyObject(&privKey);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
+	}
+	buCssmDataToItem(&cdsaPrivKey->KeyData, &keyBlob);
+	brtn = B_SetKeyInfo(privKey, infoType, (POINTER)&keyBlob);
+	if(brtn) {
+		return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
+	}
+	*bsafePrivKey = privKey;
+	return CSSM_OK;
+}
+

ADDED   LocalTests/utilLib/bsafeUtils.h
Index: LocalTests/utilLib/bsafeUtils.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/bsafeUtils.h
@@ -0,0 +1,109 @@
+/*
+ * bsafeUtils.h - common routines for CDSA/BSAFE compatibility testing
+ */
+
+/*
+ * Clients of this module do not need to know about or see anything from the 
+ * BSAFE headers. 
+ */
+#ifndef	_BSAFE_UTILS_H_
+#define _BSAFE_UTILS_H_
+#include <Security/cssmtype.h>
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/* Actually the same as a B_KEY_OBJ, but our callers don't need to know that */
+typedef void *BU_KEY;
+
+/*
+ * Create a symmetric key.
+ */
+CSSM_RETURN  buGenSymKey(
+	uint32			keySizeInBits,
+	const CSSM_DATA	*keyData,
+	BU_KEY			*key);			// RETURNED
+
+/*
+ * Create asymmetric key pair.
+ * FIXME - additional params (e.g. DSA params, RSA exponent)?
+ */
+CSSM_RETURN buGenKeyPair(
+	uint32			keySizeInBits,
+	CSSM_ALGORITHMS	keyAlg,			// CSSM_ALGID_{RSA,DSA}
+	BU_KEY			*pubKey,		// RETURNED
+	BU_KEY			*privKey);		// RETURNED
+	
+/*
+ * Free a key created in buGenSymKey or buGenKeyPair
+ */
+CSSM_RETURN buFreeKey(
+	BU_KEY			key);
+
+/*
+ * encrypt/decrypt
+ */
+CSSM_RETURN buEncryptDecrypt(
+	BU_KEY				key,
+	CSSM_BOOL			forEncrypt,
+	CSSM_ALGORITHMS		encrAlg,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC, etc.
+	const CSSM_DATA		*iv,				//Êoptional per mode
+	uint32				effectiveKeyBits,	// optional per key alg (actually just RC2)
+											// for RSA, key size in bits
+	uint32				rounds,				// optional, RC5 only
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData);			// mallocd and RETURNED
+
+/*
+ * Sign/verify
+ */
+CSSM_RETURN buSign(
+	BU_KEY				key,
+	CSSM_ALGORITHMS		sigAlg,
+	const CSSM_DATA		*ptext,
+	uint32				keySizeInBits,		// to set up sig
+	CSSM_DATA_PTR		sig);				// mallocd and RETURNED
+
+CSSM_RETURN buVerify(
+	BU_KEY				key,
+	CSSM_ALGORITHMS		sigAlg,
+	const CSSM_DATA		*ptext,
+	const CSSM_DATA		*sig);				// mallocd and RETURNED
+
+/* 
+ * generate MAC either one update (updateSizes == NULL) or 
+ * specified set of update sizes.
+ */
+CSSM_RETURN buGenMac(
+	BU_KEY				key,				// any key, any size
+	CSSM_ALGORITHMS		macAlg,				// only CSSM_ALGID_SHA1HMAC for now
+	const CSSM_DATA		*ptext,
+	unsigned			*updateSizes,		// NULL --> random updates
+											// else null-terminated list of sizes
+	CSSM_DATA_PTR		mac);				// mallocd and RETURNED 
+	
+/* generate digest */
+CSSM_RETURN buGenDigest(
+	CSSM_ALGORITHMS		macAlg,				// CSSM_ALGID_SHA1, etc. */
+	const CSSM_DATA		*ptext,
+	CSSM_DATA_PTR		digest);			// mallocd and RETURNED 
+	
+/*
+ * Convert between BSAFE and CDSA private keys
+ */
+CSSM_RETURN buBsafePrivKeyToCdsa(
+	CSSM_ALGORITHMS		keyAlg,
+	uint32				keySizeInBits,
+	BU_KEY				bsafePrivKey,
+	CSSM_KEY_PTR		cdsaPrivKey);
+CSSM_RETURN buCdsaPrivKeyToBsafe(
+	CSSM_KEY_PTR		cdsaPrivKey,
+	BU_KEY				*bsafePrivKey);
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _BSAFE_UTILS_H_ */

ADDED   LocalTests/utilLib/common.c
Index: LocalTests/utilLib/common.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/common.c
@@ -0,0 +1,626 @@
+/* Copyright 1997 Apple Computer, Inc.
+ *
+ * common.c - Common CSP test code
+ *
+ * Revision History
+ * ----------------
+ *   4 May 2000 Doug Mitchell
+ *		Ported to X/CDSA2. 
+ *   6 Jul 1998 Doug Mitchell at Apple
+ *		Added clStartup().
+ *  12 Aug 1997	Doug Mitchell at Apple
+ *		Created.
+ */
+ 
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <Security/cssm.h>
+#include "common.h"
+#include <Security/cssmapple.h>			/* apple, not intel */
+#include <time.h>
+
+static CSSM_VERSION vers = {2, 0};
+//const static uint32 guidPrefix = 0xFADE;
+const CSSM_GUID testGuid = { 0xFADE, 0, 0, { 1,2,3,4,5,6,7,0 }};
+
+/*
+ * We can't enable this until all of these are fixed and integrated:
+ * 2890978 CSP
+ * 2927474 CSPDL
+ * 2928357 TP
+ */
+#define DETECT_MALLOC_ABUSE		1	
+
+#if		DETECT_MALLOC_ABUSE
+
+/* 
+ * This set of allocator functions detects when we free something
+ * which was mallocd by CDSA or a plugin using something other than
+ * our callback malloc/realloc/calloc. With proper runtime support
+ * (which is present in Jaguar 6C35), the reverse is also detected
+ * by malloc (i.e., we malloc something and CDSA or a plugin frees
+ * it).
+ */
+#define APP_MALLOC_MAGIC		'Util'
+
+void * appMalloc (CSSM_SIZE size, void *allocRef) {
+	void *ptr;
+
+	/* scribble magic number in first four bytes */
+	ptr = malloc(size + 4);
+	*(uint32 *)ptr = APP_MALLOC_MAGIC;
+	ptr = (char *)ptr + 4;
+
+	return ptr;
+}
+
+void appFree (void *ptr, void *allocRef) {
+	if(ptr == NULL) {
+		return;
+	}
+	ptr = (char *)ptr - 4;
+	if(*(uint32 *)ptr != APP_MALLOC_MAGIC) {
+		printf("ERROR: appFree() freeing a block that we didn't allocate!\n");
+		return;		// this free is not safe
+	}
+	*(uint32 *)ptr = 0;
+	free(ptr);
+}
+
+/* Realloc - adjust both original pointer and size */
+void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef) {
+	if(ptr == NULL) {
+		/* no ptr, no existing magic number */
+		return appMalloc(size, allocRef);
+	}
+	ptr = (char *)ptr - 4;
+	if(*(uint32 *)ptr != APP_MALLOC_MAGIC) {
+		printf("ERROR: appRealloc() on a block that we didn't allocate!\n");
+	}
+	*(uint32 *)ptr = 0;
+	ptr = realloc(ptr, size + 4);
+	*(uint32 *)ptr = APP_MALLOC_MAGIC;
+	ptr = (char *)ptr + 4;
+	return ptr;
+}
+
+/* Have to do this manually */
+void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef) {
+	uint32 memSize = num * size;
+	
+	void *ptr = appMalloc(memSize, allocRef);
+	memset(ptr, 0, memSize);
+	return ptr;
+}
+
+#else	/* DETECT_MALLOC_ABUSE */
+/*
+ * Standard app-level memory functions required by CDSA.
+ */
+void * appMalloc (CSSM_SIZE size, void *allocRef) {
+	return( malloc(size) );
+}
+void appFree (void *mem_ptr, void *allocRef) {
+	free(mem_ptr);
+ 	return;
+}
+void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef) {
+	return( realloc( ptr, size ) );
+}
+void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef) {
+	return( calloc( num, size ) );
+}
+#endif	/* DETECT_MALLOC_ABUSE */
+
+static CSSM_API_MEMORY_FUNCS memFuncs = {
+	appMalloc,
+	appFree,
+	appRealloc,
+ 	appCalloc,
+ 	NULL
+ };
+ 
+/*
+ * Init CSSM; returns CSSM_FALSE on error. Reusable.
+ */
+static CSSM_BOOL cssmInitd = CSSM_FALSE;
+
+CSSM_BOOL cssmStartup()
+{
+	CSSM_RETURN  crtn;
+    CSSM_PVC_MODE pvcPolicy = CSSM_PVC_NONE;
+	
+	if(cssmInitd) {
+		return CSSM_TRUE;
+	}  
+	crtn = CSSM_Init (&vers, 
+		CSSM_PRIVILEGE_SCOPE_NONE,
+		&testGuid,
+		CSSM_KEY_HIERARCHY_NONE,
+		&pvcPolicy,
+		NULL /* reserved */);
+	if(crtn != CSSM_OK) 
+	{
+		printError("CSSM_Init", crtn);
+		return CSSM_FALSE;
+	}
+	else {
+		cssmInitd = CSSM_TRUE;
+		return CSSM_TRUE;
+	}
+}
+
+/*
+ * Init CSSM and establish a session with the Apple CSP.
+ */
+CSSM_CSP_HANDLE cspStartup()
+{
+	return cspDlDbStartup(CSSM_TRUE, NULL);	
+}
+
+/* like cspStartup, but also returns DB handle. If incoming dbHandPtr
+ * is NULL, no DB startup. */
+CSSM_CSP_HANDLE cspDbStartup(
+	CSSM_DB_HANDLE *dbHandPtr)
+{
+	return cspDlDbStartup(CSSM_TRUE, NULL);	
+}
+
+CSSM_CSP_HANDLE cspDlDbStartup(
+	CSSM_BOOL bareCsp,			// true ==> CSP, false ==> CSP/DL
+	CSSM_DB_HANDLE *dbHandPtr)	// optional - TO BE DELETED
+{
+	CSSM_CSP_HANDLE cspHand;
+	CSSM_RETURN		crtn;
+	const CSSM_GUID *guid;
+	char *modName;
+	
+	if(dbHandPtr) {
+		*dbHandPtr = 0;
+	}
+	if(cssmStartup() == CSSM_FALSE) {
+		return 0;
+	}
+	if(bareCsp) {
+		guid = &gGuidAppleCSP;
+		modName = (char*) "AppleCSP";
+	}
+	else {
+		guid = &gGuidAppleCSPDL;
+		modName = (char *) "AppleCSPDL";
+	}
+	crtn = CSSM_ModuleLoad(guid,
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,			// eventHandler
+		NULL);			// AppNotifyCallbackCtx
+	if(crtn) {
+		char outStr[100];
+		sprintf(outStr, "CSSM_ModuleLoad(%s)", modName);
+		printError(outStr, crtn);
+		return 0;
+	}
+	crtn = CSSM_ModuleAttach (guid,
+		&vers,
+		&memFuncs,			// memFuncs
+		0,					// SubserviceID
+		CSSM_SERVICE_CSP,	
+		0,					// AttachFlags
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,				// FunctionTable
+		0,					// NumFuncTable
+		NULL,				// reserved
+		&cspHand);
+	if(crtn) {
+		char outStr[100];
+		sprintf(outStr, "CSSM_ModuleAttach(%s)", modName);
+		printError(outStr, crtn);
+		return 0;
+	}
+	return cspHand;
+}
+
+/*
+ * Detach and unload from a CSP.
+ */
+CSSM_RETURN cspShutdown(
+	CSSM_CSP_HANDLE	cspHand,
+	CSSM_BOOL bareCsp)			// true ==> CSP, false ==> CSP/DL
+{
+	CSSM_RETURN crtn;
+	const CSSM_GUID *guid;
+	char *modName;
+	
+	if(bareCsp) {
+		guid = &gGuidAppleCSP;
+		modName = (char *) "AppleCSP";
+	}
+	else {
+		guid = &gGuidAppleCSPDL;
+		modName = (char *) "AppleCSPDL";
+	}
+	crtn = CSSM_ModuleDetach(cspHand);
+	if(crtn) {
+		printf("Error detaching from %s\n", modName);
+		printError("CSSM_ModuleDetach", crtn);
+		return crtn;
+	}
+	crtn = CSSM_ModuleUnload(guid, NULL, NULL);
+	if(crtn) {
+		printf("Error unloading %s\n", modName);
+		printError("CSSM_ModuleUnload", crtn);
+	}
+	return crtn;
+}
+
+/* Attach to DL side of CSPDL */
+CSSM_DL_HANDLE dlStartup()
+{
+	CSSM_DL_HANDLE 	dlHand = 0;
+	CSSM_RETURN		crtn;
+	
+	if(cssmStartup() == CSSM_FALSE) {
+		return 0;
+	}
+	crtn = CSSM_ModuleLoad(&gGuidAppleCSPDL,
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,			// eventHandler
+		NULL);			// AppNotifyCallbackCtx
+	if(crtn) {
+		printError("CSSM_ModuleLoad(Apple CSPDL)", crtn);
+		return 0;
+	}
+	crtn = CSSM_ModuleAttach (&gGuidAppleCSPDL,
+		&vers,
+		&memFuncs,			// memFuncs
+		0,					// SubserviceID
+		CSSM_SERVICE_DL,	
+		0,					// AttachFlags
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,				// FunctionTable
+		0,					// NumFuncTable
+		NULL,				// reserved
+		&dlHand);
+	if(crtn) {
+		printError("CSSM_ModuleAttach(Apple CSPDL)", crtn);
+		return 0;
+	}
+	return dlHand;
+}
+
+/*
+ * Delete a DB.
+ */
+#define DELETE_WITH_AUTHENT		0
+CSSM_RETURN dbDelete(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName)
+{
+	return CSSM_DL_DbDelete(dlHand, dbName, NULL, NULL);
+}
+
+/*
+ * open a DB, ensure it's empty.
+ */
+CSSM_DB_HANDLE dbStartup(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName)
+{
+	CSSM_DB_HANDLE dbHand = 0;
+	
+	CSSM_RETURN crtn = dbCreateOpen(dlHand, dbName, 
+		CSSM_TRUE,		// create
+		CSSM_TRUE,		// delete
+		NULL,			// pwd
+		&dbHand);
+	if(crtn == CSSM_OK) {
+		return dbHand;
+	}
+	else {
+		return 0;
+	}
+}
+
+#if 0
+/*
+ * Attach to existing DB or create an empty new one.
+ */
+CSSM_DB_HANDLE dbStartupByName(CSSM_DL_HANDLE dlHand,
+	char 		*dbName,
+	CSSM_BOOL 	doCreate)
+{
+	CSSM_RETURN crtn;
+	CSSM_DB_HANDLE				dbHand;
+	
+	/* try to open existing DB in either case */
+	
+	crtn = CSSM_DL_DbOpen(dlHand,
+		dbName, 
+		NULL,			// DbLocation
+		CSSM_DB_ACCESS_READ | CSSM_DB_ACCESS_WRITE,
+		NULL, 			// CSSM_ACCESS_CREDENTIALS *AccessCred
+		NULL,			// void *OpenParameters
+		&dbHand);
+	if(dbHand != 0) {
+		return dbHand;
+	}
+	if(!doCreate) {
+		printf("***no such data base (%s)\n", dbName);
+		printError("CSSM_DL_DbOpen", crtn);
+		return 0;
+	}
+	/* have to create one */
+	return dbStartup(dlHand, dbName);
+}
+#endif
+
+/*
+ * routines which convert various types to untyped byte arrays.
+ */
+void intToBytes(unsigned i, unsigned char *buf)
+{
+	*buf++ = (unsigned char)((i >> 24) & 0xff);
+	*buf++ = (unsigned char)((i >> 16) & 0xff);
+	*buf++ = (unsigned char)((i >> 8)  & 0xff);
+	*buf   = (unsigned char)(i & 0xff);
+}
+void shortToBytes(unsigned short s, unsigned char *buf)
+{
+	*buf++ = (unsigned char)((s >> 8)  & 0xff);
+	*buf   = (unsigned char)(s & 0xff);
+}
+unsigned bytesToInt(const unsigned char *buf) {
+	unsigned result;
+	result = (((unsigned)buf[0] << 24) & 0xff000000) |
+		(((unsigned)buf[1] << 16) & 0x00ff0000) |
+		(((unsigned)buf[2] << 8) & 0xff00) |
+		(((unsigned)buf[3]) & 0xff);
+	return result;
+}
+unsigned short bytesToShort(const unsigned char *buf) {
+    	unsigned short result;
+    	result = (((unsigned short)buf[0] << 8) & 0xff00) |
+		 (((unsigned short)buf[1]) & 0xff);
+    	return result;
+}
+
+/*
+ * Given a context specified via a CSSM_CC_HANDLE, add a new
+ * CSSM_CONTEXT_ATTRIBUTE to the context as specified by AttributeType,
+ * AttributeLength, and an untyped pointer.
+ *
+ * This is currently used to add a second CSSM_KEY attribute when performing
+ * ops with algorithm CSSM_ALGID_FEED and CSSM_ALGID_FEECFILE.
+ */
+CSSM_RETURN AddContextAttribute(CSSM_CC_HANDLE CCHandle,
+	uint32 AttributeType,
+	uint32 AttributeLength,
+	ContextAttrType attrType,
+	/* specify exactly one of these */
+	const void *AttributePtr,
+	uint32 attributeInt)
+{
+	CSSM_CONTEXT_ATTRIBUTE		newAttr;	
+	CSSM_RETURN					crtn;
+	
+	newAttr.AttributeType     = AttributeType;
+	newAttr.AttributeLength   = AttributeLength;
+	if(attrType == CAT_Uint32) {
+		newAttr.Attribute.Uint32  = attributeInt;
+	}
+	else {
+		newAttr.Attribute.Data    = (CSSM_DATA_PTR)AttributePtr;
+	}
+	crtn = CSSM_UpdateContextAttributes(CCHandle, 1, &newAttr);
+	if(crtn) {
+		printError("CSSM_UpdateContextAttributes", crtn);
+	}
+	return crtn;
+}
+
+/*
+ * Set up a CSSM data.
+ */
+CSSM_RETURN appSetupCssmData(
+	CSSM_DATA_PTR	data,
+	uint32			numBytes)
+{
+	if(data == NULL) {
+		printf("Hey! appSetupCssmData with NULL Data!\n");
+		return CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	data->Data = (uint8 *)CSSM_MALLOC(numBytes);
+	if(data->Data == NULL) {
+		return CSSMERR_CSSM_MEMORY_ERROR;
+	}
+	data->Length = numBytes;
+	return CSSM_OK;
+}
+
+/*
+ * Free the data referenced by a CSSM data, and optionally, the struct itself.
+ */
+void appFreeCssmData(CSSM_DATA_PTR data,
+	CSSM_BOOL freeStruct)
+{
+	if(data == NULL) {
+		return;
+	}
+	if(data->Length != 0) {
+		CSSM_FREE(data->Data);
+	}
+	if(freeStruct) {
+		CSSM_FREE(data);
+	}
+	else {
+		data->Length = 0;
+		data->Data = NULL;
+	}
+}
+
+/*
+ * Copy src to dst, mallocing dst.
+ */
+CSSM_RETURN appCopyCssmData(const CSSM_DATA *src, 
+	CSSM_DATA_PTR dst)
+{
+	return appCopyData(src->Data, src->Length, dst);
+}
+
+/* copy raw data to a CSSM_DATA, mallocing dst. */
+CSSM_RETURN  appCopyData(const void *src, 
+	uint32 len,
+	CSSM_DATA_PTR dst)
+{
+	dst->Length = 0;
+	if(len == 0) {
+		dst->Data = NULL;
+		return CSSM_OK;
+	}
+	dst->Data = (uint8 *)CSSM_MALLOC(len);
+	if(dst->Data == NULL) {
+		return CSSM_ERRCODE_MEMORY_ERROR;
+	}
+	dst->Length = len;
+	memcpy(dst->Data, src, len);
+	return CSSM_OK;
+}
+
+CSSM_BOOL appCompareCssmData(const CSSM_DATA *d1,
+	const CSSM_DATA *d2)
+{	
+	if(d1->Length != d2->Length) {
+		return CSSM_FALSE;
+	}
+	if(memcmp(d1->Data, d2->Data, d1->Length)) {
+		return CSSM_FALSE;
+	}
+	return CSSM_TRUE;	
+}
+
+/* min <= return <= max */
+unsigned genRand(unsigned min, unsigned max)
+{
+	unsigned i;
+	if(min == max) {
+		return min;
+	}
+	appGetRandomBytes(&i, 4);
+	return (min + (i % (max - min + 1)));
+}	
+
+void simpleGenData(CSSM_DATA_PTR dbuf, unsigned minBufSize, unsigned maxBufSize)
+{
+	unsigned len = genRand(minBufSize, maxBufSize);
+	appGetRandomBytes(dbuf->Data, len);
+	dbuf->Length = len;
+}
+
+#define MIN_OFFSET	0
+#define MAX_OFFSET	99
+#define MIN_ASCII	'a'
+#define MAX_ASCII	'z'
+
+/*
+ * Calculate random data size, fill dataPool with that many random bytes.
+ *
+ * (10**minExp + MIN_OFFSET) <= size <= (10**maxExp + MAX_OFFSET)
+ */
+unsigned genData(unsigned char *dataPool,
+	unsigned minExp,
+	unsigned maxExp,
+	dataType type)
+{
+	int 		exp;
+	int 		offset;
+	int 		size;
+	char 		*cp;
+	int 		i;
+	char		ac;
+	
+	/*
+	 * Calculate "random" size : (10 ** (random exponent)) + random offset
+	 */
+	exp = genRand(minExp, maxExp);
+	offset = genRand(MIN_OFFSET, MAX_OFFSET);
+	size = 1;
+	while(exp--) {			// size = 10 ** exp
+		size *= 10;
+	}
+	size += offset;
+	switch(type) {
+	    case DT_Zero:
+			bzero(dataPool, size);
+			break;
+	    case DT_Increment:
+			{
+				int i;
+				for(i=0; i<size; i++) {
+					dataPool[i] = i;
+				}
+			}
+			break;
+	    case DT_ASCII:
+	    	ac = MIN_ASCII;
+			cp = (char *)dataPool;
+	    	for(i=0; i<size; i++) {
+				*cp++ = ac++;
+				if(ac > MAX_ASCII) {
+					ac = MIN_ASCII;
+				}
+			}
+			break;
+	    case DT_Random: 
+			appGetRandomBytes(dataPool, size);
+			break;
+	}
+	return size;
+}
+
+void dumpBuffer(
+	const char *bufName,	// optional
+	unsigned char *buf,
+	unsigned len)
+{
+	unsigned i;
+	
+	if(bufName) {
+		printf("%s\n", bufName);
+	}
+	printf("   ");
+	for(i=0; i<len; i++) {
+		printf("%02X ", buf[i]);
+		if((i % 24) == 23) {
+			printf("\n   ");
+		}
+	}
+	printf("\n");
+}
+
+int testError(CSSM_BOOL quiet)
+{
+	char resp;
+	
+	if(quiet) {
+		printf("\n***Test aborting.\n");
+		exit(1);
+	}
+	fpurge(stdin);
+	printf("a to abort, c to continue: ");
+	resp = getchar();
+	return (resp == 'a');
+}
+
+void testStartBanner(
+	char *testName,
+	int argc,
+	char **argv)
+{
+	printf("Starting %s; args: ", testName);
+	int i;
+	for(i=1; i<argc; i++) {
+		printf("%s ", argv[i]);
+	}
+	printf("\n");
+}
+

ADDED   LocalTests/utilLib/common.h
Index: LocalTests/utilLib/common.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/common.h
@@ -0,0 +1,155 @@
+/* Copyright 1997 Apple Computer, Inc.
+ *
+ * common.h - Common CSP test code
+ *
+ * Revision History
+ * ----------------
+ *  12 Aug 1997	Doug Mitchell at Apple
+ *		Created.
+ */
+ 
+#ifndef	_UTIL_LIB_COMMON_H_
+#define _UTIL_LIB_COMMON_H_
+
+#include <Security/cssm.h>
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#undef COMMON_CSSM_MEMORY
+#define COMMON_CSSM_MEMORY 0
+
+#if		COMMON_CSSM_MEMORY
+#define CSSM_MALLOC(size)			CSSM_Malloc(size)
+#define CSSM_FREE(ptr)				CSSM_Free(ptr)
+#define CSSM_CALLOC(num, size)		CSSM_Calloc(num, size)
+#define CSSM_REALLOC(ptr, newSize)	CSSM_Realloc(ptr, newSize)
+/* used in cspwrap when allocating memory on app's behalf */
+#define appMalloc(size, allocRef)	CSSM_Malloc(size)
+
+#else	/* !COMMON_CSSM_MEMORY */
+
+void * appMalloc (CSSM_SIZE size, void *allocRef);
+void appFree (void *mem_ptr, void *allocRef);
+void * appRealloc (void *ptr, CSSM_SIZE size, void *allocRef);
+void * appCalloc (uint32 num, CSSM_SIZE size, void *allocRef);
+
+#define CSSM_MALLOC(size)			appMalloc(size, NULL)
+#define CSSM_FREE(ptr)				appFree(ptr, NULL)
+#define CSSM_CALLOC(num, size)		appCalloc(num, size, NULL)
+#define CSSM_REALLOC(ptr, newSize)	appRealloc(ptr, newSize, NULL)
+
+#endif	/* COMMON_CSSM_MEMORY */
+
+/*
+ * As of 23 March 1999, there is no longer a "default DB" available for
+ * generating keys. This is the standard DB handle created when 
+ * calling cspStartup().
+ */
+extern CSSM_DB_HANDLE commonDb;
+
+/*
+ * Init CSSM; returns CSSM_FALSE on error. Reusable.
+ */
+extern CSSM_BOOL cssmStartup();
+
+/* various flavors of "start up the CSP with optional DB open" */
+CSSM_CSP_HANDLE cspStartup();	// bare bones CSP
+CSSM_CSP_HANDLE cspDbStartup(	// bare bones CSP, DB open
+	CSSM_DB_HANDLE *dbHandPtr);	
+CSSM_DL_HANDLE dlStartup();
+CSSM_CSP_HANDLE cspDlDbStartup(	// one size fits all
+	CSSM_BOOL bareCsp,			// true ==> CSP, false ==> CSP/DL
+	CSSM_DB_HANDLE *dbHandPtr);	// optional
+CSSM_RETURN cspShutdown(
+	CSSM_CSP_HANDLE	cspHand,
+	CSSM_BOOL bareCsp);			// true ==> CSP, false ==> CSP/DL
+CSSM_RETURN dbDelete(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName);
+CSSM_DB_HANDLE dbStartup(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName);
+CSSM_RETURN dbCreateOpen(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName,
+	CSSM_BOOL			doCreate,		// if false, must already exist	
+	CSSM_BOOL			deleteExist,
+	const char			*pwd,			// optional
+	CSSM_DB_HANDLE		*dbHand);
+
+extern void intToBytes(unsigned i, unsigned char *buf);
+void shortToBytes(unsigned short s, unsigned char *buf);
+unsigned bytesToInt(const unsigned char *buf);
+unsigned short bytesToShort(const unsigned char *buf);
+
+/* specify either 32-bit integer or a pointer as an added attribute value */
+typedef enum {
+	CAT_Uint32,
+	CAT_Ptr
+} ContextAttrType;
+
+CSSM_RETURN AddContextAttribute(CSSM_CC_HANDLE CCHandle,
+	uint32 AttributeType,
+	uint32 AttributeLength,
+	ContextAttrType attrType,
+	/* specify exactly one of these */
+	const void *AttributePtr,
+	uint32 attributeInt);
+void printError(const char *op, CSSM_RETURN err);
+CSSM_RETURN appSetupCssmData(
+	CSSM_DATA_PTR	data,
+	uint32			numBytes);
+void appFreeCssmData(CSSM_DATA_PTR data,
+	CSSM_BOOL freeStruct);
+CSSM_RETURN appCopyCssmData(const CSSM_DATA *src, 
+	CSSM_DATA_PTR dst);
+/* copy raw data to a CSSM_DATAm mallocing dst. */
+CSSM_RETURN  appCopyData(const void *src, 
+	uint32 len,
+	CSSM_DATA_PTR dst);
+	
+/* returns CSSM_TRUE on success, else CSSM_FALSE */
+CSSM_BOOL appCompareCssmData(const CSSM_DATA *d1,
+	const CSSM_DATA *d2);
+	
+const char *cssmErrToStr(CSSM_RETURN err);
+
+/*
+ * Calculate random data size, fill dataPool with that many random bytes.
+ */
+typedef enum {
+	DT_Random,
+	DT_Increment,
+	DT_Zero,
+	DT_ASCII
+} dataType;
+
+unsigned genData(unsigned char *dataPool,
+	unsigned minExp,
+	unsigned maxExp,
+	dataType type);
+void simpleGenData(CSSM_DATA_PTR dbuf, unsigned minBufSize, unsigned maxBufSize);
+unsigned genRand(unsigned min, unsigned max);
+extern void	appGetRandomBytes(void *buf, unsigned len);
+
+void dumpBuffer(
+	const char *bufName,	// optional
+	unsigned char *buf,
+	unsigned len);
+
+int testError(CSSM_BOOL quiet);
+
+void testStartBanner(
+	char *testName,
+	int argc,
+	char **argv);
+
+#ifdef	__cplusplus
+}
+
+#endif
+#endif	/* _UTIL_LIB_COMMON_H_*/
+
+

ADDED   LocalTests/utilLib/commonCpp.cpp
Index: LocalTests/utilLib/commonCpp.cpp
==================================================================
--- /dev/null
+++ LocalTests/utilLib/commonCpp.cpp
@@ -0,0 +1,160 @@
+//
+// throw  C++-dependent stuff in here
+//
+#include <stdio.h>
+#include <Security/cssm.h>
+#include "common.h"
+#include <Security/SecBasePriv.h>
+#include <security_cdsa_client/keychainacl.h>
+#include <security_cdsa_utilities/cssmacl.h>
+#include <security_cdsa_client/aclclient.h>
+#include <security_cdsa_utilities/cssmdata.h>
+#include <security_cdsa_utilities/cssmalloc.h>
+#include <security_utilities/devrandom.h>
+#include <CoreFoundation/CFString.h>
+#include "cssmErrorStrings.h"		/* generated error string table */
+
+/*
+ * Log CSSM error.
+ */
+void printError(const char *op, CSSM_RETURN err)
+{
+	cssmPerror(op, err);
+}
+
+const char *cssmErrToStr(CSSM_RETURN err)
+{
+	const ErrString *esp;
+	
+	for(esp=errStrings; esp->errStr!=NULL; esp++) {
+		if(esp->errCode == err) {
+			return esp->errStr;
+		}
+	}
+	
+	static char outbuf[512];
+	sprintf(outbuf, "UNKNOWN ERROR CODE %d", (int)err);
+	return outbuf;
+}
+
+
+/*
+ * Open a DB, optionally:
+ *
+ *		-- ensuring it's empty
+ *		-- creating it 
+ *		-- Specifying optional password to avoid SecurityAgent UI.
+ */
+CSSM_RETURN dbCreateOpen(
+	CSSM_DL_HANDLE		dlHand,			// from dlStartup()
+	const char 			*dbName,
+	CSSM_BOOL			doCreate,		// if false, must already exist	
+	CSSM_BOOL			deleteExist,
+	const char			*pwd,			// optional
+	CSSM_DB_HANDLE		*dbHand)
+{
+	CSSM_RETURN		crtn;
+	CSSM_DBINFO		dbInfo;
+	
+	if(deleteExist) {
+		/* first delete possible existing DB, ignore error */
+		crtn = dbDelete(dlHand, dbName);
+		switch(crtn) {
+			/* only allowed error is "no such file" */
+			case CSSM_OK:
+			case CSSMERR_DL_DATASTORE_DOESNOT_EXIST:
+				break;
+			default:
+				printError("CSSM_DL_DbDelete", crtn);
+				return crtn;
+		}
+		if(!doCreate) {
+			printf("***Hey! dbCreateOpen with deleteExist and !doCreate\n");
+			exit(1);
+		}
+	}
+	else {
+		/* 
+		 * Try to open existing DB. This does not have a means
+		 * to specify password (yet). 
+		 */
+		crtn = CSSM_DL_DbOpen(dlHand,
+			dbName, 
+			NULL,			// DbLocation
+			CSSM_DB_ACCESS_READ | CSSM_DB_ACCESS_WRITE,
+			NULL, 			// CSSM_ACCESS_CREDENTIALS *AccessCred
+			NULL,			// void *OpenParameters
+			dbHand);
+		if(crtn == CSSM_OK) {
+			return crtn;
+		}
+		if(!doCreate) {
+			printError("CSSM_DL_DbOpen", crtn);
+			printf("Error opening %s\n", dbName);
+			return crtn;
+		}
+	}
+	memset(&dbInfo, 0, sizeof(CSSM_DBINFO));
+	
+	/* now create it */
+	if(pwd) {
+		/*
+		 * This glorious code copied from crlRefresh. I didn't pretend
+		 * to understand it when I put it there either.
+		 */
+		Allocator &alloc = Allocator::standard();
+		CssmClient::AclFactory::PasswordChangeCredentials 
+			pCreds((StringData(pwd)), alloc);
+		const AccessCredentials* aa = pCreds;
+		TypedList subject(alloc, CSSM_ACL_SUBJECT_TYPE_ANY);
+		AclEntryPrototype protoType(subject);
+		AuthorizationGroup &authGroup = protoType.authorization();
+		CSSM_ACL_AUTHORIZATION_TAG tag = CSSM_ACL_AUTHORIZATION_ANY;
+		authGroup.NumberOfAuthTags = 1;
+		authGroup.AuthTags = &tag;
+	
+		const ResourceControlContext rcc(protoType, 
+			const_cast<AccessCredentials *>(aa));
+
+		crtn = CSSM_DL_DbCreate(dlHand, 
+			dbName,
+			NULL,						// DbLocation
+			&dbInfo,
+			// &Security::KeychainCore::Schema::DBInfo,
+			CSSM_DB_ACCESS_PRIVILEGED,
+			&rcc,						// CredAndAclEntry
+			NULL,						// OpenParameters
+			dbHand);
+	}
+	else {
+		crtn = CSSM_DL_DbCreate(dlHand, 
+			dbName,
+			NULL,						// DbLocation
+			&dbInfo,
+			// &Security::KeychainCore::Schema::DBInfo,
+			CSSM_DB_ACCESS_PRIVILEGED,
+			NULL,						// CredAndAclEntry
+			NULL,						// OpenParameters
+			dbHand);
+	}
+	if(crtn) {
+		printError("CSSM_DL_DbCreate", crtn);
+	}
+	return crtn;
+}
+
+/*
+ * *The* way for all tests to get random data.
+ */
+void appGetRandomBytes(void *buf, unsigned len)
+{
+	try {
+		Security::DevRandomGenerator devRand(false);
+		devRand.random(buf, len);
+	}
+	catch(...) {
+		printf("***Hey! DevRandomGenerator threw an exception!\n");
+		/* Yes, exit - I'd really like to catch one of these */
+		exit(1);
+	}
+}

ADDED   LocalTests/utilLib/cputime.c
Index: LocalTests/utilLib/cputime.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cputime.c
@@ -0,0 +1,82 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <libc.h>
+#include "cputime.h"
+
+/* 
+ * This returns the frequency of the TBR in cycles per second.
+ */
+static double GetTBRFreq(void) {
+	mach_timebase_info_data_t tinfo;
+	mach_timebase_info(&tinfo);
+	
+	double machRatio = (double)tinfo.numer / (double)tinfo.denom;
+	return machRatio;
+}
+
+/*
+ * Return TBR Frequency, getting it lazily once. May not be thread safe.
+ */
+static double TbrFreqLocal = 0.0;		// ration for NANOSECONDS
+static double tbrFreq()
+{
+	if(TbrFreqLocal == 0.0) {
+		TbrFreqLocal = GetTBRFreq();
+		printf("machRatio %e\n", TbrFreqLocal);
+	}
+	return TbrFreqLocal;
+}
+
+// seconds
+double CPUTimeDeltaSec(CPUTime from, CPUTime to)	
+{
+	CPUTime delta = to - from;
+	return (double)delta * (tbrFreq() * (double)1e-9);
+}
+
+// milliseconds
+double CPUTimeDeltaMs(CPUTime from, CPUTime to)
+{
+	CPUTime delta = to - from;
+	return (double)delta * (tbrFreq() * (double)1e-6);
+}
+
+// microseconds
+double CPUTimeDeltaUs(CPUTime from, CPUTime to)
+{
+	CPUTime delta = to - from;
+	return (double)delta * (tbrFreq() * (double)1e-3);
+}
+	
+/*
+ * Calculate the average of an array of doubles. The lowest and highest values
+ * are discarded if there are more than two samples. Typically used to get an
+ * average of a set of values returned from CPUTimeDelta*().
+ */
+double CPUTimeAvg(
+	const double *array,
+	unsigned arraySize)
+{
+	double sum = 0;
+	double lowest = array[0];
+	double highest = array[0];
+	
+	unsigned dex;
+	for(dex=0; dex<arraySize; dex++) {
+		double curr = array[dex];
+		sum += curr;
+		if(curr < lowest) {
+			lowest = curr;
+		}
+		if(curr > highest) {
+			highest = curr;
+		}
+	}
+	if(arraySize > 2) {
+		sum -= lowest;
+		sum -= highest;
+		arraySize -= 2;
+	}
+	return sum / (double)arraySize;
+}

ADDED   LocalTests/utilLib/cputime.h
Index: LocalTests/utilLib/cputime.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cputime.h
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please 
+ * obtain a copy of the License at http://www.apple.com/publicsource and 
+ * read it before using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
+ * Please see the License for the specific language governing rights and 
+ * limitations under the License.
+ */
+
+/*
+ * cputime.h - high resolution timing module
+ *
+ * This module uses a highly machine-dependent mechanism to get timestamps
+ * directly from CPU registers, without the overhead of a system call. The
+ * timestamps are exported as type CPUTime and you should not concern yourself
+ * with exactly what that is. 
+ *
+ * We provide routines to convert a difference between two CPUTimes as a double,
+ * in seconds, milliseconds, and microseconds. Th
+ *
+ * The cost (time) of getting a timestamp (via CPUTimeRead()) generally takes
+ * two or fewer times the resolution period, i.e., less than 80 ns on a 100 MHz
+ * bus machine, often 40 ns.
+ * 
+ * The general usage of this module is as follows:
+ *
+ * {
+ *		set up test scenario;
+ *		CPUTime startTime = CPUTimeRead();
+ *		...critical timed code here...
+ *		CPUTime endTime = CPUTimeRead();
+ * 		double elapsedMilliseconds = CPUTimeDeltaMs(startTime, endTime);
+ * }
+ *
+ * It's crucial to place the CPUTimeDelta*() call OUTSIDE of the critical timed
+ * area. It's really cheap to snag the timestamps, but it's not at all cheap
+ * to convert the difference between two timestamps to a double. 
+ */
+ 
+#ifndef	_CPUTIME_H_
+#define _CPUTIME_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <mach/mach_time.h>
+
+
+typedef uint64_t CPUTime;
+
+/*
+ * Obtain machine-dependent, high resolution, cheap-to-read timestamp.
+ */
+#define CPUTimeRead() mach_absolute_time()
+
+/*
+ * Convert difference between two CPUTimes into various units.
+ * Implemented as separate functions to preserve as much precision as possible
+ * before required machine-dependent "divide by clock frequency".
+ */
+extern double CPUTimeDeltaSec(CPUTime from, CPUTime to);	// seconds
+extern double CPUTimeDeltaMs(CPUTime from, CPUTime to);		// milliseconds
+extern double CPUTimeDeltaUs(CPUTime from, CPUTime to);		// microseconds
+
+/*
+ * Calculate the average of an array of doubles. The lowest and highest values
+ * are discarded if there are more than two samples. Typically used to get an
+ * average of a set of values returned from CPUTimeDelta*().
+ */
+double CPUTimeAvg(
+	const double *array,
+	unsigned arraySize);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CPUTIME_H_ */
+

ADDED   LocalTests/utilLib/cspdlTesting.h
Index: LocalTests/utilLib/cspdlTesting.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cspdlTesting.h
@@ -0,0 +1,100 @@
+/*
+ * cspdlTesting.h - workaround flags for testing CSPDL using CSP-oriented tests.
+ */
+
+#ifndef	_CSPDL_TESTING_H_
+#define _CSPDL_TESTING_H_
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * All generated keys must be reference keys.
+ */
+#define CSPDL_ALL_KEYS_ARE_REF		1
+
+/*
+ * 2nd/public key in two-key FEE ops must be raw. This is because the Security 
+ * Server doesn't go in and deal with ref keys which are only found in a
+ * Context.
+ */
+#define CSPDL_2ND_PUB_KEY_IS_RAW	1
+
+/*
+ * Ease off on restriction of ptext size == ctext size in case of symmetric 
+ * en/decrypt with no padding. The sizes will be equal, but we can't ensure
+ * that by mallocing exactly the right amount after because CSPDL doesn't
+ * give an exact (proper) outputSize in this case (yet).
+ */
+#define CSPDL_NOPAD_ENFORCE_SIZE	1
+
+/*
+ * CSPDL can't do SHA1HMAC_LEGACY with bug-for-bug compatibility with 
+ * BSAFE (sinceÊthe bug-for-bug feature involves doing actual HMAC updates
+ * exactly as the app presents them).
+ */
+#define CSPDL_SHA1HMAC_LEGACY_ENABLE	0
+
+/*
+ * CSPDL does not support DSA GenerateAlgorithmParameters. Let the secure CSP
+ * do it implicitly during key gen.
+ */
+#define CSPDL_DSA_GEN_PARAMS			0
+
+/*
+ * Can't generate keys with CSSM_KEYATTR_PRIVATE. Is this a bug or a feature?
+ * Nobody pays any attention to this except the CSP, which rejects it. Shouldn't
+ * either CSPDL or SS look at this and strip it off before sending the request
+ * down to the CSP?
+ */
+#define CSPDL_KEYATTR_PRIVATE			0
+
+/* 
+ * ObtainPrivateKeyFromPublic key not implemented yet (if ever).
+ */
+#define CSPDL_OBTAIN_PRIV_FROM_PUB		0
+
+/*** Workarounds for badattr test only ***/
+ 
+/*
+ * Munged header fields in a ref key should result in CSP_INVALID_KEY_REFERENCE,
+ * but work fine.
+ */
+#define CSPDL_MUNGE_HEADER_CHECK		0
+
+/* 
+ * ALWAYS_SENSITIVE, NEVER_EXTRACTABLE are ignored, should result in 
+ * CSP_INVALID_KEYATTR_MASK at key gen time.
+ * FIXED per Radar 2879872.
+ */
+#define CSPDL_ALWAYS_SENSITIVE_CHECK	1
+#define CSPDL_NEVER_EXTRACTABLE_CHECK	1
+
+/*** end of badattr workarounds ***/
+
+/* 
+ * <rdar://problem/3732910> certtool can't generate keypair
+ *
+ * Until this is fixed - actually the underlying problem is in securityd - 
+ * CSPDL can not generate a key pair without private and public both being 
+ * PERMANENT.
+ */
+#define CSPDL_ALL_KEYS_ARE_PERMANENT	0
+
+
+/***
+ *** Other differences/bugs/oddities.
+ ***/
+ 
+/*
+ * 1. SS wraps (encrypt) public keys when encoding them, thus the CSP has to allow
+ *    wrapping of public keys. This may not be what we really want. See
+ *    AppleCSP/AppleCSP/wrapKey.cpp for workaround per ALLOW_PUB_KEY_WRAP.
+ */
+ 
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _CSPDL_TESTING_H_ */

ADDED   LocalTests/utilLib/cspwrap.c
Index: LocalTests/utilLib/cspwrap.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cspwrap.c
@@ -0,0 +1,3192 @@
+/* Copyright 1997 Apple Computer, Inc.
+ *
+ * cspwrap.c - wrappers to simplify access to CDSA
+ *
+ * Revision History
+ * ----------------
+ *   3 May 2000 Doug Mitchell
+ *		Ported to X/CDSA2.
+ *  12 Aug 1997	Doug Mitchell at Apple
+ *		Created.
+ */
+ 
+#include <Security/cssmapple.h>
+#include <Security/cssm.h>
+#include "cspwrap.h"
+#include "common.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+/* MCF hack */
+// #include <CarbonCore/MacTypes.h>
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>
+/* end MCF */
+
+#ifndef	NULL
+#define NULL ((void *)0)
+#endif	/* NULL */
+#ifndef	MAX
+#define MAX(a,b)	((a > b) ? a : b)
+#define MIN(a,b)	((a < b) ? a : b)
+#endif
+
+#pragma mark --------- Key Generation ---------
+
+/*
+ * Key generation
+ */
+#define FEE_PRIV_DATA_SIZE	20
+/*
+ * Debug/test only. BsafeCSP only (long since disabled, in Puma).
+ * This results in quicker but less secure RSA key generation.
+ */
+#define RSA_WEAK_KEYS		0
+
+/*
+ * Force bad data in KeyData prior to generating, deriving, or
+ * wrapping key to ensure that the CSP ignores incoming
+ * KeyData.
+ */
+static void setBadKeyData(
+	CSSM_KEY_PTR key)
+{
+	key->KeyData.Data = (uint8 *)0xeaaaeaaa;	// bad ptr
+	key->KeyData.Length = 1;	// no key can fit here
+}
+
+/*
+ * Generate key pair of arbitrary algorithm. 
+ * FEE keys will have random private data.
+ */
+CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,
+	uint32 algorithm,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySize,					// in bits
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
+	CSSM_BOOL genSeed)				// FEE only. True: we generate seed and CSP
+									// will hash it. False: CSP generates random 
+									// seed. 
+{
+	CSSM_RETURN				crtn;
+	CSSM_CC_HANDLE 			ccHand;
+	CSSM_DATA				privData = {0, NULL};		// mallocd for FEE
+	CSSM_CRYPTO_DATA		privCData;
+	CSSM_CRYPTO_DATA_PTR	privCDataPtr = NULL;
+	CSSM_DATA				keyLabelData;
+	uint32					pubAttr;
+	uint32					privAttr;
+	CSSM_RETURN 			ocrtn = CSSM_OK;
+	
+	/* pre-context-create algorithm-specific stuff */
+	switch(algorithm) {
+		case CSSM_ALGID_FEE:
+			if(genSeed) {
+				/* cook up random privData */
+				privData.Data = (uint8 *)CSSM_MALLOC(FEE_PRIV_DATA_SIZE);
+				privData.Length = FEE_PRIV_DATA_SIZE;
+				appGetRandomBytes(privData.Data, FEE_PRIV_DATA_SIZE);
+				privCData.Param = privData;
+				privCData.Callback = NULL;
+				privCDataPtr = &privCData;
+			}
+			/* else CSP generates random seed/key */
+			
+			if(keySize == CSP_KEY_SIZE_DEFAULT) {
+				keySize = CSP_FEE_KEY_SIZE_DEFAULT;
+			}
+			break;
+		case CSSM_ALGID_RSA:
+			if(keySize == CSP_KEY_SIZE_DEFAULT) {
+				keySize = CSP_RSA_KEY_SIZE_DEFAULT;
+			}
+			break;
+		case CSSM_ALGID_DSA:
+			if(keySize == CSP_KEY_SIZE_DEFAULT) {
+				keySize = CSP_DSA_KEY_SIZE_DEFAULT;
+			}
+			break;
+		default:
+			printf("cspGenKeyPair: Unknown algorithm\n");
+			/* but what the hey */
+			privCDataPtr = NULL;
+			break;
+	}
+	keyLabelData.Data        = (uint8 *)keyLabel,
+	keyLabelData.Length      = keyLabelLen;
+	memset(pubKey, 0, sizeof(CSSM_KEY));
+	memset(privKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(pubKey);
+	setBadKeyData(privKey);
+	
+	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
+		algorithm,
+		keySize,
+		privCDataPtr,			// Seed
+		NULL,					// Salt
+		NULL,					// StartDate
+		NULL,					// EndDate
+		NULL,					// Params
+		&ccHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateKeyGenContext", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	/* cook up attribute bits */
+	if(pubIsRef) {
+		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	if(privIsRef) {
+		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+
+	/* post-context-create algorithm-specific stuff */
+	switch(algorithm) {
+		case CSSM_ALGID_RSA:
+		
+			#if	RSA_WEAK_KEYS
+			{
+				/* for testing, speed up key gen by using the
+				* undocumented "CUSTOM" key gen mode. This
+				* results in the CSP using AI_RsaKeyGen instead of
+				* AI_RSAStrongKeyGen.
+				*/
+				crtn = AddContextAttribute(ccHand,
+					CSSM_ATTRIBUTE_MODE,
+					sizeof(uint32),		
+					CAT_Uint32,
+					NULL,
+					CSSM_ALGMODE_CUSTOM);
+				if(crtn) {
+					printError("CSSM_UpdateContextAttributes", crtn);
+					return crtn;
+				}
+			}
+			#endif	// RSA_WEAK_KEYS
+			break;
+		 
+		 case CSSM_ALGID_DSA:
+			/* 
+			 * extra step - generate params - this just adds some
+			 * info to the context
+			 */
+			{
+				CSSM_DATA dummy = {0, NULL};
+				crtn = CSSM_GenerateAlgorithmParams(ccHand, 
+					keySize, &dummy);
+				if(crtn) {
+					printError("CSSM_GenerateAlgorithmParams", crtn);
+					return crtn;
+				}
+				appFreeCssmData(&dummy, CSSM_FALSE);
+			}
+			break;
+		default:
+			break;
+	}
+	
+	/* optional format specifiers */
+	if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
+			sizeof(uint32),	
+			CAT_Uint32,
+			NULL,
+			pubFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+	if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
+			sizeof(uint32),			// currently sizeof CSSM_DATA
+			CAT_Uint32,
+			NULL,
+			privFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+	crtn = CSSM_GenerateKeyPair(ccHand,
+		pubKeyUsage,
+		pubAttr,
+		&keyLabelData,
+		pubKey,
+		privKeyUsage,
+		privAttr,
+		&keyLabelData,			// same labels
+		NULL,					// CredAndAclEntry
+		privKey);
+	if(crtn) {
+		printError("CSSM_GenerateKeyPair", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	/* basic checks...*/
+	if(privIsRef) {
+		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("privKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(privKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("privKey blob type: exp raw, got %u\n",
+					(unsigned)privKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+	if(pubIsRef) {
+		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("pubKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(pubKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
+					(unsigned)pubKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+abort:
+	if(ccHand != 0) {
+		crtn = CSSM_DeleteContext(ccHand);
+		if(crtn) {
+			printError("CSSM_DeleteContext", crtn);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+		}
+	}
+	if(privData.Data != NULL) {
+		CSSM_FREE(privData.Data);
+	}
+	return ocrtn;
+}
+
+/*
+ * Generate FEE key pair with optional primeType, curveType, and seed (password) data.
+ */
+CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySize,					// in bits
+	uint32 primeType,				// CSSM_FEE_PRIME_TYPE_MERSENNE, etc.
+	uint32 curveType,				// CSSM_FEE_CURVE_TYPE_MONTGOMERY, etc.
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
+	const CSSM_DATA *seedData)		// Present: CSP will hash this for private data.
+									// NULL: CSP generates random seed. 
+{
+	CSSM_RETURN				crtn;
+	CSSM_CC_HANDLE 			ccHand;
+	CSSM_CRYPTO_DATA		privCData;
+	CSSM_CRYPTO_DATA_PTR	privCDataPtr = NULL;
+	CSSM_DATA				keyLabelData;
+	uint32					pubAttr;
+	uint32					privAttr;
+	CSSM_RETURN 			ocrtn = CSSM_OK;
+	
+	/* pre-context-create algorithm-specific stuff */
+	if(seedData) {
+		privCData.Param = *((CSSM_DATA_PTR)seedData);
+		privCData.Callback = NULL;
+		privCDataPtr = &privCData;
+	}
+	/* else CSP generates random seed/key */
+	
+	if(keySize == CSP_KEY_SIZE_DEFAULT) {
+		keySize = CSP_FEE_KEY_SIZE_DEFAULT;
+	}
+
+	keyLabelData.Data        = (uint8 *)keyLabel,
+	keyLabelData.Length      = keyLabelLen;
+	memset(pubKey, 0, sizeof(CSSM_KEY));
+	memset(privKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(pubKey);
+	setBadKeyData(privKey);
+	
+	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
+		CSSM_ALGID_FEE,
+		keySize,
+		privCDataPtr,			// Seed
+		NULL,					// Salt
+		NULL,					// StartDate
+		NULL,					// EndDate
+		NULL,					// Params
+		&ccHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateKeyGenContext", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	/* cook up attribute bits */
+	if(pubIsRef) {
+		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	if(privIsRef) {
+		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+
+	/* optional post-context-create stuff */
+	if(primeType != CSSM_FEE_PRIME_TYPE_DEFAULT) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_FEE_PRIME_TYPE,
+			sizeof(uint32),		
+			CAT_Uint32,
+			NULL,
+			primeType);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_PRIME_TYPE)", crtn);
+			return crtn;
+		}
+	}
+	if(curveType != CSSM_FEE_CURVE_TYPE_DEFAULT) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_FEE_CURVE_TYPE,
+			sizeof(uint32),		
+			CAT_Uint32,
+			NULL,
+			curveType);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_CURVE_TYPE)", crtn);
+			return crtn;
+		}
+	}
+	
+	if(pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
+			sizeof(uint32),		
+			CAT_Uint32,
+			NULL,
+			pubFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+	if(privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
+			sizeof(uint32),			// currently sizeof CSSM_DATA
+			CAT_Uint32,
+			NULL,
+			pubFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+	crtn = CSSM_GenerateKeyPair(ccHand,
+		pubKeyUsage,
+		pubAttr,
+		&keyLabelData,
+		pubKey,
+		privKeyUsage,
+		privAttr,
+		&keyLabelData,			// same labels
+		NULL,					// CredAndAclEntry
+		privKey);
+	if(crtn) {
+		printError("CSSM_GenerateKeyPair", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	/* basic checks...*/
+	if(privIsRef) {
+		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("privKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(privKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("privKey blob type: exp raw, got %u\n",
+					(unsigned)privKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+	if(pubIsRef) {
+		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("pubKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(pubKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
+					(unsigned)pubKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+abort:
+	if(ccHand != 0) {
+		crtn = CSSM_DeleteContext(ccHand);
+		if(crtn) {
+			printError("CSSM_DeleteContext", crtn);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+		}
+	}
+	return ocrtn;
+}
+
+/*
+ * Generate DSA key pair with optional generateAlgParams and optional
+ * incoming parameters.
+ */
+CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySize,					// in bits
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_BOOL genParams,
+	CSSM_DATA_PTR paramData)		// optional	
+{
+	CSSM_RETURN				crtn;
+	CSSM_CC_HANDLE 			ccHand;
+	CSSM_DATA				keyLabelData;
+	uint32					pubAttr;
+	uint32					privAttr;
+	CSSM_RETURN 			ocrtn = CSSM_OK;
+	
+	if(keySize == CSP_KEY_SIZE_DEFAULT) {
+		keySize = CSP_DSA_KEY_SIZE_DEFAULT;
+	}
+	keyLabelData.Data        = (uint8 *)keyLabel,
+	keyLabelData.Length      = keyLabelLen;
+	memset(pubKey, 0, sizeof(CSSM_KEY));
+	memset(privKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(pubKey);
+	setBadKeyData(privKey);
+	
+	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
+		CSSM_ALGID_DSA,
+		keySize,
+		NULL,					// Seed
+		NULL,					// Salt
+		NULL,					// StartDate
+		NULL,					// EndDate
+		paramData,
+		&ccHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateKeyGenContext", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	
+	/* cook up attribute bits */
+	if(pubIsRef) {
+		pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	if(privIsRef) {
+		privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+
+	if(genParams) {
+		/* 
+		 * extra step - generate params - this just adds some
+		 * info to the context
+		 */
+		CSSM_DATA dummy = {0, NULL};
+		crtn = CSSM_GenerateAlgorithmParams(ccHand, 
+			keySize, &dummy);
+		if(crtn) {
+			printError("CSSM_GenerateAlgorithmParams", crtn);
+			return crtn;
+		}
+		appFreeCssmData(&dummy, CSSM_FALSE);
+	}
+	
+	/* optional format specifiers */
+	if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
+			sizeof(uint32),	
+			CAT_Uint32,
+			NULL,
+			pubFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+	if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
+		crtn = AddContextAttribute(ccHand,
+			CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
+			sizeof(uint32),			// currently sizeof CSSM_DATA
+			CAT_Uint32,
+			NULL,
+			privFormat);
+		if(crtn) {
+			printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
+			return crtn;
+		}
+	}
+
+	crtn = CSSM_GenerateKeyPair(ccHand,
+		pubKeyUsage,
+		pubAttr,
+		&keyLabelData,
+		pubKey,
+		privKeyUsage,
+		privAttr,
+		&keyLabelData,			// same labels
+		NULL,					// CredAndAclEntry
+		privKey);
+	if(crtn) {
+		printError("CSSM_GenerateKeyPair", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	/* basic checks...*/
+	if(privIsRef) {
+		if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("privKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(privKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("privKey blob type: exp raw, got %u\n",
+					(unsigned)privKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+	if(pubIsRef) {
+		if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
+			printf("pubKey blob type: exp %u got %u\n",
+				CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+			goto abort;
+		}
+	}
+	else {
+		switch(pubKey->KeyHeader.BlobType) {
+			case CSSM_KEYBLOB_RAW:
+				break;
+			default:
+				printf("pubKey blob type: exp raw or raw_berder, got %u\n",
+					(unsigned)pubKey->KeyHeader.BlobType);
+				ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+				goto abort;
+		}
+	}
+abort:
+	if(ccHand != 0) {
+		crtn = CSSM_DeleteContext(ccHand);
+		if(crtn) {
+			printError("CSSM_DeleteContext", crtn);
+			ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
+		}
+	}
+	return ocrtn;
+}
+
+
+uint32 cspDefaultKeySize(uint32 alg)
+{
+	uint32 keySizeInBits;
+	switch(alg) {
+		case CSSM_ALGID_DES:
+			keySizeInBits = CSP_DES_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_3DES_3KEY:
+		case CSSM_ALGID_DESX:
+			keySizeInBits = CSP_DES3_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_RC2:
+			keySizeInBits = CSP_RC2_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_RC4:
+			keySizeInBits = CSP_RC4_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_RC5:
+			keySizeInBits = CSP_RC5_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_ASC:
+			keySizeInBits = CSP_ASC_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_BLOWFISH:
+			keySizeInBits = CSP_BFISH_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_CAST:
+			keySizeInBits = CSP_CAST_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_IDEA:
+			keySizeInBits = CSP_IDEA_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_AES:
+			keySizeInBits = CSP_AES_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_SHA1HMAC:
+			keySizeInBits = CSP_HMAC_SHA_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_MD5HMAC:
+			keySizeInBits = CSP_HMAC_MD5_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_FEE:
+			keySizeInBits = CSP_FEE_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_RSA:
+			keySizeInBits = CSP_RSA_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_DSA:
+			keySizeInBits = CSP_DSA_KEY_SIZE_DEFAULT;
+			break;
+		case CSSM_ALGID_NONE:
+			keySizeInBits = CSP_NULL_CRYPT_KEY_SIZE_DEF;
+			break;
+		default:
+			printf("***cspDefaultKeySize: Unknown symmetric algorithm\n");
+			keySizeInBits = 0;
+			break;
+	}
+	return keySizeInBits;
+}
+
+/*
+ * Create a random symmetric key.
+ */
+CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
+		uint32 				alg,
+		const char 			*keyLabel,
+		unsigned 			keyLabelLen,
+		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+		uint32 				keySizeInBits,
+		CSSM_BOOL			refKey)
+{
+	CSSM_KEY_PTR 		symKey = (CSSM_KEY_PTR)CSSM_MALLOC(sizeof(CSSM_KEY));
+	CSSM_RETURN			crtn;
+	CSSM_CC_HANDLE 		ccHand;
+	uint32				keyAttr;
+	CSSM_DATA			dummyLabel;
+	
+	if(symKey == NULL) {
+		printf("Insufficient heap space\n");
+		return NULL;
+	}
+	memset(symKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(symKey);
+	if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
+		keySizeInBits = cspDefaultKeySize(alg);
+	}
+	crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
+		alg,
+		keySizeInBits,	// keySizeInBits
+		NULL,			// Seed
+		NULL,			// Salt
+		NULL,			// StartDate
+		NULL,			// EndDate
+		NULL,			// Params
+		&ccHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateKeyGenContext", crtn);
+		goto errorOut;
+	}
+	if(refKey) {
+		keyAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	else {
+		keyAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
+	}
+	dummyLabel.Length = keyLabelLen;
+	dummyLabel.Data = (uint8 *)keyLabel;
+
+	crtn = CSSM_GenerateKey(ccHand,
+		keyUsage,
+		keyAttr,
+		&dummyLabel,
+		NULL,			// ACL
+		symKey);
+	if(crtn) {
+		printError("CSSM_GenerateKey", crtn);
+		goto errorOut;
+	}
+	crtn = CSSM_DeleteContext(ccHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		goto errorOut;
+	}
+	return symKey;
+errorOut:
+	CSSM_FREE(symKey);
+	return NULL;
+}
+
+/*
+ * Derive symmetric key.
+ * Note in the X CSP, we never return an IV. 
+ */
+CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
+		uint32 				deriveAlg,		// CSSM_ALGID_PKCS5_PBKDF2, etc.
+		uint32				keyAlg,			// CSSM_ALGID_RC5, etc.
+		const char 			*keyLabel,
+		unsigned 			keyLabelLen,
+		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+		uint32 				keySizeInBits,
+		CSSM_BOOL			isRefKey,
+		CSSM_DATA_PTR		password,		// in PKCS-5 lingo
+		CSSM_DATA_PTR		salt,			// ditto
+		uint32				iterationCnt,	// ditto
+		CSSM_DATA_PTR		initVector)		// mallocd & RETURNED
+{
+	CSSM_KEY_PTR 				symKey = (CSSM_KEY_PTR)
+									CSSM_MALLOC(sizeof(CSSM_KEY));
+	CSSM_RETURN					crtn;
+	CSSM_CC_HANDLE 				ccHand;
+	uint32						keyAttr;
+	CSSM_DATA					dummyLabel;
+	CSSM_PKCS5_PBKDF2_PARAMS 	pbeParams;
+	CSSM_DATA					pbeData;
+	CSSM_ACCESS_CREDENTIALS		creds;
+	
+	if(symKey == NULL) {
+		printf("Insufficient heap space\n");
+		return NULL;
+	}
+	memset(symKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(symKey);
+	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
+	if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
+		keySizeInBits = cspDefaultKeySize(keyAlg);
+	}
+	crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
+		deriveAlg,
+		keyAlg,
+		keySizeInBits,
+		&creds,
+		NULL,			// BaseKey
+		iterationCnt,
+		salt,
+		NULL,			// seed
+		&ccHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateDeriveKeyContext", crtn);
+		goto errorOut;
+	}
+	keyAttr = CSSM_KEYATTR_EXTRACTABLE;
+	if(isRefKey) {
+		keyAttr |= (CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_SENSITIVE);
+	}
+	else {
+		keyAttr |= CSSM_KEYATTR_RETURN_DATA;
+	}
+	dummyLabel.Length = keyLabelLen;
+	dummyLabel.Data = (uint8 *)keyLabel;
+	
+	/* passing in password is pretty strange....*/
+	pbeParams.Passphrase = *password;
+	pbeParams.PseudoRandomFunction = 
+			CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1;
+	pbeData.Data = (uint8 *)&pbeParams;
+	pbeData.Length = sizeof(pbeParams);
+	crtn = CSSM_DeriveKey(ccHand,
+		&pbeData,
+		keyUsage,
+		keyAttr,
+		&dummyLabel,
+		NULL,			// cred and acl
+		symKey);
+	if(crtn) {
+		printError("CSSM_DeriveKey", crtn);
+		goto errorOut;
+	}
+	/* copy IV back to caller */
+	/* Nope, not supported */
+	#if 0
+	if(pbeParams.InitVector.Data != NULL) {
+		if(initVector->Data != NULL) {
+			if(initVector->Length < pbeParams.InitVector.Length) {
+				printf("***Insufficient InitVector\n");
+				goto errorOut;
+			}
+		}
+		else {
+			initVector->Data = 
+				(uint8 *)CSSM_MALLOC(pbeParams.InitVector.Length);
+		}
+		memmove(initVector->Data, pbeParams.InitVector.Data,
+				pbeParams.InitVector.Length);
+		initVector->Length = pbeParams.InitVector.Length;
+		CSSM_FREE(pbeParams.InitVector.Data);
+	}
+	else {
+		printf("***Warning: CSSM_DeriveKey, no InitVector\n");
+	}
+	#endif
+	crtn = CSSM_DeleteContext(ccHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		goto errorOut;
+	}
+	return symKey;
+errorOut:
+	CSSM_FREE(symKey);
+	return NULL;
+}
+
+/*
+ * Cook up a symmetric key with specified key bits and other
+ * params. Currently the CSPDL can only deal with reference keys except when
+ * doing wrap/unwrap, so we manually cook up a raw key, then we null-unwrap it. 
+ */
+CSSM_RETURN cspGenSymKeyWithBits(
+	CSSM_CSP_HANDLE		cspHand,
+	CSSM_ALGORITHMS		keyAlg,
+	CSSM_KEYUSE			keyUsage,
+	const CSSM_DATA		*keyBits,
+	unsigned			keySizeInBytes,
+	CSSM_KEY_PTR		refKey)				// init'd and RETURNED
+{
+	CSSM_KEY			rawKey;
+	CSSM_KEYHEADER_PTR	hdr = &rawKey.KeyHeader;
+	CSSM_RETURN			crtn;
+	
+	/* set up a raw key the CSP will accept */
+	memset(&rawKey, 0, sizeof(CSSM_KEY));
+	hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
+	hdr->BlobType = CSSM_KEYBLOB_RAW;
+	hdr->Format = CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING;
+	hdr->AlgorithmId = keyAlg;
+	hdr->KeyClass = CSSM_KEYCLASS_SESSION_KEY;
+	hdr->LogicalKeySizeInBits = keySizeInBytes * 8;
+	hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
+	hdr->KeyUsage = keyUsage;
+	appSetupCssmData(&rawKey.KeyData, keySizeInBytes);
+	memmove(rawKey.KeyData.Data, keyBits->Data, keySizeInBytes);
+	
+	/* convert to a ref key */
+	crtn = cspRawKeyToRef(cspHand, &rawKey, refKey);
+	appFreeCssmData(&rawKey.KeyData, CSSM_FALSE);
+	return crtn;
+}
+
+/*
+ * Free a key. This frees a CSP's resources associated with the key if
+ * the key is a reference key. It also frees key->KeyData. The CSSM_KEY
+ * struct itself is not freed.
+ * Note this has no effect on the CSP or DL cached keys unless the incoming
+ * key is a reference key.
+ */
+CSSM_RETURN	cspFreeKey(CSSM_CSP_HANDLE cspHand,
+	CSSM_KEY_PTR key)
+{
+	CSSM_RETURN crtn;
+	crtn = CSSM_FreeKey(cspHand, 
+		NULL,		// access cred
+		key,
+		CSSM_FALSE);	// delete - OK? maybe should parameterize?
+	if(crtn) {
+		printError("CSSM_FreeKey", crtn);
+	}
+	return crtn;
+}
+
+/* generate a random and reasonable key size in bits for specified CSSM algorithm */
+uint32 randKeySizeBits(uint32 alg, 
+	opType op)			// OT_Encrypt, etc.
+{
+	uint32 minSize;
+	uint32 maxSize;
+	uint32 size;
+	
+	switch(alg) {
+		case CSSM_ALGID_DES:
+			return CSP_DES_KEY_SIZE_DEFAULT;
+		case CSSM_ALGID_3DES_3KEY:
+		case CSSM_ALGID_DESX:
+			return CSP_DES3_KEY_SIZE_DEFAULT;
+		case CSSM_ALGID_ASC:
+		case CSSM_ALGID_RC2:
+		case CSSM_ALGID_RC4:
+		case CSSM_ALGID_RC5:
+			minSize = 5 * 8;
+			maxSize = MAX_KEY_SIZE_RC245_BYTES * 8 ;	// somewhat arbitrary
+			break;
+		case CSSM_ALGID_BLOWFISH:
+			minSize = 32;
+			maxSize = 448;
+			break;
+		case CSSM_ALGID_CAST:
+			minSize = 40;
+			maxSize = 128;
+			break;
+		case CSSM_ALGID_IDEA:
+			return CSP_IDEA_KEY_SIZE_DEFAULT;
+		case CSSM_ALGID_RSA:
+			minSize = CSP_RSA_KEY_SIZE_DEFAULT;
+			maxSize = 1024;
+			break;
+		case CSSM_ALGID_DSA:
+			/* signature only, no export restriction */
+			minSize = 512;
+			maxSize = 1024;
+			break;
+		case CSSM_ALGID_SHA1HMAC:
+			minSize = 20 * 8;
+			maxSize = 256 * 8;
+			break;
+		case CSSM_ALGID_MD5HMAC:
+			minSize = 16 * 8;
+			maxSize = 256 * 8;
+			break;
+		case CSSM_ALGID_FEE:
+		case CSSM_ALGID_ECDSA:
+		case CSSM_ALGID_SHA1WithECDSA:
+			/* FEE, ECDSA require discrete sizes */
+			size = genRand(1,3);
+			switch(size) {
+				case 1:
+					return 31;
+				case 2:
+					if(alg == CSSM_ALGID_FEE) {
+						return 127;
+					}
+					else {
+						return 128;
+					}
+				case 3:
+					return 161;
+				case 5:
+					return 192;
+				default:
+					printf("randKeySizeBits: internal error\n");
+					return 0;
+			}
+		case CSSM_ALGID_AES:
+			size = genRand(1, 3);
+			switch(size) {
+				case 1:
+					return 128;
+				case 2:
+					return 192;
+				case 3:
+					return 256;
+			}
+		case CSSM_ALGID_NONE:
+			return CSP_NULL_CRYPT_KEY_SIZE_DEF;
+		default:
+			printf("randKeySizeBits: unknown alg\n");
+			return CSP_KEY_SIZE_DEFAULT;
+	}
+	size = genRand(minSize, maxSize);
+	
+	/* per-alg postprocessing.... */
+	if(alg != CSSM_ALGID_RC2) {
+		size &= ~0x7;
+	}
+	switch(alg) {
+		case CSSM_ALGID_RSA:
+			// new for X - strong keys */
+			size &= ~(16 - 1);
+			break;
+		case CSSM_ALGID_DSA:
+			/* size mod 64 == 0 */
+			size &= ~(64 - 1);
+			break;
+		default:
+			break;
+	}
+	return size;
+}
+
+#pragma mark --------- Encrypt/Decrypt ---------
+
+/*
+ * Encrypt/Decrypt
+ */
+/*
+ * Common routine for encrypt/decrypt - cook up an appropriate context handle
+ */
+/*
+ * When true, effectiveKeySizeInBits is passed down via the Params argument.
+ * Otherwise, we add a customized context attribute.
+ * Setting this true works with the stock Intel CSSM; this may well change.
+ * Note this overloading prevent us from specifying RC5 rounds....
+ */
+#define EFFECTIVE_SIZE_VIA_PARAMS		0
+CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key0,
+		const CSSM_KEY *key1,				// for CSSM_ALGID_FEED only - must be the 
+											// public key
+		const CSSM_DATA *iv,				// optional
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds)						// ditto
+{
+	CSSM_CC_HANDLE cryptHand = 0;
+	uint32 params;
+	CSSM_RETURN crtn;
+	CSSM_ACCESS_CREDENTIALS	creds;
+	
+	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
+	#if	EFFECTIVE_SIZE_VIA_PARAMS
+	params = effectiveKeySizeInBits;
+	#else
+	params = 0;
+	#endif
+	switch(algorithm) {
+		case CSSM_ALGID_DES:
+		case CSSM_ALGID_3DES_3KEY_EDE:
+		case CSSM_ALGID_DESX:
+		case CSSM_ALGID_ASC:
+		case CSSM_ALGID_RC2:
+		case CSSM_ALGID_RC4:
+		case CSSM_ALGID_RC5:
+		case CSSM_ALGID_AES:
+		case CSSM_ALGID_BLOWFISH:
+		case CSSM_ALGID_CAST:
+		case CSSM_ALGID_IDEA:
+		case CSSM_ALGID_NONE:		// used for wrapKey()
+			crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
+				algorithm,
+				mode,
+				NULL,			// access cred
+				key0,
+				iv,				// InitVector
+				padding,	
+				NULL,			// Params
+				&cryptHand);
+			if(crtn) {
+				printError("CSSM_CSP_CreateSymmetricContext", crtn);
+				return 0;
+			}
+			break;
+		case CSSM_ALGID_FEED:
+		case CSSM_ALGID_FEEDEXP:
+		case CSSM_ALGID_FEECFILE:
+		case CSSM_ALGID_RSA:
+			 crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
+				algorithm,
+				&creds,			// access
+				key0,
+				padding,
+				&cryptHand);
+			if(crtn) {
+				printError("CSSM_CSP_CreateAsymmetricContext", crtn);
+				return 0;
+			}
+			if(key1 != NULL) {
+				/*
+				 * FEED, some CFILE. Add (non-standard) second key attribute.
+				 */
+				crtn = AddContextAttribute(cryptHand,
+						CSSM_ATTRIBUTE_PUBLIC_KEY,
+						sizeof(CSSM_KEY),			// currently sizeof CSSM_DATA
+						CAT_Ptr,
+						key1,
+						0);
+				if(crtn) {
+					printError("AddContextAttribute", crtn);
+					return 0;
+				}
+			}
+			if(mode != CSSM_ALGMODE_NONE) {
+				/* special case, e.g., CSSM_ALGMODE_PUBLIC_KEY */
+				crtn = AddContextAttribute(cryptHand,
+						CSSM_ATTRIBUTE_MODE,
+						sizeof(uint32),
+						CAT_Uint32,
+						NULL,
+						mode);
+				if(crtn) {
+					printError("AddContextAttribute", crtn);
+					return 0;
+				}
+			}
+			break;
+		default:
+			printf("genCryptHandle: bogus algorithm\n");
+			return 0;
+	}
+	#if		!EFFECTIVE_SIZE_VIA_PARAMS
+	/* add optional EffectiveKeySizeInBits and rounds attributes */
+	if(effectiveKeySizeInBits != 0) {
+		CSSM_CONTEXT_ATTRIBUTE attr;
+		attr.AttributeType = CSSM_ATTRIBUTE_EFFECTIVE_BITS;
+		attr.AttributeLength = sizeof(uint32);
+		attr.Attribute.Uint32 = effectiveKeySizeInBits;
+		crtn = CSSM_UpdateContextAttributes(
+			cryptHand,
+			1,
+			&attr);
+		if(crtn) {
+			printError("CSSM_UpdateContextAttributes", crtn);
+			return crtn;
+		}
+	}
+	#endif
+	
+	if(rounds != 0) {
+		CSSM_CONTEXT_ATTRIBUTE attr;
+		attr.AttributeType = CSSM_ATTRIBUTE_ROUNDS;
+		attr.AttributeLength = sizeof(uint32);
+		attr.Attribute.Uint32 = rounds;
+		crtn = CSSM_UpdateContextAttributes(
+			cryptHand,
+			1,
+			&attr);
+		if(crtn) {
+			printError("CSSM_UpdateContextAttributes", crtn);
+			return crtn;
+		}
+	}
+
+	return cryptHand;
+}
+
+CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ptext,
+		CSSM_DATA_PTR ctext,				// RETURNED
+		CSSM_BOOL mallocCtext)				// if true, and ctext empty, malloc
+											// by getting size from CSP
+{
+	CSSM_CC_HANDLE 	cryptHand;
+	CSSM_RETURN		crtn;
+	CSSM_SIZE		bytesEncrypted;
+	CSSM_DATA		remData = {0, NULL};
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		origCtextLen;			// the amount we malloc, if any
+	CSSM_RETURN		savedErr = CSSM_OK;
+	CSSM_BOOL		restoreErr = CSSM_FALSE;
+	
+	cryptHand = genCryptHandle(cspHand, 
+		algorithm, 
+		mode, 
+		padding,
+		key, 
+		pubKey, 
+		iv, 
+		effectiveKeySizeInBits,
+		rounds);
+	if(cryptHand == 0) {
+		return CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	if(mallocCtext && (ctext->Length == 0)) {
+		CSSM_QUERY_SIZE_DATA querySize;
+		querySize.SizeInputBlock = ptext->Length;
+		crtn = CSSM_QuerySize(cryptHand,
+			CSSM_TRUE,						// encrypt
+			1,
+			&querySize);
+		if(crtn) {
+			printError("CSSM_QuerySize", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(querySize.SizeOutputBlock == 0) {
+			/* CSP couldn't figure this out; skip our malloc */
+			printf("***cspEncrypt: warning: cipherTextSize unknown; "
+				"skipping malloc\n");
+			origCtextLen = 0;
+		}
+		else {
+			ctext->Data = (uint8 *)
+				appMalloc(querySize.SizeOutputBlock, NULL);
+			if(ctext->Data == NULL) {
+				printf("Insufficient heap space\n");
+				ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
+				goto abort;
+			}
+			ctext->Length = origCtextLen = querySize.SizeOutputBlock;
+			memset(ctext->Data, 0, ctext->Length);
+		}
+	}
+	else {
+		origCtextLen = ctext->Length;
+	}
+	crtn = CSSM_EncryptData(cryptHand,
+		ptext,
+		1,
+		ctext,
+		1,
+		&bytesEncrypted,
+		&remData);
+	if(crtn == CSSM_OK) {
+		/*
+		 * Deal with remData - its contents are included in bytesEncrypted.
+		 */
+		if((remData.Length != 0) && mallocCtext) {
+			/* shouldn't happen - right? */
+			if(bytesEncrypted > origCtextLen) {
+				/* malloc and copy a new one */
+				uint8 *newCdata = (uint8 *)appMalloc(bytesEncrypted, NULL);
+				printf("**Warning: app malloced cipherBuf, but got nonzero "
+					"remData!\n");
+				if(newCdata == NULL) {
+					printf("Insufficient heap space\n");
+					ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
+					goto abort;
+				}
+				memmove(newCdata, ctext->Data, ctext->Length);
+				memmove(newCdata+ctext->Length, remData.Data, remData.Length);
+				CSSM_FREE(ctext->Data);
+				ctext->Data = newCdata;
+			}
+			else {
+				/* there's room left over */
+				memmove(ctext->Data+ctext->Length, remData.Data, remData.Length);
+			}
+			ctext->Length = bytesEncrypted;
+		}
+		// NOTE: We return the proper length in ctext....
+		ctext->Length = bytesEncrypted;
+	}
+	else {
+		savedErr = crtn;
+		restoreErr = CSSM_TRUE;
+		printError("CSSM_EncryptData", crtn);
+	}
+abort:
+	crtn = CSSM_DeleteContext(cryptHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	if(restoreErr) {
+		ocrtn = savedErr;
+	}
+	return ocrtn;
+}
+
+#define PAD_IMPLIES_RAND_PTEXTSIZE	1
+#define LOG_STAGED_OPS				0
+#if		LOG_STAGED_OPS
+#define soprintf(s)	printf s
+#else
+#define soprintf(s)
+#endif
+
+CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 cipherBlockSize,				// ditto
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ptext,
+		CSSM_DATA_PTR ctext,				// RETURNED, we malloc
+		CSSM_BOOL multiUpdates)				// false:single update, true:multi updates
+{
+	CSSM_CC_HANDLE 	cryptHand;
+	CSSM_RETURN		crtn;
+	CSSM_SIZE		bytesEncrypted;			// per update
+	CSSM_SIZE		bytesEncryptedTotal = 0;
+	CSSM_RETURN		ocrtn = CSSM_OK;		// 'our' crtn
+	unsigned		toMove;					// remaining
+	unsigned		thisMove;				// bytes to encrypt on this update
+	CSSM_DATA		thisPtext;				// running ptr into ptext
+	CSSM_DATA		ctextWork;				// per update, mallocd by CSP
+	CSSM_QUERY_SIZE_DATA querySize;
+	uint8			*origCtext;				// initial ctext->Data
+	unsigned		origCtextLen;			// amount we mallocd
+	CSSM_BOOL		restoreErr = CSSM_FALSE;
+	CSSM_RETURN		savedErr = CSSM_OK;
+	
+	
+	cryptHand = genCryptHandle(cspHand, 
+		algorithm, 
+		mode, 
+		padding,
+		key, 
+		pubKey, 
+		iv,
+		effectiveKeySizeInBits,
+		rounds);
+	if(cryptHand == 0) {
+		return CSSMERR_CSP_INTERNAL_ERROR;
+	}
+	if(cipherBlockSize) {
+		crtn = AddContextAttribute(cryptHand,
+			CSSM_ATTRIBUTE_BLOCK_SIZE,
+			sizeof(uint32),
+			CAT_Uint32,
+			NULL,
+			cipherBlockSize);
+		if(crtn) {
+			printError("CSSM_UpdateContextAttributes", crtn);
+			goto abort;
+		}
+	}
+	
+	/* obtain total required ciphertext size and block size */
+	querySize.SizeInputBlock = ptext->Length;
+	crtn = CSSM_QuerySize(cryptHand,
+		CSSM_TRUE,						// encrypt
+		1,
+		&querySize);
+	if(crtn) {
+		printError("CSSM_QuerySize(1)", crtn);
+		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+		goto abort;
+	}
+	if(querySize.SizeOutputBlock == 0) {
+		/* CSP couldn't figure this out; skip our malloc - caller is taking its
+		 * chances */
+		printf("***cspStagedEncrypt: warning: cipherTextSize unknown; aborting\n");
+		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+		goto abort;
+	}
+	else {
+		origCtextLen = querySize.SizeOutputBlock;
+		if(algorithm == CSSM_ALGID_ASC) {
+			/* ASC is weird - the more chunks we do, the bigger the
+			 * resulting ctext...*/
+			origCtextLen *= 2;
+		}
+		ctext->Length = origCtextLen;
+		ctext->Data   = origCtext = (uint8 *)appMalloc(origCtextLen, NULL);
+		if(ctext->Data == NULL) {
+			printf("Insufficient heap space\n");
+			ocrtn = CSSMERR_CSP_MEMORY_ERROR;
+			goto abort;
+		}
+		memset(ctext->Data, 0, ctext->Length);
+	}
+
+	crtn = CSSM_EncryptDataInit(cryptHand);
+	if(crtn) {
+		printError("CSSM_EncryptDataInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	
+	toMove = ptext->Length;
+	thisPtext.Data = ptext->Data;
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			/* just do one pass thru this loop */
+			thisMove = toMove;
+		}
+		thisPtext.Length = thisMove;
+		/* let CSP do the individual mallocs */
+		ctextWork.Data = NULL;
+		ctextWork.Length = 0;
+		soprintf(("*** EncryptDataUpdate: ptextLen 0x%x\n", thisMove));
+		crtn = CSSM_EncryptDataUpdate(cryptHand,
+			&thisPtext,
+			1,
+			&ctextWork,
+			1,
+			&bytesEncrypted);
+		if(crtn) {
+			printError("CSSM_EncryptDataUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		// NOTE: We return the proper length in ctext....
+		ctextWork.Length = bytesEncrypted;
+		soprintf(("*** EncryptDataUpdate: ptextLen 0x%x  bytesEncrypted 0x%x\n",
+			thisMove, bytesEncrypted));
+		thisPtext.Data += thisMove;
+		toMove         -= thisMove;
+		if(bytesEncrypted > ctext->Length) {
+			printf("cspStagedEncrypt: ctext overflow!\n");
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(bytesEncrypted != 0) {
+			memmove(ctext->Data, ctextWork.Data, bytesEncrypted);
+			bytesEncryptedTotal += bytesEncrypted;
+			ctext->Data         += bytesEncrypted;
+			ctext->Length       -= bytesEncrypted;
+		}
+		if(ctextWork.Data != NULL) {
+			CSSM_FREE(ctextWork.Data);
+		}
+	}
+	/* OK, one more */
+	ctextWork.Data = NULL;
+	ctextWork.Length = 0;
+	crtn = CSSM_EncryptDataFinal(cryptHand, &ctextWork);
+	if(crtn) {
+		printError("CSSM_EncryptDataFinal", crtn);
+		savedErr = crtn;
+		restoreErr = CSSM_TRUE;
+		goto abort;
+	}
+	if(ctextWork.Length != 0) {
+		bytesEncryptedTotal += ctextWork.Length;
+		if(ctextWork.Length > ctext->Length) {
+			printf("cspStagedEncrypt: ctext overflow (2)!\n");
+			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+			goto abort;
+		}
+		memmove(ctext->Data, ctextWork.Data, ctextWork.Length);
+	}
+	if(ctextWork.Data) {
+		/* this could have gotten mallocd and Length still be zero */
+		CSSM_FREE(ctextWork.Data);
+	}
+
+	/* retweeze ctext */
+	ctext->Data   = origCtext;
+	ctext->Length = bytesEncryptedTotal;
+abort:
+	crtn = CSSM_DeleteContext(cryptHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	if(restoreErr) {
+		/* give caller the error from the encrypt */
+		ocrtn = savedErr;
+	}
+	return ocrtn;
+}
+
+CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ctext,
+		CSSM_DATA_PTR ptext,				// RETURNED
+		CSSM_BOOL mallocPtext)				// if true and ptext->Length = 0,
+											//   we'll malloc
+{
+	CSSM_CC_HANDLE 	cryptHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	CSSM_SIZE		bytesDecrypted;
+	CSSM_DATA		remData = {0, NULL};
+	unsigned		origPtextLen;			// the amount we malloc, if any
+
+	cryptHand = genCryptHandle(cspHand, 
+		algorithm, 
+		mode, 
+		padding,
+		key, 
+		pubKey, 
+		iv,
+		effectiveKeySizeInBits,
+		rounds);
+	if(cryptHand == 0) {
+		return CSSMERR_CSP_INTERNAL_ERROR;
+	}
+	if(mallocPtext && (ptext->Length == 0)) {
+		CSSM_QUERY_SIZE_DATA querySize;
+		querySize.SizeInputBlock = ctext->Length;
+		crtn = CSSM_QuerySize(cryptHand,
+			CSSM_FALSE,						// encrypt
+			1,
+			&querySize);
+		if(crtn) {
+			printError("CSSM_QuerySize", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(querySize.SizeOutputBlock == 0) {
+			/* CSP couldn't figure this one out; skip our malloc */
+			printf("***cspDecrypt: warning: plainTextSize unknown; "
+				"skipping malloc\n");
+			origPtextLen = 0;
+		}
+		else {
+			ptext->Data = 
+				(uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
+			if(ptext->Data == NULL) {
+				printf("Insufficient heap space\n");
+				ocrtn = CSSMERR_CSP_MEMORY_ERROR;
+				goto abort;
+			}
+			ptext->Length = origPtextLen = querySize.SizeOutputBlock;
+			memset(ptext->Data, 0, ptext->Length);
+		}
+	}
+	else {
+		origPtextLen = ptext->Length;
+	}
+	crtn = CSSM_DecryptData(cryptHand,
+		ctext,
+		1,
+		ptext,
+		1,
+		&bytesDecrypted,
+		&remData);
+	if(crtn == CSSM_OK) {
+		/*
+		 * Deal with remData - its contents are included in bytesDecrypted.
+		 */
+		if((remData.Length != 0) && mallocPtext) {
+			/* shouldn't happen - right? */
+			if(bytesDecrypted > origPtextLen) {
+				/* malloc and copy a new one */
+				uint8 *newPdata = (uint8 *)appMalloc(bytesDecrypted, NULL);
+				printf("**Warning: app malloced ClearBuf, but got nonzero "
+					"remData!\n");
+				if(newPdata == NULL) {
+					printf("Insufficient heap space\n");
+					ocrtn = CSSMERR_CSP_MEMORY_ERROR;
+					goto abort;
+				}
+				memmove(newPdata, ptext->Data, ptext->Length);
+				memmove(newPdata + ptext->Length,
+					remData.Data, remData.Length);
+				CSSM_FREE(ptext->Data);
+				ptext->Data = newPdata;
+			}
+			else {
+				/* there's room left over */
+				memmove(ptext->Data + ptext->Length,
+					remData.Data, remData.Length);
+			}
+			ptext->Length = bytesDecrypted;
+		}
+		// NOTE: We return the proper length in ptext....
+		ptext->Length = bytesDecrypted;
+		
+		// FIXME - sometimes get mallocd RemData here, but never any valid data
+		// there...side effect of CSPFullPluginSession's buffer handling logic;
+		// but will we ever actually see valid data in RemData? So far we never
+		// have....
+		if(remData.Data != NULL) {
+			appFree(remData.Data, NULL);
+		}
+	}
+	else {
+		printError("CSSM_DecryptData", crtn);
+		ocrtn = crtn;
+	}
+abort:
+	crtn = CSSM_DeleteContext(cryptHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 cipherBlockSize,				// ditto
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ctext,
+		CSSM_DATA_PTR ptext,				// RETURNED, we malloc
+		CSSM_BOOL multiUpdates)				// false:single update, true:multi updates
+{
+	CSSM_CC_HANDLE 	cryptHand;
+	CSSM_RETURN		crtn;
+	CSSM_SIZE		bytesDecrypted;			// per update
+	CSSM_SIZE		bytesDecryptedTotal = 0;
+	CSSM_RETURN		ocrtn = CSSM_OK;		// 'our' crtn
+	unsigned		toMove;					// remaining
+	unsigned		thisMove;				// bytes to encrypt on this update
+	CSSM_DATA		thisCtext;				// running ptr into ptext
+	CSSM_DATA		ptextWork;				// per update, mallocd by CSP
+	CSSM_QUERY_SIZE_DATA querySize;
+	uint8			*origPtext;				// initial ptext->Data
+	unsigned		origPtextLen;			// amount we mallocd
+	
+	cryptHand = genCryptHandle(cspHand, 
+		algorithm, 
+		mode, 
+		padding,
+		key, 
+		pubKey, 
+		iv,
+		effectiveKeySizeInBits,
+		rounds);
+	if(cryptHand == 0) {
+		return CSSMERR_CSP_INTERNAL_ERROR;
+	}
+	if(cipherBlockSize) {
+		crtn = AddContextAttribute(cryptHand,
+			CSSM_ATTRIBUTE_BLOCK_SIZE,
+			sizeof(uint32),
+			CAT_Uint32,
+			NULL,
+			cipherBlockSize);
+		if(crtn) {
+			printError("CSSM_UpdateContextAttributes", crtn);
+			goto abort;
+		}
+	}
+	
+	/* obtain total required ciphertext size and block size */
+	querySize.SizeInputBlock = ctext->Length;
+	crtn = CSSM_QuerySize(cryptHand,
+		CSSM_FALSE,						// encrypt
+		1,
+		&querySize);
+	if(crtn) {
+		printError("CSSM_QuerySize(1)", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	
+	/* required ptext size should be independent of number of chunks */
+	if(querySize.SizeOutputBlock == 0) {
+		printf("***warning: cspStagedDecrypt: plainTextSize unknown; aborting\n");
+		ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+		goto abort;
+	}
+	else {
+		// until exit, ptext->Length indicates remaining bytes of usable data in
+		// ptext->Data
+		ptext->Length = origPtextLen = querySize.SizeOutputBlock;
+		ptext->Data   = origPtext    = 
+			(uint8 *)appMalloc(origPtextLen, NULL);
+		if(ptext->Data == NULL) {
+			printf("Insufficient heap space\n");
+			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+			goto abort;
+		}
+		memset(ptext->Data, 0, ptext->Length);
+	}
+	
+	crtn = CSSM_DecryptDataInit(cryptHand);
+	if(crtn) {
+		printError("CSSM_DecryptDataInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = ctext->Length;
+	thisCtext.Data = ctext->Data;
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			/* just do one pass thru this loop */
+			thisMove = toMove;
+		}
+		thisCtext.Length = thisMove;
+		/* let CSP do the individual mallocs */
+		ptextWork.Data = NULL;
+		ptextWork.Length = 0;
+		soprintf(("*** DecryptDataUpdate: ctextLen 0x%x\n", thisMove));
+		crtn = CSSM_DecryptDataUpdate(cryptHand,
+			&thisCtext,
+			1,
+			&ptextWork,
+			1,
+			&bytesDecrypted);
+		if(crtn) {
+			printError("CSSM_DecryptDataUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		//
+		// NOTE: We return the proper length in ptext....
+		ptextWork.Length = bytesDecrypted;
+		thisCtext.Data += thisMove;
+		toMove         -= thisMove;
+		if(bytesDecrypted > ptext->Length) {
+			printf("cspStagedDecrypt: ptext overflow!\n");
+			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+			goto abort;
+		}
+		if(bytesDecrypted != 0) {
+			memmove(ptext->Data, ptextWork.Data, bytesDecrypted);
+			bytesDecryptedTotal += bytesDecrypted;
+			ptext->Data         += bytesDecrypted;
+			ptext->Length       -= bytesDecrypted;
+		}
+		if(ptextWork.Data != NULL) {
+			CSSM_FREE(ptextWork.Data);
+		}
+	}
+	/* OK, one more */
+	ptextWork.Data = NULL;
+	ptextWork.Length = 0;
+	crtn = CSSM_DecryptDataFinal(cryptHand, &ptextWork);
+	if(crtn) {
+		printError("CSSM_DecryptDataFinal", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	if(ptextWork.Length != 0) {
+		bytesDecryptedTotal += ptextWork.Length;
+		if(ptextWork.Length > ptext->Length) {
+			printf("cspStagedDecrypt: ptext overflow (2)!\n");
+			ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
+			goto abort;
+		}
+		memmove(ptext->Data, ptextWork.Data, ptextWork.Length);
+	}
+	if(ptextWork.Data) {
+		/* this could have gotten mallocd and Length still be zero */
+		CSSM_FREE(ptextWork.Data);
+	}
+	
+	/* retweeze ptext */
+	ptext->Data   = origPtext;
+	ptext->Length = bytesDecryptedTotal;
+abort:
+	crtn = CSSM_DeleteContext(cryptHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+#pragma mark --------- sign/verify/MAC ---------
+
+/*
+ * Signature routines
+ * This all-in-one sign op has a special case for RSA keys. If the requested
+ * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA sign. 
+ * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by 
+ * raw DSA sign.
+ */
+
+CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR sig)					// RETURNED
+{
+	CSSM_CC_HANDLE	sigHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	const CSSM_DATA	*ptext;
+	CSSM_DATA		digest = {0, NULL};
+	CSSM_ALGORITHMS	digestAlg = CSSM_ALGID_NONE;
+
+	/* handle special cases for raw sign */
+	switch(algorithm) {
+		case CSSM_ALGID_SHA1:
+			digestAlg = CSSM_ALGID_SHA1;
+			algorithm = CSSM_ALGID_RSA;
+			break;
+		case CSSM_ALGID_MD5:
+			digestAlg = CSSM_ALGID_MD5;
+			algorithm = CSSM_ALGID_RSA;
+			break;
+		case CSSM_ALGID_DSA:
+			digestAlg = CSSM_ALGID_SHA1;
+			algorithm = CSSM_ALGID_DSA;
+			break;
+		default:
+			break;
+	}
+	if(digestAlg != CSSM_ALGID_NONE) {
+		crtn = cspDigest(cspHand,
+			digestAlg,
+			CSSM_FALSE,			// mallocDigest
+			text,
+			&digest);
+		if(crtn) {
+			return crtn;
+		}	
+		/* sign digest with raw RSA/DSA */
+		ptext = &digest;
+	}
+	else {
+		ptext = text;
+	}
+	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
+		algorithm,
+		NULL,				// passPhrase
+		key,
+		&sigHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_SignData(sigHand,
+		ptext,
+		1,
+		digestAlg,
+		sig);
+	if(crtn) {
+		printError("CSSM_SignData", crtn);
+		ocrtn = crtn;
+	}
+	crtn = CSSM_DeleteContext(sigHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	if(digest.Data != NULL) {
+		CSSM_FREE(digest.Data);
+	}
+	return ocrtn;
+}
+
+/*
+ * Staged sign. Each update does a random number of bytes 'till through.
+ */
+CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_DATA_PTR sig)					// RETURNED
+{
+	CSSM_CC_HANDLE	sigHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		thisMove;				// this update
+	unsigned		toMove;					// total to go
+	CSSM_DATA		thisText;				// actaully passed to update
+	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
+		algorithm,
+		NULL,				// passPhrase
+		key,
+		&sigHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_SignDataInit(sigHand);
+	if(crtn) {
+		printError("CSSM_SignDataInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = text->Length;
+	thisText.Data = text->Data;
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			thisMove = toMove;
+		}
+		thisText.Length = thisMove;
+		crtn = CSSM_SignDataUpdate(sigHand,
+			&thisText,
+			1);
+		if(crtn) {
+			printError("CSSM_SignDataUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		thisText.Data += thisMove;
+		toMove -= thisMove;
+	}
+	crtn = CSSM_SignDataFinal(sigHand, sig);
+	if(crtn) {
+		printError("CSSM_SignDataFinal", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+abort:
+	crtn = CSSM_DeleteContext(sigHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+/*
+ * This all-in-one verify op has a special case for RSA keys. If the requested
+ * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA verify.
+ * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by 
+ * raw DSA sign.
+ */ 
+ 
+CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// public key
+		const CSSM_DATA *text,
+		const CSSM_DATA *sig,
+		CSSM_RETURN expectResult)			// expected result is verify failure
+											// CSSM_OK - expect success
+{
+	CSSM_CC_HANDLE	sigHand;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	CSSM_RETURN		crtn;
+	const CSSM_DATA	*ptext;
+	CSSM_DATA		digest = {0, NULL};
+	CSSM_ALGORITHMS	digestAlg = CSSM_ALGID_NONE;
+	
+	/* handle special cases for raw sign */
+	switch(algorithm) {
+		case CSSM_ALGID_SHA1:
+			digestAlg = CSSM_ALGID_SHA1;
+			algorithm = CSSM_ALGID_RSA;
+			break;
+		case CSSM_ALGID_MD5:
+			digestAlg = CSSM_ALGID_MD5;
+			algorithm = CSSM_ALGID_RSA;
+			break;
+		case CSSM_ALGID_DSA:
+			digestAlg = CSSM_ALGID_SHA1;
+			algorithm = CSSM_ALGID_DSA;
+			break;
+		default:
+			break;
+	}
+	if(digestAlg != CSSM_ALGID_NONE) {
+		crtn = cspDigest(cspHand,
+			digestAlg,
+			CSSM_FALSE,			// mallocDigest
+			text,
+			&digest);
+		if(crtn) {
+			return crtn;
+		}	
+		/* sign digest with raw RSA/DSA */
+		ptext = &digest;
+	}
+	else {
+		ptext = text;
+	}
+	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
+		algorithm,
+		NULL,				// passPhrase
+		key,
+		&sigHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateSignatureContext (3)", crtn);
+		return crtn;
+	}
+	
+	crtn = CSSM_VerifyData(sigHand,
+		ptext,
+		1,
+		digestAlg,
+		sig);
+	if(crtn != expectResult) {
+		if(!crtn) {
+			printf("Unexpected good Sig Verify\n");
+		}
+		else {
+			printError("CSSM_VerifyData", crtn);
+		}
+		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	crtn = CSSM_DeleteContext(sigHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	if(digest.Data != NULL) {
+		CSSM_FREE(digest.Data);
+	}
+	return ocrtn;
+}
+
+/*
+ * Staged verify. Each update does a random number of bytes 'till through.
+ */
+CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		const CSSM_DATA *sig,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_RETURN expectResult)			// expected result is verify failure
+											// CSSM_TRUE - expect success
+{
+	CSSM_CC_HANDLE	sigHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		thisMove;				// this update
+	unsigned		toMove;					// total to go
+	CSSM_DATA		thisText;				// actaully passed to update
+	crtn = CSSM_CSP_CreateSignatureContext(cspHand,
+		algorithm,
+		NULL,				// passPhrase
+		key,
+		&sigHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateSignatureContext (4)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_VerifyDataInit(sigHand);
+	if(crtn) {
+		printError("CSSM_VerifyDataInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = text->Length;
+	thisText.Data = text->Data;
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			thisMove = toMove;
+		}
+		thisText.Length = thisMove;
+		crtn = CSSM_VerifyDataUpdate(sigHand,
+			&thisText,
+			1);
+		if(crtn) {
+			printError("CSSM_VerifyDataUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		thisText.Data += thisMove;
+		toMove -= thisMove;
+	}
+	crtn = CSSM_VerifyDataFinal(sigHand, sig);
+	if(crtn != expectResult) {
+		if(crtn) {
+			printError("CSSM_VerifyDataFinal", crtn);
+		}
+		else {
+			printf("Unexpected good Staged Sig Verify\n");
+		}
+		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+abort:
+	crtn = CSSM_DeleteContext(sigHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+/*
+ * MAC routines
+ */
+CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// session key
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR mac)					// RETURNED
+{
+	CSSM_CC_HANDLE	macHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	crtn = CSSM_CSP_CreateMacContext(cspHand,
+		algorithm,
+		key,
+		&macHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateMacContext (1)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_GenerateMac(macHand,
+		text,
+		1,
+		mac);
+	if(crtn) {
+		printError("CSSM_GenerateMac", crtn);
+		ocrtn = crtn;
+	}
+	crtn = CSSM_DeleteContext(macHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+/*
+ * Staged generate mac. 
+ */
+CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_BOOL mallocMac,				// if true and digest->Length = 0, we'll 
+											//		malloc
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_DATA_PTR mac)					// RETURNED
+{
+	CSSM_CC_HANDLE	macHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		thisMove;				// this update
+	unsigned		toMove;					// total to go
+	CSSM_DATA		thisText;				// actaully passed to update
+	
+	crtn = CSSM_CSP_CreateMacContext(cspHand,
+		algorithm,
+		key,
+		&macHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateMacContext (2)", crtn);
+		return crtn;
+	}
+
+	if(mallocMac && (mac->Length == 0)) {
+		/* malloc mac - ask CSP for size */
+		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
+		crtn = CSSM_QuerySize(macHand,
+			CSSM_TRUE,						// encrypt
+			1,
+			&querySize);
+		if(crtn) {
+			printError("CSSM_QuerySize(mac)", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(querySize.SizeOutputBlock == 0) {
+			printf("Unknown mac size\n");
+			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+			goto abort;
+		}
+		mac->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
+		if(mac->Data == NULL) {
+			printf("malloc failure\n");
+			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
+			goto abort;
+		}
+		mac->Length = querySize.SizeOutputBlock;
+	}
+
+	crtn = CSSM_GenerateMacInit(macHand);
+	if(crtn) {
+		printError("CSSM_GenerateMacInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = text->Length;
+	thisText.Data = text->Data;
+	
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			thisMove = toMove;
+		}
+		thisText.Length = thisMove;
+		crtn = CSSM_GenerateMacUpdate(macHand,
+			&thisText,
+			1);
+		if(crtn) {
+			printError("CSSM_GenerateMacUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		thisText.Data += thisMove;
+		toMove -= thisMove;
+	}
+	crtn = CSSM_GenerateMacFinal(macHand, mac);
+	if(crtn) {
+		printError("CSSM_GenerateMacFinal", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+abort:
+	crtn = CSSM_DeleteContext(macHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// public key
+		const CSSM_DATA *text,
+		const CSSM_DATA_PTR mac,
+		CSSM_RETURN expectResult)			// expected result 
+											// CSSM_OK - expect success
+{
+	CSSM_CC_HANDLE	macHand;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	CSSM_RETURN		crtn;
+	crtn = CSSM_CSP_CreateMacContext(cspHand,
+		algorithm,
+		key,
+		&macHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateMacContext (3)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_VerifyMac(macHand,
+		text,
+		1,
+		mac);
+	if(crtn != expectResult) {
+		if(crtn) {
+			printError("CSSM_VerifyMac", crtn);
+		}
+		else {
+			printf("Unexpected good Mac Verify\n");
+		}
+		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	crtn = CSSM_DeleteContext(macHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+/*
+ * Staged mac verify. Each update does a random number of bytes 'till through.
+ */
+CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		const CSSM_DATA_PTR mac,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_RETURN expectResult)			// expected result is verify failure
+											// CSSM_OK - expect success
+{
+	CSSM_CC_HANDLE	macHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		thisMove;				// this update
+	unsigned		toMove;					// total to go
+	CSSM_DATA		thisText;				// actaully passed to update
+
+	crtn = CSSM_CSP_CreateMacContext(cspHand,
+		algorithm,
+		key,
+		&macHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateMacContext (4)", crtn);
+		return crtn;
+	}
+	crtn = CSSM_VerifyMacInit(macHand);
+	if(crtn) {
+		printError("CSSM_VerifyMacInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = text->Length;
+	thisText.Data = text->Data;
+	
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			thisMove = toMove;
+		}
+		thisText.Length = thisMove;
+		crtn = CSSM_VerifyMacUpdate(macHand,
+			&thisText,
+			1);
+		if(crtn) {
+			printError("CSSM_VerifyMacUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		thisText.Data += thisMove;
+		toMove -= thisMove;
+	}
+	crtn = CSSM_VerifyMacFinal(macHand, mac);
+	if(crtn != expectResult) {
+		if(crtn) {
+			printError("CSSM_VerifyMacFinal", crtn);
+		}
+		else {
+			printf("Unexpected good Staged Mac Verify\n");
+		}
+		ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+abort:
+	crtn = CSSM_DeleteContext(macHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+#pragma mark --------- Digest ---------
+
+/*
+ * Digest functions
+ */
+CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
+		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR digest)
+{
+	CSSM_CC_HANDLE	digestHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	
+	crtn = CSSM_CSP_CreateDigestContext(cspHand,
+		algorithm,
+		&digestHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateDIgestContext (1)", crtn);
+		return crtn;
+	}
+	if(mallocDigest && (digest->Length == 0)) {
+		/* malloc digest - ask CSP for size */
+		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
+		crtn = CSSM_QuerySize(digestHand,
+			CSSM_FALSE,						// encrypt
+			1,
+			&querySize);
+		if(crtn) {
+			printError("CSSM_QuerySize(3)", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(querySize.SizeOutputBlock == 0) {
+			printf("Unknown digest size\n");
+			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+			goto abort;
+		}
+		digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
+		if(digest->Data == NULL) {
+			printf("malloc failure\n");
+			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
+			goto abort;
+		}
+		digest->Length = querySize.SizeOutputBlock;
+	}
+	crtn = CSSM_DigestData(digestHand,
+		text,
+		1,
+		digest);
+	if(crtn) {
+		printError("CSSM_DigestData", crtn);
+		ocrtn = crtn;
+	}
+abort:
+	crtn = CSSM_DeleteContext(digestHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
+		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll 
+											//		malloc
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR digest)
+{
+	CSSM_CC_HANDLE	digestHand;
+	CSSM_RETURN		crtn;
+	CSSM_RETURN		ocrtn = CSSM_OK;
+	unsigned		thisMove;				// this update
+	unsigned		toMove;					// total to go
+	CSSM_DATA		thisText;				// actually passed to update
+	
+	crtn = CSSM_CSP_CreateDigestContext(cspHand,
+		algorithm,
+		&digestHand);
+	if(crtn) {
+		printError("CSSM_CSP_CreateDigestContext (2)", crtn);
+		return crtn;
+	}
+	if(mallocDigest && (digest->Length == 0)) {
+		/* malloc digest - ask CSP for size */
+		CSSM_QUERY_SIZE_DATA	querySize = {0, 0};
+		crtn = CSSM_QuerySize(digestHand,
+			CSSM_FALSE,						// encrypt
+			1,
+			&querySize);
+		if(crtn) {
+			printError("CSSM_QuerySize(4)", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		if(querySize.SizeOutputBlock == 0) {
+			printf("Unknown digest size\n");
+			ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
+			goto abort;
+		}
+		digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
+		if(digest->Data == NULL) {
+			printf("malloc failure\n");
+			ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
+			goto abort;
+		}
+		digest->Length = querySize.SizeOutputBlock;
+	}
+	crtn = CSSM_DigestDataInit(digestHand);
+	if(crtn) {
+		printError("CSSM_DigestDataInit", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+	toMove = text->Length;
+	thisText.Data = text->Data;
+	while(toMove) {
+		if(multiUpdates) {
+			thisMove = genRand(1, toMove);
+		}
+		else {
+			thisMove = toMove;
+		}
+		thisText.Length = thisMove;
+		crtn = CSSM_DigestDataUpdate(digestHand,
+			&thisText,
+			1);
+		if(crtn) {
+			printError("CSSM_DigestDataUpdate", crtn);
+			ocrtn = crtn;
+			goto abort;
+		}
+		thisText.Data += thisMove;
+		toMove -= thisMove;
+	}
+	crtn = CSSM_DigestDataFinal(digestHand, digest);
+	if(crtn) {
+		printError("CSSM_DigestDataFinal", crtn);
+		ocrtn = crtn;
+		goto abort;
+	}
+abort:
+	crtn = CSSM_DeleteContext(digestHand);
+	if(crtn) {
+		printError("CSSM_DeleteContext", crtn);
+		ocrtn = crtn;
+	}
+	return ocrtn;
+}
+
+#pragma mark --------- wrap/unwrap ---------
+
+/* wrap key function. */
+CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY			*unwrappedKey,	
+	const CSSM_KEY			*wrappingKey,
+	CSSM_ALGORITHMS			wrapAlg,
+	CSSM_ENCRYPT_MODE		wrapMode,
+	CSSM_KEYBLOB_FORMAT		wrapFormat,			// NONE, PKCS7, PKCS8
+	CSSM_PADDING			wrapPad,
+	CSSM_DATA_PTR			initVector,			// for some wrapping algs
+	CSSM_DATA_PTR			descrData,			// optional 
+	CSSM_KEY_PTR			wrappedKey)			// RETURNED
+{
+	CSSM_CC_HANDLE		ccHand;
+	CSSM_RETURN			crtn;
+	CSSM_ACCESS_CREDENTIALS	creds;
+	
+	memset(wrappedKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(wrappedKey);
+	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
+	/* special case for NULL wrap - no wrapping key */
+	if((wrappingKey == NULL) ||
+	   (wrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
+		crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
+				wrapAlg,
+				wrapMode,
+				&creds,			// passPhrase,
+				wrappingKey,
+				initVector,
+				wrapPad,		// Padding
+				0,				// Params
+				&ccHand);
+	}
+	else {
+		crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
+				wrapAlg,
+				&creds,	
+				wrappingKey,
+				wrapPad,		// padding
+				&ccHand);
+		if(crtn) {
+			printError("cspWrapKey/CreateContext", crtn);
+			return crtn;
+		}
+		if(initVector) {
+			/* manually add IV for CMS. The actual low-level encrypt doesn't
+			 * use it (and must ignore it). */
+			crtn = AddContextAttribute(ccHand,
+				CSSM_ATTRIBUTE_INIT_VECTOR,
+				sizeof(CSSM_DATA),
+				CAT_Ptr,
+				initVector,
+				0);
+			if(crtn) {
+				printError("CSSM_UpdateContextAttributes", crtn);
+				return crtn;
+			}
+		}
+	}
+	if(crtn) {
+		printError("cspWrapKey/CreateContext", crtn);
+		return crtn;
+	}
+	if(wrapFormat != CSSM_KEYBLOB_WRAPPED_FORMAT_NONE) {
+		/* only add this attribute if it's not the default */
+		CSSM_CONTEXT_ATTRIBUTE attr;
+		attr.AttributeType = CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT;
+		attr.AttributeLength = sizeof(uint32);
+		attr.Attribute.Uint32 = wrapFormat;
+		crtn = CSSM_UpdateContextAttributes(
+			ccHand,
+			1,
+			&attr);
+		if(crtn) {
+			printError("CSSM_UpdateContextAttributes", crtn);
+			return crtn;
+		}
+	}
+	crtn = CSSM_WrapKey(ccHand,
+		&creds,
+		unwrappedKey,
+		descrData,			// DescriptiveData
+		wrappedKey);
+	if(crtn != CSSM_OK) {
+		printError("CSSM_WrapKey", crtn);
+	}
+	if(CSSM_DeleteContext(ccHand)) {
+		printf("CSSM_DeleteContext failure\n");
+	}
+	return crtn;
+}
+
+/* unwrap key function. */
+CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY			*wrappedKey,
+	const CSSM_KEY			*unwrappingKey,
+	CSSM_ALGORITHMS			unwrapAlg,
+	CSSM_ENCRYPT_MODE		unwrapMode,
+	CSSM_PADDING 			unwrapPad,
+	CSSM_DATA_PTR			initVector,			// for some wrapping algs
+	CSSM_KEY_PTR			unwrappedKey,		// RETURNED
+	CSSM_DATA_PTR			descrData,			// required
+	const char 				*keyLabel,
+	unsigned 				keyLabelLen)
+{
+	CSSM_CC_HANDLE		ccHand;
+	CSSM_RETURN			crtn;
+	CSSM_DATA			labelData;
+	uint32				keyAttr;
+	CSSM_ACCESS_CREDENTIALS	creds;
+	
+	memset(unwrappedKey, 0, sizeof(CSSM_KEY));
+	setBadKeyData(unwrappedKey);
+	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
+	if((unwrappingKey == NULL) ||
+	   (unwrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
+		crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
+				unwrapAlg,
+				unwrapMode,
+				&creds,
+				unwrappingKey,
+				initVector,
+				unwrapPad,
+				0,				// Params
+				&ccHand);
+	}
+	else {
+		crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
+				unwrapAlg,
+				&creds,			// passPhrase,
+				unwrappingKey,
+				unwrapPad,		// Padding
+				&ccHand);
+		if(crtn) {
+			printError("cspUnwrapKey/CreateContext", crtn);
+			return crtn;
+		}
+		if(initVector) {
+			/* manually add IV for CMS. The actual low-level encrypt doesn't
+			 * use it (and must ignore it). */
+			crtn = AddContextAttribute(ccHand,
+				CSSM_ATTRIBUTE_INIT_VECTOR,
+				sizeof(CSSM_DATA),
+				CAT_Ptr,
+				initVector,
+				0);
+			if(crtn) {
+				printError("CSSM_UpdateContextAttributes", crtn);
+				return crtn;
+			}
+		}
+	}
+	if(crtn) {
+		printError("cspUnwrapKey/CreateContext", crtn);
+		return crtn;
+	}
+	labelData.Data = (uint8 *)keyLabel;
+	labelData.Length = keyLabelLen;
+	
+	/*
+	 * New keyAttr - clear some old bits, make sure we ask for ref key
+	 */
+	keyAttr = wrappedKey->KeyHeader.KeyAttr;
+	keyAttr &= ~(CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE);
+	keyAttr |= CSSM_KEYATTR_RETURN_REF;
+	crtn = CSSM_UnwrapKey(ccHand,
+		NULL,				// PublicKey
+		wrappedKey,
+		wrappedKey->KeyHeader.KeyUsage,
+		keyAttr,
+		&labelData,
+		NULL,				// CredAndAclEntry
+		unwrappedKey,
+		descrData);			// required
+	if(crtn != CSSM_OK) {
+		printError("CSSM_UnwrapKey", crtn);
+	}
+	if(CSSM_DeleteContext(ccHand)) {
+		printf("CSSM_DeleteContext failure\n");
+	}
+	return crtn;
+}
+
+/*
+ * Simple NULL wrap to convert a reference key to a raw key.
+ */
+CSSM_RETURN cspRefKeyToRaw(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *refKey,
+	CSSM_KEY_PTR rawKey)		// init'd and RETURNED
+{
+	CSSM_DATA descData = {0, 0};
+	
+	memset(rawKey, 0, sizeof(CSSM_KEY));
+	return cspWrapKey(cspHand,
+		refKey,
+		NULL,					// unwrappingKey
+		CSSM_ALGID_NONE,
+		CSSM_ALGMODE_NONE,
+		CSSM_KEYBLOB_WRAPPED_FORMAT_NONE,
+		CSSM_PADDING_NONE,
+		NULL,					// IV
+		&descData,
+		rawKey);
+}
+
+/* unwrap raw key --> ref */
+CSSM_RETURN cspRawKeyToRef(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *rawKey,
+	CSSM_KEY_PTR refKey)				// init'd and RETURNED
+{
+	CSSM_DATA descData = {0, 0};
+
+	memset(refKey, 0, sizeof(CSSM_KEY));
+	return cspUnwrapKey(cspHand,
+		rawKey,
+		NULL,		// unwrappingKey
+		CSSM_ALGID_NONE,
+		CSSM_ALGMODE_NONE,
+		CSSM_PADDING_NONE,
+		NULL,		// init vector
+		refKey,
+		&descData,
+		"noLabel",
+		7);
+}
+
+
+#pragma mark --------- FEE key/curve support ---------
+
+/*
+ * Generate random key size, primeType, curveType for FEE key for specified op.
+ *
+ * First just enumerate the curves we know about, with ECDSA-INcapable first
+ */
+ 
+typedef struct {
+	uint32	keySizeInBits;
+	uint32 	primeType;				// CSSM_FEE_PRIME_TYPE_xxx
+	uint32 	curveType;				// CSSM_FEE_CURVE_TYPE_xxx
+} feeCurveParams;
+
+#define FEE_PROTOTYPE_CURVES	0
+#if 	FEE_PROTOTYPE_CURVES
+/* obsolete as of 4/9/2001 */
+static feeCurveParams feeCurves[] = {
+	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
+	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
+	{	127,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
+	#define NUM_NON_ECDSA_CURVES	3
+	
+	/* start of Weierstrass, IEEE P1363-capable curves */
+	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	40,		CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	160,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	160,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	192,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+};
+#else	/* FEE_PROTOTYPE_CURVES */
+static feeCurveParams feeCurves[] = {
+	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
+	{	127,	CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_MONTGOMERY },
+	#define NUM_NON_ECDSA_CURVES	2
+	
+	/* start of Weierstrass, IEEE P1363-capable curves */
+	{	31,		CSSM_FEE_PRIME_TYPE_MERSENNE,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	128,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	161,	CSSM_FEE_PRIME_TYPE_FEE,		CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	161,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+	{	192,	CSSM_FEE_PRIME_TYPE_GENERAL,	CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
+};
+#endif	/* FEE_PROTOTYPE_CURVES */
+#define NUM_FEE_CURVES	(sizeof(feeCurves) / sizeof(feeCurveParams))
+
+void randFeeKeyParams(
+	CSSM_ALGORITHMS	alg,			// ALGID_FEED, CSSM_ALGID_FEE_MD5, etc.
+	uint32			*keySizeInBits,	// RETURNED
+	uint32 			*primeType,		// CSSM_FEE_PRIME_TYPE_xxx, RETURNED
+	uint32 			*curveType)		// CSSM_FEE_CURVE_TYPE_xxx, RETURNED
+{
+	unsigned minParams;
+	unsigned die;
+	feeCurveParams *feeParams;
+	
+	switch(alg) {
+		case CSSM_ALGID_SHA1WithECDSA:
+			minParams = NUM_NON_ECDSA_CURVES;
+			break;
+		default:
+			minParams = 0;
+			break;
+	}
+	die = genRand(minParams, (NUM_FEE_CURVES - 1));
+	feeParams = &feeCurves[die];
+	*keySizeInBits = feeParams->keySizeInBits;
+	*primeType = feeParams->primeType;
+	*curveType = feeParams->curveType;
+}
+
+/*
+ * Obtain strings for primeType and curveType.
+ */
+const char *primeTypeStr(uint32 primeType)
+{
+	const char *p;
+	switch(primeType) {
+		case CSSM_FEE_PRIME_TYPE_MERSENNE:
+			p = "Mersenne";
+			break;
+		case CSSM_FEE_PRIME_TYPE_FEE:
+			p = "FEE";
+			break;
+		case CSSM_FEE_PRIME_TYPE_GENERAL:
+			p = "General";
+			break;
+		case CSSM_FEE_PRIME_TYPE_DEFAULT:
+			p = "Default";
+			break;
+		default:
+			p = "***UNKNOWN***";
+			break;
+	}
+	return p;
+}
+
+const char *curveTypeStr(uint32 curveType)
+{
+	const char *c;
+	switch(curveType) {
+		case CSSM_FEE_CURVE_TYPE_DEFAULT:
+			c = "Default";
+			break;
+		case CSSM_FEE_CURVE_TYPE_MONTGOMERY:
+			c = "Montgomery";
+			break;
+		case CSSM_FEE_CURVE_TYPE_WEIERSTRASS:
+			c = "Weierstrass";
+			break;
+		default:
+			c = "***UNKNOWN***";
+			break;
+	}
+	return c;
+}
+
+/*
+ * Perform FEE Key exchange via CSSM_DeriveKey. 
+ */
+#if 0
+/* Not implemented in OS X */
+CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
+	CSSM_KEY_PTR 	privKey,
+	CSSM_KEY_PTR 	pubKey,
+	CSSM_KEY_PTR 	derivedKey,		// mallocd by caller
+	
+	/* remaining fields apply to derivedKey */
+	uint32 			keyAlg,
+	const char 		*keyLabel,
+	unsigned 		keyLabelLen,
+	uint32 			keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+	uint32 			keySizeInBits)
+{
+	CSSM_CC_HANDLE	dkHand;
+	CSSM_RETURN 	crtn;
+	CSSM_DATA		labelData;
+	
+	if(derivedKey == NULL) {
+		printf("cspFeeKeyExchange: no derivedKey\n");
+		return CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	if((pubKey == NULL) ||
+	   (pubKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PUBLIC_KEY) ||
+	   (pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_RAW)) {
+	 	printf("cspFeeKeyExchange: bad pubKey\n");
+	 	return CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	if((privKey == NULL) ||
+	   (privKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PRIVATE_KEY) ||
+	   (privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE)) {
+	 	printf("cspFeeKeyExchange: bad privKey\n");
+	 	return CSSMERR_CSSM_INTERNAL_ERROR;
+	}
+	memset(derivedKey, 0, sizeof(CSSM_KEY));
+	
+	crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
+		CSSM_ALGID_FEE_KEYEXCH,			// AlgorithmID
+		keyAlg,							// alg of the derived key
+		keySizeInBits,
+		NULL,							// access creds
+		// FIXME
+		0,								// IterationCount
+		NULL,							// Salt
+		NULL,							// Seed
+		NULL);							// PassPhrase
+	if(dkHand == 0) {
+		printError("CSSM_CSP_CreateDeriveKeyContext");
+		return CSSM_FAIL;
+	} 
+	labelData.Length = keyLabelLen;
+	labelData.Data = (uint8 *)keyLabel;
+	crtn = CSSM_DeriveKey(dkHand,
+		privKey,
+		&pubKey->KeyData,		// Param - pub key blob
+		keyUsage,
+		CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE |
+				  CSSM_KEYATTR_SENSITIVE,
+		&labelData,
+		derivedKey);
+	
+	/* FIXME - save/restore error */
+	CSSM_DeleteContext(dkHand);
+	if(crtn) {
+		printError("CSSM_DeriveKey");
+	}
+	return crtn;
+}
+#endif
+
+#pragma mark --------- Key/DL/DB support ---------
+
+/*
+ * Add a DL/DB handle to a crypto context.
+ */
+CSSM_RETURN cspAddDlDbToContext(
+	CSSM_CC_HANDLE ccHand,
+	CSSM_DL_HANDLE dlHand,
+	CSSM_DB_HANDLE dbHand)
+{
+	CSSM_DL_DB_HANDLE dlDb = { dlHand, dbHand };
+	return AddContextAttribute(ccHand, 
+		CSSM_ATTRIBUTE_DL_DB_HANDLE,
+		sizeof(CSSM_ATTRIBUTE_DL_DB_HANDLE),
+		CAT_Ptr,
+		&dlDb,
+		0);
+}
+	
+/* 
+ * Common routine to do a basic DB lookup by label and key type.
+ * Query is aborted prior to exit.
+ */
+static CSSM_DB_UNIQUE_RECORD_PTR dlLookup(
+	CSSM_DL_DB_HANDLE	dlDbHand,
+	const CSSM_DATA		*keyLabel,
+	CT_KeyType 			keyType,
+	CSSM_HANDLE 		*resultHand,			// RETURNED
+	CSSM_DATA_PTR		theData,				// RETURED
+	CSSM_DB_RECORDTYPE	*recordType)			// RETURNED
+{
+	CSSM_QUERY						query;
+	CSSM_SELECTION_PREDICATE		predicate;
+	CSSM_DB_UNIQUE_RECORD_PTR		record = NULL;
+	CSSM_RETURN						crtn;
+	
+	switch(keyType) {
+		case CKT_Public:
+			query.RecordType = *recordType = CSSM_DL_DB_RECORD_PUBLIC_KEY;
+			break;
+		case CKT_Private:
+			query.RecordType = *recordType = CSSM_DL_DB_RECORD_PRIVATE_KEY;
+			break;
+		case CKT_Session:
+			query.RecordType = *recordType = CSSM_DL_DB_RECORD_SYMMETRIC_KEY;
+			break;
+		default:
+			printf("Hey bozo! Give me a valid key type!\n");
+			return NULL;
+	}
+	query.Conjunctive = CSSM_DB_NONE;
+	query.NumSelectionPredicates = 1;
+	predicate.DbOperator = CSSM_DB_EQUAL;
+	
+	predicate.Attribute.Info.AttributeNameFormat = 
+		CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
+	predicate.Attribute.Info.Label.AttributeName = (char *) "Label";
+	predicate.Attribute.Info.AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
+	/* hope this cast is OK */
+	predicate.Attribute.Value = (CSSM_DATA_PTR)keyLabel;
+	query.SelectionPredicate = &predicate;
+	
+	query.QueryLimits.TimeLimit = 0;	// FIXME - meaningful?
+	query.QueryLimits.SizeLimit = 1;	// FIXME - meaningful?
+	query.QueryFlags = CSSM_QUERY_RETURN_DATA;	// FIXME - used?
+	
+	crtn = CSSM_DL_DataGetFirst(dlDbHand,
+		&query,
+		resultHand,
+		NULL,
+		theData,
+		&record);
+	/* abort only on success */
+	if(crtn == CSSM_OK) {
+		crtn = CSSM_DL_DataAbortQuery(dlDbHand, *resultHand);
+		if(crtn) {
+			printError("CSSM_DL_AbortQuery", crtn);
+			return NULL;
+		}
+	}
+	return record;
+}
+
+/*
+ * Look up a key by label and type.
+ */
+CSSM_KEY_PTR cspLookUpKeyByLabel(
+	CSSM_DL_HANDLE dlHand, 
+	CSSM_DB_HANDLE dbHand, 
+	const CSSM_DATA *labelData, 
+	CT_KeyType keyType)
+{
+	CSSM_DB_UNIQUE_RECORD_PTR	record;
+	CSSM_HANDLE					resultHand;
+	CSSM_DATA					theData;
+	CSSM_KEY_PTR				key;
+	CSSM_DB_RECORDTYPE 			recordType;
+	CSSM_DL_DB_HANDLE			dlDbHand;
+	
+	dlDbHand.DLHandle = dlHand;
+	dlDbHand.DBHandle = dbHand;
+	
+	theData.Length = 0;
+	theData.Data = NULL;
+	
+	record = dlLookup(dlDbHand,
+		labelData,
+		keyType,
+		&resultHand,
+		&theData,
+		&recordType);
+	if(record == NULL) {
+		//printf("cspLookUpKeyByLabel: key not found\n");
+		return NULL;
+	}
+	key = (CSSM_KEY_PTR)theData.Data;
+	CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+	return key;
+}
+
+/*
+ * Delete and free a key 
+ */
+CSSM_RETURN cspDeleteKey(
+	CSSM_CSP_HANDLE		cspHand,		// for free
+	CSSM_DL_HANDLE		dlHand,			// for delete
+	CSSM_DB_HANDLE		dbHand,			// ditto
+	const CSSM_DATA 	*labelData, 
+	CSSM_KEY_PTR		key)
+{
+	CSSM_DB_UNIQUE_RECORD_PTR	record;
+	CSSM_HANDLE					resultHand;
+	CT_KeyType					keyType;
+	CSSM_RETURN					crtn = CSSM_OK;
+	CSSM_DB_RECORDTYPE 			recordType;
+	CSSM_DL_DB_HANDLE			dlDbHand;
+	
+	if(key->KeyHeader.KeyAttr & CSSM_KEYATTR_PERMANENT) {
+		/* first do a lookup based in this key's fields */
+		switch(key->KeyHeader.KeyClass) {
+			case CSSM_KEYCLASS_PUBLIC_KEY:
+				keyType = CKT_Public;
+				break;
+			case CSSM_KEYCLASS_PRIVATE_KEY:
+				keyType = CKT_Private;
+				break;
+			case CSSM_KEYCLASS_SESSION_KEY:
+				keyType = CKT_Session;
+				break;
+			default:
+				printf("Hey bozo! Give me a valid key type!\n");
+				return -1;
+		}
+
+		dlDbHand.DLHandle = dlHand;
+		dlDbHand.DBHandle = dbHand;
+		
+		record = dlLookup(dlDbHand,
+			labelData,
+			keyType,
+			&resultHand,
+			NULL,			// don't want actual data
+			&recordType);
+		if(record == NULL) {
+			printf("cspDeleteKey: key not found in DL\n");
+			return CSSMERR_DL_RECORD_NOT_FOUND;
+		}
+		
+		/* OK, nuke it */
+		crtn = CSSM_DL_DataDelete(dlDbHand, record);
+		if(crtn) {
+			printError("CSSM_DL_DataDelete", crtn);
+		}
+		CSSM_DL_FreeUniqueRecord(dlDbHand, record);
+	}
+		
+	/* CSSM_FreeKey() should fail due to the delete, but it will
+	 * still free KeyData....
+	 * FIXME - we should be able to do this in this one single call - right?
+	 */
+	CSSM_FreeKey(cspHand, NULL, key, CSSM_FALSE);
+
+	return crtn;
+}
+
+/*
+ * Given any key in either blob or reference format,
+ * obtain the associated SHA-1 hash. 
+ */
+CSSM_RETURN cspKeyHash(
+	CSSM_CSP_HANDLE		cspHand,	
+	const CSSM_KEY_PTR	key,			/* public key */
+	CSSM_DATA_PTR		*hashData)		/* hash mallocd and RETURNED here */
+{
+	CSSM_CC_HANDLE		ccHand;
+	CSSM_RETURN			crtn;
+	CSSM_DATA_PTR		dp;
+	
+	*hashData = NULL;
+	
+	/* validate input params */
+	if((key == NULL) ||
+	   (hashData == NULL)) {
+	   	printf("cspKeyHash: bogus args\n");
+		return CSSMERR_CSSM_INTERNAL_ERROR;				
+	}
+	
+	/* cook up a context for a passthrough op */
+	crtn = CSSM_CSP_CreatePassThroughContext(cspHand,
+	 	key,
+		&ccHand);
+	if(ccHand == 0) {
+		printError("CSSM_CSP_CreatePassThroughContext", crtn);
+		return crtn;
+	}
+	
+	/* now it's up to the CSP */
+	crtn = CSSM_CSP_PassThrough(ccHand,
+		CSSM_APPLECSP_KEYDIGEST,
+		NULL,
+		(void **)&dp);
+	if(crtn) {
+		printError("CSSM_CSP_PassThrough(PUBKEYHASH)", crtn);
+	}
+	else {
+		*hashData = dp;
+		crtn = CSSM_OK;
+	}
+	CSSM_DeleteContext(ccHand);
+	return crtn;
+}
+

ADDED   LocalTests/utilLib/cspwrap.h
Index: LocalTests/utilLib/cspwrap.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cspwrap.h
@@ -0,0 +1,445 @@
+/* Copyright 1997 Apple Computer, Inc.
+ *
+ * cspwrap.h - wrappers to simplify access to CDSA
+ *
+ * Revision History
+ * ----------------
+ *   3 May 2000 Doug Mitchell
+ *		Ported to X/CDSA2.
+ *  12 Aug 1997	Doug Mitchell at Apple
+ *		Created.
+ */
+ 
+#ifndef	_CSPWRAP_H_
+#define _CSPWRAP_H_
+#include <Security/cssm.h>
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/* 
+ * Bug/feature workaround flags
+ */
+ 
+/* 
+ * Doing a WrapKey requires Access Creds, which should be 
+ * optional. Looks like this is not a bug.
+ */
+#define WRAP_KEY_REQUIRES_CREDS	1
+
+/*
+ * encrypt/decrypt - cook up a context handle
+ */
+CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key0,
+		const CSSM_KEY *key1,				// for CSSM_ALGID_FEED only - must be the 
+											// public key
+		const CSSM_DATA *iv,				// optional
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds);						// ditto
+/*
+ * Key generation
+ */
+/*
+ * Specifying a keySize of CSP_KEY_SIZE_DEFAULT results in using the default
+ * key size for the specified algorithm.
+ */
+#define CSP_KEY_SIZE_DEFAULT		0
+
+/* symmetric key sizes in bits */
+#define CSP_ASC_KEY_SIZE_DEFAULT	(16 * 8)
+#define CSP_DES_KEY_SIZE_DEFAULT	(8 * 8)
+#define CSP_DES3_KEY_SIZE_DEFAULT	(24 * 8)
+#define CSP_RC2_KEY_SIZE_DEFAULT	(10 * 8)
+#define CSP_RC4_KEY_SIZE_DEFAULT	(10 * 8)
+#define CSP_RC5_KEY_SIZE_DEFAULT	(10 * 8)
+#define CSP_AES_KEY_SIZE_DEFAULT	128
+#define CSP_BFISH_KEY_SIZE_DEFAULT	128
+#define CSP_CAST_KEY_SIZE_DEFAULT	128
+#define CSP_IDEA_KEY_SIZE_DEFAULT	128				/* fixed */
+#define CSP_HMAC_SHA_KEY_SIZE_DEFAULT	(20 * 8)
+#define CSP_HMAC_MD5_KEY_SIZE_DEFAULT	(16 * 8)
+#define CSP_NULL_CRYPT_KEY_SIZE_DEF	(16 * 8)
+
+/* asymmetric key sizes in bits */
+/* note: we now use AI_RSAStrongKeyGen for RSA key pair 
+ * generate; this requires at least 512 bits and also that
+ * the key size be a multiple of 16. */
+#define CSP_FEE_KEY_SIZE_DEFAULT	128
+
+#define CSP_RSA_KEY_SIZE_DEFAULT	1024		/* min for SHA512/RSA */
+#define CSP_DSA_KEY_SIZE_DEFAULT	512
+
+/*
+ * Generate key pair of arbitrary algorithm. 
+ */
+extern CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,	
+	uint32 algorithm,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySizeInBits,
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller - always returned as ref
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
+	CSSM_BOOL genSeed);				// FEE only. True: we generate seed and CSP
+									//   will hash it. False: CSP generates random 
+									//   seed. 
+
+/*
+ * Generate FEE key pair with optional primeType, curveType, and seed (password) data.
+ */
+extern CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySize,					// in bits
+	uint32 primeType,				// CSSM_FEE_PRIME_TYPE_MERSENNE, etc.
+	uint32 curveType,				// CSSM_FEE_CURVE_TYPE_MONTGOMERY, etc.
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// optional 0 ==> default
+	const CSSM_DATA *seedData);		// Present: CSP will hash this for private data.
+									// NULL: CSP generates random seed. 
+
+/*
+ * Generate DSA key pair with optional generateAlgParams.
+ */
+extern CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
+	const char *keyLabel,
+	unsigned keyLabelLen,
+	uint32 keySize,					// in bits
+	CSSM_KEY_PTR pubKey,			// mallocd by caller
+	CSSM_BOOL pubIsRef,				// true - reference key, false - data
+	uint32 pubKeyUsage,				// CSSM_KEYUSE_ENCRYPT, etc.
+	CSSM_KEYBLOB_FORMAT pubFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_KEY_PTR privKey,			// mallocd by caller
+	CSSM_BOOL privIsRef,			// true - reference key, false - data
+	uint32 privKeyUsage,			// CSSM_KEYUSE_DECRYPT, etc.
+	CSSM_KEYBLOB_FORMAT privFormat,	// Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
+									//   to get the default format. 
+	CSSM_BOOL genParams,
+	CSSM_DATA_PTR paramData);		// optional
+
+/*
+ * Create a symmetric key.
+ */
+extern CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
+		uint32 				alg,
+		const char 			*keyLabel,
+		unsigned 			keyLabelLen,
+		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+		uint32 				keySizeInBits,
+		CSSM_BOOL			refKey); // true - reference key, false - data
+
+/*
+ * Derive symmetric key using PBE.
+ */
+CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
+		uint32 				deriveAlg,		// CSSM_ALGID_MD5_PBE, etc.
+		uint32				keyAlg,			// CSSM_ALGID_RC5, etc.
+		const char 			*keyLabel,
+		unsigned 			keyLabelLen,
+		uint32 				keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+		uint32 				keySizeInBits,
+		CSSM_BOOL			isRefKey,
+		CSSM_DATA_PTR		password,		// in PKCS-5 lingo
+		CSSM_DATA_PTR		salt,			// ditto
+		uint32				iterationCnt,	// ditto
+		CSSM_DATA_PTR		initVector);	// mallocd & RETURNED
+
+/*
+ * Encrypt/Decrypt - these work for both symmetric and asymmetric algorithms.
+ */
+CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
+											//    symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ptext,
+		CSSM_DATA_PTR ctext,				// RETURNED
+		CSSM_BOOL mallocCtext);
+		
+CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
+											//    symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// public or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 cipherBlockSize,				// ditto, block size in bytes
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ptext,
+		CSSM_DATA_PTR ctext,				// RETURNED, we malloc
+		CSSM_BOOL multiUpdates);			// false:single update, true:multi updates
+		
+CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
+											//    symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// private or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ctext,
+		CSSM_DATA_PTR ptext,				// RETURNED
+		CSSM_BOOL mallocPtext);
+		
+CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEED, etc.
+		uint32 mode,						// CSSM_ALGMODE_CBC, etc. - only for 
+											//    symmetric algs
+		CSSM_PADDING padding,				// CSSM_PADDING_PKCS1, etc. 
+		const CSSM_KEY *key,				// private or session key
+		const CSSM_KEY *pubKey,				// for CSSM_ALGID_{FEED,FEECFILE} only
+		uint32 effectiveKeySizeInBits,		// 0 means skip this attribute
+		uint32 cipherBlockSize,				// ditto, block size in bytes
+		uint32 rounds,						// ditto
+		const CSSM_DATA *iv,				// init vector, optional
+		const CSSM_DATA *ctext,
+		CSSM_DATA_PTR ptext,				// RETURNED, we malloc
+		CSSM_BOOL multiUpdates);			// false:single update, true:multi updates
+
+/*
+ * Signature routines
+ */
+CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR sig);					// RETURNED
+CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_DATA_PTR sig);					// RETURNED
+CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// public key
+		const CSSM_DATA *text,
+		const CSSM_DATA *sig,
+		CSSM_RETURN expectResult);			// expected result is verify failure
+											// CSSM_OK - expect success
+CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		const CSSM_DATA *sig,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_RETURN expectResult);			// expected result is verify failure
+											// CSSM_OK - expect success
+
+/*
+ * MAC routines
+ */
+CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_DES, etc.
+		CSSM_KEY_PTR key,					// session key
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR mac);					// RETURNED
+CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_FEE_MD5, etc.
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		CSSM_BOOL mallocMac,				// if true and digest->Length = 0, we'll 
+											//		malloc
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_DATA_PTR mac);					// RETURNED
+CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					
+		CSSM_KEY_PTR key,					// public key
+		const CSSM_DATA *text,
+		const CSSM_DATA_PTR mac,
+		CSSM_RETURN expectResult);		
+CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					
+		CSSM_KEY_PTR key,					// private key
+		const CSSM_DATA *text,
+		const CSSM_DATA_PTR mac,
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		CSSM_RETURN expectResult);			
+
+/*
+ * Digest functions
+ */
+CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
+		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR digest);
+CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
+		uint32 algorithm,					// CSSM_ALGID_MD5, etc.
+		CSSM_BOOL mallocDigest,				// if true and digest->Length = 0, we'll malloc
+		CSSM_BOOL multiUpdates,				// false:single update, true:multi updates
+		const CSSM_DATA *text,
+		CSSM_DATA_PTR digest);
+CSSM_RETURN	cspFreeKey(CSSM_CSP_HANDLE cspHand,
+	CSSM_KEY_PTR key);
+
+/*
+ * Perform FEE Key exchange via CSSM_DeriveKey. 
+ */
+CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
+	CSSM_KEY_PTR 	privKey,
+	CSSM_KEY_PTR 	pubKey,
+	CSSM_KEY_PTR 	derivedKey,		// mallocd by caller
+	
+	/* remaining fields apply to derivedKey */
+	uint32 			keyAlg,
+	const char 		*keyLabel,
+	unsigned 		keyLabelLen,
+	uint32 			keyUsage,		// CSSM_KEYUSE_ENCRYPT, etc.
+	uint32 			keySizeInBits);
+
+/* 
+ * wrap/unwrap key functions. 
+ */
+CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY			*unwrappedKey,	
+	const CSSM_KEY			*wrappingKey,
+	CSSM_ALGORITHMS			wrapAlg,
+	CSSM_ENCRYPT_MODE		wrapMode,
+	CSSM_KEYBLOB_FORMAT		wrapFormat,			// NONE, PKCS7, PKCS8
+	CSSM_PADDING			wrapPad,
+	CSSM_DATA_PTR			initVector,			// for some wrapping algs
+	CSSM_DATA_PTR			descrData,			// optional 
+	CSSM_KEY_PTR			wrappedKey);		// RETURNED
+CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY			*wrappedKey,
+	const CSSM_KEY			*unwrappingKey,
+	CSSM_ALGORITHMS			unwrapAlg,
+	CSSM_ENCRYPT_MODE		unwrapMode,
+	CSSM_PADDING 			unwrapPad,
+	CSSM_DATA_PTR			initVector,			// for some wrapping algs
+	CSSM_KEY_PTR			unwrappedKey,		// RETURNED
+	CSSM_DATA_PTR			descrData,			// required
+	const char 				*keyLabel,
+	unsigned 				keyLabelLen);
+
+/* generate a random and reasonable key size in bits for specified CSSM algorithm */
+typedef enum {
+	OT_Sign,
+	OT_Encrypt,
+	OT_KeyExch
+} opType;
+
+#define MAX_KEY_SIZE_RC245_BYTES		64	/* max bytes, RC2, RC4, RC5 */
+
+uint32 randKeySizeBits(uint32 alg, opType op);
+uint32 cspDefaultKeySize(uint32 alg);
+
+/*
+ * Generate random key size, primeType, curveType for FEE key for specified op.
+ */
+void randFeeKeyParams(
+	CSSM_ALGORITHMS	alg,			// ALGID_FEED, CSSM_ALGID_FEE_MD5, etc.
+	uint32			*keySizeInBits,	// RETURNED
+	uint32 			*primeType,		// CSSM_FEE_PRIME_TYPE_xxx, RETURNED
+	uint32 			*curveType);	// CSSM_FEE_CURVE_TYPE_xxx, RETURNED
+
+/*
+ * Obtain strings for primeType and curveType.
+ */
+const char *primeTypeStr(uint32 primeType);
+const char *curveTypeStr(uint32 curveType);
+
+/*
+ * Given any key in either blob or reference format,
+ * obtain the associated SHA-1 hash. 
+ */
+CSSM_RETURN cspKeyHash(
+	CSSM_CSP_HANDLE		cspHand,	
+	const CSSM_KEY_PTR	key,			/* public key */
+	CSSM_DATA_PTR		*hashData);		/* hash mallocd and RETURNED here */
+
+/* wrap ref key --> raw key */
+CSSM_RETURN cspRefKeyToRaw(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *refKey,
+	CSSM_KEY_PTR rawKey);				// init'd and RETURNED
+
+/* unwrap raw key --> ref */
+CSSM_RETURN cspRawKeyToRef(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *rawKey,
+	CSSM_KEY_PTR refKey);				// init'd and RETURNED
+
+/*
+ * Cook up a symmetric key with specified key bits and other
+ * params. Currently the CSPDL can only deal with reference keys except when
+ * doing wrap/unwrap, so we manually cook up a raw key, then we null-unwrap it. 
+ */
+CSSM_RETURN cspGenSymKeyWithBits(
+	CSSM_CSP_HANDLE		cspHand,
+	CSSM_ALGORITHMS		keyAlg,
+	CSSM_KEYUSE			keyUsage,
+	const CSSM_DATA		*keyBits,
+	unsigned			keySizeInBytes,
+	CSSM_KEY_PTR		refKey);			// init'd and RETURNED
+
+/*
+ * Add a DL/DB handle to a crypto context.
+ */
+CSSM_RETURN cspAddDlDbToContext(
+	CSSM_CC_HANDLE ccHand,
+	CSSM_DL_HANDLE dlHand,
+	CSSM_DB_HANDLE dbHand);
+
+/*
+ * Look up a key by label and type.
+ */
+typedef enum {
+	CKT_Public = 1,
+	CKT_Private = 2,
+	CKT_Session = 3
+	/* any others? */
+} CT_KeyType;
+
+CSSM_KEY_PTR cspLookUpKeyByLabel(
+	CSSM_DL_HANDLE dlHand, 
+	CSSM_DB_HANDLE dbHand, 
+	const CSSM_DATA *labelData, 
+	CT_KeyType keyType);
+
+/*
+ * Delete and free a key 
+ */
+CSSM_RETURN cspDeleteKey(
+	CSSM_CSP_HANDLE		cspHand,		// for free
+	CSSM_DL_HANDLE		dlHand,			// for delete
+	CSSM_DB_HANDLE		dbHand,			// ditto
+	const CSSM_DATA 	*labelData, 
+	CSSM_KEY_PTR		key);
+
+// temp hack
+#define	CSSM_ALGID_FEECFILE		(CSSM_ALGID_VENDOR_DEFINED + 102)
+
+#ifdef	__cplusplus
+}
+#endif
+#endif	/* _CSPWRAP_H_ */

ADDED   LocalTests/utilLib/cssmErrorStrings.h
Index: LocalTests/utilLib/cssmErrorStrings.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/cssmErrorStrings.h
@@ -0,0 +1,532 @@
+/*
+ * This file autogenerated by genErrorStrings. Do not edit. 
+ */
+
+#include <Security/Security.h>
+
+typedef struct {
+	CSSM_RETURN errCode;
+	const char *errStr;
+} ErrString;
+
+static const ErrString errStrings[] = {
+	{ CSSM_OK,"CSSM_OK"},
+	/* Error codes from cssmerr.h */
+	{ CSSMERR_CSSM_INVALID_ADDIN_HANDLE,"CSSMERR_CSSM_INVALID_ADDIN_HANDLE"},
+	{ CSSMERR_CSSM_NOT_INITIALIZED,"CSSMERR_CSSM_NOT_INITIALIZED"},
+	{ CSSMERR_CSSM_INVALID_HANDLE_USAGE,"CSSMERR_CSSM_INVALID_HANDLE_USAGE"},
+	{ CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND,"CSSMERR_CSSM_PVC_REFERENT_NOT_FOUND"},
+	{ CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL,"CSSMERR_CSSM_FUNCTION_INTEGRITY_FAIL"},
+	{ CSSMERR_CSSM_INTERNAL_ERROR,"CSSMERR_CSSM_INTERNAL_ERROR"},
+	{ CSSMERR_CSSM_MEMORY_ERROR,"CSSMERR_CSSM_MEMORY_ERROR"},
+	{ CSSMERR_CSSM_MDS_ERROR,"CSSMERR_CSSM_MDS_ERROR"},
+	{ CSSMERR_CSSM_INVALID_POINTER,"CSSMERR_CSSM_INVALID_POINTER"},
+	{ CSSMERR_CSSM_INVALID_INPUT_POINTER,"CSSMERR_CSSM_INVALID_INPUT_POINTER"},
+	{ CSSMERR_CSSM_INVALID_OUTPUT_POINTER,"CSSMERR_CSSM_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_CSSM_SELF_CHECK_FAILED,"CSSMERR_CSSM_SELF_CHECK_FAILED"},
+	{ CSSMERR_CSSM_OS_ACCESS_DENIED,"CSSMERR_CSSM_OS_ACCESS_DENIED"},
+	{ CSSMERR_CSSM_FUNCTION_FAILED,"CSSMERR_CSSM_FUNCTION_FAILED"},
+	{ CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED,"CSSMERR_CSSM_MODULE_MANIFEST_VERIFY_FAILED"},
+	{ CSSMERR_CSSM_INVALID_GUID,"CSSMERR_CSSM_INVALID_GUID"},
+	{ CSSMERR_CSSM_INVALID_CONTEXT_HANDLE,"CSSMERR_CSSM_INVALID_CONTEXT_HANDLE"},
+	{ CSSMERR_CSSM_INCOMPATIBLE_VERSION,"CSSMERR_CSSM_INCOMPATIBLE_VERSION"},
+	{ CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED,"CSSMERR_CSSM_PRIVILEGE_NOT_GRANTED"},
+	{ CSSMERR_CSSM_SCOPE_NOT_SUPPORTED,"CSSMERR_CSSM_SCOPE_NOT_SUPPORTED"},
+	{ CSSMERR_CSSM_PVC_ALREADY_CONFIGURED,"CSSMERR_CSSM_PVC_ALREADY_CONFIGURED"},
+	{ CSSMERR_CSSM_INVALID_PVC,"CSSMERR_CSSM_INVALID_PVC"},
+	{ CSSMERR_CSSM_EMM_LOAD_FAILED,"CSSMERR_CSSM_EMM_LOAD_FAILED"},
+	{ CSSMERR_CSSM_EMM_UNLOAD_FAILED,"CSSMERR_CSSM_EMM_UNLOAD_FAILED"},
+	{ CSSMERR_CSSM_ADDIN_LOAD_FAILED,"CSSMERR_CSSM_ADDIN_LOAD_FAILED"},
+	{ CSSMERR_CSSM_INVALID_KEY_HIERARCHY,"CSSMERR_CSSM_INVALID_KEY_HIERARCHY"},
+	{ CSSMERR_CSSM_ADDIN_UNLOAD_FAILED,"CSSMERR_CSSM_ADDIN_UNLOAD_FAILED"},
+	{ CSSMERR_CSSM_LIB_REF_NOT_FOUND,"CSSMERR_CSSM_LIB_REF_NOT_FOUND"},
+	{ CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE,"CSSMERR_CSSM_INVALID_ADDIN_FUNCTION_TABLE"},
+	{ CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED,"CSSMERR_CSSM_EMM_AUTHENTICATE_FAILED"},
+	{ CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED,"CSSMERR_CSSM_ADDIN_AUTHENTICATE_FAILED"},
+	{ CSSMERR_CSSM_INVALID_SERVICE_MASK,"CSSMERR_CSSM_INVALID_SERVICE_MASK"},
+	{ CSSMERR_CSSM_MODULE_NOT_LOADED,"CSSMERR_CSSM_MODULE_NOT_LOADED"},
+	{ CSSMERR_CSSM_INVALID_SUBSERVICEID,"CSSMERR_CSSM_INVALID_SUBSERVICEID"},
+	{ CSSMERR_CSSM_BUFFER_TOO_SMALL,"CSSMERR_CSSM_BUFFER_TOO_SMALL"},
+	{ CSSMERR_CSSM_INVALID_ATTRIBUTE,"CSSMERR_CSSM_INVALID_ATTRIBUTE"},
+	{ CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT,"CSSMERR_CSSM_ATTRIBUTE_NOT_IN_CONTEXT"},
+	{ CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL,"CSSMERR_CSSM_MODULE_MANAGER_INITIALIZE_FAIL"},
+	{ CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND,"CSSMERR_CSSM_MODULE_MANAGER_NOT_FOUND"},
+	{ CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND,"CSSMERR_CSSM_EVENT_NOTIFICATION_CALLBACK_NOT_FOUND"},
+	{ CSSMERR_CSP_INTERNAL_ERROR,"CSSMERR_CSP_INTERNAL_ERROR"},
+	{ CSSMERR_CSP_MEMORY_ERROR,"CSSMERR_CSP_MEMORY_ERROR"},
+	{ CSSMERR_CSP_MDS_ERROR,"CSSMERR_CSP_MDS_ERROR"},
+	{ CSSMERR_CSP_INVALID_POINTER,"CSSMERR_CSP_INVALID_POINTER"},
+	{ CSSMERR_CSP_INVALID_INPUT_POINTER,"CSSMERR_CSP_INVALID_INPUT_POINTER"},
+	{ CSSMERR_CSP_INVALID_OUTPUT_POINTER,"CSSMERR_CSP_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CSP_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_CSP_SELF_CHECK_FAILED,"CSSMERR_CSP_SELF_CHECK_FAILED"},
+	{ CSSMERR_CSP_OS_ACCESS_DENIED,"CSSMERR_CSP_OS_ACCESS_DENIED"},
+	{ CSSMERR_CSP_FUNCTION_FAILED,"CSSMERR_CSP_FUNCTION_FAILED"},
+	{ CSSMERR_CSP_OPERATION_AUTH_DENIED,"CSSMERR_CSP_OPERATION_AUTH_DENIED"},
+	{ CSSMERR_CSP_OBJECT_USE_AUTH_DENIED,"CSSMERR_CSP_OBJECT_USE_AUTH_DENIED"},
+	{ CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED,"CSSMERR_CSP_OBJECT_MANIP_AUTH_DENIED"},
+	{ CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED,"CSSMERR_CSP_OBJECT_ACL_NOT_SUPPORTED"},
+	{ CSSMERR_CSP_OBJECT_ACL_REQUIRED,"CSSMERR_CSP_OBJECT_ACL_REQUIRED"},
+	{ CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS,"CSSMERR_CSP_INVALID_ACCESS_CREDENTIALS"},
+	{ CSSMERR_CSP_INVALID_ACL_BASE_CERTS,"CSSMERR_CSP_INVALID_ACL_BASE_CERTS"},
+	{ CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED,"CSSMERR_CSP_ACL_BASE_CERTS_NOT_SUPPORTED"},
+	{ CSSMERR_CSP_INVALID_SAMPLE_VALUE,"CSSMERR_CSP_INVALID_SAMPLE_VALUE"},
+	{ CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED,"CSSMERR_CSP_SAMPLE_VALUE_NOT_SUPPORTED"},
+	{ CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE,"CSSMERR_CSP_INVALID_ACL_SUBJECT_VALUE"},
+	{ CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED,"CSSMERR_CSP_ACL_SUBJECT_TYPE_NOT_SUPPORTED"},
+	{ CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK,"CSSMERR_CSP_INVALID_ACL_CHALLENGE_CALLBACK"},
+	{ CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED,"CSSMERR_CSP_ACL_CHALLENGE_CALLBACK_FAILED"},
+	{ CSSMERR_CSP_INVALID_ACL_ENTRY_TAG,"CSSMERR_CSP_INVALID_ACL_ENTRY_TAG"},
+	{ CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND,"CSSMERR_CSP_ACL_ENTRY_TAG_NOT_FOUND"},
+	{ CSSMERR_CSP_INVALID_ACL_EDIT_MODE,"CSSMERR_CSP_INVALID_ACL_EDIT_MODE"},
+	{ CSSMERR_CSP_ACL_CHANGE_FAILED,"CSSMERR_CSP_ACL_CHANGE_FAILED"},
+	{ CSSMERR_CSP_INVALID_NEW_ACL_ENTRY,"CSSMERR_CSP_INVALID_NEW_ACL_ENTRY"},
+	{ CSSMERR_CSP_INVALID_NEW_ACL_OWNER,"CSSMERR_CSP_INVALID_NEW_ACL_OWNER"},
+	{ CSSMERR_CSP_ACL_DELETE_FAILED,"CSSMERR_CSP_ACL_DELETE_FAILED"},
+	{ CSSMERR_CSP_ACL_REPLACE_FAILED,"CSSMERR_CSP_ACL_REPLACE_FAILED"},
+	{ CSSMERR_CSP_ACL_ADD_FAILED,"CSSMERR_CSP_ACL_ADD_FAILED"},
+	{ CSSMERR_CSP_INVALID_CONTEXT_HANDLE,"CSSMERR_CSP_INVALID_CONTEXT_HANDLE"},
+	{ CSSMERR_CSP_PRIVILEGE_NOT_GRANTED,"CSSMERR_CSP_PRIVILEGE_NOT_GRANTED"},
+	{ CSSMERR_CSP_INVALID_DATA,"CSSMERR_CSP_INVALID_DATA"},
+	{ CSSMERR_CSP_INVALID_PASSTHROUGH_ID,"CSSMERR_CSP_INVALID_PASSTHROUGH_ID"},
+	{ CSSMERR_CSP_INVALID_CRYPTO_DATA,"CSSMERR_CSP_INVALID_CRYPTO_DATA"},
+	{ CSSMERR_CSP_INPUT_LENGTH_ERROR,"CSSMERR_CSP_INPUT_LENGTH_ERROR"},
+	{ CSSMERR_CSP_OUTPUT_LENGTH_ERROR,"CSSMERR_CSP_OUTPUT_LENGTH_ERROR"},
+	{ CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED,"CSSMERR_CSP_PRIVILEGE_NOT_SUPPORTED"},
+	{ CSSMERR_CSP_DEVICE_ERROR,"CSSMERR_CSP_DEVICE_ERROR"},
+	{ CSSMERR_CSP_DEVICE_MEMORY_ERROR,"CSSMERR_CSP_DEVICE_MEMORY_ERROR"},
+	{ CSSMERR_CSP_ATTACH_HANDLE_BUSY,"CSSMERR_CSP_ATTACH_HANDLE_BUSY"},
+	{ CSSMERR_CSP_NOT_LOGGED_IN,"CSSMERR_CSP_NOT_LOGGED_IN"},
+	{ CSSMERR_CSP_INVALID_KEY,"CSSMERR_CSP_INVALID_KEY"},
+	{ CSSMERR_CSP_INVALID_KEY_REFERENCE,"CSSMERR_CSP_INVALID_KEY_REFERENCE"},
+	{ CSSMERR_CSP_INVALID_KEY_CLASS,"CSSMERR_CSP_INVALID_KEY_CLASS"},
+	{ CSSMERR_CSP_ALGID_MISMATCH,"CSSMERR_CSP_ALGID_MISMATCH"},
+	{ CSSMERR_CSP_KEY_USAGE_INCORRECT,"CSSMERR_CSP_KEY_USAGE_INCORRECT"},
+	{ CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT,"CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT"},
+	{ CSSMERR_CSP_KEY_HEADER_INCONSISTENT,"CSSMERR_CSP_KEY_HEADER_INCONSISTENT"},
+	{ CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT,"CSSMERR_CSP_UNSUPPORTED_KEY_FORMAT"},
+	{ CSSMERR_CSP_UNSUPPORTED_KEY_SIZE,"CSSMERR_CSP_UNSUPPORTED_KEY_SIZE"},
+	{ CSSMERR_CSP_INVALID_KEY_POINTER,"CSSMERR_CSP_INVALID_KEY_POINTER"},
+	{ CSSMERR_CSP_INVALID_KEYUSAGE_MASK,"CSSMERR_CSP_INVALID_KEYUSAGE_MASK"},
+	{ CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK,"CSSMERR_CSP_UNSUPPORTED_KEYUSAGE_MASK"},
+	{ CSSMERR_CSP_INVALID_KEYATTR_MASK,"CSSMERR_CSP_INVALID_KEYATTR_MASK"},
+	{ CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK,"CSSMERR_CSP_UNSUPPORTED_KEYATTR_MASK"},
+	{ CSSMERR_CSP_INVALID_KEY_LABEL,"CSSMERR_CSP_INVALID_KEY_LABEL"},
+	{ CSSMERR_CSP_UNSUPPORTED_KEY_LABEL,"CSSMERR_CSP_UNSUPPORTED_KEY_LABEL"},
+	{ CSSMERR_CSP_INVALID_KEY_FORMAT,"CSSMERR_CSP_INVALID_KEY_FORMAT"},
+	{ CSSMERR_CSP_INVALID_DATA_COUNT,"CSSMERR_CSP_INVALID_DATA_COUNT"},
+	{ CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED,"CSSMERR_CSP_VECTOR_OF_BUFS_UNSUPPORTED"},
+	{ CSSMERR_CSP_INVALID_INPUT_VECTOR,"CSSMERR_CSP_INVALID_INPUT_VECTOR"},
+	{ CSSMERR_CSP_INVALID_OUTPUT_VECTOR,"CSSMERR_CSP_INVALID_OUTPUT_VECTOR"},
+	{ CSSMERR_CSP_INVALID_CONTEXT,"CSSMERR_CSP_INVALID_CONTEXT"},
+	{ CSSMERR_CSP_INVALID_ALGORITHM,"CSSMERR_CSP_INVALID_ALGORITHM"},
+	{ CSSMERR_CSP_INVALID_ATTR_KEY,"CSSMERR_CSP_INVALID_ATTR_KEY"},
+	{ CSSMERR_CSP_MISSING_ATTR_KEY,"CSSMERR_CSP_MISSING_ATTR_KEY"},
+	{ CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR,"CSSMERR_CSP_INVALID_ATTR_INIT_VECTOR"},
+	{ CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR,"CSSMERR_CSP_MISSING_ATTR_INIT_VECTOR"},
+	{ CSSMERR_CSP_INVALID_ATTR_SALT,"CSSMERR_CSP_INVALID_ATTR_SALT"},
+	{ CSSMERR_CSP_MISSING_ATTR_SALT,"CSSMERR_CSP_MISSING_ATTR_SALT"},
+	{ CSSMERR_CSP_INVALID_ATTR_PADDING,"CSSMERR_CSP_INVALID_ATTR_PADDING"},
+	{ CSSMERR_CSP_MISSING_ATTR_PADDING,"CSSMERR_CSP_MISSING_ATTR_PADDING"},
+	{ CSSMERR_CSP_INVALID_ATTR_RANDOM,"CSSMERR_CSP_INVALID_ATTR_RANDOM"},
+	{ CSSMERR_CSP_MISSING_ATTR_RANDOM,"CSSMERR_CSP_MISSING_ATTR_RANDOM"},
+	{ CSSMERR_CSP_INVALID_ATTR_SEED,"CSSMERR_CSP_INVALID_ATTR_SEED"},
+	{ CSSMERR_CSP_MISSING_ATTR_SEED,"CSSMERR_CSP_MISSING_ATTR_SEED"},
+	{ CSSMERR_CSP_INVALID_ATTR_PASSPHRASE,"CSSMERR_CSP_INVALID_ATTR_PASSPHRASE"},
+	{ CSSMERR_CSP_MISSING_ATTR_PASSPHRASE,"CSSMERR_CSP_MISSING_ATTR_PASSPHRASE"},
+	{ CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH,"CSSMERR_CSP_INVALID_ATTR_KEY_LENGTH"},
+	{ CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH,"CSSMERR_CSP_MISSING_ATTR_KEY_LENGTH"},
+	{ CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE,"CSSMERR_CSP_INVALID_ATTR_BLOCK_SIZE"},
+	{ CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE,"CSSMERR_CSP_MISSING_ATTR_BLOCK_SIZE"},
+	{ CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE,"CSSMERR_CSP_INVALID_ATTR_OUTPUT_SIZE"},
+	{ CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE,"CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE"},
+	{ CSSMERR_CSP_INVALID_ATTR_ROUNDS,"CSSMERR_CSP_INVALID_ATTR_ROUNDS"},
+	{ CSSMERR_CSP_MISSING_ATTR_ROUNDS,"CSSMERR_CSP_MISSING_ATTR_ROUNDS"},
+	{ CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS,"CSSMERR_CSP_INVALID_ATTR_ALG_PARAMS"},
+	{ CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS,"CSSMERR_CSP_MISSING_ATTR_ALG_PARAMS"},
+	{ CSSMERR_CSP_INVALID_ATTR_LABEL,"CSSMERR_CSP_INVALID_ATTR_LABEL"},
+	{ CSSMERR_CSP_MISSING_ATTR_LABEL,"CSSMERR_CSP_MISSING_ATTR_LABEL"},
+	{ CSSMERR_CSP_INVALID_ATTR_KEY_TYPE,"CSSMERR_CSP_INVALID_ATTR_KEY_TYPE"},
+	{ CSSMERR_CSP_MISSING_ATTR_KEY_TYPE,"CSSMERR_CSP_MISSING_ATTR_KEY_TYPE"},
+	{ CSSMERR_CSP_INVALID_ATTR_MODE,"CSSMERR_CSP_INVALID_ATTR_MODE"},
+	{ CSSMERR_CSP_MISSING_ATTR_MODE,"CSSMERR_CSP_MISSING_ATTR_MODE"},
+	{ CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS,"CSSMERR_CSP_INVALID_ATTR_EFFECTIVE_BITS"},
+	{ CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS,"CSSMERR_CSP_MISSING_ATTR_EFFECTIVE_BITS"},
+	{ CSSMERR_CSP_INVALID_ATTR_START_DATE,"CSSMERR_CSP_INVALID_ATTR_START_DATE"},
+	{ CSSMERR_CSP_MISSING_ATTR_START_DATE,"CSSMERR_CSP_MISSING_ATTR_START_DATE"},
+	{ CSSMERR_CSP_INVALID_ATTR_END_DATE,"CSSMERR_CSP_INVALID_ATTR_END_DATE"},
+	{ CSSMERR_CSP_MISSING_ATTR_END_DATE,"CSSMERR_CSP_MISSING_ATTR_END_DATE"},
+	{ CSSMERR_CSP_INVALID_ATTR_VERSION,"CSSMERR_CSP_INVALID_ATTR_VERSION"},
+	{ CSSMERR_CSP_MISSING_ATTR_VERSION,"CSSMERR_CSP_MISSING_ATTR_VERSION"},
+	{ CSSMERR_CSP_INVALID_ATTR_PRIME,"CSSMERR_CSP_INVALID_ATTR_PRIME"},
+	{ CSSMERR_CSP_MISSING_ATTR_PRIME,"CSSMERR_CSP_MISSING_ATTR_PRIME"},
+	{ CSSMERR_CSP_INVALID_ATTR_BASE,"CSSMERR_CSP_INVALID_ATTR_BASE"},
+	{ CSSMERR_CSP_MISSING_ATTR_BASE,"CSSMERR_CSP_MISSING_ATTR_BASE"},
+	{ CSSMERR_CSP_INVALID_ATTR_SUBPRIME,"CSSMERR_CSP_INVALID_ATTR_SUBPRIME"},
+	{ CSSMERR_CSP_MISSING_ATTR_SUBPRIME,"CSSMERR_CSP_MISSING_ATTR_SUBPRIME"},
+	{ CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT,"CSSMERR_CSP_INVALID_ATTR_ITERATION_COUNT"},
+	{ CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT,"CSSMERR_CSP_MISSING_ATTR_ITERATION_COUNT"},
+	{ CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE,"CSSMERR_CSP_INVALID_ATTR_DL_DB_HANDLE"},
+	{ CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE,"CSSMERR_CSP_MISSING_ATTR_DL_DB_HANDLE"},
+	{ CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS,"CSSMERR_CSP_INVALID_ATTR_ACCESS_CREDENTIALS"},
+	{ CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS,"CSSMERR_CSP_MISSING_ATTR_ACCESS_CREDENTIALS"},
+	{ CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_PUBLIC_KEY_FORMAT"},
+	{ CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_PUBLIC_KEY_FORMAT"},
+	{ CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_PRIVATE_KEY_FORMAT"},
+	{ CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_PRIVATE_KEY_FORMAT"},
+	{ CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_SYMMETRIC_KEY_FORMAT"},
+	{ CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_SYMMETRIC_KEY_FORMAT"},
+	{ CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT,"CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT"},
+	{ CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT,"CSSMERR_CSP_MISSING_ATTR_WRAPPED_KEY_FORMAT"},
+	{ CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS,"CSSMERR_CSP_STAGED_OPERATION_IN_PROGRESS"},
+	{ CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED,"CSSMERR_CSP_STAGED_OPERATION_NOT_STARTED"},
+	{ CSSMERR_CSP_VERIFY_FAILED,"CSSMERR_CSP_VERIFY_FAILED"},
+	{ CSSMERR_CSP_INVALID_SIGNATURE,"CSSMERR_CSP_INVALID_SIGNATURE"},
+	{ CSSMERR_CSP_QUERY_SIZE_UNKNOWN,"CSSMERR_CSP_QUERY_SIZE_UNKNOWN"},
+	{ CSSMERR_CSP_BLOCK_SIZE_MISMATCH,"CSSMERR_CSP_BLOCK_SIZE_MISMATCH"},
+	{ CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND,"CSSMERR_CSP_PRIVATE_KEY_NOT_FOUND"},
+	{ CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT,"CSSMERR_CSP_PUBLIC_KEY_INCONSISTENT"},
+	{ CSSMERR_CSP_DEVICE_VERIFY_FAILED,"CSSMERR_CSP_DEVICE_VERIFY_FAILED"},
+	{ CSSMERR_CSP_INVALID_LOGIN_NAME,"CSSMERR_CSP_INVALID_LOGIN_NAME"},
+	{ CSSMERR_CSP_ALREADY_LOGGED_IN,"CSSMERR_CSP_ALREADY_LOGGED_IN"},
+	{ CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS,"CSSMERR_CSP_PRIVATE_KEY_ALREADY_EXISTS"},
+	{ CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS,"CSSMERR_CSP_KEY_LABEL_ALREADY_EXISTS"},
+	{ CSSMERR_CSP_INVALID_DIGEST_ALGORITHM,"CSSMERR_CSP_INVALID_DIGEST_ALGORITHM"},
+	{ CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED,"CSSMERR_CSP_CRYPTO_DATA_CALLBACK_FAILED"},
+	{ CSSMERR_TP_INTERNAL_ERROR,"CSSMERR_TP_INTERNAL_ERROR"},
+	{ CSSMERR_TP_MEMORY_ERROR,"CSSMERR_TP_MEMORY_ERROR"},
+	{ CSSMERR_TP_MDS_ERROR,"CSSMERR_TP_MDS_ERROR"},
+	{ CSSMERR_TP_INVALID_POINTER,"CSSMERR_TP_INVALID_POINTER"},
+	{ CSSMERR_TP_INVALID_INPUT_POINTER,"CSSMERR_TP_INVALID_INPUT_POINTER"},
+	{ CSSMERR_TP_INVALID_OUTPUT_POINTER,"CSSMERR_TP_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_TP_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_TP_SELF_CHECK_FAILED,"CSSMERR_TP_SELF_CHECK_FAILED"},
+	{ CSSMERR_TP_OS_ACCESS_DENIED,"CSSMERR_TP_OS_ACCESS_DENIED"},
+	{ CSSMERR_TP_FUNCTION_FAILED,"CSSMERR_TP_FUNCTION_FAILED"},
+	{ CSSMERR_TP_INVALID_CONTEXT_HANDLE,"CSSMERR_TP_INVALID_CONTEXT_HANDLE"},
+	{ CSSMERR_TP_INVALID_DATA,"CSSMERR_TP_INVALID_DATA"},
+	{ CSSMERR_TP_INVALID_DB_LIST,"CSSMERR_TP_INVALID_DB_LIST"},
+	{ CSSMERR_TP_INVALID_CERTGROUP_POINTER,"CSSMERR_TP_INVALID_CERTGROUP_POINTER"},
+	{ CSSMERR_TP_INVALID_CERT_POINTER,"CSSMERR_TP_INVALID_CERT_POINTER"},
+	{ CSSMERR_TP_INVALID_CRL_POINTER,"CSSMERR_TP_INVALID_CRL_POINTER"},
+	{ CSSMERR_TP_INVALID_FIELD_POINTER,"CSSMERR_TP_INVALID_FIELD_POINTER"},
+	{ CSSMERR_TP_INVALID_NETWORK_ADDR,"CSSMERR_TP_INVALID_NETWORK_ADDR"},
+	{ CSSMERR_TP_CRL_ALREADY_SIGNED,"CSSMERR_TP_CRL_ALREADY_SIGNED"},
+	{ CSSMERR_TP_INVALID_NUMBER_OF_FIELDS,"CSSMERR_TP_INVALID_NUMBER_OF_FIELDS"},
+	{ CSSMERR_TP_VERIFICATION_FAILURE,"CSSMERR_TP_VERIFICATION_FAILURE"},
+	{ CSSMERR_TP_INVALID_DB_HANDLE,"CSSMERR_TP_INVALID_DB_HANDLE"},
+	{ CSSMERR_TP_UNKNOWN_FORMAT,"CSSMERR_TP_UNKNOWN_FORMAT"},
+	{ CSSMERR_TP_UNKNOWN_TAG,"CSSMERR_TP_UNKNOWN_TAG"},
+	{ CSSMERR_TP_INVALID_PASSTHROUGH_ID,"CSSMERR_TP_INVALID_PASSTHROUGH_ID"},
+	{ CSSMERR_TP_INVALID_CSP_HANDLE,"CSSMERR_TP_INVALID_CSP_HANDLE"},
+	{ CSSMERR_TP_INVALID_DL_HANDLE,"CSSMERR_TP_INVALID_DL_HANDLE"},
+	{ CSSMERR_TP_INVALID_CL_HANDLE,"CSSMERR_TP_INVALID_CL_HANDLE"},
+	{ CSSMERR_TP_INVALID_DB_LIST_POINTER,"CSSMERR_TP_INVALID_DB_LIST_POINTER"},
+	{ CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER,"CSSMERR_TP_INVALID_CALLERAUTH_CONTEXT_POINTER"},
+	{ CSSMERR_TP_INVALID_IDENTIFIER_POINTER,"CSSMERR_TP_INVALID_IDENTIFIER_POINTER"},
+	{ CSSMERR_TP_INVALID_KEYCACHE_HANDLE,"CSSMERR_TP_INVALID_KEYCACHE_HANDLE"},
+	{ CSSMERR_TP_INVALID_CERTGROUP,"CSSMERR_TP_INVALID_CERTGROUP"},
+	{ CSSMERR_TP_INVALID_CRLGROUP,"CSSMERR_TP_INVALID_CRLGROUP"},
+	{ CSSMERR_TP_INVALID_CRLGROUP_POINTER,"CSSMERR_TP_INVALID_CRLGROUP_POINTER"},
+	{ CSSMERR_TP_AUTHENTICATION_FAILED,"CSSMERR_TP_AUTHENTICATION_FAILED"},
+	{ CSSMERR_TP_CERTGROUP_INCOMPLETE,"CSSMERR_TP_CERTGROUP_INCOMPLETE"},
+	{ CSSMERR_TP_CERTIFICATE_CANT_OPERATE,"CSSMERR_TP_CERTIFICATE_CANT_OPERATE"},
+	{ CSSMERR_TP_CERT_EXPIRED,"CSSMERR_TP_CERT_EXPIRED"},
+	{ CSSMERR_TP_CERT_NOT_VALID_YET,"CSSMERR_TP_CERT_NOT_VALID_YET"},
+	{ CSSMERR_TP_CERT_REVOKED,"CSSMERR_TP_CERT_REVOKED"},
+	{ CSSMERR_TP_CERT_SUSPENDED,"CSSMERR_TP_CERT_SUSPENDED"},
+	{ CSSMERR_TP_INSUFFICIENT_CREDENTIALS,"CSSMERR_TP_INSUFFICIENT_CREDENTIALS"},
+	{ CSSMERR_TP_INVALID_ACTION,"CSSMERR_TP_INVALID_ACTION"},
+	{ CSSMERR_TP_INVALID_ACTION_DATA,"CSSMERR_TP_INVALID_ACTION_DATA"},
+	{ CSSMERR_TP_INVALID_ANCHOR_CERT,"CSSMERR_TP_INVALID_ANCHOR_CERT"},
+	{ CSSMERR_TP_INVALID_AUTHORITY,"CSSMERR_TP_INVALID_AUTHORITY"},
+	{ CSSMERR_TP_VERIFY_ACTION_FAILED,"CSSMERR_TP_VERIFY_ACTION_FAILED"},
+	{ CSSMERR_TP_INVALID_CERTIFICATE,"CSSMERR_TP_INVALID_CERTIFICATE"},
+	{ CSSMERR_TP_INVALID_CERT_AUTHORITY,"CSSMERR_TP_INVALID_CERT_AUTHORITY"},
+	{ CSSMERR_TP_INVALID_CRL_AUTHORITY,"CSSMERR_TP_INVALID_CRL_AUTHORITY"},
+	{ CSSMERR_TP_INVALID_CRL_ENCODING,"CSSMERR_TP_INVALID_CRL_ENCODING"},
+	{ CSSMERR_TP_INVALID_CRL_TYPE,"CSSMERR_TP_INVALID_CRL_TYPE"},
+	{ CSSMERR_TP_INVALID_CRL,"CSSMERR_TP_INVALID_CRL"},
+	{ CSSMERR_TP_INVALID_FORM_TYPE,"CSSMERR_TP_INVALID_FORM_TYPE"},
+	{ CSSMERR_TP_INVALID_ID,"CSSMERR_TP_INVALID_ID"},
+	{ CSSMERR_TP_INVALID_IDENTIFIER,"CSSMERR_TP_INVALID_IDENTIFIER"},
+	{ CSSMERR_TP_INVALID_INDEX,"CSSMERR_TP_INVALID_INDEX"},
+	{ CSSMERR_TP_INVALID_NAME,"CSSMERR_TP_INVALID_NAME"},
+	{ CSSMERR_TP_INVALID_POLICY_IDENTIFIERS,"CSSMERR_TP_INVALID_POLICY_IDENTIFIERS"},
+	{ CSSMERR_TP_INVALID_TIMESTRING,"CSSMERR_TP_INVALID_TIMESTRING"},
+	{ CSSMERR_TP_INVALID_REASON,"CSSMERR_TP_INVALID_REASON"},
+	{ CSSMERR_TP_INVALID_REQUEST_INPUTS,"CSSMERR_TP_INVALID_REQUEST_INPUTS"},
+	{ CSSMERR_TP_INVALID_RESPONSE_VECTOR,"CSSMERR_TP_INVALID_RESPONSE_VECTOR"},
+	{ CSSMERR_TP_INVALID_SIGNATURE,"CSSMERR_TP_INVALID_SIGNATURE"},
+	{ CSSMERR_TP_INVALID_STOP_ON_POLICY,"CSSMERR_TP_INVALID_STOP_ON_POLICY"},
+	{ CSSMERR_TP_INVALID_CALLBACK,"CSSMERR_TP_INVALID_CALLBACK"},
+	{ CSSMERR_TP_INVALID_TUPLE,"CSSMERR_TP_INVALID_TUPLE"},
+	{ CSSMERR_TP_NOT_SIGNER,"CSSMERR_TP_NOT_SIGNER"},
+	{ CSSMERR_TP_NOT_TRUSTED,"CSSMERR_TP_NOT_TRUSTED"},
+	{ CSSMERR_TP_NO_DEFAULT_AUTHORITY,"CSSMERR_TP_NO_DEFAULT_AUTHORITY"},
+	{ CSSMERR_TP_REJECTED_FORM,"CSSMERR_TP_REJECTED_FORM"},
+	{ CSSMERR_TP_REQUEST_LOST,"CSSMERR_TP_REQUEST_LOST"},
+	{ CSSMERR_TP_REQUEST_REJECTED,"CSSMERR_TP_REQUEST_REJECTED"},
+	{ CSSMERR_TP_UNSUPPORTED_ADDR_TYPE,"CSSMERR_TP_UNSUPPORTED_ADDR_TYPE"},
+	{ CSSMERR_TP_UNSUPPORTED_SERVICE,"CSSMERR_TP_UNSUPPORTED_SERVICE"},
+	{ CSSMERR_TP_INVALID_TUPLEGROUP_POINTER,"CSSMERR_TP_INVALID_TUPLEGROUP_POINTER"},
+	{ CSSMERR_TP_INVALID_TUPLEGROUP,"CSSMERR_TP_INVALID_TUPLEGROUP"},
+	{ CSSMERR_AC_INTERNAL_ERROR,"CSSMERR_AC_INTERNAL_ERROR"},
+	{ CSSMERR_AC_MEMORY_ERROR,"CSSMERR_AC_MEMORY_ERROR"},
+	{ CSSMERR_AC_MDS_ERROR,"CSSMERR_AC_MDS_ERROR"},
+	{ CSSMERR_AC_INVALID_POINTER,"CSSMERR_AC_INVALID_POINTER"},
+	{ CSSMERR_AC_INVALID_INPUT_POINTER,"CSSMERR_AC_INVALID_INPUT_POINTER"},
+	{ CSSMERR_AC_INVALID_OUTPUT_POINTER,"CSSMERR_AC_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_AC_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_AC_SELF_CHECK_FAILED,"CSSMERR_AC_SELF_CHECK_FAILED"},
+	{ CSSMERR_AC_OS_ACCESS_DENIED,"CSSMERR_AC_OS_ACCESS_DENIED"},
+	{ CSSMERR_AC_FUNCTION_FAILED,"CSSMERR_AC_FUNCTION_FAILED"},
+	{ CSSMERR_AC_INVALID_CONTEXT_HANDLE,"CSSMERR_AC_INVALID_CONTEXT_HANDLE"},
+	{ CSSMERR_AC_INVALID_DATA,"CSSMERR_AC_INVALID_DATA"},
+	{ CSSMERR_AC_INVALID_DB_LIST,"CSSMERR_AC_INVALID_DB_LIST"},
+	{ CSSMERR_AC_INVALID_PASSTHROUGH_ID,"CSSMERR_AC_INVALID_PASSTHROUGH_ID"},
+	{ CSSMERR_AC_INVALID_DL_HANDLE,"CSSMERR_AC_INVALID_DL_HANDLE"},
+	{ CSSMERR_AC_INVALID_CL_HANDLE,"CSSMERR_AC_INVALID_CL_HANDLE"},
+	{ CSSMERR_AC_INVALID_TP_HANDLE,"CSSMERR_AC_INVALID_TP_HANDLE"},
+	{ CSSMERR_AC_INVALID_DB_HANDLE,"CSSMERR_AC_INVALID_DB_HANDLE"},
+	{ CSSMERR_AC_INVALID_DB_LIST_POINTER,"CSSMERR_AC_INVALID_DB_LIST_POINTER"},
+	{ CSSMERR_AC_INVALID_BASE_ACLS,"CSSMERR_AC_INVALID_BASE_ACLS"},
+	{ CSSMERR_AC_INVALID_TUPLE_CREDENTIALS,"CSSMERR_AC_INVALID_TUPLE_CREDENTIALS"},
+	{ CSSMERR_AC_INVALID_ENCODING,"CSSMERR_AC_INVALID_ENCODING"},
+	{ CSSMERR_AC_INVALID_VALIDITY_PERIOD,"CSSMERR_AC_INVALID_VALIDITY_PERIOD"},
+	{ CSSMERR_AC_INVALID_REQUESTOR,"CSSMERR_AC_INVALID_REQUESTOR"},
+	{ CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR,"CSSMERR_AC_INVALID_REQUEST_DESCRIPTOR"},
+	{ CSSMERR_CL_INTERNAL_ERROR,"CSSMERR_CL_INTERNAL_ERROR"},
+	{ CSSMERR_CL_MEMORY_ERROR,"CSSMERR_CL_MEMORY_ERROR"},
+	{ CSSMERR_CL_MDS_ERROR,"CSSMERR_CL_MDS_ERROR"},
+	{ CSSMERR_CL_INVALID_POINTER,"CSSMERR_CL_INVALID_POINTER"},
+	{ CSSMERR_CL_INVALID_INPUT_POINTER,"CSSMERR_CL_INVALID_INPUT_POINTER"},
+	{ CSSMERR_CL_INVALID_OUTPUT_POINTER,"CSSMERR_CL_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_CL_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_CL_SELF_CHECK_FAILED,"CSSMERR_CL_SELF_CHECK_FAILED"},
+	{ CSSMERR_CL_OS_ACCESS_DENIED,"CSSMERR_CL_OS_ACCESS_DENIED"},
+	{ CSSMERR_CL_FUNCTION_FAILED,"CSSMERR_CL_FUNCTION_FAILED"},
+	{ CSSMERR_CL_INVALID_CONTEXT_HANDLE,"CSSMERR_CL_INVALID_CONTEXT_HANDLE"},
+	{ CSSMERR_CL_INVALID_CERTGROUP_POINTER,"CSSMERR_CL_INVALID_CERTGROUP_POINTER"},
+	{ CSSMERR_CL_INVALID_CERT_POINTER,"CSSMERR_CL_INVALID_CERT_POINTER"},
+	{ CSSMERR_CL_INVALID_CRL_POINTER,"CSSMERR_CL_INVALID_CRL_POINTER"},
+	{ CSSMERR_CL_INVALID_FIELD_POINTER,"CSSMERR_CL_INVALID_FIELD_POINTER"},
+	{ CSSMERR_CL_INVALID_DATA,"CSSMERR_CL_INVALID_DATA"},
+	{ CSSMERR_CL_CRL_ALREADY_SIGNED,"CSSMERR_CL_CRL_ALREADY_SIGNED"},
+	{ CSSMERR_CL_INVALID_NUMBER_OF_FIELDS,"CSSMERR_CL_INVALID_NUMBER_OF_FIELDS"},
+	{ CSSMERR_CL_VERIFICATION_FAILURE,"CSSMERR_CL_VERIFICATION_FAILURE"},
+	{ CSSMERR_CL_UNKNOWN_FORMAT,"CSSMERR_CL_UNKNOWN_FORMAT"},
+	{ CSSMERR_CL_UNKNOWN_TAG,"CSSMERR_CL_UNKNOWN_TAG"},
+	{ CSSMERR_CL_INVALID_PASSTHROUGH_ID,"CSSMERR_CL_INVALID_PASSTHROUGH_ID"},
+	{ CSSMERR_CL_INVALID_BUNDLE_POINTER,"CSSMERR_CL_INVALID_BUNDLE_POINTER"},
+	{ CSSMERR_CL_INVALID_CACHE_HANDLE,"CSSMERR_CL_INVALID_CACHE_HANDLE"},
+	{ CSSMERR_CL_INVALID_RESULTS_HANDLE,"CSSMERR_CL_INVALID_RESULTS_HANDLE"},
+	{ CSSMERR_CL_INVALID_BUNDLE_INFO,"CSSMERR_CL_INVALID_BUNDLE_INFO"},
+	{ CSSMERR_CL_INVALID_CRL_INDEX,"CSSMERR_CL_INVALID_CRL_INDEX"},
+	{ CSSMERR_CL_INVALID_SCOPE,"CSSMERR_CL_INVALID_SCOPE"},
+	{ CSSMERR_CL_NO_FIELD_VALUES,"CSSMERR_CL_NO_FIELD_VALUES"},
+	{ CSSMERR_CL_SCOPE_NOT_SUPPORTED,"CSSMERR_CL_SCOPE_NOT_SUPPORTED"},
+	{ CSSMERR_DL_INTERNAL_ERROR,"CSSMERR_DL_INTERNAL_ERROR"},
+	{ CSSMERR_DL_MEMORY_ERROR,"CSSMERR_DL_MEMORY_ERROR"},
+	{ CSSMERR_DL_MDS_ERROR,"CSSMERR_DL_MDS_ERROR"},
+	{ CSSMERR_DL_INVALID_POINTER,"CSSMERR_DL_INVALID_POINTER"},
+	{ CSSMERR_DL_INVALID_INPUT_POINTER,"CSSMERR_DL_INVALID_INPUT_POINTER"},
+	{ CSSMERR_DL_INVALID_OUTPUT_POINTER,"CSSMERR_DL_INVALID_OUTPUT_POINTER"},
+	{ CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED,"CSSMERR_DL_FUNCTION_NOT_IMPLEMENTED"},
+	{ CSSMERR_DL_SELF_CHECK_FAILED,"CSSMERR_DL_SELF_CHECK_FAILED"},
+	{ CSSMERR_DL_OS_ACCESS_DENIED,"CSSMERR_DL_OS_ACCESS_DENIED"},
+	{ CSSMERR_DL_FUNCTION_FAILED,"CSSMERR_DL_FUNCTION_FAILED"},
+	{ CSSMERR_DL_INVALID_CSP_HANDLE,"CSSMERR_DL_INVALID_CSP_HANDLE"},
+	{ CSSMERR_DL_INVALID_DL_HANDLE,"CSSMERR_DL_INVALID_DL_HANDLE"},
+	{ CSSMERR_DL_INVALID_CL_HANDLE,"CSSMERR_DL_INVALID_CL_HANDLE"},
+	{ CSSMERR_DL_INVALID_DB_LIST_POINTER,"CSSMERR_DL_INVALID_DB_LIST_POINTER"},
+	{ CSSMERR_DL_OPERATION_AUTH_DENIED,"CSSMERR_DL_OPERATION_AUTH_DENIED"},
+	{ CSSMERR_DL_OBJECT_USE_AUTH_DENIED,"CSSMERR_DL_OBJECT_USE_AUTH_DENIED"},
+	{ CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED,"CSSMERR_DL_OBJECT_MANIP_AUTH_DENIED"},
+	{ CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED,"CSSMERR_DL_OBJECT_ACL_NOT_SUPPORTED"},
+	{ CSSMERR_DL_OBJECT_ACL_REQUIRED,"CSSMERR_DL_OBJECT_ACL_REQUIRED"},
+	{ CSSMERR_DL_INVALID_ACCESS_CREDENTIALS,"CSSMERR_DL_INVALID_ACCESS_CREDENTIALS"},
+	{ CSSMERR_DL_INVALID_ACL_BASE_CERTS,"CSSMERR_DL_INVALID_ACL_BASE_CERTS"},
+	{ CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED,"CSSMERR_DL_ACL_BASE_CERTS_NOT_SUPPORTED"},
+	{ CSSMERR_DL_INVALID_SAMPLE_VALUE,"CSSMERR_DL_INVALID_SAMPLE_VALUE"},
+	{ CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED,"CSSMERR_DL_SAMPLE_VALUE_NOT_SUPPORTED"},
+	{ CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE,"CSSMERR_DL_INVALID_ACL_SUBJECT_VALUE"},
+	{ CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED,"CSSMERR_DL_ACL_SUBJECT_TYPE_NOT_SUPPORTED"},
+	{ CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK,"CSSMERR_DL_INVALID_ACL_CHALLENGE_CALLBACK"},
+	{ CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED,"CSSMERR_DL_ACL_CHALLENGE_CALLBACK_FAILED"},
+	{ CSSMERR_DL_INVALID_ACL_ENTRY_TAG,"CSSMERR_DL_INVALID_ACL_ENTRY_TAG"},
+	{ CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND,"CSSMERR_DL_ACL_ENTRY_TAG_NOT_FOUND"},
+	{ CSSMERR_DL_INVALID_ACL_EDIT_MODE,"CSSMERR_DL_INVALID_ACL_EDIT_MODE"},
+	{ CSSMERR_DL_ACL_CHANGE_FAILED,"CSSMERR_DL_ACL_CHANGE_FAILED"},
+	{ CSSMERR_DL_INVALID_NEW_ACL_ENTRY,"CSSMERR_DL_INVALID_NEW_ACL_ENTRY"},
+	{ CSSMERR_DL_INVALID_NEW_ACL_OWNER,"CSSMERR_DL_INVALID_NEW_ACL_OWNER"},
+	{ CSSMERR_DL_ACL_DELETE_FAILED,"CSSMERR_DL_ACL_DELETE_FAILED"},
+	{ CSSMERR_DL_ACL_REPLACE_FAILED,"CSSMERR_DL_ACL_REPLACE_FAILED"},
+	{ CSSMERR_DL_ACL_ADD_FAILED,"CSSMERR_DL_ACL_ADD_FAILED"},
+	{ CSSMERR_DL_INVALID_DB_HANDLE,"CSSMERR_DL_INVALID_DB_HANDLE"},
+	{ CSSMERR_DL_INVALID_PASSTHROUGH_ID,"CSSMERR_DL_INVALID_PASSTHROUGH_ID"},
+	{ CSSMERR_DL_INVALID_NETWORK_ADDR,"CSSMERR_DL_INVALID_NETWORK_ADDR"},
+	{ CSSMERR_DL_DATABASE_CORRUPT,"CSSMERR_DL_DATABASE_CORRUPT"},
+	{ CSSMERR_DL_INVALID_RECORD_INDEX,"CSSMERR_DL_INVALID_RECORD_INDEX"},
+	{ CSSMERR_DL_INVALID_RECORDTYPE,"CSSMERR_DL_INVALID_RECORDTYPE"},
+	{ CSSMERR_DL_INVALID_FIELD_NAME,"CSSMERR_DL_INVALID_FIELD_NAME"},
+	{ CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT,"CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT"},
+	{ CSSMERR_DL_UNSUPPORTED_INDEX_INFO,"CSSMERR_DL_UNSUPPORTED_INDEX_INFO"},
+	{ CSSMERR_DL_UNSUPPORTED_LOCALITY,"CSSMERR_DL_UNSUPPORTED_LOCALITY"},
+	{ CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES,"CSSMERR_DL_UNSUPPORTED_NUM_ATTRIBUTES"},
+	{ CSSMERR_DL_UNSUPPORTED_NUM_INDEXES,"CSSMERR_DL_UNSUPPORTED_NUM_INDEXES"},
+	{ CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES,"CSSMERR_DL_UNSUPPORTED_NUM_RECORDTYPES"},
+	{ CSSMERR_DL_UNSUPPORTED_RECORDTYPE,"CSSMERR_DL_UNSUPPORTED_RECORDTYPE"},
+	{ CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE,"CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE"},
+	{ CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT,"CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT"},
+	{ CSSMERR_DL_INVALID_PARSING_MODULE,"CSSMERR_DL_INVALID_PARSING_MODULE"},
+	{ CSSMERR_DL_INVALID_DB_NAME,"CSSMERR_DL_INVALID_DB_NAME"},
+	{ CSSMERR_DL_DATASTORE_DOESNOT_EXIST,"CSSMERR_DL_DATASTORE_DOESNOT_EXIST"},
+	{ CSSMERR_DL_DATASTORE_ALREADY_EXISTS,"CSSMERR_DL_DATASTORE_ALREADY_EXISTS"},
+	{ CSSMERR_DL_DB_LOCKED,"CSSMERR_DL_DB_LOCKED"},
+	{ CSSMERR_DL_DATASTORE_IS_OPEN,"CSSMERR_DL_DATASTORE_IS_OPEN"},
+	{ CSSMERR_DL_RECORD_NOT_FOUND,"CSSMERR_DL_RECORD_NOT_FOUND"},
+	{ CSSMERR_DL_MISSING_VALUE,"CSSMERR_DL_MISSING_VALUE"},
+	{ CSSMERR_DL_UNSUPPORTED_QUERY,"CSSMERR_DL_UNSUPPORTED_QUERY"},
+	{ CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS,"CSSMERR_DL_UNSUPPORTED_QUERY_LIMITS"},
+	{ CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS,"CSSMERR_DL_UNSUPPORTED_NUM_SELECTION_PREDS"},
+	{ CSSMERR_DL_UNSUPPORTED_OPERATOR,"CSSMERR_DL_UNSUPPORTED_OPERATOR"},
+	{ CSSMERR_DL_INVALID_RESULTS_HANDLE,"CSSMERR_DL_INVALID_RESULTS_HANDLE"},
+	{ CSSMERR_DL_INVALID_DB_LOCATION,"CSSMERR_DL_INVALID_DB_LOCATION"},
+	{ CSSMERR_DL_INVALID_ACCESS_REQUEST,"CSSMERR_DL_INVALID_ACCESS_REQUEST"},
+	{ CSSMERR_DL_INVALID_INDEX_INFO,"CSSMERR_DL_INVALID_INDEX_INFO"},
+	{ CSSMERR_DL_INVALID_SELECTION_TAG,"CSSMERR_DL_INVALID_SELECTION_TAG"},
+	{ CSSMERR_DL_INVALID_NEW_OWNER,"CSSMERR_DL_INVALID_NEW_OWNER"},
+	{ CSSMERR_DL_INVALID_RECORD_UID,"CSSMERR_DL_INVALID_RECORD_UID"},
+	{ CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA,"CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA"},
+	{ CSSMERR_DL_INVALID_MODIFY_MODE,"CSSMERR_DL_INVALID_MODIFY_MODE"},
+	{ CSSMERR_DL_INVALID_OPEN_PARAMETERS,"CSSMERR_DL_INVALID_OPEN_PARAMETERS"},
+	{ CSSMERR_DL_RECORD_MODIFIED,"CSSMERR_DL_RECORD_MODIFIED"},
+	{ CSSMERR_DL_ENDOFDATA,"CSSMERR_DL_ENDOFDATA"},
+	{ CSSMERR_DL_INVALID_QUERY,"CSSMERR_DL_INVALID_QUERY"},
+	{ CSSMERR_DL_INVALID_VALUE,"CSSMERR_DL_INVALID_VALUE"},
+	{ CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED,"CSSMERR_DL_MULTIPLE_VALUES_UNSUPPORTED"},
+	{ CSSMERR_DL_STALE_UNIQUE_RECORD,"CSSMERR_DL_STALE_UNIQUE_RECORD"},
+	/* Error codes from cssmapple.h */
+	{ CSSMERR_CSSM_NO_USER_INTERACTION,"CSSMERR_CSSM_NO_USER_INTERACTION"},
+	{ CSSMERR_AC_NO_USER_INTERACTION,"CSSMERR_AC_NO_USER_INTERACTION"},
+	{ CSSMERR_CSP_NO_USER_INTERACTION,"CSSMERR_CSP_NO_USER_INTERACTION"},
+	{ CSSMERR_CL_NO_USER_INTERACTION,"CSSMERR_CL_NO_USER_INTERACTION"},
+	{ CSSMERR_DL_NO_USER_INTERACTION,"CSSMERR_DL_NO_USER_INTERACTION"},
+	{ CSSMERR_TP_NO_USER_INTERACTION,"CSSMERR_TP_NO_USER_INTERACTION"},
+	{ CSSMERR_CSSM_USER_CANCELED,"CSSMERR_CSSM_USER_CANCELED"},
+	{ CSSMERR_AC_USER_CANCELED,"CSSMERR_AC_USER_CANCELED"},
+	{ CSSMERR_CSP_USER_CANCELED,"CSSMERR_CSP_USER_CANCELED"},
+	{ CSSMERR_CL_USER_CANCELED,"CSSMERR_CL_USER_CANCELED"},
+	{ CSSMERR_DL_USER_CANCELED,"CSSMERR_DL_USER_CANCELED"},
+	{ CSSMERR_TP_USER_CANCELED,"CSSMERR_TP_USER_CANCELED"},
+	{ CSSMERR_CSSM_SERVICE_NOT_AVAILABLE,"CSSMERR_CSSM_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_AC_SERVICE_NOT_AVAILABLE,"CSSMERR_AC_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_CSP_SERVICE_NOT_AVAILABLE,"CSSMERR_CSP_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_CL_SERVICE_NOT_AVAILABLE,"CSSMERR_CL_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_DL_SERVICE_NOT_AVAILABLE,"CSSMERR_DL_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_TP_SERVICE_NOT_AVAILABLE,"CSSMERR_TP_SERVICE_NOT_AVAILABLE"},
+	{ CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CSSM_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_AC_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CSP_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_CL_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_DL_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION,"CSSMERR_TP_INSUFFICIENT_CLIENT_IDENTIFICATION"},
+	{ CSSMERR_CSSM_DEVICE_RESET,"CSSMERR_CSSM_DEVICE_RESET"},
+	{ CSSMERR_AC_DEVICE_RESET,"CSSMERR_AC_DEVICE_RESET"},
+	{ CSSMERR_CSP_DEVICE_RESET,"CSSMERR_CSP_DEVICE_RESET"},
+	{ CSSMERR_CL_DEVICE_RESET,"CSSMERR_CL_DEVICE_RESET"},
+	{ CSSMERR_DL_DEVICE_RESET,"CSSMERR_DL_DEVICE_RESET"},
+	{ CSSMERR_TP_DEVICE_RESET,"CSSMERR_TP_DEVICE_RESET"},
+	{ CSSMERR_CSSM_DEVICE_FAILED,"CSSMERR_CSSM_DEVICE_FAILED"},
+	{ CSSMERR_AC_DEVICE_FAILED,"CSSMERR_AC_DEVICE_FAILED"},
+	{ CSSMERR_CSP_DEVICE_FAILED,"CSSMERR_CSP_DEVICE_FAILED"},
+	{ CSSMERR_CL_DEVICE_FAILED,"CSSMERR_CL_DEVICE_FAILED"},
+	{ CSSMERR_DL_DEVICE_FAILED,"CSSMERR_DL_DEVICE_FAILED"},
+	{ CSSMERR_TP_DEVICE_FAILED,"CSSMERR_TP_DEVICE_FAILED"},
+	{ CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT,"CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT"},
+	{ CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE,"CSSMERR_CSP_APPLE_PUBLIC_KEY_INCOMPLETE"},
+	{ CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH,"CSSMERR_CSP_APPLE_SIGNATURE_MISMATCH"},
+	{ CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE,"CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE"},
+	{ CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE,"CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE"},
+	{ CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR,"CSSMERR_CSPDL_APPLE_DL_CONVERSION_ERROR"},
+	{ CSSMERR_CSP_APPLE_SSLv2_ROLLBACK,"CSSMERR_CSP_APPLE_SSLv2_ROLLBACK"},
+	{ CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS,"CSSMERR_APPLEDL_INVALID_OPEN_PARAMETERS"},
+	{ CSSMERR_APPLEDL_DISK_FULL,"CSSMERR_APPLEDL_DISK_FULL"},
+	{ CSSMERR_APPLEDL_QUOTA_EXCEEDED,"CSSMERR_APPLEDL_QUOTA_EXCEEDED"},
+	{ CSSMERR_APPLEDL_FILE_TOO_BIG,"CSSMERR_APPLEDL_FILE_TOO_BIG"},
+	{ CSSMERR_APPLEDL_INVALID_DATABASE_BLOB,"CSSMERR_APPLEDL_INVALID_DATABASE_BLOB"},
+	{ CSSMERR_APPLEDL_INVALID_KEY_BLOB,"CSSMERR_APPLEDL_INVALID_KEY_BLOB"},
+	{ CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB,"CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB"},
+	{ CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB,"CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB"},
+	{ CSSMERR_APPLETP_HOSTNAME_MISMATCH,"CSSMERR_APPLETP_HOSTNAME_MISMATCH"},
+	{ CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CRITICAL_EXTEN"},
+	{ CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS,"CSSMERR_APPLETP_NO_BASIC_CONSTRAINTS"},
+	{ CSSMERR_APPLETP_INVALID_CA,"CSSMERR_APPLETP_INVALID_CA"},
+	{ CSSMERR_APPLETP_INVALID_AUTHORITY_ID,"CSSMERR_APPLETP_INVALID_AUTHORITY_ID"},
+	{ CSSMERR_APPLETP_INVALID_SUBJECT_ID,"CSSMERR_APPLETP_INVALID_SUBJECT_ID"},
+	{ CSSMERR_APPLETP_INVALID_KEY_USAGE,"CSSMERR_APPLETP_INVALID_KEY_USAGE"},
+	{ CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE"},
+	{ CSSMERR_APPLETP_INVALID_ID_LINKAGE,"CSSMERR_APPLETP_INVALID_ID_LINKAGE"},
+	{ CSSMERR_APPLETP_PATH_LEN_CONSTRAINT,"CSSMERR_APPLETP_PATH_LEN_CONSTRAINT"},
+	{ CSSMERR_APPLETP_INVALID_ROOT,"CSSMERR_APPLETP_INVALID_ROOT"},
+	{ CSSMERR_APPLETP_CRL_EXPIRED,"CSSMERR_APPLETP_CRL_EXPIRED"},
+	{ CSSMERR_APPLETP_CRL_NOT_VALID_YET,"CSSMERR_APPLETP_CRL_NOT_VALID_YET"},
+	{ CSSMERR_APPLETP_CRL_NOT_FOUND,"CSSMERR_APPLETP_CRL_NOT_FOUND"},
+	{ CSSMERR_APPLETP_CRL_SERVER_DOWN,"CSSMERR_APPLETP_CRL_SERVER_DOWN"},
+	{ CSSMERR_APPLETP_CRL_BAD_URI,"CSSMERR_APPLETP_CRL_BAD_URI"},
+	{ CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CERT_EXTEN"},
+	{ CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN,"CSSMERR_APPLETP_UNKNOWN_CRL_EXTEN"},
+	{ CSSMERR_APPLETP_CRL_NOT_TRUSTED,"CSSMERR_APPLETP_CRL_NOT_TRUSTED"},
+	{ CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT,"CSSMERR_APPLETP_CRL_INVALID_ANCHOR_CERT"},
+	{ CSSMERR_APPLETP_CRL_POLICY_FAIL,"CSSMERR_APPLETP_CRL_POLICY_FAIL"},
+	{ CSSMERR_APPLETP_IDP_FAIL,"CSSMERR_APPLETP_IDP_FAIL"},
+	{ CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER,"CSSMERR_APPLETP_CERT_NOT_FOUND_FROM_ISSUER"},
+	{ CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER,"CSSMERR_APPLETP_BAD_CERT_FROM_ISSUER"},
+	{ CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND,"CSSMERR_APPLETP_SMIME_EMAIL_ADDRS_NOT_FOUND"},
+	{ CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE,"CSSMERR_APPLETP_SMIME_BAD_EXT_KEY_USE"},
+	{ CSSMERR_APPLETP_SMIME_BAD_KEY_USE,"CSSMERR_APPLETP_SMIME_BAD_KEY_USE"},
+	{ CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL,"CSSMERR_APPLETP_SMIME_KEYUSAGE_NOT_CRITICAL"},
+	{ CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS,"CSSMERR_APPLETP_SMIME_NO_EMAIL_ADDRS"},
+	{ CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT,"CSSMERR_APPLETP_SMIME_SUBJ_ALT_NAME_NOT_CRIT"},
+	{ CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE,"CSSMERR_APPLETP_SSL_BAD_EXT_KEY_USE"},
+	{ CSSMERR_APPLETP_OCSP_BAD_RESPONSE,"CSSMERR_APPLETP_OCSP_BAD_RESPONSE"},
+	{ CSSMERR_APPLETP_OCSP_BAD_REQUEST,"CSSMERR_APPLETP_OCSP_BAD_REQUEST"},
+	{ CSSMERR_APPLETP_OCSP_UNAVAILABLE,"CSSMERR_APPLETP_OCSP_UNAVAILABLE"},
+	{ CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED,"CSSMERR_APPLETP_OCSP_STATUS_UNRECOGNIZED"},
+	{ CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK,"CSSMERR_APPLETP_INCOMPLETE_REVOCATION_CHECK"},
+	{ CSSMERR_APPLETP_NETWORK_FAILURE,"CSSMERR_APPLETP_NETWORK_FAILURE"},
+	{ CSSMERR_APPLETP_OCSP_NOT_TRUSTED,"CSSMERR_APPLETP_OCSP_NOT_TRUSTED"},
+	{ CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT,"CSSMERR_APPLETP_OCSP_INVALID_ANCHOR_CERT"},
+	{ CSSMERR_APPLETP_OCSP_SIG_ERROR,"CSSMERR_APPLETP_OCSP_SIG_ERROR"},
+	{ CSSMERR_APPLETP_OCSP_NO_SIGNER,"CSSMERR_APPLETP_OCSP_NO_SIGNER"},
+	{ CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ,"CSSMERR_APPLETP_OCSP_RESP_MALFORMED_REQ"},
+	{ CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR,"CSSMERR_APPLETP_OCSP_RESP_INTERNAL_ERR"},
+	{ CSSMERR_APPLETP_OCSP_RESP_TRY_LATER,"CSSMERR_APPLETP_OCSP_RESP_TRY_LATER"},
+	{ CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED,"CSSMERR_APPLETP_OCSP_RESP_SIG_REQUIRED"},
+	{ CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED,"CSSMERR_APPLETP_OCSP_RESP_UNAUTHORIZED"},
+	{ CSSMERR_APPLETP_OCSP_NONCE_MISMATCH,"CSSMERR_APPLETP_OCSP_NONCE_MISMATCH"},
+	{ CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH,"CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH"},
+	{ CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS,"CSSMERR_APPLETP_CS_NO_BASIC_CONSTRAINTS"},
+	{ CSSMERR_APPLETP_CS_BAD_PATH_LENGTH,"CSSMERR_APPLETP_CS_BAD_PATH_LENGTH"},
+	{ CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_CS_NO_EXTENDED_KEY_USAGE"},
+	{ CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT,"CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT"},
+	{ CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH,"CSSMERR_APPLETP_RS_BAD_CERT_CHAIN_LENGTH"},
+	{ CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE,"CSSMERR_APPLETP_RS_BAD_EXTENDED_KEY_USAGE"},
+	{ CSSMERR_APPLETP_TRUST_SETTING_DENY,"CSSMERR_APPLETP_TRUST_SETTING_DENY"},
+	{ CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT,"CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT"},
+	{ CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT,"CSSMERR_APPLETP_UNKNOWN_QUAL_CERT_STATEMENT"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_QUEUED,"CSSMERR_APPLE_DOTMAC_REQ_QUEUED"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_REDIRECT,"CSSMERR_APPLE_DOTMAC_REQ_REDIRECT"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_ERR"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_PARAM"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_AUTH"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_UNIMPL"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_NOT_AVAIL"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_ALREADY_EXIST"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR,"CSSMERR_APPLE_DOTMAC_REQ_SERVER_SERVICE_ERROR"},
+	{ CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING,"CSSMERR_APPLE_DOTMAC_REQ_IS_PENDING"},
+	{ CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING,"CSSMERR_APPLE_DOTMAC_NO_REQ_PENDING"},
+	{0, NULL}
+};

ADDED   LocalTests/utilLib/fileIo.c
Index: LocalTests/utilLib/fileIo.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/fileIo.c
@@ -0,0 +1,128 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "fileIo.h"
+
+int cspWriteFile(
+	const char			*fileName,
+	const unsigned char	*bytes,
+	unsigned			numBytes)
+{
+	int		rtn;
+	int 	fd;
+	
+	fd = open(fileName, O_RDWR | O_CREAT | O_TRUNC, 0600);
+	if(fd <= 0) {
+		return errno;
+	}
+	rtn = lseek(fd, 0, SEEK_SET);
+	if(rtn < 0) {
+		return errno;
+	}
+	rtn = write(fd, bytes, (size_t)numBytes);
+	if(rtn != (int)numBytes) {
+		if(rtn >= 0) {
+			printf("writeFile: short write\n");
+		}
+		rtn = EIO;
+	}
+	else {
+		rtn = 0;
+	}
+	close(fd);
+	return rtn;
+}
+	
+/*
+ * Read entire file. 
+ */
+int cspReadFile(
+	const char		*fileName,
+	unsigned char	**bytes,		// mallocd and returned
+	unsigned		*numBytes)		// returned
+{
+	int ourRtn = 0;
+	int fd;
+	char *buf;
+	char *thisBuf;
+	struct stat	sb;
+	unsigned size;
+	size_t toMove;
+	ssize_t thisMoved;
+	int irtn;
+	off_t lrtn = 0;
+	
+	*numBytes = 0;
+	*bytes = NULL;
+	fd = open(fileName, O_RDONLY, 0);
+	if(fd <= 0) {
+		perror("open");
+		return errno;
+	}
+	irtn = fstat(fd, &sb);
+	if(irtn) {
+		ourRtn = errno;
+		if(ourRtn == 0) {
+			fprintf(stderr, "***Bogus zero error on fstat\n");
+			ourRtn = -1;
+		}
+		else {
+			perror("fstat");
+		}
+		goto errOut;
+	}
+	size = sb.st_size;
+	buf = thisBuf = (char *)malloc(size);
+	if(buf == NULL) {
+		ourRtn = ENOMEM;
+		goto errOut;
+	}
+	lrtn = lseek(fd, 0, SEEK_SET);
+	if(lrtn < 0) {
+		ourRtn = errno;
+		if(ourRtn == 0) {
+			fprintf(stderr, "***Bogus zero error on lseek\n");
+			ourRtn = -1;
+		}
+		else {
+			perror("lseek");
+		}
+		goto errOut;
+	}
+	toMove = size;
+	
+	/*
+	 * On ppc this read ALWAYS returns the entire file. On i386, not so. 
+	 */
+	do {
+		thisMoved = read(fd, thisBuf, toMove);
+		if(thisMoved == 0) {
+			/* reading empty file: done */
+			break;
+		}
+		else if(thisMoved < 0) {
+			ourRtn = errno;
+			perror("read");
+			break;
+		}
+		size_t uThisMoved = (size_t)thisMoved;
+		if(uThisMoved != toMove) {
+			fprintf(stderr, "===Short read: asked for %ld, got %lu\n", 
+				toMove, uThisMoved);
+		}
+		toMove  -= thisMoved;
+		thisBuf += thisMoved;
+	} while(toMove);
+	
+	if(ourRtn == 0) {
+		*bytes = (unsigned char *)buf;
+		*numBytes = size;
+	}
+errOut:
+	close(fd);
+	return ourRtn;
+}

ADDED   LocalTests/utilLib/fileIo.h
Index: LocalTests/utilLib/fileIo.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/fileIo.h
@@ -0,0 +1,20 @@
+/*
+ * Read entire file. 
+ */
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+int cspReadFile(
+	const char			*fileName,
+	unsigned char		**bytes,		// mallocd and returned
+	unsigned			*numBytes);		// returned
+
+int cspWriteFile(
+	const char			*fileName,
+	const unsigned char	*bytes,
+	unsigned			numBytes);
+
+#ifdef __cplusplus
+}
+#endif

ADDED   LocalTests/utilLib/nssAppUtils.cpp
Index: LocalTests/utilLib/nssAppUtils.cpp
==================================================================
--- /dev/null
+++ LocalTests/utilLib/nssAppUtils.cpp
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please 
+ * obtain a copy of the License at http://www.apple.com/publicsource and 
+ * read it before using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
+ * Please see the License for the specific language governing rights and 
+ * limitations under the License.
+ */
+/*
+ * nssAppUtils.cpp
+ */
+ 
+#include "nssAppUtils.h"
+#include "common.h"
+#include "cspwrap.h"
+#include <Security/SecAsn1Coder.h>
+#include <Security/osKeyTemplates.h>	
+#include <stdlib.h>
+#include <stdio.h>
+#include <strings.h>
+
+/*
+ * Create pubKeyPartial as copy of pubKey without the DSA params.
+ * Returned partial key is RAW. Incoming key can be raw or ref.
+ */
+CSSM_RETURN extractDsaPartial(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *pubKey, 
+	CSSM_KEY_PTR pubKeyPartial)
+{
+	const CSSM_KEY *thePubKey = pubKey;
+	CSSM_KEY rawPubKey;
+	CSSM_RETURN crtn;
+	
+	if(pubKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
+		/* first get this in raw form */
+		crtn = cspRefKeyToRaw(cspHand, pubKey, &rawPubKey);
+		if(crtn) {
+			return crtn;
+		}
+		thePubKey = &rawPubKey;
+	}
+	
+	/* decode raw public key */
+	NSS_DSAPublicKeyX509 nssPub;
+	SecAsn1CoderRef coder;
+	
+	OSStatus ortn = SecAsn1CoderCreate(&coder);
+	if(ortn) {
+		cssmPerror("SecAsn1CoderCreate", ortn);
+		return ortn;
+	}
+	memset(&nssPub, 0, sizeof(nssPub));
+	if(SecAsn1DecodeData(coder, &thePubKey->KeyData, kSecAsn1DSAPublicKeyX509Template,
+			&nssPub)) {
+		printf("***Error decoding DSA public key. Aborting.\n");
+		return 1;
+	}
+	
+	/* zero out the params and reencode */
+	nssPub.dsaAlg.params = NULL;
+	CSSM_DATA newKey = {0, NULL};
+	if(SecAsn1EncodeItem(coder, &nssPub, kSecAsn1DSAPublicKeyX509Template,
+			&newKey)) {
+		printf("***Error reencoding DSA pub key\n");
+		return 1;
+	}
+	
+	/* copy - newKey is in coder space */
+	*pubKeyPartial = *thePubKey;
+	appCopyCssmData(&newKey, &pubKeyPartial->KeyData);
+
+	if(pubKey->KeyHeader.BlobType == CSSM_KEYBLOB_REFERENCE) {
+		/* free the KeyData mallocd by cspRefKeyToRaw */
+		CSSM_FREE(thePubKey->KeyData.Data);
+		pubKeyPartial->KeyHeader.BlobType = CSSM_KEYBLOB_RAW;
+	}
+	pubKeyPartial->KeyHeader.KeyAttr |= CSSM_KEYATTR_PARTIAL;
+	SecAsn1CoderRelease(coder);
+	return CSSM_OK;
+}

ADDED   LocalTests/utilLib/nssAppUtils.h
Index: LocalTests/utilLib/nssAppUtils.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/nssAppUtils.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2003 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please 
+ * obtain a copy of the License at http://www.apple.com/publicsource and 
+ * read it before using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 
+ * Please see the License for the specific language governing rights and 
+ * limitations under the License.
+ */
+/*
+ * nssAppUtils.h
+ */
+ 
+#ifndef	_NSS_APP_UTILS_H_
+#define _NSS_APP_UTILS_H_
+
+#include <Security/cssmtype.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+CSSM_RETURN extractDsaPartial(
+	CSSM_CSP_HANDLE cspHand,
+	const CSSM_KEY *pubKey, 
+	CSSM_KEY_PTR pubKeyPartial);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _NSS_APP_UTILS_H_ */
+

ADDED   LocalTests/utilLib/rijndael-alg-ref.c
Index: LocalTests/utilLib/rijndael-alg-ref.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/rijndael-alg-ref.c
@@ -0,0 +1,373 @@
+/* rijndael-alg-ref.c   v2.0   August '99
+ * Reference ANSI C code
+ * authors: Paulo Barreto
+ *          Vincent Rijmen
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "rijndael-alg-ref.h"
+
+#define SC	((BC - 4) >> 1)
+
+#include "boxes-ref.h"
+
+static const word8 shifts[3][4][2] = {
+ { { 0, 0 },
+   { 1, 3 },
+   { 2, 2 },
+   { 3, 1 }
+ },
+ { { 0, 0 },
+   { 1, 5 },
+   { 2, 4 },
+   { 3, 3 }
+ },
+ { { 0, 0 },
+   { 1, 7 },
+   { 3, 5 },
+   { 4, 4 }
+ }
+}; 
+
+
+static word8 mul(word8 a, word8 b) {
+   /* multiply two elements of GF(2^m)
+    * needed for MixColumn and InvMixColumn
+    */
+	if (a && b) return Alogtable[(Logtable[a] + Logtable[b])%255];
+	else return 0;
+}
+
+static void KeyAddition(word8 a[4][MAXBC], word8 rk[4][MAXBC], word8 BC) {
+	/* Exor corresponding text input and round key input bytes
+	 */
+	int i, j;
+	
+	for(i = 0; i < 4; i++)
+   		for(j = 0; j < BC; j++) a[i][j] ^= rk[i][j];
+}
+
+static void ShiftRow(word8 a[4][MAXBC], word8 d, word8 BC) {
+	/* Row 0 remains unchanged
+	 * The other three rows are shifted a variable amount
+	 */
+	word8 tmp[MAXBC];
+	int i, j;
+	
+	for(i = 1; i < 4; i++) {
+		for(j = 0; j < BC; j++) tmp[j] = a[i][(j + shifts[SC][i][d]) % BC];
+		for(j = 0; j < BC; j++) a[i][j] = tmp[j];
+	}
+}
+
+static void Substitution(word8 a[4][MAXBC], const word8 box[256], word8 BC) {
+	/* Replace every byte of the input by the byte at that place
+	 * in the nonlinear S-box
+	 */
+	int i, j;
+	
+	for(i = 0; i < 4; i++)
+		for(j = 0; j < BC; j++) a[i][j] = box[a[i][j]] ;
+}
+   
+static void MixColumn(word8 a[4][MAXBC], word8 BC) {
+        /* Mix the four bytes of every column in a linear way
+	 */
+	word8 b[4][MAXBC];
+	int i, j;
+		
+	for(j = 0; j < BC; j++)
+		for(i = 0; i < 4; i++)
+			b[i][j] = mul(2,a[i][j])
+				^ mul(3,a[(i + 1) % 4][j])
+				^ a[(i + 2) % 4][j]
+				^ a[(i + 3) % 4][j];
+	for(i = 0; i < 4; i++)
+		for(j = 0; j < BC; j++) a[i][j] = b[i][j];
+}
+
+static void InvMixColumn(word8 a[4][MAXBC], word8 BC) {
+        /* Mix the four bytes of every column in a linear way
+	 * This is the opposite operation of Mixcolumn
+	 */
+	word8 b[4][MAXBC];
+	int i, j;
+	
+	for(j = 0; j < BC; j++)
+	for(i = 0; i < 4; i++)             
+		b[i][j] = mul(0xe,a[i][j])
+			^ mul(0xb,a[(i + 1) % 4][j])                 
+			^ mul(0xd,a[(i + 2) % 4][j])
+			^ mul(0x9,a[(i + 3) % 4][j]);                        
+	for(i = 0; i < 4; i++)
+		for(j = 0; j < BC; j++) a[i][j] = b[i][j];
+}
+
+int _rijndaelKeySched (word8 k[4][MAXKC], int keyBits, int blockBits, word8 W[MAXROUNDS+1][4][MAXBC]) {
+	/* Calculate the necessary round keys
+	 * The number of calculations depends on keyBits and blockBits
+	 */
+	int KC, BC, ROUNDS;
+	int i, j, t, rconpointer = 0;
+	word8 tk[4][MAXKC];   
+
+	switch (keyBits) {
+	case 128: KC = 4; break;
+	case 192: KC = 6; break;
+	case 256: KC = 8; break;
+	default : return (-1);
+	}
+
+	switch (blockBits) {
+	case 128: BC = 4; break;
+	case 192: BC = 6; break;
+	case 256: BC = 8; break;
+	default : return (-2);
+	}
+
+	switch (keyBits >= blockBits ? keyBits : blockBits) {
+	case 128: ROUNDS = 10; break;
+	case 192: ROUNDS = 12; break;
+	case 256: ROUNDS = 14; break;
+	default : return (-3); /* this cannot happen */
+	}
+
+	
+	for(j = 0; j < KC; j++)
+		for(i = 0; i < 4; i++)
+			tk[i][j] = k[i][j];
+	t = 0;
+	/* copy values into round key array */
+	for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
+		for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
+		
+	while (t < (ROUNDS+1)*BC) { /* while not enough round key material calculated */
+		/* calculate new values */
+		for(i = 0; i < 4; i++)
+			tk[i][0] ^= S[tk[(i+1)%4][KC-1]];
+		tk[0][0] ^= rcon[rconpointer++];
+
+		if (KC != 8)
+			for(j = 1; j < KC; j++)
+				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
+		else {
+			for(j = 1; j < KC/2; j++)
+				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
+			for(i = 0; i < 4; i++) tk[i][KC/2] ^= S[tk[i][KC/2 - 1]];
+			for(j = KC/2 + 1; j < KC; j++)
+				for(i = 0; i < 4; i++) tk[i][j] ^= tk[i][j-1];
+	}
+	/* copy values into round key array */
+	for(j = 0; (j < KC) && (t < (ROUNDS+1)*BC); j++, t++)
+		for(i = 0; i < 4; i++) W[t / BC][i][t % BC] = tk[i][j];
+	}		
+
+	return 0;
+}
+      
+int _rijndaelEncrypt (word8 a[4][MAXBC], int keyBits, int blockBits, word8 rk[MAXROUNDS+1][4][MAXBC])
+{
+	/* Encryption of one block. 
+	 */
+	int r, BC, ROUNDS;
+
+	switch (blockBits) {
+	case 128: BC = 4; break;
+	case 192: BC = 6; break;
+	case 256: BC = 8; break;
+	default : return (-2);
+	}
+
+	switch (keyBits >= blockBits ? keyBits : blockBits) {
+	case 128: ROUNDS = 10; break;
+	case 192: ROUNDS = 12; break;
+	case 256: ROUNDS = 14; break;
+	default : return (-3); /* this cannot happen */
+	}
+
+	/* begin with a key addition
+	 */
+	KeyAddition(a,rk[0],BC); 
+
+        /* ROUNDS-1 ordinary rounds
+	 */
+	for(r = 1; r < ROUNDS; r++) {
+		Substitution(a,S,BC);
+		ShiftRow(a,0,BC);
+		MixColumn(a,BC);
+		KeyAddition(a,rk[r],BC);
+	}
+	
+	/* Last round is special: there is no MixColumn
+	 */
+	Substitution(a,S,BC);
+	ShiftRow(a,0,BC);
+	KeyAddition(a,rk[ROUNDS],BC);
+
+	return 0;
+}   
+
+
+#ifndef	__APPLE__
+
+int rijndaelEncryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
+/* Encrypt only a certain number of rounds.
+ * Only used in the Intermediate Value Known Answer Test.
+ */
+{
+	int r, BC, ROUNDS;
+
+	switch (blockBits) {
+	case 128: BC = 4; break;
+	case 192: BC = 6; break;
+	case 256: BC = 8; break;
+	default : return (-2);
+	}
+
+	switch (keyBits >= blockBits ? keyBits : blockBits) {
+	case 128: ROUNDS = 10; break;
+	case 192: ROUNDS = 12; break;
+	case 256: ROUNDS = 14; break;
+	default : return (-3); /* this cannot happen */
+	}
+
+	/* make number of rounds sane */
+	if (rounds > ROUNDS) rounds = ROUNDS;
+
+	/* begin with a key addition
+	 */
+	KeyAddition(a,rk[0],BC);
+        
+	/* at most ROUNDS-1 ordinary rounds
+	 */
+	for(r = 1; (r <= rounds) && (r < ROUNDS); r++) {
+		Substitution(a,S,BC);
+		ShiftRow(a,0,BC);
+		MixColumn(a,BC);
+		KeyAddition(a,rk[r],BC);
+	}
+	
+	/* if necessary, do the last, special, round: 
+	 */
+	if (rounds == ROUNDS) {
+		Substitution(a,S,BC);
+		ShiftRow(a,0,BC);
+		KeyAddition(a,rk[ROUNDS],BC);
+	}
+
+	return 0;
+}   
+#endif	/* __APPLE__ */
+
+int _rijndaelDecrypt (word8 a[4][MAXBC], int keyBits, int blockBits, word8 rk[MAXROUNDS+1][4][MAXBC])
+{
+	int r, BC, ROUNDS;
+	
+	switch (blockBits) {
+	case 128: BC = 4; break;
+	case 192: BC = 6; break;
+	case 256: BC = 8; break;
+	default : return (-2);
+	}
+
+	switch (keyBits >= blockBits ? keyBits : blockBits) {
+	case 128: ROUNDS = 10; break;
+	case 192: ROUNDS = 12; break;
+	case 256: ROUNDS = 14; break;
+	default : return (-3); /* this cannot happen */
+	}
+
+	/* To decrypt: apply the inverse operations of the encrypt routine,
+	 *             in opposite order
+	 * 
+	 * (KeyAddition is an involution: it 's equal to its inverse)
+	 * (the inverse of Substitution with table S is Substitution with the inverse table of S)
+	 * (the inverse of Shiftrow is Shiftrow over a suitable distance)
+	 */
+
+        /* First the special round:
+	 *   without InvMixColumn
+	 *   with extra KeyAddition
+	 */
+	KeyAddition(a,rk[ROUNDS],BC);
+	Substitution(a,Si,BC);
+	ShiftRow(a,1,BC);              
+	
+	/* ROUNDS-1 ordinary rounds
+	 */
+	for(r = ROUNDS-1; r > 0; r--) {
+		KeyAddition(a,rk[r],BC);
+		InvMixColumn(a,BC);      
+		Substitution(a,Si,BC);
+		ShiftRow(a,1,BC);                
+	}
+	
+	/* End with the extra key addition
+	 */
+	
+	KeyAddition(a,rk[0],BC);    
+
+	return 0;
+}
+
+#ifndef	__APPLE__
+
+int rijndaelDecryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
+	word8 rk[MAXROUNDS+1][4][MAXBC], int rounds)
+/* Decrypt only a certain number of rounds.
+ * Only used in the Intermediate Value Known Answer Test.
+ * Operations rearranged such that the intermediate values
+ * of decryption correspond with the intermediate values
+ * of encryption.
+ */
+{
+	int r, BC, ROUNDS;
+	
+	switch (blockBits) {
+	case 128: BC = 4; break;
+	case 192: BC = 6; break;
+	case 256: BC = 8; break;
+	default : return (-2);
+	}
+
+	switch (keyBits >= blockBits ? keyBits : blockBits) {
+	case 128: ROUNDS = 10; break;
+	case 192: ROUNDS = 12; break;
+	case 256: ROUNDS = 14; break;
+	default : return (-3); /* this cannot happen */
+	}
+
+
+	/* make number of rounds sane */
+	if (rounds > ROUNDS) rounds = ROUNDS;
+
+        /* First the special round:
+	 *   without InvMixColumn
+	 *   with extra KeyAddition
+	 */
+	KeyAddition(a,rk[ROUNDS],BC);
+	Substitution(a,Si,BC);
+	ShiftRow(a,1,BC);              
+	
+	/* ROUNDS-1 ordinary rounds
+	 */
+	for(r = ROUNDS-1; r > rounds; r--) {
+		KeyAddition(a,rk[r],BC);
+		InvMixColumn(a,BC);      
+		Substitution(a,Si,BC);
+		ShiftRow(a,1,BC);                
+	}
+	
+	if (rounds == 0) {
+		/* End with the extra key addition
+		 */	
+		KeyAddition(a,rk[0],BC);
+	}    
+
+	return 0;
+}
+
+#endif	/* __APPLE__ */

ADDED   LocalTests/utilLib/rijndael-alg-ref.h
Index: LocalTests/utilLib/rijndael-alg-ref.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/rijndael-alg-ref.h
@@ -0,0 +1,53 @@
+/* rijndael-alg-ref.h   v2.0   August '99
+ * Reference ANSI C code
+ * authors: Paulo Barreto
+ *          Vincent Rijmen
+ */
+#ifndef __RIJNDAEL_ALG_H
+#define __RIJNDAEL_ALG_H
+
+#ifdef	__APPLE__
+#define MIN_AES_KEY_BITS		128
+#define MID_AES_KEY_BITS		192
+#define MAX_AES_KEY_BITS		256
+#define MAX_AES_KEY_BYTES		(MAX_AES_KEY_BITS / 8)
+
+#define MIN_AES_BLOCK_BITS		128
+#define MID_AES_BLOCK_BITS		192
+#define MAX_AES_BLOCK_BITS		256
+#define MIN_AES_BLOCK_BYTES		(MIN_AES_BLOCK_BITS / 8)
+
+#endif
+#define MAXBC				(MAX_AES_BLOCK_BITS/32)
+#define MAXKC				(MAX_AES_KEY_BITS/32)
+#define MAXROUNDS			14
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char		word8;	
+typedef unsigned short		word16;	
+typedef unsigned long		word32;
+
+
+int _rijndaelKeySched (word8 k[4][MAXKC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC]);
+int _rijndaelEncrypt (word8 a[4][MAXBC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC]);
+#ifndef	__APPLE__
+int rijndaelEncryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
+#endif
+int _rijndaelDecrypt (word8 a[4][MAXBC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC]);
+#ifndef	__APPLE__
+int rijndaelDecryptRound (word8 a[4][MAXBC], int keyBits, int blockBits, 
+		word8 rk[MAXROUNDS+1][4][MAXBC], int rounds);
+#endif
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif /* __RIJNDAEL_ALG_H */

ADDED   LocalTests/utilLib/rijndaelApi.c
Index: LocalTests/utilLib/rijndaelApi.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/rijndaelApi.c
@@ -0,0 +1,357 @@
+/* 
+ * rijndaelApi.c  -  AES API layer
+ *
+ * Based on rijndael-api-ref.h v2.0 written by Paulo Barreto
+ * and Vincent Rijmen
+ */
+#include <stdlib.h>
+#include <string.h>
+
+#include "rijndael-alg-ref.h"
+#include "rijndaelApi.h"
+
+#define CBC_DEBUG		0
+#if 	CBC_DEBUG
+static void dumpChainBuf(cipherInstance *cipher, char *op)
+{
+	int t,j;
+	int columns = cipher->blockLen / 32;
+
+	printf("chainBuf %s: ", op);
+	for (j = 0; j < columns; j++) {
+		for(t = 0; t < 4; t++) {
+			printf("%02x ", cipher->chainBlock[t][j]);
+		}
+	}
+	printf("\n");
+}
+#else
+#define dumpChainBuf(c, o)
+#endif
+
+int _makeKey(	keyInstance *key, 
+	BYTE direction, 
+	int keyLen, 		// in BITS
+	int blockLen,		// in BITS
+	BYTE *keyMaterial)
+{
+	word8 k[4][MAXKC];
+	unsigned keyBytes;
+	unsigned  i;
+
+	if (key == NULL) {
+		return BAD_KEY_INSTANCE;
+	}
+	if(keyMaterial == NULL) {
+		return BAD_KEY_MAT;
+	}
+	if ((direction == DIR_ENCRYPT) || (direction == DIR_DECRYPT)) {
+		key->direction = direction;
+	} else {
+		return BAD_KEY_DIR;
+	}
+
+	if ((keyLen == 128) || (keyLen == 192) || (keyLen == 256)) { 
+		key->keyLen = keyLen;
+	} else {
+		return BAD_KEY_MAT;
+	}
+	key->blockLen = blockLen;
+
+	/* initialize key schedule: */ 
+	keyBytes = keyLen / 8;
+ 	for(i = 0; i < keyBytes; i++) {
+		k[i % 4][i / 4] = keyMaterial[i]; 
+	}	
+	_rijndaelKeySched (k, key->keyLen, key->blockLen, key->keySched);	
+	memset(k, 0, 4 * MAXKC);
+	return TRUE;
+}
+
+int _cipherInit(	cipherInstance *cipher, 
+	BYTE mode, 
+	int blockLen,		// in BITS
+	BYTE *IV)
+{
+	int t, j;
+	int columns = blockLen / 32;
+	
+	/* MODE_CFB1 not supported */
+	if ((mode == MODE_ECB) || (mode == MODE_CBC)) {
+		cipher->mode = mode;
+	} else {
+		return BAD_CIPHER_MODE;
+	}
+	cipher->blockLen = blockLen;
+	
+	if (IV != NULL) {
+		/* Save IV in rectangular block format */
+		for (j = 0; j < columns; j++) {
+			for(t = 0; t < 4; t++) {
+				/* parse initial value into rectangular array */
+				cipher->chainBlock[t][j] = IV[t+4*j];
+			}
+		}
+	}
+	dumpChainBuf(cipher, "init  ");	
+	return TRUE;
+}
+
+
+int _blockEncrypt(cipherInstance *cipher,
+	keyInstance *key, BYTE *input, int inputLen, BYTE *outBuffer)
+{
+	int i, j, t, numBlocks;
+	unsigned blockSizeBytes;
+	int columns;
+	
+	/* check parameter consistency: */
+	if (key == NULL ||
+		key->direction != DIR_ENCRYPT ||
+		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
+		return BAD_KEY_MAT;
+	}
+	if (cipher == NULL ||
+		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
+		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
+			return BAD_CIPHER_STATE;
+	}
+
+	numBlocks = inputLen/cipher->blockLen;
+	blockSizeBytes = cipher->blockLen / 8;
+	columns = cipher->blockLen / 32;
+	
+	switch (cipher->mode) {
+	case MODE_ECB: 
+		for (i = 0; i < numBlocks; i++) {
+			for (j = 0; j < columns; j++) {
+				for(t = 0; t < 4; t++)
+				/* parse input stream into rectangular array */
+					cipher->chainBlock[t][j] = input[4*j+t];
+			}
+			_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, key->keySched);
+			for (j = 0; j < columns; j++) {
+				/* parse rectangular array into output ciphertext bytes */
+				for(t = 0; t < 4; t++)
+					outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
+			}
+			input += blockSizeBytes;
+			outBuffer += blockSizeBytes;
+			dumpChainBuf(cipher, "encr ECB");
+		}
+		break;
+		
+	case MODE_CBC:
+		for (i = 0; i < numBlocks; i++) {
+			for (j = 0; j < columns; j++) {
+				for(t = 0; t < 4; t++)
+				/* parse input stream into rectangular array and exor with 
+				   IV or the previous ciphertext */
+					cipher->chainBlock[t][j] ^= input[4*j+t];
+			}
+			_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, key->keySched);
+			for (j = 0; j < columns; j++) {
+				/* parse rectangular array into output ciphertext bytes */
+				for(t = 0; t < 4; t++)
+					outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
+			}
+			/* Hey! This code was broken for multi-block ops! */
+			input += blockSizeBytes;
+			outBuffer += blockSizeBytes;
+			dumpChainBuf(cipher, "encr CBC");
+		}
+		break;
+	
+	default: return BAD_CIPHER_STATE;
+	}
+	
+	return numBlocks*cipher->blockLen;
+}
+
+int _blockDecrypt(cipherInstance *cipher,
+	keyInstance *key, BYTE *input, int inputLen, BYTE *outBuffer)
+{
+	int i, j, t, numBlocks;
+	word8 block[4][MAXBC];		// working memory: encrypt/decrypt in place here
+	unsigned blockSizeBytes;
+	word8 cblock[4][MAXBC];		// saved ciphertext
+	int columns;
+
+	if (cipher == NULL ||
+		key == NULL ||
+		key->direction == DIR_ENCRYPT ||
+		cipher->blockLen != key->blockLen) {
+		return BAD_CIPHER_STATE;
+	}
+
+	/* check parameter consistency: */
+	if (key == NULL ||
+		key->direction != DIR_DECRYPT ||
+		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
+		return BAD_KEY_MAT;
+	}
+	if (cipher == NULL ||
+		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
+		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
+		return BAD_CIPHER_STATE;
+	}
+	
+	numBlocks = inputLen/cipher->blockLen;
+	blockSizeBytes = cipher->blockLen / 8;
+	columns = cipher->blockLen / 32;
+	
+	switch (cipher->mode) {
+	case MODE_ECB: 
+		for (i = 0; i < numBlocks; i++) {
+			for (j = 0; j < columns; j++) {
+				for(t = 0; t < 4; t++)
+				/* parse input stream into rectangular array */
+					block[t][j] = input[4*j+t];
+			}
+			_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
+			for (j = 0; j < columns; j++) {
+				/* parse rectangular array into output ciphertext bytes */
+				for(t = 0; t < 4; t++)
+					outBuffer[4*j+t] = (BYTE) block[t][j];
+			}
+			input += blockSizeBytes;
+			outBuffer += blockSizeBytes;
+			dumpChainBuf(cipher, "decr ECB");
+		}
+		break;
+		
+	case MODE_CBC:
+		for (i = 0; i < numBlocks; i++) {
+			for (j = 0; j < columns; j++) {
+				for(t = 0; t < 4; t++)
+				/* parse input stream into rectangular array */
+					block[t][j] = input[4*j+t];
+			}
+			
+			/* save a copoy of incoming ciphertext for later chain; decrypt */
+			memmove(cblock, block, 4*MAXBC);
+			_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
+			
+			/* 
+			 * exor with last ciphertext --> plaintext out
+			 * save this ciphertext in lastBlock
+			 * FIXME - we can optimize this by avoiding the copy into 
+			 * lastBlock on all but last time thru...
+			 */
+			for (j = 0; j < columns; j++) {
+				for(t = 0; t < 4; t++) {
+					outBuffer[4*j+t] = (block[t][j] ^ cipher->chainBlock[t][j]);
+				}
+			}
+			memmove(cipher->chainBlock, cblock, 4 * MAXBC);
+			input += blockSizeBytes;
+			outBuffer += blockSizeBytes;
+			dumpChainBuf(cipher, "decr CBC");
+		}
+		break;
+	
+	default: return BAD_CIPHER_STATE;
+	}
+	memset(block, 0, 4 * MAXBC);
+	memset(cblock, 0, 4 * MAXBC);
+	return numBlocks*cipher->blockLen;
+}
+
+/*
+ * Apple addenda 3/28/2001: simplified single-block encrypt/decrypt.
+ * Used when chaining and padding is done in elsewhere. 
+ */
+#define AES_CONSISTENCY_CHECK		1
+
+int _rijndaelBlockEncrypt(
+	cipherInstance *cipher,
+	keyInstance *key, 
+	BYTE *input, 
+	BYTE *outBuffer)
+{
+	int j, t;
+	unsigned blockSizeBytes;
+	int columns;
+	
+	#if		AES_CONSISTENCY_CHECK
+	/* check parameter consistency: */
+	if (key == NULL ||
+		key->direction != DIR_ENCRYPT ||
+		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
+		return BAD_KEY_MAT;
+	}
+	if (cipher == NULL ||
+		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
+		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
+			return BAD_CIPHER_STATE;
+	}
+	#endif	/* AES_CONSISTENCY_CHECK */
+	
+	blockSizeBytes = cipher->blockLen >> 3;	/* was / 8; should just save in cipher */
+	columns = cipher->blockLen >> 5;		/* was / 32; ditto */
+	
+	for (j = 0; j < columns; j++) {
+		for(t = 0; t < 4; t++)
+		/* parse input stream into rectangular array */
+			cipher->chainBlock[t][j] = input[4*j+t];
+	}
+	_rijndaelEncrypt (cipher->chainBlock, key->keyLen, cipher->blockLen, 
+		key->keySched);
+	for (j = 0; j < columns; j++) {
+		/* parse rectangular array into output ciphertext bytes */
+		for(t = 0; t < 4; t++)
+			outBuffer[4*j+t] = (BYTE) cipher->chainBlock[t][j];
+	}
+	return cipher->blockLen;
+}
+
+int _rijndaelBlockDecrypt(
+	cipherInstance *cipher,
+	keyInstance *key, 
+	BYTE *input, 
+	BYTE *outBuffer)
+{
+	int j, t;
+	word8 block[4][MAXBC];		// working memory: encrypt/decrypt in place here
+	unsigned blockSizeBytes;
+	int columns;
+
+	#if		AES_CONSISTENCY_CHECK
+	if (cipher == NULL ||
+		key == NULL ||
+		key->direction == DIR_ENCRYPT ||
+		cipher->blockLen != key->blockLen) {
+		return BAD_CIPHER_STATE;
+	}
+
+	/* check parameter consistency: */
+	if (key == NULL ||
+		key->direction != DIR_DECRYPT ||
+		(key->keyLen != 128 && key->keyLen != 192 && key->keyLen != 256)) {
+		return BAD_KEY_MAT;
+	}
+	if (cipher == NULL ||
+		(cipher->mode != MODE_ECB && cipher->mode != MODE_CBC) ||
+		(cipher->blockLen != 128 && cipher->blockLen != 192 && cipher->blockLen != 256)) {
+		return BAD_CIPHER_STATE;
+	}
+	#endif		/* AES_CONSISTENCY_CHECK */
+	
+	blockSizeBytes = cipher->blockLen >> 3;	/* was / 8; should just save in cipher */
+	columns = cipher->blockLen >> 5;		/* was / 32; ditto */
+	
+	for (j = 0; j < columns; j++) {
+		for(t = 0; t < 4; t++)
+		/* parse input stream into rectangular array */
+			block[t][j] = input[4*j+t];
+	}
+	_rijndaelDecrypt (block, key->keyLen, cipher->blockLen, key->keySched);
+	for (j = 0; j < columns; j++) {
+		/* parse rectangular array into output ciphertext bytes */
+		for(t = 0; t < 4; t++)
+			outBuffer[4*j+t] = (BYTE) block[t][j];
+	}
+			
+	return cipher->blockLen;
+}
+

ADDED   LocalTests/utilLib/rijndaelApi.h
Index: LocalTests/utilLib/rijndaelApi.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/rijndaelApi.h
@@ -0,0 +1,108 @@
+/* 
+ * rijndaelApi.h  -  AES API layer
+ *
+ * Based on rijndael-api-ref.h v2.0 written by Paulo Barreto
+ * and Vincent Rijmen
+ */
+
+#ifndef	_RIJNDAEL_API_REF_H_
+#define _RIJNDAEL_API_REF_H_
+
+#include <stdio.h>
+#include "rijndael-alg-ref.h"
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#define     DIR_ENCRYPT     0    /*  Are we encrpyting?  */
+#define     DIR_DECRYPT     1    /*  Are we decrpyting?  */
+#define     MODE_ECB        1    /*  Are we ciphering in ECB mode?   */
+#define     MODE_CBC        2    /*  Are we ciphering in CBC mode?   */
+
+#define     TRUE            1
+#define     FALSE           0
+
+/*  Error Codes  */
+#define     BAD_KEY_DIR        -1  /*  Key direction is invalid, e.g.,
+									   unknown value */
+#define     BAD_KEY_MAT        -2  /*  Key material not of correct 
+									   length */
+#define     BAD_KEY_INSTANCE   -3  /*  Key passed is not valid  */
+#define     BAD_CIPHER_MODE    -4  /*  Params struct passed to 
+									   cipherInit invalid */
+#define     BAD_CIPHER_STATE   -5  /*  Cipher in wrong state (e.g., not 
+									   initialized) */
+#define     BAD_CIPHER_INSTANCE   -7 
+
+#define     MAX_AES_KEY_SIZE	(MAX_AES_KEY_BITS / 8)
+#define 	MAX_AES_BLOCK_SIZE	(MAX_AES_BLOCK_BITS / 8)
+#define     MAX_AES_IV_SIZE		MAX_AES_BLOCK_SIZE
+	
+typedef    unsigned char    BYTE;
+
+/*  The structure for key information */
+typedef struct {
+      BYTE  direction;	/* Key used for encrypting or decrypting? */
+      int   keyLen;		/* Length of the key in bits */
+      int   blockLen;   /* Length of block in bits */
+      word8 keySched[MAXROUNDS+1][4][MAXBC];	/* key schedule		*/
+      } keyInstance;
+
+/*  The structure for cipher information */
+typedef struct {
+      BYTE  mode;           /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
+	  word8 chainBlock[4][MAXBC];      
+	  int   blockLen;    	/* block length in bits */
+      } cipherInstance;
+
+
+int _makeKey(
+	keyInstance *key, 
+	BYTE direction, 
+	int keyLen, 		// in BITS
+	int blockLen,		// in BITS
+	BYTE *keyMaterial);
+
+int _cipherInit(
+	cipherInstance *cipher, 
+	BYTE mode, 
+	int blockLen,		// in BITS
+	BYTE *IV);
+
+int _blockEncrypt(
+	cipherInstance *cipher, 
+	keyInstance *key, 
+	BYTE *input, 
+	int inputLen, 		// in BITS
+	BYTE *outBuffer);
+
+int _blockDecrypt(
+	cipherInstance *cipher, 
+	keyInstance *key, 
+	BYTE *input,
+	int inputLen, 		// in BITS
+	BYTE *outBuffer);
+
+/*
+ * Apple addenda 3/28/2001: simplified single-block encrypt/decrypt.
+ * Used when chaining and padding is done in elsewhere. 
+ */
+int _rijndaelBlockEncrypt(
+	cipherInstance *cipher,
+	keyInstance *key, 
+	BYTE *input, 
+	BYTE *outBuffer);
+int _rijndaelBlockDecrypt(
+	cipherInstance *cipher,
+	keyInstance *key, 
+	BYTE *input, 
+	BYTE *outBuffer);
+	
+#ifdef	__cplusplus
+}
+#endif	// cplusplus
+
+#endif	// RIJNDAEL_API_REF
+
+

ADDED   LocalTests/utilLib/ssleayUtils.cpp
Index: LocalTests/utilLib/ssleayUtils.cpp
==================================================================
--- /dev/null
+++ LocalTests/utilLib/ssleayUtils.cpp
@@ -0,0 +1,266 @@
+/*
+ * ssleayUtils.c - common routines for CDSA/openssl compatibility testing
+ */
+ 
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <openssl/blowfish.h>
+#include <openssl/cast.h>
+#include <openssl/evp.h>
+#include "ssleayUtils.h"
+#include <Security/cssmerr.h>
+#include "common.h"
+
+/*
+ * Caller sees EAY_KEY, we see a pointer to this.
+ */
+typedef struct {
+	CSSM_ALGORITHMS alg;
+	union {
+		BF_KEY				bf;		// blowfish
+		CAST_KEY			cast;
+	} key;
+} EayKeyPriv;
+
+/*
+ * Create a symmetric key.
+ */
+CSSM_RETURN  eayGenSymKey(
+	CSSM_ALGORITHMS alg,
+	CSSM_BOOL		forEncr,
+	const CSSM_DATA	*keyData,
+	EAY_KEY			*key)			// RETURNED
+{
+	EayKeyPriv *ekp = (EayKeyPriv *)malloc(sizeof(EayKeyPriv));
+	memset(ekp, 0, sizeof(*ekp));
+	switch(alg) {
+		case CSSM_ALGID_BLOWFISH:
+			BF_set_key(&ekp->key.bf, keyData->Length, keyData->Data);
+			break;
+		case CSSM_ALGID_CAST:		// cast128 only
+			CAST_set_key(&ekp->key.cast, keyData->Length, keyData->Data);
+			break;
+		default:
+			printf("***eayGenSymKey: bad alg\n");
+			return -1;
+	}
+	ekp->alg = alg;
+	*key = (EAY_KEY)ekp;
+	return CSSM_OK;
+}
+
+/*
+ * Free a key created in eayGenSymKey
+ */
+CSSM_RETURN eayFreeKey(
+	EAY_KEY			key)
+{
+	memset(key, 0, sizeof(EayKeyPriv));
+	free(key);
+	return CSSM_OK;
+}
+
+/*
+ * encrypt/decrypt
+ */
+CSSM_RETURN eayEncryptDecrypt(
+	EAY_KEY				key,
+	CSSM_BOOL			forEncrypt,
+	CSSM_ALGORITHMS		encrAlg,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC ONLY!
+	const CSSM_DATA		*iv,				//Êoptional per mode
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData)			// CSSM_MALLOCd and RETURNED
+{
+	EayKeyPriv *ekp = (EayKeyPriv *)key;
+	if((mode != CSSM_ALGMODE_CBC_IV8) && (mode != CSSM_ALGMODE_ECB)) {
+		printf("***eayEncryptDecrypt only does CBC_IV8, ECB\n");
+		return -1;
+	}
+	
+	bool cbc = (mode == CSSM_ALGMODE_ECB) ? false : true;
+	
+	outData->Data = (uint8 *)CSSM_MALLOC(inData->Length);
+	outData->Length = inData->Length;
+	
+	/* BF_cbc_encrypt actually writes to IV */
+	CSSM_DATA ivc = {0, NULL};
+	if(cbc) {
+		ivc.Data = (uint8 *)malloc(iv->Length);
+		ivc.Length = iv->Length;
+		memmove(ivc.Data, iv->Data, ivc.Length);
+	}
+	switch(encrAlg) {
+		case CSSM_ALGID_BLOWFISH:
+			if(cbc) {
+				BF_cbc_encrypt(inData->Data,
+					outData->Data,
+					inData->Length,
+					&ekp->key.bf,
+					ivc.Data,
+					forEncrypt ? BF_ENCRYPT : BF_DECRYPT);
+			}
+			else {
+				CSSM_DATA intext = *inData;
+				CSSM_DATA outtext = *outData;
+				while(intext.Length) {
+					BF_ecb_encrypt(intext.Data,
+						outtext.Data,
+						&ekp->key.bf,
+						forEncrypt ? BF_ENCRYPT : BF_DECRYPT);
+					intext.Data   += 8;
+					outtext.Data  += 8;
+					intext.Length -= 8;
+				}
+			}
+			break;
+		case CSSM_ALGID_CAST:		// cast128 only
+			CAST_cbc_encrypt(inData->Data,
+				outData->Data,
+				inData->Length,
+				&ekp->key.cast,
+				ivc.Data,
+				forEncrypt ? CAST_ENCRYPT : CAST_DECRYPT);
+			break;
+		default:
+			printf("***eayEncryptDecrypt: bad alg\n");
+			return -1;
+	}
+	if(ivc.Data) {
+		free(ivc.Data);
+	}
+	return CSSM_OK;
+}
+
+/*** EVP-based encrypt/decrypt ***/
+
+int evpEncryptDecrypt(
+	CSSM_ALGORITHMS		alg,				// AES 128 only for now 
+	CSSM_BOOL			forEncr,
+	const CSSM_DATA		*keyData,			// may be larger than the key size we use
+	unsigned			keyLengthInBits,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC_IV8, ECB, always padding
+	const CSSM_DATA		*iv,				// optional per mode
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData)			// CSSM_MALLOCd and RETURNED
+{
+	EVP_CIPHER_CTX ctx;
+	const EVP_CIPHER *cipher;
+	unsigned blockSize;
+	unsigned outLen = inData->Length;
+	bool noPad = false;
+	
+	switch(alg) {
+		case CSSM_ALGID_AES:
+			switch(mode) {
+				case CSSM_ALGMODE_CBCPadIV8:
+					switch(keyLengthInBits) {
+						case 128:
+							cipher = EVP_aes_128_cbc();
+							break;
+						case 192:
+							cipher = EVP_aes_192_cbc();
+							break;
+						case 256:
+							cipher = EVP_aes_256_cbc();
+							break;
+						default:
+							printf("***Bad AES key length (%u)\n", keyLengthInBits);
+							return -1;
+					}
+					break;
+				case CSSM_ALGMODE_ECB:
+					switch(keyLengthInBits) {
+						case 128:
+							cipher = EVP_aes_128_ecb();
+							break;
+						case 192:
+							cipher = EVP_aes_192_ecb();
+							break;
+						case 256:
+							cipher = EVP_aes_256_ecb();
+							break;
+						default:
+							printf("***Bad AES key length (%u)\n", keyLengthInBits);
+							return -1;
+					}
+					noPad = true;
+					break;
+				default:
+					printf("***evpEncryptDecrypt only does CBC and ECB for now\n");
+					return -1;
+			}
+			blockSize = 16;
+			break;
+		case CSSM_ALGID_DES:
+			switch(mode) {
+				case CSSM_ALGMODE_CBCPadIV8:
+					cipher = EVP_des_cbc();
+					break;
+				case CSSM_ALGMODE_ECB:
+					cipher = EVP_des_ecb();
+					noPad = true;
+					break;
+				default:
+					printf("***evpEncryptDecrypt only does CBC and ECB for now\n");
+					return -1;
+			}
+			blockSize = 8;
+			break;
+		default:
+			printf("***evpEncryptDecrypt only does DES and AES 128 for now\n");
+			return -1;
+	}
+	outLen += blockSize;
+	unsigned char *outp = (uint8 *)CSSM_MALLOC(outLen);
+	int outl = outLen;
+	outData->Data = outp;
+	
+	if(forEncr) {
+		int rtn = EVP_EncryptInit(&ctx, cipher, keyData->Data, iv ? iv->Data : NULL);
+		if(!rtn) {
+			printf("EVP_EncryptInit error\n");
+			return -1;
+		}
+		if(noPad) {
+			EVP_CIPHER_CTX_set_padding(&ctx, 0);
+		}
+		if(!EVP_EncryptUpdate(&ctx, outp, &outl, inData->Data, inData->Length)) {
+			printf("EVP_EncryptUpdate error\n");
+			return -1;
+		}
+	}
+	else {
+		int rtn = EVP_DecryptInit(&ctx, cipher, keyData->Data, iv ? iv->Data : NULL);
+		if(!rtn) {
+			printf("EVP_DecryptInit error\n");
+			return -1;
+		}
+		if(noPad) {
+			EVP_CIPHER_CTX_set_padding(&ctx, 0);
+		}
+		
+		if(!EVP_DecryptUpdate(&ctx, outp, &outl, inData->Data, inData->Length)) {
+			printf("EVP_DecryptUpdate error\n");
+			return -1;
+		}
+	}
+	outData->Length = outl;
+	outp += outl;
+	outl = outLen - outl;
+	if(forEncr) {
+		if(!EVP_EncryptFinal(&ctx, outp, &outl)) {
+			printf("EVP_EncryptFinal error\n");
+			return -1;
+		}
+	}
+	else {
+		if(!EVP_DecryptFinal(&ctx, outp, &outl)) {
+			printf("EVP_DecryptFinal error\n");
+			return -1;
+		}
+	}
+	outData->Length += outl;
+	return 0;
+}

ADDED   LocalTests/utilLib/ssleayUtils.h
Index: LocalTests/utilLib/ssleayUtils.h
==================================================================
--- /dev/null
+++ LocalTests/utilLib/ssleayUtils.h
@@ -0,0 +1,54 @@
+/*
+ * ssleayUtils.h - common routines for CDSA/openssl compatibility testing
+ */
+
+/*
+ * Clients of this module do not need to know about or see anything from the 
+ * libcrypt headers. 
+ */
+#ifndef	_SSLEAY_UTILS_H_
+#define _SSLEAY_UTILS_H_
+#include <Security/cssmtype.h>
+
+typedef void *EAY_KEY;
+
+/*
+ * Create a symmetric key.
+ */
+CSSM_RETURN  eayGenSymKey(
+	CSSM_ALGORITHMS alg,
+	CSSM_BOOL		forEncr,
+	const CSSM_DATA	*keyData,
+	EAY_KEY			*key);			// RETURNED
+
+/*
+ * Free a key created in eayGenSymKey
+ */
+CSSM_RETURN eayFreeKey(
+	EAY_KEY			key);
+
+/*
+ * encrypt/decrypt
+ */
+CSSM_RETURN eayEncryptDecrypt(
+	EAY_KEY				key,
+	CSSM_BOOL			forEncrypt,
+	CSSM_ALGORITHMS		encrAlg,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC ONLY!
+	const CSSM_DATA		*iv,				//Êoptional per mode
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData);			// mallocd and RETURNED
+
+/*** EVP-based encrypt/decrypt ***/
+
+int evpEncryptDecrypt(
+	CSSM_ALGORITHMS		alg,				// AES 128 only for now 
+	CSSM_BOOL			forEncr,
+	const CSSM_DATA		*keyData,			// may be larger than the key size we use
+	unsigned			keyLengthInBits,
+	CSSM_ENCRYPT_MODE	mode,				// CSSM_ALGMODE_CBC_IV8, ECB, always padding
+	const CSSM_DATA		*iv,				// optional per mode
+	const CSSM_DATA		*inData,
+	CSSM_DATA_PTR		outData);			// CSSM_MALLOCd and RETURNED
+
+#endif	/* _EAY_UTILS_H_ */

ADDED   LocalTests/utilLib/t_stdlib.c
Index: LocalTests/utilLib/t_stdlib.c
==================================================================
--- /dev/null
+++ LocalTests/utilLib/t_stdlib.c
@@ -0,0 +1,56 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <security_bsafe/bsafe.h>
+
+void T_free(POINTER block)
+{
+    if (block != NULL_PTR) {
+		free(block);
+    }
+}
+
+POINTER T_malloc(unsigned int len)
+{
+    return (POINTER) malloc(len ? len : 1);
+}
+
+/* these are not needed - they are in system.c in security_bsafe */
+#if 0
+int T_memcmp(POINTER firstBlock, POINTER secondBlock, unsigned int len)
+{
+    if (len == 0) {
+		return 0;
+    }
+    return memcmp(firstBlock, secondBlock, len);
+}
+
+void T_memcpy(POINTER output, POINTER input, unsigned int len)
+{
+    if (len != 0) {
+		memcpy(output, input, len);
+    }
+}
+
+void T_memmove(POINTER output, POINTER input, unsigned int len)
+{
+    if (len != 0) {
+		memmove(output, input, len);
+    }
+}
+
+void T_memset(POINTER output, int value, unsigned int len)
+{
+    if (len != 0) {
+		memset(output, value, len);
+    }
+}
+#endif
+
+POINTER T_realloc(POINTER block, unsigned int len)
+{
+    if (block == NULL_PTR)
+		return (POINTER) malloc(len ? len : 1);
+	
+	return (POINTER)realloc(block, len);
+}

ADDED   Source/AESedp/AES.c
Index: Source/AESedp/AES.c
==================================================================
--- /dev/null
+++ Source/AESedp/AES.c
@@ -0,0 +1,608 @@
+#include "AESAssembly.h"
+
+// Generate object code iff this implementation is requested.
+#if defined UseAESedp
+
+
+/*	This module must not be compiled with -fstrict-aliasing.
+
+	We are forced to do some aliasing in this module, because we must conform
+	to an external API but need to do four-byte word manipulations for
+	efficiency.  For example, chainBuf in the aes_cc_ctx structure is an array
+	of char, but we operate in units of four-byte words (or bigger).
+*/
+
+
+#if defined UseAESedp_GeneralC
+
+
+static void XorBlock(AESData *a, const AESData *b, const AESData *c)
+{
+	a->w[0] = b->w[0] ^ c->w[0];
+	a->w[1] = b->w[1] ^ c->w[1];
+	a->w[2] = b->w[2] ^ c->w[2];
+	a->w[3] = b->w[3] ^ c->w[3];
+}
+
+
+/*	The code inside this preprocessor conditional clause is retained as an
+	illustration of how the assembly implementation works.  For the most part,
+	the code here implements AES in the same way the accompanying Intel
+	assembly code does.
+
+	While the assembly implementation performs well on an Intel processor, the
+	code GCC generates for this C code is not particularly fast.
+
+	Key expansion differs somewhat from the assembly implementation.  AES
+	presents an Inverse Cipher for decryption that is not immediately suitable
+	to table implementation.  AES also offers an Equivalent Inverse Cipher
+	which is suitable for table implementation.  In the Equivalent Inverse
+	Cipher, the InvMixColumn operation is switched with an XOR with the key.
+	Fortunately, InvMixColumn distributes over XOR (it is a linear combination
+	of its operands in a Galois field the AES defines, and the XOR is an
+	addition in the field), so the swap can be made by applying InvMixColumn to
+	the blocks of the key that will be used in the swapped operations.
+
+	In the C code, InvMixColumn is applied in a separate step after expanded
+	the key, in a for-loop inside the aes_cc_set_key routine.  In the assembly
+	code, InvMixColumn is integrated into the key expansion code.
+*/
+
+
+#include "Data.c"	// Include tables with precalculated AES functions.
+
+
+/*	This implements the InvMixColumn operation of the AES algorithm.  It is
+	needed as a separate function during key expansion for decryption.
+*/
+static Word InvMixColumn(Word w)
+{
+	union { Word w; Byte b[4]; } b = { w };
+	Byte 
+		s0 = b.b[0],
+		s1 = b.b[1],
+		s2 = b.b[2],
+		s3 = b.b[3];
+
+	return
+		  AESInvMixColumnTable[0][s0]
+		^ AESInvMixColumnTable[1][s1]
+		^ AESInvMixColumnTable[2][s2]
+		^ AESInvMixColumnTable[3][s3];
+}
+
+
+// Expand the user's cipher key according to the AES key schedule.
+static void AESExpandKey(Word *ExpandedKey, const AESKey *Key, long Nk)
+{
+	const Word (*T)[256] = AESSubBytesWordTable;
+	const Byte *R = AESRcon;
+
+	Word * const E = ExpandedKey;
+
+	switch (Nk)
+	{
+		default:
+		case 4:
+		{
+			const int Nr = 10;
+
+			// The first words are just copies of the key.
+			Word
+				e0 = E[0] = Key->w[0],
+				e1 = E[1] = Key->w[1],
+				e2 = E[2] = Key->w[2],
+				e3 = E[3] = Key->w[3];
+
+			for (int i = Nk; i < Nb * (Nr + 1); i += Nk)
+			{
+				Word temp;
+				{
+					Byte * const b = (Byte *) &e3;
+
+					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
+					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
+				}
+				temp ^= *++R;
+				E[i+0] = e0 ^= temp;
+				E[i+1] = e1 ^= e0;
+				E[i+2] = e2 ^= e1;
+				E[i+3] = e3 ^= e2;
+			}
+			break;
+		}
+		case 6:
+		{
+			const int Nr = 12;
+
+			// The first words are just copies of the key.
+			for (int i = 0; i < Nk; ++i)
+				E[i] = Key->w[i];
+
+			Word temp = E[Nk-1];
+			for (int i = Nk; 1; i += Nk)
+			{
+				{
+					Byte * const b = (Byte *) &temp;
+
+					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
+					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
+					temp ^= *++R;
+				}
+				E[i+0] = temp ^= E[i+0-Nk];
+				E[i+1] = temp ^= E[i+1-Nk];
+				E[i+2] = temp ^= E[i+2-Nk];
+				E[i+3] = temp ^= E[i+3-Nk];
+
+				if (Nb * Nr <= i)
+					break;
+
+				E[i+4] = temp ^= E[i+4-Nk];
+				E[i+5] = temp ^= E[i+5-Nk];
+			}
+			break;
+		}
+		case 8:
+		{
+			const int Nr = 14;
+
+			// The first words are just copies of the key.
+			for (int i = 0; i < Nk; ++i)
+				E[i] = Key->w[i];
+
+			Word temp = E[Nk-1];
+			for (int i = Nk; 1; i += Nk)
+			{
+				{
+					Byte * const b = (Byte *) &temp;
+
+					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
+					temp = T[0][b1] ^ T[1][b2] ^ T[2][b3] ^ T[3][b0];
+					temp ^= *++R;
+				}
+				E[i+0] = temp ^= E[i+0-Nk];
+				E[i+1] = temp ^= E[i+1-Nk];
+				E[i+2] = temp ^= E[i+2-Nk];
+				E[i+3] = temp ^= E[i+3-Nk];
+
+				if (Nb * Nr <= i)
+					break;
+
+				{
+					Byte * const b = (Byte *) &temp;
+
+					Byte b0 = b[0], b1 = b[1], b2 = b[2], b3 = b[3];
+					temp = T[0][b0] ^ T[1][b1] ^ T[2][b2] ^ T[3][b3];
+				}
+				E[i+4] = temp ^= E[i+4-Nk];
+				E[i+5] = temp ^= E[i+5-Nk];
+				E[i+6] = temp ^= E[i+6-Nk];
+				E[i+7] = temp ^= E[i+7-Nk];
+			}
+			break;
+		}
+	}
+}
+
+
+// This is the main encryption routine.
+static void AESEncryptWithExpandedKey(Byte *Ciphertext, const Byte *Plaintext,
+	const AESData *ExpandedKey, long Nr)
+{
+	AESData State;
+
+	XorBlock(&State, (const AESData *) Plaintext, &ExpandedKey[0]);
+
+	{
+		const Word (*T)[256] = AESEncryptTable;
+
+		for (int round = 1; round < Nr; ++round)
+		{
+			const AESData *Key = &ExpandedKey[round];
+
+			const union { Word w; Byte b[4]; }
+				w0 = { State.w[0] },
+				w1 = { State.w[1] },
+				w2 = { State.w[2] },
+				w3 = { State.w[3] };
+
+			State.w[0] = Key->w[0]
+				^ T[0][w0.b[0]] ^ T[1][w1.b[1]] ^ T[2][w2.b[2]] ^ T[3][w3.b[3]];
+			State.w[1] = Key->w[1]
+				^ T[0][w1.b[0]] ^ T[1][w2.b[1]] ^ T[2][w3.b[2]] ^ T[3][w0.b[3]];
+			State.w[2] = Key->w[2]
+				^ T[0][w2.b[0]] ^ T[1][w3.b[1]] ^ T[2][w0.b[2]] ^ T[3][w1.b[3]];
+			State.w[3] = Key->w[3]
+				^ T[0][w3.b[0]] ^ T[1][w0.b[1]] ^ T[2][w1.b[2]] ^ T[3][w2.b[3]];
+		}
+	}
+
+	{
+		const Word (*T)[256] = AESSubBytesWordTable;
+
+		const AESData *Key = &ExpandedKey[Nr];
+
+		const union { Word w; Byte b[4]; }
+			w0 = { State.w[0] },
+			w1 = { State.w[1] },
+			w2 = { State.w[2] },
+			w3 = { State.w[3] };
+
+		State.w[0] = Key->w[0]
+			^ T[0][w0.b[0]] ^ T[1][w1.b[1]] ^ T[2][w2.b[2]] ^ T[3][w3.b[3]];
+		State.w[1] = Key->w[1]
+			^ T[0][w1.b[0]] ^ T[1][w2.b[1]] ^ T[2][w3.b[2]] ^ T[3][w0.b[3]];
+		State.w[2] = Key->w[2]
+			^ T[0][w2.b[0]] ^ T[1][w3.b[1]] ^ T[2][w0.b[2]] ^ T[3][w1.b[3]];
+		State.w[3] = Key->w[3]
+			^ T[0][w3.b[0]] ^ T[1][w0.b[1]] ^ T[2][w1.b[2]] ^ T[3][w2.b[3]];
+	}
+
+	* (AESData *) Ciphertext = State;
+}
+
+
+// This is the main decryption routine.
+static void AESDecryptWithExpandedKey(Byte *Plaintext, const Byte *Ciphertext,
+	const AESData *ExpandedKey, long Nr)
+{
+	AESData State;
+	
+	XorBlock(&State, (const AESData *) Ciphertext, &ExpandedKey[Nr]);
+
+	{
+		const Word (*T)[256] = AESDecryptTable;
+
+		for (int round = Nr-1; 0 < round; --round)
+		{
+			const AESData *Key = &ExpandedKey[round];
+
+			const union { Word w; Byte b[4]; }
+				w0 = { State.w[0] },
+				w1 = { State.w[1] },
+				w2 = { State.w[2] },
+				w3 = { State.w[3] };
+
+			State.w[0] = Key->w[0]
+				^ T[0][w0.b[0]] ^ T[1][w3.b[1]] ^ T[2][w2.b[2]] ^ T[3][w1.b[3]];
+			State.w[1] = Key->w[1]
+				^ T[0][w1.b[0]] ^ T[1][w0.b[1]] ^ T[2][w3.b[2]] ^ T[3][w2.b[3]];
+			State.w[2] = Key->w[2]
+				^ T[0][w2.b[0]] ^ T[1][w1.b[1]] ^ T[2][w0.b[2]] ^ T[3][w3.b[3]];
+			State.w[3] = Key->w[3]
+				^ T[0][w3.b[0]] ^ T[1][w2.b[1]] ^ T[2][w1.b[2]] ^ T[3][w0.b[3]];
+		}
+	}
+
+	{
+		const Word (*T)[256] = AESInvSubBytesWordTable;
+
+		const AESData *Key = &ExpandedKey[0];
+
+		const union { Word w; Byte b[4]; }
+			w0 = { State.w[0] },
+			w1 = { State.w[1] },
+			w2 = { State.w[2] },
+			w3 = { State.w[3] };
+
+		State.w[0] = Key->w[0]
+			^ T[0][w0.b[0]] ^ T[1][w3.b[1]] ^ T[2][w2.b[2]] ^ T[3][w1.b[3]];
+		State.w[1] = Key->w[1]
+			^ T[0][w1.b[0]] ^ T[1][w0.b[1]] ^ T[2][w3.b[2]] ^ T[3][w2.b[3]];
+		State.w[2] = Key->w[2]
+			^ T[0][w2.b[0]] ^ T[1][w1.b[1]] ^ T[2][w0.b[2]] ^ T[3][w3.b[3]];
+		State.w[3] = Key->w[3]
+			^ T[0][w3.b[0]] ^ T[1][w2.b[1]] ^ T[2][w1.b[2]] ^ T[3][w0.b[3]];
+	}
+
+	* (AESData *) Plaintext = State;
+}
+
+
+#else	// defined UseAESedp_GeneralC
+
+	// Declare routines implemented elsewhere.
+	void AESExpandKeyForEncryption(Word *ExpandedKey, const AESKey *Key,
+		long Nk);
+	void AESExpandKeyForDecryption(Word *ExpandedKey, const AESKey *Key,
+		long Nk);
+	void AESEncryptWithExpandedKey(Byte *OutputText, const Byte *InputText,
+		const AESData *ExpandedKey, long Nr);
+	void AESDecryptWithExpandedKey(Byte *OutputText, const Byte *InputText,
+		const AESData *ExpandedKey, long Nr);
+	void AESEncryptCBC(void *Output, const void *Input,
+		void *ChainBuffer, void *Key, long Blocks, long Rounds);
+	void AESDecryptCBC(void *Output, const void *Input,
+		void *ChainBuffer, void *Key, long Blocks, long Rounds);
+
+#endif	// defined UseAESedp_GeneralC
+
+
+/*	Expand a key and store the expansion in the cryptor context.
+
+	CommonCrypto calls this routine.
+*/
+int aes_cc_set_key(
+		aes_cc_ctx *Context,	// Cryptor context.
+		const void *Key,		// Key.
+		aes_32t KeyLength,		// Number of bytes in key.
+		int ForEncryption		// True for encryption, false for decryption.
+	)
+{
+	// Test for invalid key length.
+	if (KeyLength != 16 && KeyLength != 24 && KeyLength != 32)
+		return -1;
+
+	// Set Nk to number of four-byte words in key.
+	const int Nk = KeyLength / 4;
+
+	// Remember the number of rounds.
+	Context->encrypt.rn = Nk + 6;
+
+	#if defined UseAESedp_GeneralC
+
+		AESExpandKey(Context->encrypt.ks, Key, Nk);
+
+		if (!ForEncryption)
+		{
+
+			/*	Change the expanded key so we can swap the InvMixColumns and
+				XorBlock operations during decryption.
+			*/
+			Word *E = Context->encrypt.ks;
+			int Nr = Context->encrypt.rn;
+			for (int i = Nb; i < Nr * Nb; ++i)
+				E[i] = InvMixColumn(E[i]);
+		}
+
+	#else	// defined UseAESedp_GeneralC
+
+		if (ForEncryption)
+			AESExpandKeyForEncryption(Context->encrypt.ks, Key, Nk);
+		else
+			AESExpandKeyForDecryption(Context->encrypt.ks, Key, Nk);
+
+	#endif	// defined UseAESedp_GeneralC
+
+	// Indicate there is no initial value stored.
+	Context->encrypt.cbcEnable = 0;
+
+	return 0;
+}
+
+
+#include <string.h>	// For memcpy.
+
+
+/*	Store an initial value (or lack thereof) in the cryptor context.
+
+	CommonCrypto calls this routine.
+*/
+void aes_cc_set_iv(aes_cc_ctx *Context, int ForEncryption, const void *IV)
+{
+	if (IV == 0)
+		// Indicate there is no initial value stored.
+		Context->encrypt.cbcEnable = 0;
+	else
+	{
+		// Indicate there is an initial value stored.
+		Context->encrypt.cbcEnable = 1;
+		memcpy(Context->encrypt.chainBuf, IV, sizeof Context->encrypt.chainBuf);
+	}
+}
+
+
+/*	Encrypt blocks of data.
+
+	CommonCrypto calls this routine.
+*/
+void aes_cc_encrypt(
+		aes_cc_ctx *Context,	// Cryptor context.
+		const void *Input,		// Input.
+		aes_32t Blocks,			// Number of 16-byte blocks to process.
+		void *Output			// Output.
+	)
+{
+	// Alias to more convenient pointers for referring to blocks.
+	const AESData *I = Input;
+	      AESData *O = Output;
+
+	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
+	if (Context->encrypt.cbcEnable)
+	{
+		#if defined UseAESedp_GeneralC
+			// Get chain value.
+			AESData State = * (AESData *) Context->encrypt.chainBuf;
+
+			// Chain and encrypt.
+			while (Blocks--)
+			{
+				XorBlock(&State, &State, I++);
+				AESEncryptWithExpandedKey(State.b, State.b,
+					(const void *) Context->encrypt.ks,
+					Context->encrypt.rn);
+				*O++ = State;
+			}
+
+			// Save updated chain value.
+			* (AESData *) Context->encrypt.chainBuf = State;
+		#else	// defined UseAESedp_GeneralC
+			AESEncryptCBC(O, I, Context->encrypt.chainBuf,
+				Context->encrypt.ks, Blocks, Context->encrypt.rn);
+		#endif	// defined UseAESedp_GeneralC
+	}
+
+	// If we have no initial value, use Electronic Code Book (ECB) mode.
+	else
+	{
+		aes_32t i;
+		for (i = 0; i < Blocks; ++i)
+			AESEncryptWithExpandedKey(O[i].b, I[i].b,
+				(const void *) Context->encrypt.ks, Context->encrypt.rn);
+	}
+}
+
+
+/*	Alternate interface to encryption, same as aes_cc_encrypt, except that if
+	InitialValue is non-null, it points to an initial value which is used for
+	CBC mode, regardless of the cbcEnable flag and the initial/chain value in
+	the context structure.  The updated chain value is written to written to
+	the context structure.
+*/
+aes_rval aes_encrypt_cbc(
+	const unsigned char *Input,
+	const unsigned char *InitialValue,
+	unsigned int Blocks,
+	unsigned char *Output,
+	aes_encrypt_ctx *Context)
+{
+	// Alias to more convenient pointers for referring to blocks.
+	const AESData *I = (const AESData *) Input;
+	      AESData *O = (      AESData *) Output;
+
+	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
+	if (Context->cbcEnable || InitialValue)
+	{
+		#if defined UseAESedp_GeneralC
+			// Get chain value.
+			AESData State = InitialValue
+				? * (const AESData *) InitialValue
+				: * (const AESData *) Context->chainBuf;
+
+			// Chain and encrypt.
+			while (Blocks--)
+			{
+				XorBlock(&State, &State, I++);
+				AESEncryptWithExpandedKey(State.b, State.b,
+					(const void *) Context->ks,
+					Context->rn);
+				*O++ = State;
+			}
+
+			// Save updated chain value.
+			* (AESData *) Context->chainBuf = State;
+		#else	// defined UseAESedp_GeneralC
+			AESEncryptCBC(O, I, Context->chainBuf,
+				Context->ks, Blocks, Context->rn);
+		#endif	// defined UseAESedp_GeneralC
+	}
+
+	// If we have no initial value, use Electronic Code Book (ECB) mode.
+	else
+	{
+		aes_32t i;
+		for (i = 0; i < Blocks; ++i)
+			AESEncryptWithExpandedKey(O[i].b, I[i].b,
+				(const void *) Context->ks, Context->rn);
+	}
+}
+
+
+/*	Decrypt blocks of data.
+
+	CommonCrypto calls this routine.
+*/
+void aes_cc_decrypt(
+		aes_cc_ctx *Context,	// Cryptor context.
+		const void *Input,		// Input.
+		aes_32t Blocks,			// Number of 16-byte blocks to process.
+		void *Output			// Output.
+	)
+{
+	// Alias to more convenient pointers for referring to blocks.
+	const AESData *I = Input;
+	      AESData *O = Output;
+
+	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
+	if (Context->encrypt.cbcEnable)
+	{
+		#if defined UseAESedp_GeneralC
+			// Get chain value.
+			AESData NextChainValue = * (AESData *) Context->encrypt.chainBuf;
+
+			// Decrypt and chain.
+			while (Blocks--)
+			{
+				AESData ChainValue = NextChainValue, State;
+				NextChainValue = *I++;
+				AESDecryptWithExpandedKey(State.b, NextChainValue.b,
+					(const void *) Context->encrypt.ks, Context->encrypt.rn);
+				XorBlock(O++, &State, &ChainValue);
+			}
+
+			// Save updated chain value.
+			* (AESData *) Context->encrypt.chainBuf = NextChainValue;
+		#else	// defined UseAESedp_GeneralC
+			AESDecryptCBC(O, I, Context->encrypt.chainBuf,
+				Context->encrypt.ks, Blocks, Context->encrypt.rn);
+		#endif	// defined UseAESedp_GeneralC
+	}
+
+	// If we have no initial value, use Electronic Code Book (ECB) mode.
+	else
+	{
+		aes_32t i;
+		for (i = 0; i < Blocks; ++i)
+			AESDecryptWithExpandedKey(O[i].b, I[i].b,
+				(const void *) Context->encrypt.ks, Context->encrypt.rn);
+	}
+}
+
+
+/*	Alternate interface to decryption, same as aes_cc_decrypt, except that if
+	InitialValue is non-null, it points to an initial value which is used for
+	CBC mode, regardless of the cbcEnable flag and the initial/chain value in
+	the context structure.  The updated chain value is written to written to
+	the context structure.
+*/
+aes_rval aes_decrypt_cbc(
+	const unsigned char *Input,
+	const unsigned char *InitialValue,
+	unsigned int Blocks,
+	unsigned char *Output,
+	aes_decrypt_ctx *Context)
+{
+	// Alias to more convenient pointers for referring to blocks.
+	const AESData *I = (const AESData *) Input;
+	      AESData *O = (      AESData *) Output;
+
+	// If we have an initial value, use Cipher Block Chaining (CBC) mode.
+	if (Context->cbcEnable || InitialValue)
+	{
+		#if defined UseAESedp_GeneralC
+			// Get chain value.
+			AESData NextChainValue = InitialValue
+				? * (const AESData *) InitialValue
+				: * (const AESData *) Context->chainBuf;
+
+			// Decrypt and chain.
+			while (Blocks--)
+			{
+				AESData ChainValue = NextChainValue, State;
+				NextChainValue = *I++;
+				AESDecryptWithExpandedKey(State.b, NextChainValue.b,
+					(const void *) Context->ks, Context->rn);
+				XorBlock(O++, &State, &ChainValue);
+			}
+
+			// Save updated chain value.
+			* (AESData *) Context->chainBuf = NextChainValue;
+		#else	// defined UseAESedp_GeneralC
+			AESDecryptCBC(O, I, Context->chainBuf,
+				Context->ks, Blocks, Context->rn);
+		#endif	// defined UseAESedp_GeneralC
+	}
+
+	// If we have no initial value, use Electronic Code Book (ECB) mode.
+	else
+	{
+		aes_32t i;
+		for (i = 0; i < Blocks; ++i)
+			AESDecryptWithExpandedKey(O[i].b, I[i].b,
+				(const void *) Context->ks, Context->rn);
+	}
+}
+
+
+
+#endif	// defined UseAESedp

ADDED   Source/AESedp/AESAssembly.h
Index: Source/AESedp/AESAssembly.h
==================================================================
--- /dev/null
+++ Source/AESedp/AESAssembly.h
@@ -0,0 +1,72 @@
+#if !defined AES_h
+#define AES_h
+
+
+// Include aesopt.h to get the UseAESedp symbol.  We use nothing else from it.
+#include <CommonCrypto/aesopt.h>
+
+
+// Generate object code iff UseAESedp is defined.
+#if defined UseAESedp
+
+
+// Select which implementation to use.
+#if 1
+	#define	UseAESedp_IntelAssembly
+#else
+	#define	UseAESedp_GeneralC
+#endif
+
+
+/*	MaxNb is the maximum value of Nb, the number of four-byte words in one data
+	block.
+*/
+#define	MaxNb	4
+
+/*	Nb is the number of four-byte words in one data block.  AES fixes Nb at 4,
+	although Rijndael allows up to 8.
+*/
+#define	Nb		4
+
+/*	MaxNk is the maximum value of Nk, the number of four-byte words in a key.
+	AES and Rijndael allow up to 8.
+*/
+#define	MaxNk	8
+
+/*	Nk is not defined here because different key sizes are supported
+	dynamically.
+*/
+
+/*	MaxRcon is the maximum number of round constants that might be needed.
+	The number needed is (Nb*(Nr+1)-1) / Nk + 1.  For AES, Nr is Nk + 6.  (For
+	Rijndael, Nr is max(Nk, Nb) + 6.)  For AES, we have:
+
+		(Nb*(Nr+1)-1) / Nk + 1.
+		(Nb*(Nk+6+1)-1) / Nk + 1.
+		(Nb*Nk + Nb*7 - 1) / Nk + 1.
+		Nb + (Nb*7-1)/Nk + 1.
+
+	Clearly this is greatest when Nk is smallest.  Nk is at least 4.  In AES,
+	Nb is 4, so we have 4 + 27/4 + 1 = 11.
+
+	(In Rijndael, the maximum is 30, occurring when Nb is 8 and Nk is 4.)
+*/
+#define	MaxRcon	11
+
+
+#if !__ASSEMBLER__
+
+	#include <stdint.h>
+
+	typedef uint8_t Byte;
+	typedef uint32_t Word;
+	typedef union { Byte b[MaxNb*4]; Word w[MaxNb]; } AESData;
+	typedef union { Byte b[MaxNk*4]; Word w[MaxNk]; } AESKey ;
+
+#endif
+
+
+#endif	// defined UseAESedp
+
+
+#endif	// !defined AES_h

ADDED   Source/AESedp/Data.c
Index: Source/AESedp/Data.c
==================================================================
--- /dev/null
+++ Source/AESedp/Data.c
@@ -0,0 +1,5211 @@
+// This file was generated by MakeData.c.
+
+
+#include "AESAssembly.h"
+
+
+// Round constants.
+const Byte AESRcon[] =
+{
+	0,	// Not used, included for indexing simplicity.
+	0x01,
+	0x02,
+	0x04,
+	0x08,
+	0x10,
+	0x20,
+	0x40,
+	0x80,
+	0x1b,
+	0x36,
+};
+
+
+// Tables for InvMixColumn.
+const Word AESInvMixColumnTable[4][256] =
+{
+	{
+		0x00000000,
+		0x0b0d090e,
+		0x161a121c,
+		0x1d171b12,
+		0x2c342438,
+		0x27392d36,
+		0x3a2e3624,
+		0x31233f2a,
+		0x58684870,
+		0x5365417e,
+		0x4e725a6c,
+		0x457f5362,
+		0x745c6c48,
+		0x7f516546,
+		0x62467e54,
+		0x694b775a,
+		0xb0d090e0,
+		0xbbdd99ee,
+		0xa6ca82fc,
+		0xadc78bf2,
+		0x9ce4b4d8,
+		0x97e9bdd6,
+		0x8afea6c4,
+		0x81f3afca,
+		0xe8b8d890,
+		0xe3b5d19e,
+		0xfea2ca8c,
+		0xf5afc382,
+		0xc48cfca8,
+		0xcf81f5a6,
+		0xd296eeb4,
+		0xd99be7ba,
+		0x7bbb3bdb,
+		0x70b632d5,
+		0x6da129c7,
+		0x66ac20c9,
+		0x578f1fe3,
+		0x5c8216ed,
+		0x41950dff,
+		0x4a9804f1,
+		0x23d373ab,
+		0x28de7aa5,
+		0x35c961b7,
+		0x3ec468b9,
+		0x0fe75793,
+		0x04ea5e9d,
+		0x19fd458f,
+		0x12f04c81,
+		0xcb6bab3b,
+		0xc066a235,
+		0xdd71b927,
+		0xd67cb029,
+		0xe75f8f03,
+		0xec52860d,
+		0xf1459d1f,
+		0xfa489411,
+		0x9303e34b,
+		0x980eea45,
+		0x8519f157,
+		0x8e14f859,
+		0xbf37c773,
+		0xb43ace7d,
+		0xa92dd56f,
+		0xa220dc61,
+		0xf66d76ad,
+		0xfd607fa3,
+		0xe07764b1,
+		0xeb7a6dbf,
+		0xda595295,
+		0xd1545b9b,
+		0xcc434089,
+		0xc74e4987,
+		0xae053edd,
+		0xa50837d3,
+		0xb81f2cc1,
+		0xb31225cf,
+		0x82311ae5,
+		0x893c13eb,
+		0x942b08f9,
+		0x9f2601f7,
+		0x46bde64d,
+		0x4db0ef43,
+		0x50a7f451,
+		0x5baafd5f,
+		0x6a89c275,
+		0x6184cb7b,
+		0x7c93d069,
+		0x779ed967,
+		0x1ed5ae3d,
+		0x15d8a733,
+		0x08cfbc21,
+		0x03c2b52f,
+		0x32e18a05,
+		0x39ec830b,
+		0x24fb9819,
+		0x2ff69117,
+		0x8dd64d76,
+		0x86db4478,
+		0x9bcc5f6a,
+		0x90c15664,
+		0xa1e2694e,
+		0xaaef6040,
+		0xb7f87b52,
+		0xbcf5725c,
+		0xd5be0506,
+		0xdeb30c08,
+		0xc3a4171a,
+		0xc8a91e14,
+		0xf98a213e,
+		0xf2872830,
+		0xef903322,
+		0xe49d3a2c,
+		0x3d06dd96,
+		0x360bd498,
+		0x2b1ccf8a,
+		0x2011c684,
+		0x1132f9ae,
+		0x1a3ff0a0,
+		0x0728ebb2,
+		0x0c25e2bc,
+		0x656e95e6,
+		0x6e639ce8,
+		0x737487fa,
+		0x78798ef4,
+		0x495ab1de,
+		0x4257b8d0,
+		0x5f40a3c2,
+		0x544daacc,
+		0xf7daec41,
+		0xfcd7e54f,
+		0xe1c0fe5d,
+		0xeacdf753,
+		0xdbeec879,
+		0xd0e3c177,
+		0xcdf4da65,
+		0xc6f9d36b,
+		0xafb2a431,
+		0xa4bfad3f,
+		0xb9a8b62d,
+		0xb2a5bf23,
+		0x83868009,
+		0x888b8907,
+		0x959c9215,
+		0x9e919b1b,
+		0x470a7ca1,
+		0x4c0775af,
+		0x51106ebd,
+		0x5a1d67b3,
+		0x6b3e5899,
+		0x60335197,
+		0x7d244a85,
+		0x7629438b,
+		0x1f6234d1,
+		0x146f3ddf,
+		0x097826cd,
+		0x02752fc3,
+		0x335610e9,
+		0x385b19e7,
+		0x254c02f5,
+		0x2e410bfb,
+		0x8c61d79a,
+		0x876cde94,
+		0x9a7bc586,
+		0x9176cc88,
+		0xa055f3a2,
+		0xab58faac,
+		0xb64fe1be,
+		0xbd42e8b0,
+		0xd4099fea,
+		0xdf0496e4,
+		0xc2138df6,
+		0xc91e84f8,
+		0xf83dbbd2,
+		0xf330b2dc,
+		0xee27a9ce,
+		0xe52aa0c0,
+		0x3cb1477a,
+		0x37bc4e74,
+		0x2aab5566,
+		0x21a65c68,
+		0x10856342,
+		0x1b886a4c,
+		0x069f715e,
+		0x0d927850,
+		0x64d90f0a,
+		0x6fd40604,
+		0x72c31d16,
+		0x79ce1418,
+		0x48ed2b32,
+		0x43e0223c,
+		0x5ef7392e,
+		0x55fa3020,
+		0x01b79aec,
+		0x0aba93e2,
+		0x17ad88f0,
+		0x1ca081fe,
+		0x2d83bed4,
+		0x268eb7da,
+		0x3b99acc8,
+		0x3094a5c6,
+		0x59dfd29c,
+		0x52d2db92,
+		0x4fc5c080,
+		0x44c8c98e,
+		0x75ebf6a4,
+		0x7ee6ffaa,
+		0x63f1e4b8,
+		0x68fcedb6,
+		0xb1670a0c,
+		0xba6a0302,
+		0xa77d1810,
+		0xac70111e,
+		0x9d532e34,
+		0x965e273a,
+		0x8b493c28,
+		0x80443526,
+		0xe90f427c,
+		0xe2024b72,
+		0xff155060,
+		0xf418596e,
+		0xc53b6644,
+		0xce366f4a,
+		0xd3217458,
+		0xd82c7d56,
+		0x7a0ca137,
+		0x7101a839,
+		0x6c16b32b,
+		0x671bba25,
+		0x5638850f,
+		0x5d358c01,
+		0x40229713,
+		0x4b2f9e1d,
+		0x2264e947,
+		0x2969e049,
+		0x347efb5b,
+		0x3f73f255,
+		0x0e50cd7f,
+		0x055dc471,
+		0x184adf63,
+		0x1347d66d,
+		0xcadc31d7,
+		0xc1d138d9,
+		0xdcc623cb,
+		0xd7cb2ac5,
+		0xe6e815ef,
+		0xede51ce1,
+		0xf0f207f3,
+		0xfbff0efd,
+		0x92b479a7,
+		0x99b970a9,
+		0x84ae6bbb,
+		0x8fa362b5,
+		0xbe805d9f,
+		0xb58d5491,
+		0xa89a4f83,
+		0xa397468d,
+	},
+	{
+		0x00000000,
+		0x0d090e0b,
+		0x1a121c16,
+		0x171b121d,
+		0x3424382c,
+		0x392d3627,
+		0x2e36243a,
+		0x233f2a31,
+		0x68487058,
+		0x65417e53,
+		0x725a6c4e,
+		0x7f536245,
+		0x5c6c4874,
+		0x5165467f,
+		0x467e5462,
+		0x4b775a69,
+		0xd090e0b0,
+		0xdd99eebb,
+		0xca82fca6,
+		0xc78bf2ad,
+		0xe4b4d89c,
+		0xe9bdd697,
+		0xfea6c48a,
+		0xf3afca81,
+		0xb8d890e8,
+		0xb5d19ee3,
+		0xa2ca8cfe,
+		0xafc382f5,
+		0x8cfca8c4,
+		0x81f5a6cf,
+		0x96eeb4d2,
+		0x9be7bad9,
+		0xbb3bdb7b,
+		0xb632d570,
+		0xa129c76d,
+		0xac20c966,
+		0x8f1fe357,
+		0x8216ed5c,
+		0x950dff41,
+		0x9804f14a,
+		0xd373ab23,
+		0xde7aa528,
+		0xc961b735,
+		0xc468b93e,
+		0xe757930f,
+		0xea5e9d04,
+		0xfd458f19,
+		0xf04c8112,
+		0x6bab3bcb,
+		0x66a235c0,
+		0x71b927dd,
+		0x7cb029d6,
+		0x5f8f03e7,
+		0x52860dec,
+		0x459d1ff1,
+		0x489411fa,
+		0x03e34b93,
+		0x0eea4598,
+		0x19f15785,
+		0x14f8598e,
+		0x37c773bf,
+		0x3ace7db4,
+		0x2dd56fa9,
+		0x20dc61a2,
+		0x6d76adf6,
+		0x607fa3fd,
+		0x7764b1e0,
+		0x7a6dbfeb,
+		0x595295da,
+		0x545b9bd1,
+		0x434089cc,
+		0x4e4987c7,
+		0x053eddae,
+		0x0837d3a5,
+		0x1f2cc1b8,
+		0x1225cfb3,
+		0x311ae582,
+		0x3c13eb89,
+		0x2b08f994,
+		0x2601f79f,
+		0xbde64d46,
+		0xb0ef434d,
+		0xa7f45150,
+		0xaafd5f5b,
+		0x89c2756a,
+		0x84cb7b61,
+		0x93d0697c,
+		0x9ed96777,
+		0xd5ae3d1e,
+		0xd8a73315,
+		0xcfbc2108,
+		0xc2b52f03,
+		0xe18a0532,
+		0xec830b39,
+		0xfb981924,
+		0xf691172f,
+		0xd64d768d,
+		0xdb447886,
+		0xcc5f6a9b,
+		0xc1566490,
+		0xe2694ea1,
+		0xef6040aa,
+		0xf87b52b7,
+		0xf5725cbc,
+		0xbe0506d5,
+		0xb30c08de,
+		0xa4171ac3,
+		0xa91e14c8,
+		0x8a213ef9,
+		0x872830f2,
+		0x903322ef,
+		0x9d3a2ce4,
+		0x06dd963d,
+		0x0bd49836,
+		0x1ccf8a2b,
+		0x11c68420,
+		0x32f9ae11,
+		0x3ff0a01a,
+		0x28ebb207,
+		0x25e2bc0c,
+		0x6e95e665,
+		0x639ce86e,
+		0x7487fa73,
+		0x798ef478,
+		0x5ab1de49,
+		0x57b8d042,
+		0x40a3c25f,
+		0x4daacc54,
+		0xdaec41f7,
+		0xd7e54ffc,
+		0xc0fe5de1,
+		0xcdf753ea,
+		0xeec879db,
+		0xe3c177d0,
+		0xf4da65cd,
+		0xf9d36bc6,
+		0xb2a431af,
+		0xbfad3fa4,
+		0xa8b62db9,
+		0xa5bf23b2,
+		0x86800983,
+		0x8b890788,
+		0x9c921595,
+		0x919b1b9e,
+		0x0a7ca147,
+		0x0775af4c,
+		0x106ebd51,
+		0x1d67b35a,
+		0x3e58996b,
+		0x33519760,
+		0x244a857d,
+		0x29438b76,
+		0x6234d11f,
+		0x6f3ddf14,
+		0x7826cd09,
+		0x752fc302,
+		0x5610e933,
+		0x5b19e738,
+		0x4c02f525,
+		0x410bfb2e,
+		0x61d79a8c,
+		0x6cde9487,
+		0x7bc5869a,
+		0x76cc8891,
+		0x55f3a2a0,
+		0x58faacab,
+		0x4fe1beb6,
+		0x42e8b0bd,
+		0x099fead4,
+		0x0496e4df,
+		0x138df6c2,
+		0x1e84f8c9,
+		0x3dbbd2f8,
+		0x30b2dcf3,
+		0x27a9ceee,
+		0x2aa0c0e5,
+		0xb1477a3c,
+		0xbc4e7437,
+		0xab55662a,
+		0xa65c6821,
+		0x85634210,
+		0x886a4c1b,
+		0x9f715e06,
+		0x9278500d,
+		0xd90f0a64,
+		0xd406046f,
+		0xc31d1672,
+		0xce141879,
+		0xed2b3248,
+		0xe0223c43,
+		0xf7392e5e,
+		0xfa302055,
+		0xb79aec01,
+		0xba93e20a,
+		0xad88f017,
+		0xa081fe1c,
+		0x83bed42d,
+		0x8eb7da26,
+		0x99acc83b,
+		0x94a5c630,
+		0xdfd29c59,
+		0xd2db9252,
+		0xc5c0804f,
+		0xc8c98e44,
+		0xebf6a475,
+		0xe6ffaa7e,
+		0xf1e4b863,
+		0xfcedb668,
+		0x670a0cb1,
+		0x6a0302ba,
+		0x7d1810a7,
+		0x70111eac,
+		0x532e349d,
+		0x5e273a96,
+		0x493c288b,
+		0x44352680,
+		0x0f427ce9,
+		0x024b72e2,
+		0x155060ff,
+		0x18596ef4,
+		0x3b6644c5,
+		0x366f4ace,
+		0x217458d3,
+		0x2c7d56d8,
+		0x0ca1377a,
+		0x01a83971,
+		0x16b32b6c,
+		0x1bba2567,
+		0x38850f56,
+		0x358c015d,
+		0x22971340,
+		0x2f9e1d4b,
+		0x64e94722,
+		0x69e04929,
+		0x7efb5b34,
+		0x73f2553f,
+		0x50cd7f0e,
+		0x5dc47105,
+		0x4adf6318,
+		0x47d66d13,
+		0xdc31d7ca,
+		0xd138d9c1,
+		0xc623cbdc,
+		0xcb2ac5d7,
+		0xe815efe6,
+		0xe51ce1ed,
+		0xf207f3f0,
+		0xff0efdfb,
+		0xb479a792,
+		0xb970a999,
+		0xae6bbb84,
+		0xa362b58f,
+		0x805d9fbe,
+		0x8d5491b5,
+		0x9a4f83a8,
+		0x97468da3,
+	},
+	{
+		0x00000000,
+		0x090e0b0d,
+		0x121c161a,
+		0x1b121d17,
+		0x24382c34,
+		0x2d362739,
+		0x36243a2e,
+		0x3f2a3123,
+		0x48705868,
+		0x417e5365,
+		0x5a6c4e72,
+		0x5362457f,
+		0x6c48745c,
+		0x65467f51,
+		0x7e546246,
+		0x775a694b,
+		0x90e0b0d0,
+		0x99eebbdd,
+		0x82fca6ca,
+		0x8bf2adc7,
+		0xb4d89ce4,
+		0xbdd697e9,
+		0xa6c48afe,
+		0xafca81f3,
+		0xd890e8b8,
+		0xd19ee3b5,
+		0xca8cfea2,
+		0xc382f5af,
+		0xfca8c48c,
+		0xf5a6cf81,
+		0xeeb4d296,
+		0xe7bad99b,
+		0x3bdb7bbb,
+		0x32d570b6,
+		0x29c76da1,
+		0x20c966ac,
+		0x1fe3578f,
+		0x16ed5c82,
+		0x0dff4195,
+		0x04f14a98,
+		0x73ab23d3,
+		0x7aa528de,
+		0x61b735c9,
+		0x68b93ec4,
+		0x57930fe7,
+		0x5e9d04ea,
+		0x458f19fd,
+		0x4c8112f0,
+		0xab3bcb6b,
+		0xa235c066,
+		0xb927dd71,
+		0xb029d67c,
+		0x8f03e75f,
+		0x860dec52,
+		0x9d1ff145,
+		0x9411fa48,
+		0xe34b9303,
+		0xea45980e,
+		0xf1578519,
+		0xf8598e14,
+		0xc773bf37,
+		0xce7db43a,
+		0xd56fa92d,
+		0xdc61a220,
+		0x76adf66d,
+		0x7fa3fd60,
+		0x64b1e077,
+		0x6dbfeb7a,
+		0x5295da59,
+		0x5b9bd154,
+		0x4089cc43,
+		0x4987c74e,
+		0x3eddae05,
+		0x37d3a508,
+		0x2cc1b81f,
+		0x25cfb312,
+		0x1ae58231,
+		0x13eb893c,
+		0x08f9942b,
+		0x01f79f26,
+		0xe64d46bd,
+		0xef434db0,
+		0xf45150a7,
+		0xfd5f5baa,
+		0xc2756a89,
+		0xcb7b6184,
+		0xd0697c93,
+		0xd967779e,
+		0xae3d1ed5,
+		0xa73315d8,
+		0xbc2108cf,
+		0xb52f03c2,
+		0x8a0532e1,
+		0x830b39ec,
+		0x981924fb,
+		0x91172ff6,
+		0x4d768dd6,
+		0x447886db,
+		0x5f6a9bcc,
+		0x566490c1,
+		0x694ea1e2,
+		0x6040aaef,
+		0x7b52b7f8,
+		0x725cbcf5,
+		0x0506d5be,
+		0x0c08deb3,
+		0x171ac3a4,
+		0x1e14c8a9,
+		0x213ef98a,
+		0x2830f287,
+		0x3322ef90,
+		0x3a2ce49d,
+		0xdd963d06,
+		0xd498360b,
+		0xcf8a2b1c,
+		0xc6842011,
+		0xf9ae1132,
+		0xf0a01a3f,
+		0xebb20728,
+		0xe2bc0c25,
+		0x95e6656e,
+		0x9ce86e63,
+		0x87fa7374,
+		0x8ef47879,
+		0xb1de495a,
+		0xb8d04257,
+		0xa3c25f40,
+		0xaacc544d,
+		0xec41f7da,
+		0xe54ffcd7,
+		0xfe5de1c0,
+		0xf753eacd,
+		0xc879dbee,
+		0xc177d0e3,
+		0xda65cdf4,
+		0xd36bc6f9,
+		0xa431afb2,
+		0xad3fa4bf,
+		0xb62db9a8,
+		0xbf23b2a5,
+		0x80098386,
+		0x8907888b,
+		0x9215959c,
+		0x9b1b9e91,
+		0x7ca1470a,
+		0x75af4c07,
+		0x6ebd5110,
+		0x67b35a1d,
+		0x58996b3e,
+		0x51976033,
+		0x4a857d24,
+		0x438b7629,
+		0x34d11f62,
+		0x3ddf146f,
+		0x26cd0978,
+		0x2fc30275,
+		0x10e93356,
+		0x19e7385b,
+		0x02f5254c,
+		0x0bfb2e41,
+		0xd79a8c61,
+		0xde94876c,
+		0xc5869a7b,
+		0xcc889176,
+		0xf3a2a055,
+		0xfaacab58,
+		0xe1beb64f,
+		0xe8b0bd42,
+		0x9fead409,
+		0x96e4df04,
+		0x8df6c213,
+		0x84f8c91e,
+		0xbbd2f83d,
+		0xb2dcf330,
+		0xa9ceee27,
+		0xa0c0e52a,
+		0x477a3cb1,
+		0x4e7437bc,
+		0x55662aab,
+		0x5c6821a6,
+		0x63421085,
+		0x6a4c1b88,
+		0x715e069f,
+		0x78500d92,
+		0x0f0a64d9,
+		0x06046fd4,
+		0x1d1672c3,
+		0x141879ce,
+		0x2b3248ed,
+		0x223c43e0,
+		0x392e5ef7,
+		0x302055fa,
+		0x9aec01b7,
+		0x93e20aba,
+		0x88f017ad,
+		0x81fe1ca0,
+		0xbed42d83,
+		0xb7da268e,
+		0xacc83b99,
+		0xa5c63094,
+		0xd29c59df,
+		0xdb9252d2,
+		0xc0804fc5,
+		0xc98e44c8,
+		0xf6a475eb,
+		0xffaa7ee6,
+		0xe4b863f1,
+		0xedb668fc,
+		0x0a0cb167,
+		0x0302ba6a,
+		0x1810a77d,
+		0x111eac70,
+		0x2e349d53,
+		0x273a965e,
+		0x3c288b49,
+		0x35268044,
+		0x427ce90f,
+		0x4b72e202,
+		0x5060ff15,
+		0x596ef418,
+		0x6644c53b,
+		0x6f4ace36,
+		0x7458d321,
+		0x7d56d82c,
+		0xa1377a0c,
+		0xa8397101,
+		0xb32b6c16,
+		0xba25671b,
+		0x850f5638,
+		0x8c015d35,
+		0x97134022,
+		0x9e1d4b2f,
+		0xe9472264,
+		0xe0492969,
+		0xfb5b347e,
+		0xf2553f73,
+		0xcd7f0e50,
+		0xc471055d,
+		0xdf63184a,
+		0xd66d1347,
+		0x31d7cadc,
+		0x38d9c1d1,
+		0x23cbdcc6,
+		0x2ac5d7cb,
+		0x15efe6e8,
+		0x1ce1ede5,
+		0x07f3f0f2,
+		0x0efdfbff,
+		0x79a792b4,
+		0x70a999b9,
+		0x6bbb84ae,
+		0x62b58fa3,
+		0x5d9fbe80,
+		0x5491b58d,
+		0x4f83a89a,
+		0x468da397,
+	},
+	{
+		0x00000000,
+		0x0e0b0d09,
+		0x1c161a12,
+		0x121d171b,
+		0x382c3424,
+		0x3627392d,
+		0x243a2e36,
+		0x2a31233f,
+		0x70586848,
+		0x7e536541,
+		0x6c4e725a,
+		0x62457f53,
+		0x48745c6c,
+		0x467f5165,
+		0x5462467e,
+		0x5a694b77,
+		0xe0b0d090,
+		0xeebbdd99,
+		0xfca6ca82,
+		0xf2adc78b,
+		0xd89ce4b4,
+		0xd697e9bd,
+		0xc48afea6,
+		0xca81f3af,
+		0x90e8b8d8,
+		0x9ee3b5d1,
+		0x8cfea2ca,
+		0x82f5afc3,
+		0xa8c48cfc,
+		0xa6cf81f5,
+		0xb4d296ee,
+		0xbad99be7,
+		0xdb7bbb3b,
+		0xd570b632,
+		0xc76da129,
+		0xc966ac20,
+		0xe3578f1f,
+		0xed5c8216,
+		0xff41950d,
+		0xf14a9804,
+		0xab23d373,
+		0xa528de7a,
+		0xb735c961,
+		0xb93ec468,
+		0x930fe757,
+		0x9d04ea5e,
+		0x8f19fd45,
+		0x8112f04c,
+		0x3bcb6bab,
+		0x35c066a2,
+		0x27dd71b9,
+		0x29d67cb0,
+		0x03e75f8f,
+		0x0dec5286,
+		0x1ff1459d,
+		0x11fa4894,
+		0x4b9303e3,
+		0x45980eea,
+		0x578519f1,
+		0x598e14f8,
+		0x73bf37c7,
+		0x7db43ace,
+		0x6fa92dd5,
+		0x61a220dc,
+		0xadf66d76,
+		0xa3fd607f,
+		0xb1e07764,
+		0xbfeb7a6d,
+		0x95da5952,
+		0x9bd1545b,
+		0x89cc4340,
+		0x87c74e49,
+		0xddae053e,
+		0xd3a50837,
+		0xc1b81f2c,
+		0xcfb31225,
+		0xe582311a,
+		0xeb893c13,
+		0xf9942b08,
+		0xf79f2601,
+		0x4d46bde6,
+		0x434db0ef,
+		0x5150a7f4,
+		0x5f5baafd,
+		0x756a89c2,
+		0x7b6184cb,
+		0x697c93d0,
+		0x67779ed9,
+		0x3d1ed5ae,
+		0x3315d8a7,
+		0x2108cfbc,
+		0x2f03c2b5,
+		0x0532e18a,
+		0x0b39ec83,
+		0x1924fb98,
+		0x172ff691,
+		0x768dd64d,
+		0x7886db44,
+		0x6a9bcc5f,
+		0x6490c156,
+		0x4ea1e269,
+		0x40aaef60,
+		0x52b7f87b,
+		0x5cbcf572,
+		0x06d5be05,
+		0x08deb30c,
+		0x1ac3a417,
+		0x14c8a91e,
+		0x3ef98a21,
+		0x30f28728,
+		0x22ef9033,
+		0x2ce49d3a,
+		0x963d06dd,
+		0x98360bd4,
+		0x8a2b1ccf,
+		0x842011c6,
+		0xae1132f9,
+		0xa01a3ff0,
+		0xb20728eb,
+		0xbc0c25e2,
+		0xe6656e95,
+		0xe86e639c,
+		0xfa737487,
+		0xf478798e,
+		0xde495ab1,
+		0xd04257b8,
+		0xc25f40a3,
+		0xcc544daa,
+		0x41f7daec,
+		0x4ffcd7e5,
+		0x5de1c0fe,
+		0x53eacdf7,
+		0x79dbeec8,
+		0x77d0e3c1,
+		0x65cdf4da,
+		0x6bc6f9d3,
+		0x31afb2a4,
+		0x3fa4bfad,
+		0x2db9a8b6,
+		0x23b2a5bf,
+		0x09838680,
+		0x07888b89,
+		0x15959c92,
+		0x1b9e919b,
+		0xa1470a7c,
+		0xaf4c0775,
+		0xbd51106e,
+		0xb35a1d67,
+		0x996b3e58,
+		0x97603351,
+		0x857d244a,
+		0x8b762943,
+		0xd11f6234,
+		0xdf146f3d,
+		0xcd097826,
+		0xc302752f,
+		0xe9335610,
+		0xe7385b19,
+		0xf5254c02,
+		0xfb2e410b,
+		0x9a8c61d7,
+		0x94876cde,
+		0x869a7bc5,
+		0x889176cc,
+		0xa2a055f3,
+		0xacab58fa,
+		0xbeb64fe1,
+		0xb0bd42e8,
+		0xead4099f,
+		0xe4df0496,
+		0xf6c2138d,
+		0xf8c91e84,
+		0xd2f83dbb,
+		0xdcf330b2,
+		0xceee27a9,
+		0xc0e52aa0,
+		0x7a3cb147,
+		0x7437bc4e,
+		0x662aab55,
+		0x6821a65c,
+		0x42108563,
+		0x4c1b886a,
+		0x5e069f71,
+		0x500d9278,
+		0x0a64d90f,
+		0x046fd406,
+		0x1672c31d,
+		0x1879ce14,
+		0x3248ed2b,
+		0x3c43e022,
+		0x2e5ef739,
+		0x2055fa30,
+		0xec01b79a,
+		0xe20aba93,
+		0xf017ad88,
+		0xfe1ca081,
+		0xd42d83be,
+		0xda268eb7,
+		0xc83b99ac,
+		0xc63094a5,
+		0x9c59dfd2,
+		0x9252d2db,
+		0x804fc5c0,
+		0x8e44c8c9,
+		0xa475ebf6,
+		0xaa7ee6ff,
+		0xb863f1e4,
+		0xb668fced,
+		0x0cb1670a,
+		0x02ba6a03,
+		0x10a77d18,
+		0x1eac7011,
+		0x349d532e,
+		0x3a965e27,
+		0x288b493c,
+		0x26804435,
+		0x7ce90f42,
+		0x72e2024b,
+		0x60ff1550,
+		0x6ef41859,
+		0x44c53b66,
+		0x4ace366f,
+		0x58d32174,
+		0x56d82c7d,
+		0x377a0ca1,
+		0x397101a8,
+		0x2b6c16b3,
+		0x25671bba,
+		0x0f563885,
+		0x015d358c,
+		0x13402297,
+		0x1d4b2f9e,
+		0x472264e9,
+		0x492969e0,
+		0x5b347efb,
+		0x553f73f2,
+		0x7f0e50cd,
+		0x71055dc4,
+		0x63184adf,
+		0x6d1347d6,
+		0xd7cadc31,
+		0xd9c1d138,
+		0xcbdcc623,
+		0xc5d7cb2a,
+		0xefe6e815,
+		0xe1ede51c,
+		0xf3f0f207,
+		0xfdfbff0e,
+		0xa792b479,
+		0xa999b970,
+		0xbb84ae6b,
+		0xb58fa362,
+		0x9fbe805d,
+		0x91b58d54,
+		0x83a89a4f,
+		0x8da39746,
+	},
+};
+
+
+// Tables for main encryption iterations.
+const Word AESEncryptTable[4][256] =
+{
+	{
+		0xa56363c6,
+		0x847c7cf8,
+		0x997777ee,
+		0x8d7b7bf6,
+		0x0df2f2ff,
+		0xbd6b6bd6,
+		0xb16f6fde,
+		0x54c5c591,
+		0x50303060,
+		0x03010102,
+		0xa96767ce,
+		0x7d2b2b56,
+		0x19fefee7,
+		0x62d7d7b5,
+		0xe6abab4d,
+		0x9a7676ec,
+		0x45caca8f,
+		0x9d82821f,
+		0x40c9c989,
+		0x877d7dfa,
+		0x15fafaef,
+		0xeb5959b2,
+		0xc947478e,
+		0x0bf0f0fb,
+		0xecadad41,
+		0x67d4d4b3,
+		0xfda2a25f,
+		0xeaafaf45,
+		0xbf9c9c23,
+		0xf7a4a453,
+		0x967272e4,
+		0x5bc0c09b,
+		0xc2b7b775,
+		0x1cfdfde1,
+		0xae93933d,
+		0x6a26264c,
+		0x5a36366c,
+		0x413f3f7e,
+		0x02f7f7f5,
+		0x4fcccc83,
+		0x5c343468,
+		0xf4a5a551,
+		0x34e5e5d1,
+		0x08f1f1f9,
+		0x937171e2,
+		0x73d8d8ab,
+		0x53313162,
+		0x3f15152a,
+		0x0c040408,
+		0x52c7c795,
+		0x65232346,
+		0x5ec3c39d,
+		0x28181830,
+		0xa1969637,
+		0x0f05050a,
+		0xb59a9a2f,
+		0x0907070e,
+		0x36121224,
+		0x9b80801b,
+		0x3de2e2df,
+		0x26ebebcd,
+		0x6927274e,
+		0xcdb2b27f,
+		0x9f7575ea,
+		0x1b090912,
+		0x9e83831d,
+		0x742c2c58,
+		0x2e1a1a34,
+		0x2d1b1b36,
+		0xb26e6edc,
+		0xee5a5ab4,
+		0xfba0a05b,
+		0xf65252a4,
+		0x4d3b3b76,
+		0x61d6d6b7,
+		0xceb3b37d,
+		0x7b292952,
+		0x3ee3e3dd,
+		0x712f2f5e,
+		0x97848413,
+		0xf55353a6,
+		0x68d1d1b9,
+		0x00000000,
+		0x2cededc1,
+		0x60202040,
+		0x1ffcfce3,
+		0xc8b1b179,
+		0xed5b5bb6,
+		0xbe6a6ad4,
+		0x46cbcb8d,
+		0xd9bebe67,
+		0x4b393972,
+		0xde4a4a94,
+		0xd44c4c98,
+		0xe85858b0,
+		0x4acfcf85,
+		0x6bd0d0bb,
+		0x2aefefc5,
+		0xe5aaaa4f,
+		0x16fbfbed,
+		0xc5434386,
+		0xd74d4d9a,
+		0x55333366,
+		0x94858511,
+		0xcf45458a,
+		0x10f9f9e9,
+		0x06020204,
+		0x817f7ffe,
+		0xf05050a0,
+		0x443c3c78,
+		0xba9f9f25,
+		0xe3a8a84b,
+		0xf35151a2,
+		0xfea3a35d,
+		0xc0404080,
+		0x8a8f8f05,
+		0xad92923f,
+		0xbc9d9d21,
+		0x48383870,
+		0x04f5f5f1,
+		0xdfbcbc63,
+		0xc1b6b677,
+		0x75dadaaf,
+		0x63212142,
+		0x30101020,
+		0x1affffe5,
+		0x0ef3f3fd,
+		0x6dd2d2bf,
+		0x4ccdcd81,
+		0x140c0c18,
+		0x35131326,
+		0x2fececc3,
+		0xe15f5fbe,
+		0xa2979735,
+		0xcc444488,
+		0x3917172e,
+		0x57c4c493,
+		0xf2a7a755,
+		0x827e7efc,
+		0x473d3d7a,
+		0xac6464c8,
+		0xe75d5dba,
+		0x2b191932,
+		0x957373e6,
+		0xa06060c0,
+		0x98818119,
+		0xd14f4f9e,
+		0x7fdcdca3,
+		0x66222244,
+		0x7e2a2a54,
+		0xab90903b,
+		0x8388880b,
+		0xca46468c,
+		0x29eeeec7,
+		0xd3b8b86b,
+		0x3c141428,
+		0x79dedea7,
+		0xe25e5ebc,
+		0x1d0b0b16,
+		0x76dbdbad,
+		0x3be0e0db,
+		0x56323264,
+		0x4e3a3a74,
+		0x1e0a0a14,
+		0xdb494992,
+		0x0a06060c,
+		0x6c242448,
+		0xe45c5cb8,
+		0x5dc2c29f,
+		0x6ed3d3bd,
+		0xefacac43,
+		0xa66262c4,
+		0xa8919139,
+		0xa4959531,
+		0x37e4e4d3,
+		0x8b7979f2,
+		0x32e7e7d5,
+		0x43c8c88b,
+		0x5937376e,
+		0xb76d6dda,
+		0x8c8d8d01,
+		0x64d5d5b1,
+		0xd24e4e9c,
+		0xe0a9a949,
+		0xb46c6cd8,
+		0xfa5656ac,
+		0x07f4f4f3,
+		0x25eaeacf,
+		0xaf6565ca,
+		0x8e7a7af4,
+		0xe9aeae47,
+		0x18080810,
+		0xd5baba6f,
+		0x887878f0,
+		0x6f25254a,
+		0x722e2e5c,
+		0x241c1c38,
+		0xf1a6a657,
+		0xc7b4b473,
+		0x51c6c697,
+		0x23e8e8cb,
+		0x7cdddda1,
+		0x9c7474e8,
+		0x211f1f3e,
+		0xdd4b4b96,
+		0xdcbdbd61,
+		0x868b8b0d,
+		0x858a8a0f,
+		0x907070e0,
+		0x423e3e7c,
+		0xc4b5b571,
+		0xaa6666cc,
+		0xd8484890,
+		0x05030306,
+		0x01f6f6f7,
+		0x120e0e1c,
+		0xa36161c2,
+		0x5f35356a,
+		0xf95757ae,
+		0xd0b9b969,
+		0x91868617,
+		0x58c1c199,
+		0x271d1d3a,
+		0xb99e9e27,
+		0x38e1e1d9,
+		0x13f8f8eb,
+		0xb398982b,
+		0x33111122,
+		0xbb6969d2,
+		0x70d9d9a9,
+		0x898e8e07,
+		0xa7949433,
+		0xb69b9b2d,
+		0x221e1e3c,
+		0x92878715,
+		0x20e9e9c9,
+		0x49cece87,
+		0xff5555aa,
+		0x78282850,
+		0x7adfdfa5,
+		0x8f8c8c03,
+		0xf8a1a159,
+		0x80898909,
+		0x170d0d1a,
+		0xdabfbf65,
+		0x31e6e6d7,
+		0xc6424284,
+		0xb86868d0,
+		0xc3414182,
+		0xb0999929,
+		0x772d2d5a,
+		0x110f0f1e,
+		0xcbb0b07b,
+		0xfc5454a8,
+		0xd6bbbb6d,
+		0x3a16162c,
+	},
+	{
+		0x6363c6a5,
+		0x7c7cf884,
+		0x7777ee99,
+		0x7b7bf68d,
+		0xf2f2ff0d,
+		0x6b6bd6bd,
+		0x6f6fdeb1,
+		0xc5c59154,
+		0x30306050,
+		0x01010203,
+		0x6767cea9,
+		0x2b2b567d,
+		0xfefee719,
+		0xd7d7b562,
+		0xabab4de6,
+		0x7676ec9a,
+		0xcaca8f45,
+		0x82821f9d,
+		0xc9c98940,
+		0x7d7dfa87,
+		0xfafaef15,
+		0x5959b2eb,
+		0x47478ec9,
+		0xf0f0fb0b,
+		0xadad41ec,
+		0xd4d4b367,
+		0xa2a25ffd,
+		0xafaf45ea,
+		0x9c9c23bf,
+		0xa4a453f7,
+		0x7272e496,
+		0xc0c09b5b,
+		0xb7b775c2,
+		0xfdfde11c,
+		0x93933dae,
+		0x26264c6a,
+		0x36366c5a,
+		0x3f3f7e41,
+		0xf7f7f502,
+		0xcccc834f,
+		0x3434685c,
+		0xa5a551f4,
+		0xe5e5d134,
+		0xf1f1f908,
+		0x7171e293,
+		0xd8d8ab73,
+		0x31316253,
+		0x15152a3f,
+		0x0404080c,
+		0xc7c79552,
+		0x23234665,
+		0xc3c39d5e,
+		0x18183028,
+		0x969637a1,
+		0x05050a0f,
+		0x9a9a2fb5,
+		0x07070e09,
+		0x12122436,
+		0x80801b9b,
+		0xe2e2df3d,
+		0xebebcd26,
+		0x27274e69,
+		0xb2b27fcd,
+		0x7575ea9f,
+		0x0909121b,
+		0x83831d9e,
+		0x2c2c5874,
+		0x1a1a342e,
+		0x1b1b362d,
+		0x6e6edcb2,
+		0x5a5ab4ee,
+		0xa0a05bfb,
+		0x5252a4f6,
+		0x3b3b764d,
+		0xd6d6b761,
+		0xb3b37dce,
+		0x2929527b,
+		0xe3e3dd3e,
+		0x2f2f5e71,
+		0x84841397,
+		0x5353a6f5,
+		0xd1d1b968,
+		0x00000000,
+		0xededc12c,
+		0x20204060,
+		0xfcfce31f,
+		0xb1b179c8,
+		0x5b5bb6ed,
+		0x6a6ad4be,
+		0xcbcb8d46,
+		0xbebe67d9,
+		0x3939724b,
+		0x4a4a94de,
+		0x4c4c98d4,
+		0x5858b0e8,
+		0xcfcf854a,
+		0xd0d0bb6b,
+		0xefefc52a,
+		0xaaaa4fe5,
+		0xfbfbed16,
+		0x434386c5,
+		0x4d4d9ad7,
+		0x33336655,
+		0x85851194,
+		0x45458acf,
+		0xf9f9e910,
+		0x02020406,
+		0x7f7ffe81,
+		0x5050a0f0,
+		0x3c3c7844,
+		0x9f9f25ba,
+		0xa8a84be3,
+		0x5151a2f3,
+		0xa3a35dfe,
+		0x404080c0,
+		0x8f8f058a,
+		0x92923fad,
+		0x9d9d21bc,
+		0x38387048,
+		0xf5f5f104,
+		0xbcbc63df,
+		0xb6b677c1,
+		0xdadaaf75,
+		0x21214263,
+		0x10102030,
+		0xffffe51a,
+		0xf3f3fd0e,
+		0xd2d2bf6d,
+		0xcdcd814c,
+		0x0c0c1814,
+		0x13132635,
+		0xececc32f,
+		0x5f5fbee1,
+		0x979735a2,
+		0x444488cc,
+		0x17172e39,
+		0xc4c49357,
+		0xa7a755f2,
+		0x7e7efc82,
+		0x3d3d7a47,
+		0x6464c8ac,
+		0x5d5dbae7,
+		0x1919322b,
+		0x7373e695,
+		0x6060c0a0,
+		0x81811998,
+		0x4f4f9ed1,
+		0xdcdca37f,
+		0x22224466,
+		0x2a2a547e,
+		0x90903bab,
+		0x88880b83,
+		0x46468cca,
+		0xeeeec729,
+		0xb8b86bd3,
+		0x1414283c,
+		0xdedea779,
+		0x5e5ebce2,
+		0x0b0b161d,
+		0xdbdbad76,
+		0xe0e0db3b,
+		0x32326456,
+		0x3a3a744e,
+		0x0a0a141e,
+		0x494992db,
+		0x06060c0a,
+		0x2424486c,
+		0x5c5cb8e4,
+		0xc2c29f5d,
+		0xd3d3bd6e,
+		0xacac43ef,
+		0x6262c4a6,
+		0x919139a8,
+		0x959531a4,
+		0xe4e4d337,
+		0x7979f28b,
+		0xe7e7d532,
+		0xc8c88b43,
+		0x37376e59,
+		0x6d6ddab7,
+		0x8d8d018c,
+		0xd5d5b164,
+		0x4e4e9cd2,
+		0xa9a949e0,
+		0x6c6cd8b4,
+		0x5656acfa,
+		0xf4f4f307,
+		0xeaeacf25,
+		0x6565caaf,
+		0x7a7af48e,
+		0xaeae47e9,
+		0x08081018,
+		0xbaba6fd5,
+		0x7878f088,
+		0x25254a6f,
+		0x2e2e5c72,
+		0x1c1c3824,
+		0xa6a657f1,
+		0xb4b473c7,
+		0xc6c69751,
+		0xe8e8cb23,
+		0xdddda17c,
+		0x7474e89c,
+		0x1f1f3e21,
+		0x4b4b96dd,
+		0xbdbd61dc,
+		0x8b8b0d86,
+		0x8a8a0f85,
+		0x7070e090,
+		0x3e3e7c42,
+		0xb5b571c4,
+		0x6666ccaa,
+		0x484890d8,
+		0x03030605,
+		0xf6f6f701,
+		0x0e0e1c12,
+		0x6161c2a3,
+		0x35356a5f,
+		0x5757aef9,
+		0xb9b969d0,
+		0x86861791,
+		0xc1c19958,
+		0x1d1d3a27,
+		0x9e9e27b9,
+		0xe1e1d938,
+		0xf8f8eb13,
+		0x98982bb3,
+		0x11112233,
+		0x6969d2bb,
+		0xd9d9a970,
+		0x8e8e0789,
+		0x949433a7,
+		0x9b9b2db6,
+		0x1e1e3c22,
+		0x87871592,
+		0xe9e9c920,
+		0xcece8749,
+		0x5555aaff,
+		0x28285078,
+		0xdfdfa57a,
+		0x8c8c038f,
+		0xa1a159f8,
+		0x89890980,
+		0x0d0d1a17,
+		0xbfbf65da,
+		0xe6e6d731,
+		0x424284c6,
+		0x6868d0b8,
+		0x414182c3,
+		0x999929b0,
+		0x2d2d5a77,
+		0x0f0f1e11,
+		0xb0b07bcb,
+		0x5454a8fc,
+		0xbbbb6dd6,
+		0x16162c3a,
+	},
+	{
+		0x63c6a563,
+		0x7cf8847c,
+		0x77ee9977,
+		0x7bf68d7b,
+		0xf2ff0df2,
+		0x6bd6bd6b,
+		0x6fdeb16f,
+		0xc59154c5,
+		0x30605030,
+		0x01020301,
+		0x67cea967,
+		0x2b567d2b,
+		0xfee719fe,
+		0xd7b562d7,
+		0xab4de6ab,
+		0x76ec9a76,
+		0xca8f45ca,
+		0x821f9d82,
+		0xc98940c9,
+		0x7dfa877d,
+		0xfaef15fa,
+		0x59b2eb59,
+		0x478ec947,
+		0xf0fb0bf0,
+		0xad41ecad,
+		0xd4b367d4,
+		0xa25ffda2,
+		0xaf45eaaf,
+		0x9c23bf9c,
+		0xa453f7a4,
+		0x72e49672,
+		0xc09b5bc0,
+		0xb775c2b7,
+		0xfde11cfd,
+		0x933dae93,
+		0x264c6a26,
+		0x366c5a36,
+		0x3f7e413f,
+		0xf7f502f7,
+		0xcc834fcc,
+		0x34685c34,
+		0xa551f4a5,
+		0xe5d134e5,
+		0xf1f908f1,
+		0x71e29371,
+		0xd8ab73d8,
+		0x31625331,
+		0x152a3f15,
+		0x04080c04,
+		0xc79552c7,
+		0x23466523,
+		0xc39d5ec3,
+		0x18302818,
+		0x9637a196,
+		0x050a0f05,
+		0x9a2fb59a,
+		0x070e0907,
+		0x12243612,
+		0x801b9b80,
+		0xe2df3de2,
+		0xebcd26eb,
+		0x274e6927,
+		0xb27fcdb2,
+		0x75ea9f75,
+		0x09121b09,
+		0x831d9e83,
+		0x2c58742c,
+		0x1a342e1a,
+		0x1b362d1b,
+		0x6edcb26e,
+		0x5ab4ee5a,
+		0xa05bfba0,
+		0x52a4f652,
+		0x3b764d3b,
+		0xd6b761d6,
+		0xb37dceb3,
+		0x29527b29,
+		0xe3dd3ee3,
+		0x2f5e712f,
+		0x84139784,
+		0x53a6f553,
+		0xd1b968d1,
+		0x00000000,
+		0xedc12ced,
+		0x20406020,
+		0xfce31ffc,
+		0xb179c8b1,
+		0x5bb6ed5b,
+		0x6ad4be6a,
+		0xcb8d46cb,
+		0xbe67d9be,
+		0x39724b39,
+		0x4a94de4a,
+		0x4c98d44c,
+		0x58b0e858,
+		0xcf854acf,
+		0xd0bb6bd0,
+		0xefc52aef,
+		0xaa4fe5aa,
+		0xfbed16fb,
+		0x4386c543,
+		0x4d9ad74d,
+		0x33665533,
+		0x85119485,
+		0x458acf45,
+		0xf9e910f9,
+		0x02040602,
+		0x7ffe817f,
+		0x50a0f050,
+		0x3c78443c,
+		0x9f25ba9f,
+		0xa84be3a8,
+		0x51a2f351,
+		0xa35dfea3,
+		0x4080c040,
+		0x8f058a8f,
+		0x923fad92,
+		0x9d21bc9d,
+		0x38704838,
+		0xf5f104f5,
+		0xbc63dfbc,
+		0xb677c1b6,
+		0xdaaf75da,
+		0x21426321,
+		0x10203010,
+		0xffe51aff,
+		0xf3fd0ef3,
+		0xd2bf6dd2,
+		0xcd814ccd,
+		0x0c18140c,
+		0x13263513,
+		0xecc32fec,
+		0x5fbee15f,
+		0x9735a297,
+		0x4488cc44,
+		0x172e3917,
+		0xc49357c4,
+		0xa755f2a7,
+		0x7efc827e,
+		0x3d7a473d,
+		0x64c8ac64,
+		0x5dbae75d,
+		0x19322b19,
+		0x73e69573,
+		0x60c0a060,
+		0x81199881,
+		0x4f9ed14f,
+		0xdca37fdc,
+		0x22446622,
+		0x2a547e2a,
+		0x903bab90,
+		0x880b8388,
+		0x468cca46,
+		0xeec729ee,
+		0xb86bd3b8,
+		0x14283c14,
+		0xdea779de,
+		0x5ebce25e,
+		0x0b161d0b,
+		0xdbad76db,
+		0xe0db3be0,
+		0x32645632,
+		0x3a744e3a,
+		0x0a141e0a,
+		0x4992db49,
+		0x060c0a06,
+		0x24486c24,
+		0x5cb8e45c,
+		0xc29f5dc2,
+		0xd3bd6ed3,
+		0xac43efac,
+		0x62c4a662,
+		0x9139a891,
+		0x9531a495,
+		0xe4d337e4,
+		0x79f28b79,
+		0xe7d532e7,
+		0xc88b43c8,
+		0x376e5937,
+		0x6ddab76d,
+		0x8d018c8d,
+		0xd5b164d5,
+		0x4e9cd24e,
+		0xa949e0a9,
+		0x6cd8b46c,
+		0x56acfa56,
+		0xf4f307f4,
+		0xeacf25ea,
+		0x65caaf65,
+		0x7af48e7a,
+		0xae47e9ae,
+		0x08101808,
+		0xba6fd5ba,
+		0x78f08878,
+		0x254a6f25,
+		0x2e5c722e,
+		0x1c38241c,
+		0xa657f1a6,
+		0xb473c7b4,
+		0xc69751c6,
+		0xe8cb23e8,
+		0xdda17cdd,
+		0x74e89c74,
+		0x1f3e211f,
+		0x4b96dd4b,
+		0xbd61dcbd,
+		0x8b0d868b,
+		0x8a0f858a,
+		0x70e09070,
+		0x3e7c423e,
+		0xb571c4b5,
+		0x66ccaa66,
+		0x4890d848,
+		0x03060503,
+		0xf6f701f6,
+		0x0e1c120e,
+		0x61c2a361,
+		0x356a5f35,
+		0x57aef957,
+		0xb969d0b9,
+		0x86179186,
+		0xc19958c1,
+		0x1d3a271d,
+		0x9e27b99e,
+		0xe1d938e1,
+		0xf8eb13f8,
+		0x982bb398,
+		0x11223311,
+		0x69d2bb69,
+		0xd9a970d9,
+		0x8e07898e,
+		0x9433a794,
+		0x9b2db69b,
+		0x1e3c221e,
+		0x87159287,
+		0xe9c920e9,
+		0xce8749ce,
+		0x55aaff55,
+		0x28507828,
+		0xdfa57adf,
+		0x8c038f8c,
+		0xa159f8a1,
+		0x89098089,
+		0x0d1a170d,
+		0xbf65dabf,
+		0xe6d731e6,
+		0x4284c642,
+		0x68d0b868,
+		0x4182c341,
+		0x9929b099,
+		0x2d5a772d,
+		0x0f1e110f,
+		0xb07bcbb0,
+		0x54a8fc54,
+		0xbb6dd6bb,
+		0x162c3a16,
+	},
+	{
+		0xc6a56363,
+		0xf8847c7c,
+		0xee997777,
+		0xf68d7b7b,
+		0xff0df2f2,
+		0xd6bd6b6b,
+		0xdeb16f6f,
+		0x9154c5c5,
+		0x60503030,
+		0x02030101,
+		0xcea96767,
+		0x567d2b2b,
+		0xe719fefe,
+		0xb562d7d7,
+		0x4de6abab,
+		0xec9a7676,
+		0x8f45caca,
+		0x1f9d8282,
+		0x8940c9c9,
+		0xfa877d7d,
+		0xef15fafa,
+		0xb2eb5959,
+		0x8ec94747,
+		0xfb0bf0f0,
+		0x41ecadad,
+		0xb367d4d4,
+		0x5ffda2a2,
+		0x45eaafaf,
+		0x23bf9c9c,
+		0x53f7a4a4,
+		0xe4967272,
+		0x9b5bc0c0,
+		0x75c2b7b7,
+		0xe11cfdfd,
+		0x3dae9393,
+		0x4c6a2626,
+		0x6c5a3636,
+		0x7e413f3f,
+		0xf502f7f7,
+		0x834fcccc,
+		0x685c3434,
+		0x51f4a5a5,
+		0xd134e5e5,
+		0xf908f1f1,
+		0xe2937171,
+		0xab73d8d8,
+		0x62533131,
+		0x2a3f1515,
+		0x080c0404,
+		0x9552c7c7,
+		0x46652323,
+		0x9d5ec3c3,
+		0x30281818,
+		0x37a19696,
+		0x0a0f0505,
+		0x2fb59a9a,
+		0x0e090707,
+		0x24361212,
+		0x1b9b8080,
+		0xdf3de2e2,
+		0xcd26ebeb,
+		0x4e692727,
+		0x7fcdb2b2,
+		0xea9f7575,
+		0x121b0909,
+		0x1d9e8383,
+		0x58742c2c,
+		0x342e1a1a,
+		0x362d1b1b,
+		0xdcb26e6e,
+		0xb4ee5a5a,
+		0x5bfba0a0,
+		0xa4f65252,
+		0x764d3b3b,
+		0xb761d6d6,
+		0x7dceb3b3,
+		0x527b2929,
+		0xdd3ee3e3,
+		0x5e712f2f,
+		0x13978484,
+		0xa6f55353,
+		0xb968d1d1,
+		0x00000000,
+		0xc12ceded,
+		0x40602020,
+		0xe31ffcfc,
+		0x79c8b1b1,
+		0xb6ed5b5b,
+		0xd4be6a6a,
+		0x8d46cbcb,
+		0x67d9bebe,
+		0x724b3939,
+		0x94de4a4a,
+		0x98d44c4c,
+		0xb0e85858,
+		0x854acfcf,
+		0xbb6bd0d0,
+		0xc52aefef,
+		0x4fe5aaaa,
+		0xed16fbfb,
+		0x86c54343,
+		0x9ad74d4d,
+		0x66553333,
+		0x11948585,
+		0x8acf4545,
+		0xe910f9f9,
+		0x04060202,
+		0xfe817f7f,
+		0xa0f05050,
+		0x78443c3c,
+		0x25ba9f9f,
+		0x4be3a8a8,
+		0xa2f35151,
+		0x5dfea3a3,
+		0x80c04040,
+		0x058a8f8f,
+		0x3fad9292,
+		0x21bc9d9d,
+		0x70483838,
+		0xf104f5f5,
+		0x63dfbcbc,
+		0x77c1b6b6,
+		0xaf75dada,
+		0x42632121,
+		0x20301010,
+		0xe51affff,
+		0xfd0ef3f3,
+		0xbf6dd2d2,
+		0x814ccdcd,
+		0x18140c0c,
+		0x26351313,
+		0xc32fecec,
+		0xbee15f5f,
+		0x35a29797,
+		0x88cc4444,
+		0x2e391717,
+		0x9357c4c4,
+		0x55f2a7a7,
+		0xfc827e7e,
+		0x7a473d3d,
+		0xc8ac6464,
+		0xbae75d5d,
+		0x322b1919,
+		0xe6957373,
+		0xc0a06060,
+		0x19988181,
+		0x9ed14f4f,
+		0xa37fdcdc,
+		0x44662222,
+		0x547e2a2a,
+		0x3bab9090,
+		0x0b838888,
+		0x8cca4646,
+		0xc729eeee,
+		0x6bd3b8b8,
+		0x283c1414,
+		0xa779dede,
+		0xbce25e5e,
+		0x161d0b0b,
+		0xad76dbdb,
+		0xdb3be0e0,
+		0x64563232,
+		0x744e3a3a,
+		0x141e0a0a,
+		0x92db4949,
+		0x0c0a0606,
+		0x486c2424,
+		0xb8e45c5c,
+		0x9f5dc2c2,
+		0xbd6ed3d3,
+		0x43efacac,
+		0xc4a66262,
+		0x39a89191,
+		0x31a49595,
+		0xd337e4e4,
+		0xf28b7979,
+		0xd532e7e7,
+		0x8b43c8c8,
+		0x6e593737,
+		0xdab76d6d,
+		0x018c8d8d,
+		0xb164d5d5,
+		0x9cd24e4e,
+		0x49e0a9a9,
+		0xd8b46c6c,
+		0xacfa5656,
+		0xf307f4f4,
+		0xcf25eaea,
+		0xcaaf6565,
+		0xf48e7a7a,
+		0x47e9aeae,
+		0x10180808,
+		0x6fd5baba,
+		0xf0887878,
+		0x4a6f2525,
+		0x5c722e2e,
+		0x38241c1c,
+		0x57f1a6a6,
+		0x73c7b4b4,
+		0x9751c6c6,
+		0xcb23e8e8,
+		0xa17cdddd,
+		0xe89c7474,
+		0x3e211f1f,
+		0x96dd4b4b,
+		0x61dcbdbd,
+		0x0d868b8b,
+		0x0f858a8a,
+		0xe0907070,
+		0x7c423e3e,
+		0x71c4b5b5,
+		0xccaa6666,
+		0x90d84848,
+		0x06050303,
+		0xf701f6f6,
+		0x1c120e0e,
+		0xc2a36161,
+		0x6a5f3535,
+		0xaef95757,
+		0x69d0b9b9,
+		0x17918686,
+		0x9958c1c1,
+		0x3a271d1d,
+		0x27b99e9e,
+		0xd938e1e1,
+		0xeb13f8f8,
+		0x2bb39898,
+		0x22331111,
+		0xd2bb6969,
+		0xa970d9d9,
+		0x07898e8e,
+		0x33a79494,
+		0x2db69b9b,
+		0x3c221e1e,
+		0x15928787,
+		0xc920e9e9,
+		0x8749cece,
+		0xaaff5555,
+		0x50782828,
+		0xa57adfdf,
+		0x038f8c8c,
+		0x59f8a1a1,
+		0x09808989,
+		0x1a170d0d,
+		0x65dabfbf,
+		0xd731e6e6,
+		0x84c64242,
+		0xd0b86868,
+		0x82c34141,
+		0x29b09999,
+		0x5a772d2d,
+		0x1e110f0f,
+		0x7bcbb0b0,
+		0xa8fc5454,
+		0x6dd6bbbb,
+		0x2c3a1616,
+	},
+};
+
+
+// Tables for main decryption iterations.
+const Word AESDecryptTable[4][256] =
+{
+	{
+		0x50a7f451,
+		0x5365417e,
+		0xc3a4171a,
+		0x965e273a,
+		0xcb6bab3b,
+		0xf1459d1f,
+		0xab58faac,
+		0x9303e34b,
+		0x55fa3020,
+		0xf66d76ad,
+		0x9176cc88,
+		0x254c02f5,
+		0xfcd7e54f,
+		0xd7cb2ac5,
+		0x80443526,
+		0x8fa362b5,
+		0x495ab1de,
+		0x671bba25,
+		0x980eea45,
+		0xe1c0fe5d,
+		0x02752fc3,
+		0x12f04c81,
+		0xa397468d,
+		0xc6f9d36b,
+		0xe75f8f03,
+		0x959c9215,
+		0xeb7a6dbf,
+		0xda595295,
+		0x2d83bed4,
+		0xd3217458,
+		0x2969e049,
+		0x44c8c98e,
+		0x6a89c275,
+		0x78798ef4,
+		0x6b3e5899,
+		0xdd71b927,
+		0xb64fe1be,
+		0x17ad88f0,
+		0x66ac20c9,
+		0xb43ace7d,
+		0x184adf63,
+		0x82311ae5,
+		0x60335197,
+		0x457f5362,
+		0xe07764b1,
+		0x84ae6bbb,
+		0x1ca081fe,
+		0x942b08f9,
+		0x58684870,
+		0x19fd458f,
+		0x876cde94,
+		0xb7f87b52,
+		0x23d373ab,
+		0xe2024b72,
+		0x578f1fe3,
+		0x2aab5566,
+		0x0728ebb2,
+		0x03c2b52f,
+		0x9a7bc586,
+		0xa50837d3,
+		0xf2872830,
+		0xb2a5bf23,
+		0xba6a0302,
+		0x5c8216ed,
+		0x2b1ccf8a,
+		0x92b479a7,
+		0xf0f207f3,
+		0xa1e2694e,
+		0xcdf4da65,
+		0xd5be0506,
+		0x1f6234d1,
+		0x8afea6c4,
+		0x9d532e34,
+		0xa055f3a2,
+		0x32e18a05,
+		0x75ebf6a4,
+		0x39ec830b,
+		0xaaef6040,
+		0x069f715e,
+		0x51106ebd,
+		0xf98a213e,
+		0x3d06dd96,
+		0xae053edd,
+		0x46bde64d,
+		0xb58d5491,
+		0x055dc471,
+		0x6fd40604,
+		0xff155060,
+		0x24fb9819,
+		0x97e9bdd6,
+		0xcc434089,
+		0x779ed967,
+		0xbd42e8b0,
+		0x888b8907,
+		0x385b19e7,
+		0xdbeec879,
+		0x470a7ca1,
+		0xe90f427c,
+		0xc91e84f8,
+		0x00000000,
+		0x83868009,
+		0x48ed2b32,
+		0xac70111e,
+		0x4e725a6c,
+		0xfbff0efd,
+		0x5638850f,
+		0x1ed5ae3d,
+		0x27392d36,
+		0x64d90f0a,
+		0x21a65c68,
+		0xd1545b9b,
+		0x3a2e3624,
+		0xb1670a0c,
+		0x0fe75793,
+		0xd296eeb4,
+		0x9e919b1b,
+		0x4fc5c080,
+		0xa220dc61,
+		0x694b775a,
+		0x161a121c,
+		0x0aba93e2,
+		0xe52aa0c0,
+		0x43e0223c,
+		0x1d171b12,
+		0x0b0d090e,
+		0xadc78bf2,
+		0xb9a8b62d,
+		0xc8a91e14,
+		0x8519f157,
+		0x4c0775af,
+		0xbbdd99ee,
+		0xfd607fa3,
+		0x9f2601f7,
+		0xbcf5725c,
+		0xc53b6644,
+		0x347efb5b,
+		0x7629438b,
+		0xdcc623cb,
+		0x68fcedb6,
+		0x63f1e4b8,
+		0xcadc31d7,
+		0x10856342,
+		0x40229713,
+		0x2011c684,
+		0x7d244a85,
+		0xf83dbbd2,
+		0x1132f9ae,
+		0x6da129c7,
+		0x4b2f9e1d,
+		0xf330b2dc,
+		0xec52860d,
+		0xd0e3c177,
+		0x6c16b32b,
+		0x99b970a9,
+		0xfa489411,
+		0x2264e947,
+		0xc48cfca8,
+		0x1a3ff0a0,
+		0xd82c7d56,
+		0xef903322,
+		0xc74e4987,
+		0xc1d138d9,
+		0xfea2ca8c,
+		0x360bd498,
+		0xcf81f5a6,
+		0x28de7aa5,
+		0x268eb7da,
+		0xa4bfad3f,
+		0xe49d3a2c,
+		0x0d927850,
+		0x9bcc5f6a,
+		0x62467e54,
+		0xc2138df6,
+		0xe8b8d890,
+		0x5ef7392e,
+		0xf5afc382,
+		0xbe805d9f,
+		0x7c93d069,
+		0xa92dd56f,
+		0xb31225cf,
+		0x3b99acc8,
+		0xa77d1810,
+		0x6e639ce8,
+		0x7bbb3bdb,
+		0x097826cd,
+		0xf418596e,
+		0x01b79aec,
+		0xa89a4f83,
+		0x656e95e6,
+		0x7ee6ffaa,
+		0x08cfbc21,
+		0xe6e815ef,
+		0xd99be7ba,
+		0xce366f4a,
+		0xd4099fea,
+		0xd67cb029,
+		0xafb2a431,
+		0x31233f2a,
+		0x3094a5c6,
+		0xc066a235,
+		0x37bc4e74,
+		0xa6ca82fc,
+		0xb0d090e0,
+		0x15d8a733,
+		0x4a9804f1,
+		0xf7daec41,
+		0x0e50cd7f,
+		0x2ff69117,
+		0x8dd64d76,
+		0x4db0ef43,
+		0x544daacc,
+		0xdf0496e4,
+		0xe3b5d19e,
+		0x1b886a4c,
+		0xb81f2cc1,
+		0x7f516546,
+		0x04ea5e9d,
+		0x5d358c01,
+		0x737487fa,
+		0x2e410bfb,
+		0x5a1d67b3,
+		0x52d2db92,
+		0x335610e9,
+		0x1347d66d,
+		0x8c61d79a,
+		0x7a0ca137,
+		0x8e14f859,
+		0x893c13eb,
+		0xee27a9ce,
+		0x35c961b7,
+		0xede51ce1,
+		0x3cb1477a,
+		0x59dfd29c,
+		0x3f73f255,
+		0x79ce1418,
+		0xbf37c773,
+		0xeacdf753,
+		0x5baafd5f,
+		0x146f3ddf,
+		0x86db4478,
+		0x81f3afca,
+		0x3ec468b9,
+		0x2c342438,
+		0x5f40a3c2,
+		0x72c31d16,
+		0x0c25e2bc,
+		0x8b493c28,
+		0x41950dff,
+		0x7101a839,
+		0xdeb30c08,
+		0x9ce4b4d8,
+		0x90c15664,
+		0x6184cb7b,
+		0x70b632d5,
+		0x745c6c48,
+		0x4257b8d0,
+	},
+	{
+		0xa7f45150,
+		0x65417e53,
+		0xa4171ac3,
+		0x5e273a96,
+		0x6bab3bcb,
+		0x459d1ff1,
+		0x58faacab,
+		0x03e34b93,
+		0xfa302055,
+		0x6d76adf6,
+		0x76cc8891,
+		0x4c02f525,
+		0xd7e54ffc,
+		0xcb2ac5d7,
+		0x44352680,
+		0xa362b58f,
+		0x5ab1de49,
+		0x1bba2567,
+		0x0eea4598,
+		0xc0fe5de1,
+		0x752fc302,
+		0xf04c8112,
+		0x97468da3,
+		0xf9d36bc6,
+		0x5f8f03e7,
+		0x9c921595,
+		0x7a6dbfeb,
+		0x595295da,
+		0x83bed42d,
+		0x217458d3,
+		0x69e04929,
+		0xc8c98e44,
+		0x89c2756a,
+		0x798ef478,
+		0x3e58996b,
+		0x71b927dd,
+		0x4fe1beb6,
+		0xad88f017,
+		0xac20c966,
+		0x3ace7db4,
+		0x4adf6318,
+		0x311ae582,
+		0x33519760,
+		0x7f536245,
+		0x7764b1e0,
+		0xae6bbb84,
+		0xa081fe1c,
+		0x2b08f994,
+		0x68487058,
+		0xfd458f19,
+		0x6cde9487,
+		0xf87b52b7,
+		0xd373ab23,
+		0x024b72e2,
+		0x8f1fe357,
+		0xab55662a,
+		0x28ebb207,
+		0xc2b52f03,
+		0x7bc5869a,
+		0x0837d3a5,
+		0x872830f2,
+		0xa5bf23b2,
+		0x6a0302ba,
+		0x8216ed5c,
+		0x1ccf8a2b,
+		0xb479a792,
+		0xf207f3f0,
+		0xe2694ea1,
+		0xf4da65cd,
+		0xbe0506d5,
+		0x6234d11f,
+		0xfea6c48a,
+		0x532e349d,
+		0x55f3a2a0,
+		0xe18a0532,
+		0xebf6a475,
+		0xec830b39,
+		0xef6040aa,
+		0x9f715e06,
+		0x106ebd51,
+		0x8a213ef9,
+		0x06dd963d,
+		0x053eddae,
+		0xbde64d46,
+		0x8d5491b5,
+		0x5dc47105,
+		0xd406046f,
+		0x155060ff,
+		0xfb981924,
+		0xe9bdd697,
+		0x434089cc,
+		0x9ed96777,
+		0x42e8b0bd,
+		0x8b890788,
+		0x5b19e738,
+		0xeec879db,
+		0x0a7ca147,
+		0x0f427ce9,
+		0x1e84f8c9,
+		0x00000000,
+		0x86800983,
+		0xed2b3248,
+		0x70111eac,
+		0x725a6c4e,
+		0xff0efdfb,
+		0x38850f56,
+		0xd5ae3d1e,
+		0x392d3627,
+		0xd90f0a64,
+		0xa65c6821,
+		0x545b9bd1,
+		0x2e36243a,
+		0x670a0cb1,
+		0xe757930f,
+		0x96eeb4d2,
+		0x919b1b9e,
+		0xc5c0804f,
+		0x20dc61a2,
+		0x4b775a69,
+		0x1a121c16,
+		0xba93e20a,
+		0x2aa0c0e5,
+		0xe0223c43,
+		0x171b121d,
+		0x0d090e0b,
+		0xc78bf2ad,
+		0xa8b62db9,
+		0xa91e14c8,
+		0x19f15785,
+		0x0775af4c,
+		0xdd99eebb,
+		0x607fa3fd,
+		0x2601f79f,
+		0xf5725cbc,
+		0x3b6644c5,
+		0x7efb5b34,
+		0x29438b76,
+		0xc623cbdc,
+		0xfcedb668,
+		0xf1e4b863,
+		0xdc31d7ca,
+		0x85634210,
+		0x22971340,
+		0x11c68420,
+		0x244a857d,
+		0x3dbbd2f8,
+		0x32f9ae11,
+		0xa129c76d,
+		0x2f9e1d4b,
+		0x30b2dcf3,
+		0x52860dec,
+		0xe3c177d0,
+		0x16b32b6c,
+		0xb970a999,
+		0x489411fa,
+		0x64e94722,
+		0x8cfca8c4,
+		0x3ff0a01a,
+		0x2c7d56d8,
+		0x903322ef,
+		0x4e4987c7,
+		0xd138d9c1,
+		0xa2ca8cfe,
+		0x0bd49836,
+		0x81f5a6cf,
+		0xde7aa528,
+		0x8eb7da26,
+		0xbfad3fa4,
+		0x9d3a2ce4,
+		0x9278500d,
+		0xcc5f6a9b,
+		0x467e5462,
+		0x138df6c2,
+		0xb8d890e8,
+		0xf7392e5e,
+		0xafc382f5,
+		0x805d9fbe,
+		0x93d0697c,
+		0x2dd56fa9,
+		0x1225cfb3,
+		0x99acc83b,
+		0x7d1810a7,
+		0x639ce86e,
+		0xbb3bdb7b,
+		0x7826cd09,
+		0x18596ef4,
+		0xb79aec01,
+		0x9a4f83a8,
+		0x6e95e665,
+		0xe6ffaa7e,
+		0xcfbc2108,
+		0xe815efe6,
+		0x9be7bad9,
+		0x366f4ace,
+		0x099fead4,
+		0x7cb029d6,
+		0xb2a431af,
+		0x233f2a31,
+		0x94a5c630,
+		0x66a235c0,
+		0xbc4e7437,
+		0xca82fca6,
+		0xd090e0b0,
+		0xd8a73315,
+		0x9804f14a,
+		0xdaec41f7,
+		0x50cd7f0e,
+		0xf691172f,
+		0xd64d768d,
+		0xb0ef434d,
+		0x4daacc54,
+		0x0496e4df,
+		0xb5d19ee3,
+		0x886a4c1b,
+		0x1f2cc1b8,
+		0x5165467f,
+		0xea5e9d04,
+		0x358c015d,
+		0x7487fa73,
+		0x410bfb2e,
+		0x1d67b35a,
+		0xd2db9252,
+		0x5610e933,
+		0x47d66d13,
+		0x61d79a8c,
+		0x0ca1377a,
+		0x14f8598e,
+		0x3c13eb89,
+		0x27a9ceee,
+		0xc961b735,
+		0xe51ce1ed,
+		0xb1477a3c,
+		0xdfd29c59,
+		0x73f2553f,
+		0xce141879,
+		0x37c773bf,
+		0xcdf753ea,
+		0xaafd5f5b,
+		0x6f3ddf14,
+		0xdb447886,
+		0xf3afca81,
+		0xc468b93e,
+		0x3424382c,
+		0x40a3c25f,
+		0xc31d1672,
+		0x25e2bc0c,
+		0x493c288b,
+		0x950dff41,
+		0x01a83971,
+		0xb30c08de,
+		0xe4b4d89c,
+		0xc1566490,
+		0x84cb7b61,
+		0xb632d570,
+		0x5c6c4874,
+		0x57b8d042,
+	},
+	{
+		0xf45150a7,
+		0x417e5365,
+		0x171ac3a4,
+		0x273a965e,
+		0xab3bcb6b,
+		0x9d1ff145,
+		0xfaacab58,
+		0xe34b9303,
+		0x302055fa,
+		0x76adf66d,
+		0xcc889176,
+		0x02f5254c,
+		0xe54ffcd7,
+		0x2ac5d7cb,
+		0x35268044,
+		0x62b58fa3,
+		0xb1de495a,
+		0xba25671b,
+		0xea45980e,
+		0xfe5de1c0,
+		0x2fc30275,
+		0x4c8112f0,
+		0x468da397,
+		0xd36bc6f9,
+		0x8f03e75f,
+		0x9215959c,
+		0x6dbfeb7a,
+		0x5295da59,
+		0xbed42d83,
+		0x7458d321,
+		0xe0492969,
+		0xc98e44c8,
+		0xc2756a89,
+		0x8ef47879,
+		0x58996b3e,
+		0xb927dd71,
+		0xe1beb64f,
+		0x88f017ad,
+		0x20c966ac,
+		0xce7db43a,
+		0xdf63184a,
+		0x1ae58231,
+		0x51976033,
+		0x5362457f,
+		0x64b1e077,
+		0x6bbb84ae,
+		0x81fe1ca0,
+		0x08f9942b,
+		0x48705868,
+		0x458f19fd,
+		0xde94876c,
+		0x7b52b7f8,
+		0x73ab23d3,
+		0x4b72e202,
+		0x1fe3578f,
+		0x55662aab,
+		0xebb20728,
+		0xb52f03c2,
+		0xc5869a7b,
+		0x37d3a508,
+		0x2830f287,
+		0xbf23b2a5,
+		0x0302ba6a,
+		0x16ed5c82,
+		0xcf8a2b1c,
+		0x79a792b4,
+		0x07f3f0f2,
+		0x694ea1e2,
+		0xda65cdf4,
+		0x0506d5be,
+		0x34d11f62,
+		0xa6c48afe,
+		0x2e349d53,
+		0xf3a2a055,
+		0x8a0532e1,
+		0xf6a475eb,
+		0x830b39ec,
+		0x6040aaef,
+		0x715e069f,
+		0x6ebd5110,
+		0x213ef98a,
+		0xdd963d06,
+		0x3eddae05,
+		0xe64d46bd,
+		0x5491b58d,
+		0xc471055d,
+		0x06046fd4,
+		0x5060ff15,
+		0x981924fb,
+		0xbdd697e9,
+		0x4089cc43,
+		0xd967779e,
+		0xe8b0bd42,
+		0x8907888b,
+		0x19e7385b,
+		0xc879dbee,
+		0x7ca1470a,
+		0x427ce90f,
+		0x84f8c91e,
+		0x00000000,
+		0x80098386,
+		0x2b3248ed,
+		0x111eac70,
+		0x5a6c4e72,
+		0x0efdfbff,
+		0x850f5638,
+		0xae3d1ed5,
+		0x2d362739,
+		0x0f0a64d9,
+		0x5c6821a6,
+		0x5b9bd154,
+		0x36243a2e,
+		0x0a0cb167,
+		0x57930fe7,
+		0xeeb4d296,
+		0x9b1b9e91,
+		0xc0804fc5,
+		0xdc61a220,
+		0x775a694b,
+		0x121c161a,
+		0x93e20aba,
+		0xa0c0e52a,
+		0x223c43e0,
+		0x1b121d17,
+		0x090e0b0d,
+		0x8bf2adc7,
+		0xb62db9a8,
+		0x1e14c8a9,
+		0xf1578519,
+		0x75af4c07,
+		0x99eebbdd,
+		0x7fa3fd60,
+		0x01f79f26,
+		0x725cbcf5,
+		0x6644c53b,
+		0xfb5b347e,
+		0x438b7629,
+		0x23cbdcc6,
+		0xedb668fc,
+		0xe4b863f1,
+		0x31d7cadc,
+		0x63421085,
+		0x97134022,
+		0xc6842011,
+		0x4a857d24,
+		0xbbd2f83d,
+		0xf9ae1132,
+		0x29c76da1,
+		0x9e1d4b2f,
+		0xb2dcf330,
+		0x860dec52,
+		0xc177d0e3,
+		0xb32b6c16,
+		0x70a999b9,
+		0x9411fa48,
+		0xe9472264,
+		0xfca8c48c,
+		0xf0a01a3f,
+		0x7d56d82c,
+		0x3322ef90,
+		0x4987c74e,
+		0x38d9c1d1,
+		0xca8cfea2,
+		0xd498360b,
+		0xf5a6cf81,
+		0x7aa528de,
+		0xb7da268e,
+		0xad3fa4bf,
+		0x3a2ce49d,
+		0x78500d92,
+		0x5f6a9bcc,
+		0x7e546246,
+		0x8df6c213,
+		0xd890e8b8,
+		0x392e5ef7,
+		0xc382f5af,
+		0x5d9fbe80,
+		0xd0697c93,
+		0xd56fa92d,
+		0x25cfb312,
+		0xacc83b99,
+		0x1810a77d,
+		0x9ce86e63,
+		0x3bdb7bbb,
+		0x26cd0978,
+		0x596ef418,
+		0x9aec01b7,
+		0x4f83a89a,
+		0x95e6656e,
+		0xffaa7ee6,
+		0xbc2108cf,
+		0x15efe6e8,
+		0xe7bad99b,
+		0x6f4ace36,
+		0x9fead409,
+		0xb029d67c,
+		0xa431afb2,
+		0x3f2a3123,
+		0xa5c63094,
+		0xa235c066,
+		0x4e7437bc,
+		0x82fca6ca,
+		0x90e0b0d0,
+		0xa73315d8,
+		0x04f14a98,
+		0xec41f7da,
+		0xcd7f0e50,
+		0x91172ff6,
+		0x4d768dd6,
+		0xef434db0,
+		0xaacc544d,
+		0x96e4df04,
+		0xd19ee3b5,
+		0x6a4c1b88,
+		0x2cc1b81f,
+		0x65467f51,
+		0x5e9d04ea,
+		0x8c015d35,
+		0x87fa7374,
+		0x0bfb2e41,
+		0x67b35a1d,
+		0xdb9252d2,
+		0x10e93356,
+		0xd66d1347,
+		0xd79a8c61,
+		0xa1377a0c,
+		0xf8598e14,
+		0x13eb893c,
+		0xa9ceee27,
+		0x61b735c9,
+		0x1ce1ede5,
+		0x477a3cb1,
+		0xd29c59df,
+		0xf2553f73,
+		0x141879ce,
+		0xc773bf37,
+		0xf753eacd,
+		0xfd5f5baa,
+		0x3ddf146f,
+		0x447886db,
+		0xafca81f3,
+		0x68b93ec4,
+		0x24382c34,
+		0xa3c25f40,
+		0x1d1672c3,
+		0xe2bc0c25,
+		0x3c288b49,
+		0x0dff4195,
+		0xa8397101,
+		0x0c08deb3,
+		0xb4d89ce4,
+		0x566490c1,
+		0xcb7b6184,
+		0x32d570b6,
+		0x6c48745c,
+		0xb8d04257,
+	},
+	{
+		0x5150a7f4,
+		0x7e536541,
+		0x1ac3a417,
+		0x3a965e27,
+		0x3bcb6bab,
+		0x1ff1459d,
+		0xacab58fa,
+		0x4b9303e3,
+		0x2055fa30,
+		0xadf66d76,
+		0x889176cc,
+		0xf5254c02,
+		0x4ffcd7e5,
+		0xc5d7cb2a,
+		0x26804435,
+		0xb58fa362,
+		0xde495ab1,
+		0x25671bba,
+		0x45980eea,
+		0x5de1c0fe,
+		0xc302752f,
+		0x8112f04c,
+		0x8da39746,
+		0x6bc6f9d3,
+		0x03e75f8f,
+		0x15959c92,
+		0xbfeb7a6d,
+		0x95da5952,
+		0xd42d83be,
+		0x58d32174,
+		0x492969e0,
+		0x8e44c8c9,
+		0x756a89c2,
+		0xf478798e,
+		0x996b3e58,
+		0x27dd71b9,
+		0xbeb64fe1,
+		0xf017ad88,
+		0xc966ac20,
+		0x7db43ace,
+		0x63184adf,
+		0xe582311a,
+		0x97603351,
+		0x62457f53,
+		0xb1e07764,
+		0xbb84ae6b,
+		0xfe1ca081,
+		0xf9942b08,
+		0x70586848,
+		0x8f19fd45,
+		0x94876cde,
+		0x52b7f87b,
+		0xab23d373,
+		0x72e2024b,
+		0xe3578f1f,
+		0x662aab55,
+		0xb20728eb,
+		0x2f03c2b5,
+		0x869a7bc5,
+		0xd3a50837,
+		0x30f28728,
+		0x23b2a5bf,
+		0x02ba6a03,
+		0xed5c8216,
+		0x8a2b1ccf,
+		0xa792b479,
+		0xf3f0f207,
+		0x4ea1e269,
+		0x65cdf4da,
+		0x06d5be05,
+		0xd11f6234,
+		0xc48afea6,
+		0x349d532e,
+		0xa2a055f3,
+		0x0532e18a,
+		0xa475ebf6,
+		0x0b39ec83,
+		0x40aaef60,
+		0x5e069f71,
+		0xbd51106e,
+		0x3ef98a21,
+		0x963d06dd,
+		0xddae053e,
+		0x4d46bde6,
+		0x91b58d54,
+		0x71055dc4,
+		0x046fd406,
+		0x60ff1550,
+		0x1924fb98,
+		0xd697e9bd,
+		0x89cc4340,
+		0x67779ed9,
+		0xb0bd42e8,
+		0x07888b89,
+		0xe7385b19,
+		0x79dbeec8,
+		0xa1470a7c,
+		0x7ce90f42,
+		0xf8c91e84,
+		0x00000000,
+		0x09838680,
+		0x3248ed2b,
+		0x1eac7011,
+		0x6c4e725a,
+		0xfdfbff0e,
+		0x0f563885,
+		0x3d1ed5ae,
+		0x3627392d,
+		0x0a64d90f,
+		0x6821a65c,
+		0x9bd1545b,
+		0x243a2e36,
+		0x0cb1670a,
+		0x930fe757,
+		0xb4d296ee,
+		0x1b9e919b,
+		0x804fc5c0,
+		0x61a220dc,
+		0x5a694b77,
+		0x1c161a12,
+		0xe20aba93,
+		0xc0e52aa0,
+		0x3c43e022,
+		0x121d171b,
+		0x0e0b0d09,
+		0xf2adc78b,
+		0x2db9a8b6,
+		0x14c8a91e,
+		0x578519f1,
+		0xaf4c0775,
+		0xeebbdd99,
+		0xa3fd607f,
+		0xf79f2601,
+		0x5cbcf572,
+		0x44c53b66,
+		0x5b347efb,
+		0x8b762943,
+		0xcbdcc623,
+		0xb668fced,
+		0xb863f1e4,
+		0xd7cadc31,
+		0x42108563,
+		0x13402297,
+		0x842011c6,
+		0x857d244a,
+		0xd2f83dbb,
+		0xae1132f9,
+		0xc76da129,
+		0x1d4b2f9e,
+		0xdcf330b2,
+		0x0dec5286,
+		0x77d0e3c1,
+		0x2b6c16b3,
+		0xa999b970,
+		0x11fa4894,
+		0x472264e9,
+		0xa8c48cfc,
+		0xa01a3ff0,
+		0x56d82c7d,
+		0x22ef9033,
+		0x87c74e49,
+		0xd9c1d138,
+		0x8cfea2ca,
+		0x98360bd4,
+		0xa6cf81f5,
+		0xa528de7a,
+		0xda268eb7,
+		0x3fa4bfad,
+		0x2ce49d3a,
+		0x500d9278,
+		0x6a9bcc5f,
+		0x5462467e,
+		0xf6c2138d,
+		0x90e8b8d8,
+		0x2e5ef739,
+		0x82f5afc3,
+		0x9fbe805d,
+		0x697c93d0,
+		0x6fa92dd5,
+		0xcfb31225,
+		0xc83b99ac,
+		0x10a77d18,
+		0xe86e639c,
+		0xdb7bbb3b,
+		0xcd097826,
+		0x6ef41859,
+		0xec01b79a,
+		0x83a89a4f,
+		0xe6656e95,
+		0xaa7ee6ff,
+		0x2108cfbc,
+		0xefe6e815,
+		0xbad99be7,
+		0x4ace366f,
+		0xead4099f,
+		0x29d67cb0,
+		0x31afb2a4,
+		0x2a31233f,
+		0xc63094a5,
+		0x35c066a2,
+		0x7437bc4e,
+		0xfca6ca82,
+		0xe0b0d090,
+		0x3315d8a7,
+		0xf14a9804,
+		0x41f7daec,
+		0x7f0e50cd,
+		0x172ff691,
+		0x768dd64d,
+		0x434db0ef,
+		0xcc544daa,
+		0xe4df0496,
+		0x9ee3b5d1,
+		0x4c1b886a,
+		0xc1b81f2c,
+		0x467f5165,
+		0x9d04ea5e,
+		0x015d358c,
+		0xfa737487,
+		0xfb2e410b,
+		0xb35a1d67,
+		0x9252d2db,
+		0xe9335610,
+		0x6d1347d6,
+		0x9a8c61d7,
+		0x377a0ca1,
+		0x598e14f8,
+		0xeb893c13,
+		0xceee27a9,
+		0xb735c961,
+		0xe1ede51c,
+		0x7a3cb147,
+		0x9c59dfd2,
+		0x553f73f2,
+		0x1879ce14,
+		0x73bf37c7,
+		0x53eacdf7,
+		0x5f5baafd,
+		0xdf146f3d,
+		0x7886db44,
+		0xca81f3af,
+		0xb93ec468,
+		0x382c3424,
+		0xc25f40a3,
+		0x1672c31d,
+		0xbc0c25e2,
+		0x288b493c,
+		0xff41950d,
+		0x397101a8,
+		0x08deb30c,
+		0xd89ce4b4,
+		0x6490c156,
+		0x7b6184cb,
+		0xd570b632,
+		0x48745c6c,
+		0xd04257b8,
+	},
+};
+
+
+// SubBytes embedded in words tables.
+const Word AESSubBytesWordTable[4][256] =
+{
+	{
+		0x00000063,
+		0x0000007c,
+		0x00000077,
+		0x0000007b,
+		0x000000f2,
+		0x0000006b,
+		0x0000006f,
+		0x000000c5,
+		0x00000030,
+		0x00000001,
+		0x00000067,
+		0x0000002b,
+		0x000000fe,
+		0x000000d7,
+		0x000000ab,
+		0x00000076,
+		0x000000ca,
+		0x00000082,
+		0x000000c9,
+		0x0000007d,
+		0x000000fa,
+		0x00000059,
+		0x00000047,
+		0x000000f0,
+		0x000000ad,
+		0x000000d4,
+		0x000000a2,
+		0x000000af,
+		0x0000009c,
+		0x000000a4,
+		0x00000072,
+		0x000000c0,
+		0x000000b7,
+		0x000000fd,
+		0x00000093,
+		0x00000026,
+		0x00000036,
+		0x0000003f,
+		0x000000f7,
+		0x000000cc,
+		0x00000034,
+		0x000000a5,
+		0x000000e5,
+		0x000000f1,
+		0x00000071,
+		0x000000d8,
+		0x00000031,
+		0x00000015,
+		0x00000004,
+		0x000000c7,
+		0x00000023,
+		0x000000c3,
+		0x00000018,
+		0x00000096,
+		0x00000005,
+		0x0000009a,
+		0x00000007,
+		0x00000012,
+		0x00000080,
+		0x000000e2,
+		0x000000eb,
+		0x00000027,
+		0x000000b2,
+		0x00000075,
+		0x00000009,
+		0x00000083,
+		0x0000002c,
+		0x0000001a,
+		0x0000001b,
+		0x0000006e,
+		0x0000005a,
+		0x000000a0,
+		0x00000052,
+		0x0000003b,
+		0x000000d6,
+		0x000000b3,
+		0x00000029,
+		0x000000e3,
+		0x0000002f,
+		0x00000084,
+		0x00000053,
+		0x000000d1,
+		0x00000000,
+		0x000000ed,
+		0x00000020,
+		0x000000fc,
+		0x000000b1,
+		0x0000005b,
+		0x0000006a,
+		0x000000cb,
+		0x000000be,
+		0x00000039,
+		0x0000004a,
+		0x0000004c,
+		0x00000058,
+		0x000000cf,
+		0x000000d0,
+		0x000000ef,
+		0x000000aa,
+		0x000000fb,
+		0x00000043,
+		0x0000004d,
+		0x00000033,
+		0x00000085,
+		0x00000045,
+		0x000000f9,
+		0x00000002,
+		0x0000007f,
+		0x00000050,
+		0x0000003c,
+		0x0000009f,
+		0x000000a8,
+		0x00000051,
+		0x000000a3,
+		0x00000040,
+		0x0000008f,
+		0x00000092,
+		0x0000009d,
+		0x00000038,
+		0x000000f5,
+		0x000000bc,
+		0x000000b6,
+		0x000000da,
+		0x00000021,
+		0x00000010,
+		0x000000ff,
+		0x000000f3,
+		0x000000d2,
+		0x000000cd,
+		0x0000000c,
+		0x00000013,
+		0x000000ec,
+		0x0000005f,
+		0x00000097,
+		0x00000044,
+		0x00000017,
+		0x000000c4,
+		0x000000a7,
+		0x0000007e,
+		0x0000003d,
+		0x00000064,
+		0x0000005d,
+		0x00000019,
+		0x00000073,
+		0x00000060,
+		0x00000081,
+		0x0000004f,
+		0x000000dc,
+		0x00000022,
+		0x0000002a,
+		0x00000090,
+		0x00000088,
+		0x00000046,
+		0x000000ee,
+		0x000000b8,
+		0x00000014,
+		0x000000de,
+		0x0000005e,
+		0x0000000b,
+		0x000000db,
+		0x000000e0,
+		0x00000032,
+		0x0000003a,
+		0x0000000a,
+		0x00000049,
+		0x00000006,
+		0x00000024,
+		0x0000005c,
+		0x000000c2,
+		0x000000d3,
+		0x000000ac,
+		0x00000062,
+		0x00000091,
+		0x00000095,
+		0x000000e4,
+		0x00000079,
+		0x000000e7,
+		0x000000c8,
+		0x00000037,
+		0x0000006d,
+		0x0000008d,
+		0x000000d5,
+		0x0000004e,
+		0x000000a9,
+		0x0000006c,
+		0x00000056,
+		0x000000f4,
+		0x000000ea,
+		0x00000065,
+		0x0000007a,
+		0x000000ae,
+		0x00000008,
+		0x000000ba,
+		0x00000078,
+		0x00000025,
+		0x0000002e,
+		0x0000001c,
+		0x000000a6,
+		0x000000b4,
+		0x000000c6,
+		0x000000e8,
+		0x000000dd,
+		0x00000074,
+		0x0000001f,
+		0x0000004b,
+		0x000000bd,
+		0x0000008b,
+		0x0000008a,
+		0x00000070,
+		0x0000003e,
+		0x000000b5,
+		0x00000066,
+		0x00000048,
+		0x00000003,
+		0x000000f6,
+		0x0000000e,
+		0x00000061,
+		0x00000035,
+		0x00000057,
+		0x000000b9,
+		0x00000086,
+		0x000000c1,
+		0x0000001d,
+		0x0000009e,
+		0x000000e1,
+		0x000000f8,
+		0x00000098,
+		0x00000011,
+		0x00000069,
+		0x000000d9,
+		0x0000008e,
+		0x00000094,
+		0x0000009b,
+		0x0000001e,
+		0x00000087,
+		0x000000e9,
+		0x000000ce,
+		0x00000055,
+		0x00000028,
+		0x000000df,
+		0x0000008c,
+		0x000000a1,
+		0x00000089,
+		0x0000000d,
+		0x000000bf,
+		0x000000e6,
+		0x00000042,
+		0x00000068,
+		0x00000041,
+		0x00000099,
+		0x0000002d,
+		0x0000000f,
+		0x000000b0,
+		0x00000054,
+		0x000000bb,
+		0x00000016,
+	},
+	{
+		0x00006300,
+		0x00007c00,
+		0x00007700,
+		0x00007b00,
+		0x0000f200,
+		0x00006b00,
+		0x00006f00,
+		0x0000c500,
+		0x00003000,
+		0x00000100,
+		0x00006700,
+		0x00002b00,
+		0x0000fe00,
+		0x0000d700,
+		0x0000ab00,
+		0x00007600,
+		0x0000ca00,
+		0x00008200,
+		0x0000c900,
+		0x00007d00,
+		0x0000fa00,
+		0x00005900,
+		0x00004700,
+		0x0000f000,
+		0x0000ad00,
+		0x0000d400,
+		0x0000a200,
+		0x0000af00,
+		0x00009c00,
+		0x0000a400,
+		0x00007200,
+		0x0000c000,
+		0x0000b700,
+		0x0000fd00,
+		0x00009300,
+		0x00002600,
+		0x00003600,
+		0x00003f00,
+		0x0000f700,
+		0x0000cc00,
+		0x00003400,
+		0x0000a500,
+		0x0000e500,
+		0x0000f100,
+		0x00007100,
+		0x0000d800,
+		0x00003100,
+		0x00001500,
+		0x00000400,
+		0x0000c700,
+		0x00002300,
+		0x0000c300,
+		0x00001800,
+		0x00009600,
+		0x00000500,
+		0x00009a00,
+		0x00000700,
+		0x00001200,
+		0x00008000,
+		0x0000e200,
+		0x0000eb00,
+		0x00002700,
+		0x0000b200,
+		0x00007500,
+		0x00000900,
+		0x00008300,
+		0x00002c00,
+		0x00001a00,
+		0x00001b00,
+		0x00006e00,
+		0x00005a00,
+		0x0000a000,
+		0x00005200,
+		0x00003b00,
+		0x0000d600,
+		0x0000b300,
+		0x00002900,
+		0x0000e300,
+		0x00002f00,
+		0x00008400,
+		0x00005300,
+		0x0000d100,
+		0x00000000,
+		0x0000ed00,
+		0x00002000,
+		0x0000fc00,
+		0x0000b100,
+		0x00005b00,
+		0x00006a00,
+		0x0000cb00,
+		0x0000be00,
+		0x00003900,
+		0x00004a00,
+		0x00004c00,
+		0x00005800,
+		0x0000cf00,
+		0x0000d000,
+		0x0000ef00,
+		0x0000aa00,
+		0x0000fb00,
+		0x00004300,
+		0x00004d00,
+		0x00003300,
+		0x00008500,
+		0x00004500,
+		0x0000f900,
+		0x00000200,
+		0x00007f00,
+		0x00005000,
+		0x00003c00,
+		0x00009f00,
+		0x0000a800,
+		0x00005100,
+		0x0000a300,
+		0x00004000,
+		0x00008f00,
+		0x00009200,
+		0x00009d00,
+		0x00003800,
+		0x0000f500,
+		0x0000bc00,
+		0x0000b600,
+		0x0000da00,
+		0x00002100,
+		0x00001000,
+		0x0000ff00,
+		0x0000f300,
+		0x0000d200,
+		0x0000cd00,
+		0x00000c00,
+		0x00001300,
+		0x0000ec00,
+		0x00005f00,
+		0x00009700,
+		0x00004400,
+		0x00001700,
+		0x0000c400,
+		0x0000a700,
+		0x00007e00,
+		0x00003d00,
+		0x00006400,
+		0x00005d00,
+		0x00001900,
+		0x00007300,
+		0x00006000,
+		0x00008100,
+		0x00004f00,
+		0x0000dc00,
+		0x00002200,
+		0x00002a00,
+		0x00009000,
+		0x00008800,
+		0x00004600,
+		0x0000ee00,
+		0x0000b800,
+		0x00001400,
+		0x0000de00,
+		0x00005e00,
+		0x00000b00,
+		0x0000db00,
+		0x0000e000,
+		0x00003200,
+		0x00003a00,
+		0x00000a00,
+		0x00004900,
+		0x00000600,
+		0x00002400,
+		0x00005c00,
+		0x0000c200,
+		0x0000d300,
+		0x0000ac00,
+		0x00006200,
+		0x00009100,
+		0x00009500,
+		0x0000e400,
+		0x00007900,
+		0x0000e700,
+		0x0000c800,
+		0x00003700,
+		0x00006d00,
+		0x00008d00,
+		0x0000d500,
+		0x00004e00,
+		0x0000a900,
+		0x00006c00,
+		0x00005600,
+		0x0000f400,
+		0x0000ea00,
+		0x00006500,
+		0x00007a00,
+		0x0000ae00,
+		0x00000800,
+		0x0000ba00,
+		0x00007800,
+		0x00002500,
+		0x00002e00,
+		0x00001c00,
+		0x0000a600,
+		0x0000b400,
+		0x0000c600,
+		0x0000e800,
+		0x0000dd00,
+		0x00007400,
+		0x00001f00,
+		0x00004b00,
+		0x0000bd00,
+		0x00008b00,
+		0x00008a00,
+		0x00007000,
+		0x00003e00,
+		0x0000b500,
+		0x00006600,
+		0x00004800,
+		0x00000300,
+		0x0000f600,
+		0x00000e00,
+		0x00006100,
+		0x00003500,
+		0x00005700,
+		0x0000b900,
+		0x00008600,
+		0x0000c100,
+		0x00001d00,
+		0x00009e00,
+		0x0000e100,
+		0x0000f800,
+		0x00009800,
+		0x00001100,
+		0x00006900,
+		0x0000d900,
+		0x00008e00,
+		0x00009400,
+		0x00009b00,
+		0x00001e00,
+		0x00008700,
+		0x0000e900,
+		0x0000ce00,
+		0x00005500,
+		0x00002800,
+		0x0000df00,
+		0x00008c00,
+		0x0000a100,
+		0x00008900,
+		0x00000d00,
+		0x0000bf00,
+		0x0000e600,
+		0x00004200,
+		0x00006800,
+		0x00004100,
+		0x00009900,
+		0x00002d00,
+		0x00000f00,
+		0x0000b000,
+		0x00005400,
+		0x0000bb00,
+		0x00001600,
+	},
+	{
+		0x00630000,
+		0x007c0000,
+		0x00770000,
+		0x007b0000,
+		0x00f20000,
+		0x006b0000,
+		0x006f0000,
+		0x00c50000,
+		0x00300000,
+		0x00010000,
+		0x00670000,
+		0x002b0000,
+		0x00fe0000,
+		0x00d70000,
+		0x00ab0000,
+		0x00760000,
+		0x00ca0000,
+		0x00820000,
+		0x00c90000,
+		0x007d0000,
+		0x00fa0000,
+		0x00590000,
+		0x00470000,
+		0x00f00000,
+		0x00ad0000,
+		0x00d40000,
+		0x00a20000,
+		0x00af0000,
+		0x009c0000,
+		0x00a40000,
+		0x00720000,
+		0x00c00000,
+		0x00b70000,
+		0x00fd0000,
+		0x00930000,
+		0x00260000,
+		0x00360000,
+		0x003f0000,
+		0x00f70000,
+		0x00cc0000,
+		0x00340000,
+		0x00a50000,
+		0x00e50000,
+		0x00f10000,
+		0x00710000,
+		0x00d80000,
+		0x00310000,
+		0x00150000,
+		0x00040000,
+		0x00c70000,
+		0x00230000,
+		0x00c30000,
+		0x00180000,
+		0x00960000,
+		0x00050000,
+		0x009a0000,
+		0x00070000,
+		0x00120000,
+		0x00800000,
+		0x00e20000,
+		0x00eb0000,
+		0x00270000,
+		0x00b20000,
+		0x00750000,
+		0x00090000,
+		0x00830000,
+		0x002c0000,
+		0x001a0000,
+		0x001b0000,
+		0x006e0000,
+		0x005a0000,
+		0x00a00000,
+		0x00520000,
+		0x003b0000,
+		0x00d60000,
+		0x00b30000,
+		0x00290000,
+		0x00e30000,
+		0x002f0000,
+		0x00840000,
+		0x00530000,
+		0x00d10000,
+		0x00000000,
+		0x00ed0000,
+		0x00200000,
+		0x00fc0000,
+		0x00b10000,
+		0x005b0000,
+		0x006a0000,
+		0x00cb0000,
+		0x00be0000,
+		0x00390000,
+		0x004a0000,
+		0x004c0000,
+		0x00580000,
+		0x00cf0000,
+		0x00d00000,
+		0x00ef0000,
+		0x00aa0000,
+		0x00fb0000,
+		0x00430000,
+		0x004d0000,
+		0x00330000,
+		0x00850000,
+		0x00450000,
+		0x00f90000,
+		0x00020000,
+		0x007f0000,
+		0x00500000,
+		0x003c0000,
+		0x009f0000,
+		0x00a80000,
+		0x00510000,
+		0x00a30000,
+		0x00400000,
+		0x008f0000,
+		0x00920000,
+		0x009d0000,
+		0x00380000,
+		0x00f50000,
+		0x00bc0000,
+		0x00b60000,
+		0x00da0000,
+		0x00210000,
+		0x00100000,
+		0x00ff0000,
+		0x00f30000,
+		0x00d20000,
+		0x00cd0000,
+		0x000c0000,
+		0x00130000,
+		0x00ec0000,
+		0x005f0000,
+		0x00970000,
+		0x00440000,
+		0x00170000,
+		0x00c40000,
+		0x00a70000,
+		0x007e0000,
+		0x003d0000,
+		0x00640000,
+		0x005d0000,
+		0x00190000,
+		0x00730000,
+		0x00600000,
+		0x00810000,
+		0x004f0000,
+		0x00dc0000,
+		0x00220000,
+		0x002a0000,
+		0x00900000,
+		0x00880000,
+		0x00460000,
+		0x00ee0000,
+		0x00b80000,
+		0x00140000,
+		0x00de0000,
+		0x005e0000,
+		0x000b0000,
+		0x00db0000,
+		0x00e00000,
+		0x00320000,
+		0x003a0000,
+		0x000a0000,
+		0x00490000,
+		0x00060000,
+		0x00240000,
+		0x005c0000,
+		0x00c20000,
+		0x00d30000,
+		0x00ac0000,
+		0x00620000,
+		0x00910000,
+		0x00950000,
+		0x00e40000,
+		0x00790000,
+		0x00e70000,
+		0x00c80000,
+		0x00370000,
+		0x006d0000,
+		0x008d0000,
+		0x00d50000,
+		0x004e0000,
+		0x00a90000,
+		0x006c0000,
+		0x00560000,
+		0x00f40000,
+		0x00ea0000,
+		0x00650000,
+		0x007a0000,
+		0x00ae0000,
+		0x00080000,
+		0x00ba0000,
+		0x00780000,
+		0x00250000,
+		0x002e0000,
+		0x001c0000,
+		0x00a60000,
+		0x00b40000,
+		0x00c60000,
+		0x00e80000,
+		0x00dd0000,
+		0x00740000,
+		0x001f0000,
+		0x004b0000,
+		0x00bd0000,
+		0x008b0000,
+		0x008a0000,
+		0x00700000,
+		0x003e0000,
+		0x00b50000,
+		0x00660000,
+		0x00480000,
+		0x00030000,
+		0x00f60000,
+		0x000e0000,
+		0x00610000,
+		0x00350000,
+		0x00570000,
+		0x00b90000,
+		0x00860000,
+		0x00c10000,
+		0x001d0000,
+		0x009e0000,
+		0x00e10000,
+		0x00f80000,
+		0x00980000,
+		0x00110000,
+		0x00690000,
+		0x00d90000,
+		0x008e0000,
+		0x00940000,
+		0x009b0000,
+		0x001e0000,
+		0x00870000,
+		0x00e90000,
+		0x00ce0000,
+		0x00550000,
+		0x00280000,
+		0x00df0000,
+		0x008c0000,
+		0x00a10000,
+		0x00890000,
+		0x000d0000,
+		0x00bf0000,
+		0x00e60000,
+		0x00420000,
+		0x00680000,
+		0x00410000,
+		0x00990000,
+		0x002d0000,
+		0x000f0000,
+		0x00b00000,
+		0x00540000,
+		0x00bb0000,
+		0x00160000,
+	},
+	{
+		0x63000000,
+		0x7c000000,
+		0x77000000,
+		0x7b000000,
+		0xf2000000,
+		0x6b000000,
+		0x6f000000,
+		0xc5000000,
+		0x30000000,
+		0x01000000,
+		0x67000000,
+		0x2b000000,
+		0xfe000000,
+		0xd7000000,
+		0xab000000,
+		0x76000000,
+		0xca000000,
+		0x82000000,
+		0xc9000000,
+		0x7d000000,
+		0xfa000000,
+		0x59000000,
+		0x47000000,
+		0xf0000000,
+		0xad000000,
+		0xd4000000,
+		0xa2000000,
+		0xaf000000,
+		0x9c000000,
+		0xa4000000,
+		0x72000000,
+		0xc0000000,
+		0xb7000000,
+		0xfd000000,
+		0x93000000,
+		0x26000000,
+		0x36000000,
+		0x3f000000,
+		0xf7000000,
+		0xcc000000,
+		0x34000000,
+		0xa5000000,
+		0xe5000000,
+		0xf1000000,
+		0x71000000,
+		0xd8000000,
+		0x31000000,
+		0x15000000,
+		0x04000000,
+		0xc7000000,
+		0x23000000,
+		0xc3000000,
+		0x18000000,
+		0x96000000,
+		0x05000000,
+		0x9a000000,
+		0x07000000,
+		0x12000000,
+		0x80000000,
+		0xe2000000,
+		0xeb000000,
+		0x27000000,
+		0xb2000000,
+		0x75000000,
+		0x09000000,
+		0x83000000,
+		0x2c000000,
+		0x1a000000,
+		0x1b000000,
+		0x6e000000,
+		0x5a000000,
+		0xa0000000,
+		0x52000000,
+		0x3b000000,
+		0xd6000000,
+		0xb3000000,
+		0x29000000,
+		0xe3000000,
+		0x2f000000,
+		0x84000000,
+		0x53000000,
+		0xd1000000,
+		0x00000000,
+		0xed000000,
+		0x20000000,
+		0xfc000000,
+		0xb1000000,
+		0x5b000000,
+		0x6a000000,
+		0xcb000000,
+		0xbe000000,
+		0x39000000,
+		0x4a000000,
+		0x4c000000,
+		0x58000000,
+		0xcf000000,
+		0xd0000000,
+		0xef000000,
+		0xaa000000,
+		0xfb000000,
+		0x43000000,
+		0x4d000000,
+		0x33000000,
+		0x85000000,
+		0x45000000,
+		0xf9000000,
+		0x02000000,
+		0x7f000000,
+		0x50000000,
+		0x3c000000,
+		0x9f000000,
+		0xa8000000,
+		0x51000000,
+		0xa3000000,
+		0x40000000,
+		0x8f000000,
+		0x92000000,
+		0x9d000000,
+		0x38000000,
+		0xf5000000,
+		0xbc000000,
+		0xb6000000,
+		0xda000000,
+		0x21000000,
+		0x10000000,
+		0xff000000,
+		0xf3000000,
+		0xd2000000,
+		0xcd000000,
+		0x0c000000,
+		0x13000000,
+		0xec000000,
+		0x5f000000,
+		0x97000000,
+		0x44000000,
+		0x17000000,
+		0xc4000000,
+		0xa7000000,
+		0x7e000000,
+		0x3d000000,
+		0x64000000,
+		0x5d000000,
+		0x19000000,
+		0x73000000,
+		0x60000000,
+		0x81000000,
+		0x4f000000,
+		0xdc000000,
+		0x22000000,
+		0x2a000000,
+		0x90000000,
+		0x88000000,
+		0x46000000,
+		0xee000000,
+		0xb8000000,
+		0x14000000,
+		0xde000000,
+		0x5e000000,
+		0x0b000000,
+		0xdb000000,
+		0xe0000000,
+		0x32000000,
+		0x3a000000,
+		0x0a000000,
+		0x49000000,
+		0x06000000,
+		0x24000000,
+		0x5c000000,
+		0xc2000000,
+		0xd3000000,
+		0xac000000,
+		0x62000000,
+		0x91000000,
+		0x95000000,
+		0xe4000000,
+		0x79000000,
+		0xe7000000,
+		0xc8000000,
+		0x37000000,
+		0x6d000000,
+		0x8d000000,
+		0xd5000000,
+		0x4e000000,
+		0xa9000000,
+		0x6c000000,
+		0x56000000,
+		0xf4000000,
+		0xea000000,
+		0x65000000,
+		0x7a000000,
+		0xae000000,
+		0x08000000,
+		0xba000000,
+		0x78000000,
+		0x25000000,
+		0x2e000000,
+		0x1c000000,
+		0xa6000000,
+		0xb4000000,
+		0xc6000000,
+		0xe8000000,
+		0xdd000000,
+		0x74000000,
+		0x1f000000,
+		0x4b000000,
+		0xbd000000,
+		0x8b000000,
+		0x8a000000,
+		0x70000000,
+		0x3e000000,
+		0xb5000000,
+		0x66000000,
+		0x48000000,
+		0x03000000,
+		0xf6000000,
+		0x0e000000,
+		0x61000000,
+		0x35000000,
+		0x57000000,
+		0xb9000000,
+		0x86000000,
+		0xc1000000,
+		0x1d000000,
+		0x9e000000,
+		0xe1000000,
+		0xf8000000,
+		0x98000000,
+		0x11000000,
+		0x69000000,
+		0xd9000000,
+		0x8e000000,
+		0x94000000,
+		0x9b000000,
+		0x1e000000,
+		0x87000000,
+		0xe9000000,
+		0xce000000,
+		0x55000000,
+		0x28000000,
+		0xdf000000,
+		0x8c000000,
+		0xa1000000,
+		0x89000000,
+		0x0d000000,
+		0xbf000000,
+		0xe6000000,
+		0x42000000,
+		0x68000000,
+		0x41000000,
+		0x99000000,
+		0x2d000000,
+		0x0f000000,
+		0xb0000000,
+		0x54000000,
+		0xbb000000,
+		0x16000000,
+	},
+};
+
+
+// InvSubBytes embedded in words tables.
+const Word AESInvSubBytesWordTable[4][256] =
+{
+	{
+		0x00000052,
+		0x00000009,
+		0x0000006a,
+		0x000000d5,
+		0x00000030,
+		0x00000036,
+		0x000000a5,
+		0x00000038,
+		0x000000bf,
+		0x00000040,
+		0x000000a3,
+		0x0000009e,
+		0x00000081,
+		0x000000f3,
+		0x000000d7,
+		0x000000fb,
+		0x0000007c,
+		0x000000e3,
+		0x00000039,
+		0x00000082,
+		0x0000009b,
+		0x0000002f,
+		0x000000ff,
+		0x00000087,
+		0x00000034,
+		0x0000008e,
+		0x00000043,
+		0x00000044,
+		0x000000c4,
+		0x000000de,
+		0x000000e9,
+		0x000000cb,
+		0x00000054,
+		0x0000007b,
+		0x00000094,
+		0x00000032,
+		0x000000a6,
+		0x000000c2,
+		0x00000023,
+		0x0000003d,
+		0x000000ee,
+		0x0000004c,
+		0x00000095,
+		0x0000000b,
+		0x00000042,
+		0x000000fa,
+		0x000000c3,
+		0x0000004e,
+		0x00000008,
+		0x0000002e,
+		0x000000a1,
+		0x00000066,
+		0x00000028,
+		0x000000d9,
+		0x00000024,
+		0x000000b2,
+		0x00000076,
+		0x0000005b,
+		0x000000a2,
+		0x00000049,
+		0x0000006d,
+		0x0000008b,
+		0x000000d1,
+		0x00000025,
+		0x00000072,
+		0x000000f8,
+		0x000000f6,
+		0x00000064,
+		0x00000086,
+		0x00000068,
+		0x00000098,
+		0x00000016,
+		0x000000d4,
+		0x000000a4,
+		0x0000005c,
+		0x000000cc,
+		0x0000005d,
+		0x00000065,
+		0x000000b6,
+		0x00000092,
+		0x0000006c,
+		0x00000070,
+		0x00000048,
+		0x00000050,
+		0x000000fd,
+		0x000000ed,
+		0x000000b9,
+		0x000000da,
+		0x0000005e,
+		0x00000015,
+		0x00000046,
+		0x00000057,
+		0x000000a7,
+		0x0000008d,
+		0x0000009d,
+		0x00000084,
+		0x00000090,
+		0x000000d8,
+		0x000000ab,
+		0x00000000,
+		0x0000008c,
+		0x000000bc,
+		0x000000d3,
+		0x0000000a,
+		0x000000f7,
+		0x000000e4,
+		0x00000058,
+		0x00000005,
+		0x000000b8,
+		0x000000b3,
+		0x00000045,
+		0x00000006,
+		0x000000d0,
+		0x0000002c,
+		0x0000001e,
+		0x0000008f,
+		0x000000ca,
+		0x0000003f,
+		0x0000000f,
+		0x00000002,
+		0x000000c1,
+		0x000000af,
+		0x000000bd,
+		0x00000003,
+		0x00000001,
+		0x00000013,
+		0x0000008a,
+		0x0000006b,
+		0x0000003a,
+		0x00000091,
+		0x00000011,
+		0x00000041,
+		0x0000004f,
+		0x00000067,
+		0x000000dc,
+		0x000000ea,
+		0x00000097,
+		0x000000f2,
+		0x000000cf,
+		0x000000ce,
+		0x000000f0,
+		0x000000b4,
+		0x000000e6,
+		0x00000073,
+		0x00000096,
+		0x000000ac,
+		0x00000074,
+		0x00000022,
+		0x000000e7,
+		0x000000ad,
+		0x00000035,
+		0x00000085,
+		0x000000e2,
+		0x000000f9,
+		0x00000037,
+		0x000000e8,
+		0x0000001c,
+		0x00000075,
+		0x000000df,
+		0x0000006e,
+		0x00000047,
+		0x000000f1,
+		0x0000001a,
+		0x00000071,
+		0x0000001d,
+		0x00000029,
+		0x000000c5,
+		0x00000089,
+		0x0000006f,
+		0x000000b7,
+		0x00000062,
+		0x0000000e,
+		0x000000aa,
+		0x00000018,
+		0x000000be,
+		0x0000001b,
+		0x000000fc,
+		0x00000056,
+		0x0000003e,
+		0x0000004b,
+		0x000000c6,
+		0x000000d2,
+		0x00000079,
+		0x00000020,
+		0x0000009a,
+		0x000000db,
+		0x000000c0,
+		0x000000fe,
+		0x00000078,
+		0x000000cd,
+		0x0000005a,
+		0x000000f4,
+		0x0000001f,
+		0x000000dd,
+		0x000000a8,
+		0x00000033,
+		0x00000088,
+		0x00000007,
+		0x000000c7,
+		0x00000031,
+		0x000000b1,
+		0x00000012,
+		0x00000010,
+		0x00000059,
+		0x00000027,
+		0x00000080,
+		0x000000ec,
+		0x0000005f,
+		0x00000060,
+		0x00000051,
+		0x0000007f,
+		0x000000a9,
+		0x00000019,
+		0x000000b5,
+		0x0000004a,
+		0x0000000d,
+		0x0000002d,
+		0x000000e5,
+		0x0000007a,
+		0x0000009f,
+		0x00000093,
+		0x000000c9,
+		0x0000009c,
+		0x000000ef,
+		0x000000a0,
+		0x000000e0,
+		0x0000003b,
+		0x0000004d,
+		0x000000ae,
+		0x0000002a,
+		0x000000f5,
+		0x000000b0,
+		0x000000c8,
+		0x000000eb,
+		0x000000bb,
+		0x0000003c,
+		0x00000083,
+		0x00000053,
+		0x00000099,
+		0x00000061,
+		0x00000017,
+		0x0000002b,
+		0x00000004,
+		0x0000007e,
+		0x000000ba,
+		0x00000077,
+		0x000000d6,
+		0x00000026,
+		0x000000e1,
+		0x00000069,
+		0x00000014,
+		0x00000063,
+		0x00000055,
+		0x00000021,
+		0x0000000c,
+		0x0000007d,
+	},
+	{
+		0x00005200,
+		0x00000900,
+		0x00006a00,
+		0x0000d500,
+		0x00003000,
+		0x00003600,
+		0x0000a500,
+		0x00003800,
+		0x0000bf00,
+		0x00004000,
+		0x0000a300,
+		0x00009e00,
+		0x00008100,
+		0x0000f300,
+		0x0000d700,
+		0x0000fb00,
+		0x00007c00,
+		0x0000e300,
+		0x00003900,
+		0x00008200,
+		0x00009b00,
+		0x00002f00,
+		0x0000ff00,
+		0x00008700,
+		0x00003400,
+		0x00008e00,
+		0x00004300,
+		0x00004400,
+		0x0000c400,
+		0x0000de00,
+		0x0000e900,
+		0x0000cb00,
+		0x00005400,
+		0x00007b00,
+		0x00009400,
+		0x00003200,
+		0x0000a600,
+		0x0000c200,
+		0x00002300,
+		0x00003d00,
+		0x0000ee00,
+		0x00004c00,
+		0x00009500,
+		0x00000b00,
+		0x00004200,
+		0x0000fa00,
+		0x0000c300,
+		0x00004e00,
+		0x00000800,
+		0x00002e00,
+		0x0000a100,
+		0x00006600,
+		0x00002800,
+		0x0000d900,
+		0x00002400,
+		0x0000b200,
+		0x00007600,
+		0x00005b00,
+		0x0000a200,
+		0x00004900,
+		0x00006d00,
+		0x00008b00,
+		0x0000d100,
+		0x00002500,
+		0x00007200,
+		0x0000f800,
+		0x0000f600,
+		0x00006400,
+		0x00008600,
+		0x00006800,
+		0x00009800,
+		0x00001600,
+		0x0000d400,
+		0x0000a400,
+		0x00005c00,
+		0x0000cc00,
+		0x00005d00,
+		0x00006500,
+		0x0000b600,
+		0x00009200,
+		0x00006c00,
+		0x00007000,
+		0x00004800,
+		0x00005000,
+		0x0000fd00,
+		0x0000ed00,
+		0x0000b900,
+		0x0000da00,
+		0x00005e00,
+		0x00001500,
+		0x00004600,
+		0x00005700,
+		0x0000a700,
+		0x00008d00,
+		0x00009d00,
+		0x00008400,
+		0x00009000,
+		0x0000d800,
+		0x0000ab00,
+		0x00000000,
+		0x00008c00,
+		0x0000bc00,
+		0x0000d300,
+		0x00000a00,
+		0x0000f700,
+		0x0000e400,
+		0x00005800,
+		0x00000500,
+		0x0000b800,
+		0x0000b300,
+		0x00004500,
+		0x00000600,
+		0x0000d000,
+		0x00002c00,
+		0x00001e00,
+		0x00008f00,
+		0x0000ca00,
+		0x00003f00,
+		0x00000f00,
+		0x00000200,
+		0x0000c100,
+		0x0000af00,
+		0x0000bd00,
+		0x00000300,
+		0x00000100,
+		0x00001300,
+		0x00008a00,
+		0x00006b00,
+		0x00003a00,
+		0x00009100,
+		0x00001100,
+		0x00004100,
+		0x00004f00,
+		0x00006700,
+		0x0000dc00,
+		0x0000ea00,
+		0x00009700,
+		0x0000f200,
+		0x0000cf00,
+		0x0000ce00,
+		0x0000f000,
+		0x0000b400,
+		0x0000e600,
+		0x00007300,
+		0x00009600,
+		0x0000ac00,
+		0x00007400,
+		0x00002200,
+		0x0000e700,
+		0x0000ad00,
+		0x00003500,
+		0x00008500,
+		0x0000e200,
+		0x0000f900,
+		0x00003700,
+		0x0000e800,
+		0x00001c00,
+		0x00007500,
+		0x0000df00,
+		0x00006e00,
+		0x00004700,
+		0x0000f100,
+		0x00001a00,
+		0x00007100,
+		0x00001d00,
+		0x00002900,
+		0x0000c500,
+		0x00008900,
+		0x00006f00,
+		0x0000b700,
+		0x00006200,
+		0x00000e00,
+		0x0000aa00,
+		0x00001800,
+		0x0000be00,
+		0x00001b00,
+		0x0000fc00,
+		0x00005600,
+		0x00003e00,
+		0x00004b00,
+		0x0000c600,
+		0x0000d200,
+		0x00007900,
+		0x00002000,
+		0x00009a00,
+		0x0000db00,
+		0x0000c000,
+		0x0000fe00,
+		0x00007800,
+		0x0000cd00,
+		0x00005a00,
+		0x0000f400,
+		0x00001f00,
+		0x0000dd00,
+		0x0000a800,
+		0x00003300,
+		0x00008800,
+		0x00000700,
+		0x0000c700,
+		0x00003100,
+		0x0000b100,
+		0x00001200,
+		0x00001000,
+		0x00005900,
+		0x00002700,
+		0x00008000,
+		0x0000ec00,
+		0x00005f00,
+		0x00006000,
+		0x00005100,
+		0x00007f00,
+		0x0000a900,
+		0x00001900,
+		0x0000b500,
+		0x00004a00,
+		0x00000d00,
+		0x00002d00,
+		0x0000e500,
+		0x00007a00,
+		0x00009f00,
+		0x00009300,
+		0x0000c900,
+		0x00009c00,
+		0x0000ef00,
+		0x0000a000,
+		0x0000e000,
+		0x00003b00,
+		0x00004d00,
+		0x0000ae00,
+		0x00002a00,
+		0x0000f500,
+		0x0000b000,
+		0x0000c800,
+		0x0000eb00,
+		0x0000bb00,
+		0x00003c00,
+		0x00008300,
+		0x00005300,
+		0x00009900,
+		0x00006100,
+		0x00001700,
+		0x00002b00,
+		0x00000400,
+		0x00007e00,
+		0x0000ba00,
+		0x00007700,
+		0x0000d600,
+		0x00002600,
+		0x0000e100,
+		0x00006900,
+		0x00001400,
+		0x00006300,
+		0x00005500,
+		0x00002100,
+		0x00000c00,
+		0x00007d00,
+	},
+	{
+		0x00520000,
+		0x00090000,
+		0x006a0000,
+		0x00d50000,
+		0x00300000,
+		0x00360000,
+		0x00a50000,
+		0x00380000,
+		0x00bf0000,
+		0x00400000,
+		0x00a30000,
+		0x009e0000,
+		0x00810000,
+		0x00f30000,
+		0x00d70000,
+		0x00fb0000,
+		0x007c0000,
+		0x00e30000,
+		0x00390000,
+		0x00820000,
+		0x009b0000,
+		0x002f0000,
+		0x00ff0000,
+		0x00870000,
+		0x00340000,
+		0x008e0000,
+		0x00430000,
+		0x00440000,
+		0x00c40000,
+		0x00de0000,
+		0x00e90000,
+		0x00cb0000,
+		0x00540000,
+		0x007b0000,
+		0x00940000,
+		0x00320000,
+		0x00a60000,
+		0x00c20000,
+		0x00230000,
+		0x003d0000,
+		0x00ee0000,
+		0x004c0000,
+		0x00950000,
+		0x000b0000,
+		0x00420000,
+		0x00fa0000,
+		0x00c30000,
+		0x004e0000,
+		0x00080000,
+		0x002e0000,
+		0x00a10000,
+		0x00660000,
+		0x00280000,
+		0x00d90000,
+		0x00240000,
+		0x00b20000,
+		0x00760000,
+		0x005b0000,
+		0x00a20000,
+		0x00490000,
+		0x006d0000,
+		0x008b0000,
+		0x00d10000,
+		0x00250000,
+		0x00720000,
+		0x00f80000,
+		0x00f60000,
+		0x00640000,
+		0x00860000,
+		0x00680000,
+		0x00980000,
+		0x00160000,
+		0x00d40000,
+		0x00a40000,
+		0x005c0000,
+		0x00cc0000,
+		0x005d0000,
+		0x00650000,
+		0x00b60000,
+		0x00920000,
+		0x006c0000,
+		0x00700000,
+		0x00480000,
+		0x00500000,
+		0x00fd0000,
+		0x00ed0000,
+		0x00b90000,
+		0x00da0000,
+		0x005e0000,
+		0x00150000,
+		0x00460000,
+		0x00570000,
+		0x00a70000,
+		0x008d0000,
+		0x009d0000,
+		0x00840000,
+		0x00900000,
+		0x00d80000,
+		0x00ab0000,
+		0x00000000,
+		0x008c0000,
+		0x00bc0000,
+		0x00d30000,
+		0x000a0000,
+		0x00f70000,
+		0x00e40000,
+		0x00580000,
+		0x00050000,
+		0x00b80000,
+		0x00b30000,
+		0x00450000,
+		0x00060000,
+		0x00d00000,
+		0x002c0000,
+		0x001e0000,
+		0x008f0000,
+		0x00ca0000,
+		0x003f0000,
+		0x000f0000,
+		0x00020000,
+		0x00c10000,
+		0x00af0000,
+		0x00bd0000,
+		0x00030000,
+		0x00010000,
+		0x00130000,
+		0x008a0000,
+		0x006b0000,
+		0x003a0000,
+		0x00910000,
+		0x00110000,
+		0x00410000,
+		0x004f0000,
+		0x00670000,
+		0x00dc0000,
+		0x00ea0000,
+		0x00970000,
+		0x00f20000,
+		0x00cf0000,
+		0x00ce0000,
+		0x00f00000,
+		0x00b40000,
+		0x00e60000,
+		0x00730000,
+		0x00960000,
+		0x00ac0000,
+		0x00740000,
+		0x00220000,
+		0x00e70000,
+		0x00ad0000,
+		0x00350000,
+		0x00850000,
+		0x00e20000,
+		0x00f90000,
+		0x00370000,
+		0x00e80000,
+		0x001c0000,
+		0x00750000,
+		0x00df0000,
+		0x006e0000,
+		0x00470000,
+		0x00f10000,
+		0x001a0000,
+		0x00710000,
+		0x001d0000,
+		0x00290000,
+		0x00c50000,
+		0x00890000,
+		0x006f0000,
+		0x00b70000,
+		0x00620000,
+		0x000e0000,
+		0x00aa0000,
+		0x00180000,
+		0x00be0000,
+		0x001b0000,
+		0x00fc0000,
+		0x00560000,
+		0x003e0000,
+		0x004b0000,
+		0x00c60000,
+		0x00d20000,
+		0x00790000,
+		0x00200000,
+		0x009a0000,
+		0x00db0000,
+		0x00c00000,
+		0x00fe0000,
+		0x00780000,
+		0x00cd0000,
+		0x005a0000,
+		0x00f40000,
+		0x001f0000,
+		0x00dd0000,
+		0x00a80000,
+		0x00330000,
+		0x00880000,
+		0x00070000,
+		0x00c70000,
+		0x00310000,
+		0x00b10000,
+		0x00120000,
+		0x00100000,
+		0x00590000,
+		0x00270000,
+		0x00800000,
+		0x00ec0000,
+		0x005f0000,
+		0x00600000,
+		0x00510000,
+		0x007f0000,
+		0x00a90000,
+		0x00190000,
+		0x00b50000,
+		0x004a0000,
+		0x000d0000,
+		0x002d0000,
+		0x00e50000,
+		0x007a0000,
+		0x009f0000,
+		0x00930000,
+		0x00c90000,
+		0x009c0000,
+		0x00ef0000,
+		0x00a00000,
+		0x00e00000,
+		0x003b0000,
+		0x004d0000,
+		0x00ae0000,
+		0x002a0000,
+		0x00f50000,
+		0x00b00000,
+		0x00c80000,
+		0x00eb0000,
+		0x00bb0000,
+		0x003c0000,
+		0x00830000,
+		0x00530000,
+		0x00990000,
+		0x00610000,
+		0x00170000,
+		0x002b0000,
+		0x00040000,
+		0x007e0000,
+		0x00ba0000,
+		0x00770000,
+		0x00d60000,
+		0x00260000,
+		0x00e10000,
+		0x00690000,
+		0x00140000,
+		0x00630000,
+		0x00550000,
+		0x00210000,
+		0x000c0000,
+		0x007d0000,
+	},
+	{
+		0x52000000,
+		0x09000000,
+		0x6a000000,
+		0xd5000000,
+		0x30000000,
+		0x36000000,
+		0xa5000000,
+		0x38000000,
+		0xbf000000,
+		0x40000000,
+		0xa3000000,
+		0x9e000000,
+		0x81000000,
+		0xf3000000,
+		0xd7000000,
+		0xfb000000,
+		0x7c000000,
+		0xe3000000,
+		0x39000000,
+		0x82000000,
+		0x9b000000,
+		0x2f000000,
+		0xff000000,
+		0x87000000,
+		0x34000000,
+		0x8e000000,
+		0x43000000,
+		0x44000000,
+		0xc4000000,
+		0xde000000,
+		0xe9000000,
+		0xcb000000,
+		0x54000000,
+		0x7b000000,
+		0x94000000,
+		0x32000000,
+		0xa6000000,
+		0xc2000000,
+		0x23000000,
+		0x3d000000,
+		0xee000000,
+		0x4c000000,
+		0x95000000,
+		0x0b000000,
+		0x42000000,
+		0xfa000000,
+		0xc3000000,
+		0x4e000000,
+		0x08000000,
+		0x2e000000,
+		0xa1000000,
+		0x66000000,
+		0x28000000,
+		0xd9000000,
+		0x24000000,
+		0xb2000000,
+		0x76000000,
+		0x5b000000,
+		0xa2000000,
+		0x49000000,
+		0x6d000000,
+		0x8b000000,
+		0xd1000000,
+		0x25000000,
+		0x72000000,
+		0xf8000000,
+		0xf6000000,
+		0x64000000,
+		0x86000000,
+		0x68000000,
+		0x98000000,
+		0x16000000,
+		0xd4000000,
+		0xa4000000,
+		0x5c000000,
+		0xcc000000,
+		0x5d000000,
+		0x65000000,
+		0xb6000000,
+		0x92000000,
+		0x6c000000,
+		0x70000000,
+		0x48000000,
+		0x50000000,
+		0xfd000000,
+		0xed000000,
+		0xb9000000,
+		0xda000000,
+		0x5e000000,
+		0x15000000,
+		0x46000000,
+		0x57000000,
+		0xa7000000,
+		0x8d000000,
+		0x9d000000,
+		0x84000000,
+		0x90000000,
+		0xd8000000,
+		0xab000000,
+		0x00000000,
+		0x8c000000,
+		0xbc000000,
+		0xd3000000,
+		0x0a000000,
+		0xf7000000,
+		0xe4000000,
+		0x58000000,
+		0x05000000,
+		0xb8000000,
+		0xb3000000,
+		0x45000000,
+		0x06000000,
+		0xd0000000,
+		0x2c000000,
+		0x1e000000,
+		0x8f000000,
+		0xca000000,
+		0x3f000000,
+		0x0f000000,
+		0x02000000,
+		0xc1000000,
+		0xaf000000,
+		0xbd000000,
+		0x03000000,
+		0x01000000,
+		0x13000000,
+		0x8a000000,
+		0x6b000000,
+		0x3a000000,
+		0x91000000,
+		0x11000000,
+		0x41000000,
+		0x4f000000,
+		0x67000000,
+		0xdc000000,
+		0xea000000,
+		0x97000000,
+		0xf2000000,
+		0xcf000000,
+		0xce000000,
+		0xf0000000,
+		0xb4000000,
+		0xe6000000,
+		0x73000000,
+		0x96000000,
+		0xac000000,
+		0x74000000,
+		0x22000000,
+		0xe7000000,
+		0xad000000,
+		0x35000000,
+		0x85000000,
+		0xe2000000,
+		0xf9000000,
+		0x37000000,
+		0xe8000000,
+		0x1c000000,
+		0x75000000,
+		0xdf000000,
+		0x6e000000,
+		0x47000000,
+		0xf1000000,
+		0x1a000000,
+		0x71000000,
+		0x1d000000,
+		0x29000000,
+		0xc5000000,
+		0x89000000,
+		0x6f000000,
+		0xb7000000,
+		0x62000000,
+		0x0e000000,
+		0xaa000000,
+		0x18000000,
+		0xbe000000,
+		0x1b000000,
+		0xfc000000,
+		0x56000000,
+		0x3e000000,
+		0x4b000000,
+		0xc6000000,
+		0xd2000000,
+		0x79000000,
+		0x20000000,
+		0x9a000000,
+		0xdb000000,
+		0xc0000000,
+		0xfe000000,
+		0x78000000,
+		0xcd000000,
+		0x5a000000,
+		0xf4000000,
+		0x1f000000,
+		0xdd000000,
+		0xa8000000,
+		0x33000000,
+		0x88000000,
+		0x07000000,
+		0xc7000000,
+		0x31000000,
+		0xb1000000,
+		0x12000000,
+		0x10000000,
+		0x59000000,
+		0x27000000,
+		0x80000000,
+		0xec000000,
+		0x5f000000,
+		0x60000000,
+		0x51000000,
+		0x7f000000,
+		0xa9000000,
+		0x19000000,
+		0xb5000000,
+		0x4a000000,
+		0x0d000000,
+		0x2d000000,
+		0xe5000000,
+		0x7a000000,
+		0x9f000000,
+		0x93000000,
+		0xc9000000,
+		0x9c000000,
+		0xef000000,
+		0xa0000000,
+		0xe0000000,
+		0x3b000000,
+		0x4d000000,
+		0xae000000,
+		0x2a000000,
+		0xf5000000,
+		0xb0000000,
+		0xc8000000,
+		0xeb000000,
+		0xbb000000,
+		0x3c000000,
+		0x83000000,
+		0x53000000,
+		0x99000000,
+		0x61000000,
+		0x17000000,
+		0x2b000000,
+		0x04000000,
+		0x7e000000,
+		0xba000000,
+		0x77000000,
+		0xd6000000,
+		0x26000000,
+		0xe1000000,
+		0x69000000,
+		0x14000000,
+		0x63000000,
+		0x55000000,
+		0x21000000,
+		0x0c000000,
+		0x7d000000,
+	},
+};

ADDED   Source/AESedp/Intel/AES.s
Index: Source/AESedp/Intel/AES.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/AES.s
@@ -0,0 +1,136 @@
+#include "../AESAssembly.h"
+
+
+// Generate object code only if this implementation has been requested.
+#if defined UseAESedp_IntelAssembly
+
+
+/*	AES.s -- Core AES routines for Intel processors.
+
+	Written by Eric Postpischil, December 13, 2007.
+*/
+
+
+/*	We build these AES routines as a single module because the routines refer
+	to labels in Data.s and it is easier and faster to refer to them as local
+	labels.
+
+	A local label can be referred to with position-independent assembler
+	expressions such as "label-base(register)", where <base> is a local label
+	whose address has been loaded into <register>.  (On i386, this is typically
+	done with the idiom of a call to the next instrution and a pop of that
+	return address into a register.)  Without local labels, the references must
+	be done using spaces for addresses "lazy symbols" that are filled in by the
+	dynamic loader and loaded by the code that wants the address.
+
+	So the various routines in other files are assembled here via #include
+	directives.
+*/
+#include "Data.s"
+
+
+#define	TableSize	(256*4)
+	/*	Each of the arrays defined in Data.s except for the round constants
+		in _AESRcon is composed of four tables of 256 entries of four bytes
+		each.  TableSize is the number of bytes in one of those four tables.
+	*/
+
+
+/*	Define a macro to select a value based on architecture.  This reduces
+	some of the architecture conditionalization later in the source.
+*/
+#if defined __i386__
+	#define	Arch(i386, x86_64)	i386
+#elif defined __x86_64__
+	#define	Arch(i386, x86_64)	x86_64
+#endif
+
+
+// Define an instruction for moving pointers.
+#define	movp	Arch(movd, movd)
+	// Latter argument should be "movq", but the assembler uses "movd".
+
+
+/*	Rename the general registers.  This makes it easier to keep track of them
+	and provides names for the "whole register" that are uniform between i386
+	and x86_64.
+*/
+#if defined __i386__
+	#define	r0	%eax	// Available for any use.
+	#define	r1	%ecx	// Available for any use, some special purposes (loop).
+	#define	r2	%edx	// Available for any use.
+	#define	r3	%ebx	// Must be preserved by called routine.
+	#define	r4	%esp	// Stack pointer.
+	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
+	#define	r6	%esi	// Must be preserved by called routine.
+	#define	r7	%edi	// Must be preserved by called routine.
+#elif defined __x86_64__
+	#define	r0	%rax	// Available for any use.
+	#define	r1	%rcx	// Available for any use.
+	#define	r2	%rdx	// Available for any use.
+	#define	r3	%rbx	// Must be preserved by called routine.
+	#define	r4	%rsp	// Stack pointer.
+	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
+	#define	r6	%rsi	// Available for any use.
+	#define	r7	%rdi	// Available for any use.
+	#define	r8	%r8		// Available for any use.
+	#define	r9	%r9		// Available for any use.
+	#define	r10	%r10	// Available for any use.
+	#define	r11	%r11	// Available for any use.
+	#define	r12	%r12	// Must be preserved by called routine.
+	#define	r13	%r13	// Must be preserved by called routine.
+	#define	r14	%r14	// Must be preserved by called routine.
+	#define	r15	%r15	// Must be preserved by called routine.
+#else
+	#error "Unknown architecture."
+#endif
+
+// Define names for parts of registers.
+
+#define	r0d		%eax	// Low 32 bits of r0.
+#define	r1d		%ecx	// Low 32 bits of r1.
+#define	r2d		%edx	// Low 32 bits of r2.
+#define	r3d		%ebx	// Low 32 bits of r3.
+#define	r5d		%ebp	// Low 32 bits of r5.
+#define	r6d		%esi	// Low 32 bits of r6.
+#define	r7d		%edi	// Low 32 bits of r7.
+#define	r8d		%r8d	// Low 32 bits of r8.
+#define	r9d		%r9d	// Low 32 bits of r9.
+#define	r11d	%r11d	// Low 32 bits of r11.
+
+#define	r0l		%al		// Low byte of r0.
+#define	r1l		%cl		// Low byte of r1.
+#define	r2l		%dl		// Low byte of r2.
+#define	r3l		%bl		// Low byte of r3.
+#define	r5l		%bpl	// Low byte of r5.
+
+#define	r0h		%ah		// Second lowest byte of r0.
+#define	r1h		%ch		// Second lowest byte of r1.
+#define	r2h		%dh		// Second lowest byte of r2.
+#define	r3h		%bh		// Second lowest byte of r3.
+
+
+	.text
+
+
+// Define encryption routine, _AESEncryptWithExpandedKey
+#define	Select	0
+#include "EncryptDecrypt.s"
+#undef	Select
+
+
+// Define decryption routine, _AESDecryptWithExpandedKey
+#define	Select	1
+#include "EncryptDecrypt.s"
+#undef	Select
+
+
+// Define key expansion routine for encryption, _AESExpandKeyForEncryption.
+#include "ExpandKeyForEncryption.s"
+
+
+// Define key expansion for decryption routine, _AESExpandKeyForDecryption.
+#include "ExpandKeyForDecryption.s"
+
+
+#endif	// defined UseAESedp_IntelAssembly

ADDED   Source/AESedp/Intel/Data.s
Index: Source/AESedp/Intel/Data.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/Data.s
@@ -0,0 +1,5196 @@
+// This file was generated by MakeData.c.
+
+
+	.section .rodata
+
+
+// Round constants.
+	.globl	_AESRcon
+	.private_extern	_AESRcon
+_AESRcon:
+	.byte	0	// Not used, included for indexing simplicity.
+	.byte	0x01
+	.byte	0x02
+	.byte	0x04
+	.byte	0x08
+	.byte	0x10
+	.byte	0x20
+	.byte	0x40
+	.byte	0x80
+	.byte	0x1b
+	.byte	0x36
+
+
+// Tables for InvMixColumn.
+	.globl	_AESInvMixColumnTable
+	.private_extern	_AESInvMixColumnTable
+	.align	2
+_AESInvMixColumnTable:
+	// Table 0.
+	.long	0x00000000
+	.long	0x0b0d090e
+	.long	0x161a121c
+	.long	0x1d171b12
+	.long	0x2c342438
+	.long	0x27392d36
+	.long	0x3a2e3624
+	.long	0x31233f2a
+	.long	0x58684870
+	.long	0x5365417e
+	.long	0x4e725a6c
+	.long	0x457f5362
+	.long	0x745c6c48
+	.long	0x7f516546
+	.long	0x62467e54
+	.long	0x694b775a
+	.long	0xb0d090e0
+	.long	0xbbdd99ee
+	.long	0xa6ca82fc
+	.long	0xadc78bf2
+	.long	0x9ce4b4d8
+	.long	0x97e9bdd6
+	.long	0x8afea6c4
+	.long	0x81f3afca
+	.long	0xe8b8d890
+	.long	0xe3b5d19e
+	.long	0xfea2ca8c
+	.long	0xf5afc382
+	.long	0xc48cfca8
+	.long	0xcf81f5a6
+	.long	0xd296eeb4
+	.long	0xd99be7ba
+	.long	0x7bbb3bdb
+	.long	0x70b632d5
+	.long	0x6da129c7
+	.long	0x66ac20c9
+	.long	0x578f1fe3
+	.long	0x5c8216ed
+	.long	0x41950dff
+	.long	0x4a9804f1
+	.long	0x23d373ab
+	.long	0x28de7aa5
+	.long	0x35c961b7
+	.long	0x3ec468b9
+	.long	0x0fe75793
+	.long	0x04ea5e9d
+	.long	0x19fd458f
+	.long	0x12f04c81
+	.long	0xcb6bab3b
+	.long	0xc066a235
+	.long	0xdd71b927
+	.long	0xd67cb029
+	.long	0xe75f8f03
+	.long	0xec52860d
+	.long	0xf1459d1f
+	.long	0xfa489411
+	.long	0x9303e34b
+	.long	0x980eea45
+	.long	0x8519f157
+	.long	0x8e14f859
+	.long	0xbf37c773
+	.long	0xb43ace7d
+	.long	0xa92dd56f
+	.long	0xa220dc61
+	.long	0xf66d76ad
+	.long	0xfd607fa3
+	.long	0xe07764b1
+	.long	0xeb7a6dbf
+	.long	0xda595295
+	.long	0xd1545b9b
+	.long	0xcc434089
+	.long	0xc74e4987
+	.long	0xae053edd
+	.long	0xa50837d3
+	.long	0xb81f2cc1
+	.long	0xb31225cf
+	.long	0x82311ae5
+	.long	0x893c13eb
+	.long	0x942b08f9
+	.long	0x9f2601f7
+	.long	0x46bde64d
+	.long	0x4db0ef43
+	.long	0x50a7f451
+	.long	0x5baafd5f
+	.long	0x6a89c275
+	.long	0x6184cb7b
+	.long	0x7c93d069
+	.long	0x779ed967
+	.long	0x1ed5ae3d
+	.long	0x15d8a733
+	.long	0x08cfbc21
+	.long	0x03c2b52f
+	.long	0x32e18a05
+	.long	0x39ec830b
+	.long	0x24fb9819
+	.long	0x2ff69117
+	.long	0x8dd64d76
+	.long	0x86db4478
+	.long	0x9bcc5f6a
+	.long	0x90c15664
+	.long	0xa1e2694e
+	.long	0xaaef6040
+	.long	0xb7f87b52
+	.long	0xbcf5725c
+	.long	0xd5be0506
+	.long	0xdeb30c08
+	.long	0xc3a4171a
+	.long	0xc8a91e14
+	.long	0xf98a213e
+	.long	0xf2872830
+	.long	0xef903322
+	.long	0xe49d3a2c
+	.long	0x3d06dd96
+	.long	0x360bd498
+	.long	0x2b1ccf8a
+	.long	0x2011c684
+	.long	0x1132f9ae
+	.long	0x1a3ff0a0
+	.long	0x0728ebb2
+	.long	0x0c25e2bc
+	.long	0x656e95e6
+	.long	0x6e639ce8
+	.long	0x737487fa
+	.long	0x78798ef4
+	.long	0x495ab1de
+	.long	0x4257b8d0
+	.long	0x5f40a3c2
+	.long	0x544daacc
+	.long	0xf7daec41
+	.long	0xfcd7e54f
+	.long	0xe1c0fe5d
+	.long	0xeacdf753
+	.long	0xdbeec879
+	.long	0xd0e3c177
+	.long	0xcdf4da65
+	.long	0xc6f9d36b
+	.long	0xafb2a431
+	.long	0xa4bfad3f
+	.long	0xb9a8b62d
+	.long	0xb2a5bf23
+	.long	0x83868009
+	.long	0x888b8907
+	.long	0x959c9215
+	.long	0x9e919b1b
+	.long	0x470a7ca1
+	.long	0x4c0775af
+	.long	0x51106ebd
+	.long	0x5a1d67b3
+	.long	0x6b3e5899
+	.long	0x60335197
+	.long	0x7d244a85
+	.long	0x7629438b
+	.long	0x1f6234d1
+	.long	0x146f3ddf
+	.long	0x097826cd
+	.long	0x02752fc3
+	.long	0x335610e9
+	.long	0x385b19e7
+	.long	0x254c02f5
+	.long	0x2e410bfb
+	.long	0x8c61d79a
+	.long	0x876cde94
+	.long	0x9a7bc586
+	.long	0x9176cc88
+	.long	0xa055f3a2
+	.long	0xab58faac
+	.long	0xb64fe1be
+	.long	0xbd42e8b0
+	.long	0xd4099fea
+	.long	0xdf0496e4
+	.long	0xc2138df6
+	.long	0xc91e84f8
+	.long	0xf83dbbd2
+	.long	0xf330b2dc
+	.long	0xee27a9ce
+	.long	0xe52aa0c0
+	.long	0x3cb1477a
+	.long	0x37bc4e74
+	.long	0x2aab5566
+	.long	0x21a65c68
+	.long	0x10856342
+	.long	0x1b886a4c
+	.long	0x069f715e
+	.long	0x0d927850
+	.long	0x64d90f0a
+	.long	0x6fd40604
+	.long	0x72c31d16
+	.long	0x79ce1418
+	.long	0x48ed2b32
+	.long	0x43e0223c
+	.long	0x5ef7392e
+	.long	0x55fa3020
+	.long	0x01b79aec
+	.long	0x0aba93e2
+	.long	0x17ad88f0
+	.long	0x1ca081fe
+	.long	0x2d83bed4
+	.long	0x268eb7da
+	.long	0x3b99acc8
+	.long	0x3094a5c6
+	.long	0x59dfd29c
+	.long	0x52d2db92
+	.long	0x4fc5c080
+	.long	0x44c8c98e
+	.long	0x75ebf6a4
+	.long	0x7ee6ffaa
+	.long	0x63f1e4b8
+	.long	0x68fcedb6
+	.long	0xb1670a0c
+	.long	0xba6a0302
+	.long	0xa77d1810
+	.long	0xac70111e
+	.long	0x9d532e34
+	.long	0x965e273a
+	.long	0x8b493c28
+	.long	0x80443526
+	.long	0xe90f427c
+	.long	0xe2024b72
+	.long	0xff155060
+	.long	0xf418596e
+	.long	0xc53b6644
+	.long	0xce366f4a
+	.long	0xd3217458
+	.long	0xd82c7d56
+	.long	0x7a0ca137
+	.long	0x7101a839
+	.long	0x6c16b32b
+	.long	0x671bba25
+	.long	0x5638850f
+	.long	0x5d358c01
+	.long	0x40229713
+	.long	0x4b2f9e1d
+	.long	0x2264e947
+	.long	0x2969e049
+	.long	0x347efb5b
+	.long	0x3f73f255
+	.long	0x0e50cd7f
+	.long	0x055dc471
+	.long	0x184adf63
+	.long	0x1347d66d
+	.long	0xcadc31d7
+	.long	0xc1d138d9
+	.long	0xdcc623cb
+	.long	0xd7cb2ac5
+	.long	0xe6e815ef
+	.long	0xede51ce1
+	.long	0xf0f207f3
+	.long	0xfbff0efd
+	.long	0x92b479a7
+	.long	0x99b970a9
+	.long	0x84ae6bbb
+	.long	0x8fa362b5
+	.long	0xbe805d9f
+	.long	0xb58d5491
+	.long	0xa89a4f83
+	.long	0xa397468d
+	// Table 1.
+	.long	0x00000000
+	.long	0x0d090e0b
+	.long	0x1a121c16
+	.long	0x171b121d
+	.long	0x3424382c
+	.long	0x392d3627
+	.long	0x2e36243a
+	.long	0x233f2a31
+	.long	0x68487058
+	.long	0x65417e53
+	.long	0x725a6c4e
+	.long	0x7f536245
+	.long	0x5c6c4874
+	.long	0x5165467f
+	.long	0x467e5462
+	.long	0x4b775a69
+	.long	0xd090e0b0
+	.long	0xdd99eebb
+	.long	0xca82fca6
+	.long	0xc78bf2ad
+	.long	0xe4b4d89c
+	.long	0xe9bdd697
+	.long	0xfea6c48a
+	.long	0xf3afca81
+	.long	0xb8d890e8
+	.long	0xb5d19ee3
+	.long	0xa2ca8cfe
+	.long	0xafc382f5
+	.long	0x8cfca8c4
+	.long	0x81f5a6cf
+	.long	0x96eeb4d2
+	.long	0x9be7bad9
+	.long	0xbb3bdb7b
+	.long	0xb632d570
+	.long	0xa129c76d
+	.long	0xac20c966
+	.long	0x8f1fe357
+	.long	0x8216ed5c
+	.long	0x950dff41
+	.long	0x9804f14a
+	.long	0xd373ab23
+	.long	0xde7aa528
+	.long	0xc961b735
+	.long	0xc468b93e
+	.long	0xe757930f
+	.long	0xea5e9d04
+	.long	0xfd458f19
+	.long	0xf04c8112
+	.long	0x6bab3bcb
+	.long	0x66a235c0
+	.long	0x71b927dd
+	.long	0x7cb029d6
+	.long	0x5f8f03e7
+	.long	0x52860dec
+	.long	0x459d1ff1
+	.long	0x489411fa
+	.long	0x03e34b93
+	.long	0x0eea4598
+	.long	0x19f15785
+	.long	0x14f8598e
+	.long	0x37c773bf
+	.long	0x3ace7db4
+	.long	0x2dd56fa9
+	.long	0x20dc61a2
+	.long	0x6d76adf6
+	.long	0x607fa3fd
+	.long	0x7764b1e0
+	.long	0x7a6dbfeb
+	.long	0x595295da
+	.long	0x545b9bd1
+	.long	0x434089cc
+	.long	0x4e4987c7
+	.long	0x053eddae
+	.long	0x0837d3a5
+	.long	0x1f2cc1b8
+	.long	0x1225cfb3
+	.long	0x311ae582
+	.long	0x3c13eb89
+	.long	0x2b08f994
+	.long	0x2601f79f
+	.long	0xbde64d46
+	.long	0xb0ef434d
+	.long	0xa7f45150
+	.long	0xaafd5f5b
+	.long	0x89c2756a
+	.long	0x84cb7b61
+	.long	0x93d0697c
+	.long	0x9ed96777
+	.long	0xd5ae3d1e
+	.long	0xd8a73315
+	.long	0xcfbc2108
+	.long	0xc2b52f03
+	.long	0xe18a0532
+	.long	0xec830b39
+	.long	0xfb981924
+	.long	0xf691172f
+	.long	0xd64d768d
+	.long	0xdb447886
+	.long	0xcc5f6a9b
+	.long	0xc1566490
+	.long	0xe2694ea1
+	.long	0xef6040aa
+	.long	0xf87b52b7
+	.long	0xf5725cbc
+	.long	0xbe0506d5
+	.long	0xb30c08de
+	.long	0xa4171ac3
+	.long	0xa91e14c8
+	.long	0x8a213ef9
+	.long	0x872830f2
+	.long	0x903322ef
+	.long	0x9d3a2ce4
+	.long	0x06dd963d
+	.long	0x0bd49836
+	.long	0x1ccf8a2b
+	.long	0x11c68420
+	.long	0x32f9ae11
+	.long	0x3ff0a01a
+	.long	0x28ebb207
+	.long	0x25e2bc0c
+	.long	0x6e95e665
+	.long	0x639ce86e
+	.long	0x7487fa73
+	.long	0x798ef478
+	.long	0x5ab1de49
+	.long	0x57b8d042
+	.long	0x40a3c25f
+	.long	0x4daacc54
+	.long	0xdaec41f7
+	.long	0xd7e54ffc
+	.long	0xc0fe5de1
+	.long	0xcdf753ea
+	.long	0xeec879db
+	.long	0xe3c177d0
+	.long	0xf4da65cd
+	.long	0xf9d36bc6
+	.long	0xb2a431af
+	.long	0xbfad3fa4
+	.long	0xa8b62db9
+	.long	0xa5bf23b2
+	.long	0x86800983
+	.long	0x8b890788
+	.long	0x9c921595
+	.long	0x919b1b9e
+	.long	0x0a7ca147
+	.long	0x0775af4c
+	.long	0x106ebd51
+	.long	0x1d67b35a
+	.long	0x3e58996b
+	.long	0x33519760
+	.long	0x244a857d
+	.long	0x29438b76
+	.long	0x6234d11f
+	.long	0x6f3ddf14
+	.long	0x7826cd09
+	.long	0x752fc302
+	.long	0x5610e933
+	.long	0x5b19e738
+	.long	0x4c02f525
+	.long	0x410bfb2e
+	.long	0x61d79a8c
+	.long	0x6cde9487
+	.long	0x7bc5869a
+	.long	0x76cc8891
+	.long	0x55f3a2a0
+	.long	0x58faacab
+	.long	0x4fe1beb6
+	.long	0x42e8b0bd
+	.long	0x099fead4
+	.long	0x0496e4df
+	.long	0x138df6c2
+	.long	0x1e84f8c9
+	.long	0x3dbbd2f8
+	.long	0x30b2dcf3
+	.long	0x27a9ceee
+	.long	0x2aa0c0e5
+	.long	0xb1477a3c
+	.long	0xbc4e7437
+	.long	0xab55662a
+	.long	0xa65c6821
+	.long	0x85634210
+	.long	0x886a4c1b
+	.long	0x9f715e06
+	.long	0x9278500d
+	.long	0xd90f0a64
+	.long	0xd406046f
+	.long	0xc31d1672
+	.long	0xce141879
+	.long	0xed2b3248
+	.long	0xe0223c43
+	.long	0xf7392e5e
+	.long	0xfa302055
+	.long	0xb79aec01
+	.long	0xba93e20a
+	.long	0xad88f017
+	.long	0xa081fe1c
+	.long	0x83bed42d
+	.long	0x8eb7da26
+	.long	0x99acc83b
+	.long	0x94a5c630
+	.long	0xdfd29c59
+	.long	0xd2db9252
+	.long	0xc5c0804f
+	.long	0xc8c98e44
+	.long	0xebf6a475
+	.long	0xe6ffaa7e
+	.long	0xf1e4b863
+	.long	0xfcedb668
+	.long	0x670a0cb1
+	.long	0x6a0302ba
+	.long	0x7d1810a7
+	.long	0x70111eac
+	.long	0x532e349d
+	.long	0x5e273a96
+	.long	0x493c288b
+	.long	0x44352680
+	.long	0x0f427ce9
+	.long	0x024b72e2
+	.long	0x155060ff
+	.long	0x18596ef4
+	.long	0x3b6644c5
+	.long	0x366f4ace
+	.long	0x217458d3
+	.long	0x2c7d56d8
+	.long	0x0ca1377a
+	.long	0x01a83971
+	.long	0x16b32b6c
+	.long	0x1bba2567
+	.long	0x38850f56
+	.long	0x358c015d
+	.long	0x22971340
+	.long	0x2f9e1d4b
+	.long	0x64e94722
+	.long	0x69e04929
+	.long	0x7efb5b34
+	.long	0x73f2553f
+	.long	0x50cd7f0e
+	.long	0x5dc47105
+	.long	0x4adf6318
+	.long	0x47d66d13
+	.long	0xdc31d7ca
+	.long	0xd138d9c1
+	.long	0xc623cbdc
+	.long	0xcb2ac5d7
+	.long	0xe815efe6
+	.long	0xe51ce1ed
+	.long	0xf207f3f0
+	.long	0xff0efdfb
+	.long	0xb479a792
+	.long	0xb970a999
+	.long	0xae6bbb84
+	.long	0xa362b58f
+	.long	0x805d9fbe
+	.long	0x8d5491b5
+	.long	0x9a4f83a8
+	.long	0x97468da3
+	// Table 2.
+	.long	0x00000000
+	.long	0x090e0b0d
+	.long	0x121c161a
+	.long	0x1b121d17
+	.long	0x24382c34
+	.long	0x2d362739
+	.long	0x36243a2e
+	.long	0x3f2a3123
+	.long	0x48705868
+	.long	0x417e5365
+	.long	0x5a6c4e72
+	.long	0x5362457f
+	.long	0x6c48745c
+	.long	0x65467f51
+	.long	0x7e546246
+	.long	0x775a694b
+	.long	0x90e0b0d0
+	.long	0x99eebbdd
+	.long	0x82fca6ca
+	.long	0x8bf2adc7
+	.long	0xb4d89ce4
+	.long	0xbdd697e9
+	.long	0xa6c48afe
+	.long	0xafca81f3
+	.long	0xd890e8b8
+	.long	0xd19ee3b5
+	.long	0xca8cfea2
+	.long	0xc382f5af
+	.long	0xfca8c48c
+	.long	0xf5a6cf81
+	.long	0xeeb4d296
+	.long	0xe7bad99b
+	.long	0x3bdb7bbb
+	.long	0x32d570b6
+	.long	0x29c76da1
+	.long	0x20c966ac
+	.long	0x1fe3578f
+	.long	0x16ed5c82
+	.long	0x0dff4195
+	.long	0x04f14a98
+	.long	0x73ab23d3
+	.long	0x7aa528de
+	.long	0x61b735c9
+	.long	0x68b93ec4
+	.long	0x57930fe7
+	.long	0x5e9d04ea
+	.long	0x458f19fd
+	.long	0x4c8112f0
+	.long	0xab3bcb6b
+	.long	0xa235c066
+	.long	0xb927dd71
+	.long	0xb029d67c
+	.long	0x8f03e75f
+	.long	0x860dec52
+	.long	0x9d1ff145
+	.long	0x9411fa48
+	.long	0xe34b9303
+	.long	0xea45980e
+	.long	0xf1578519
+	.long	0xf8598e14
+	.long	0xc773bf37
+	.long	0xce7db43a
+	.long	0xd56fa92d
+	.long	0xdc61a220
+	.long	0x76adf66d
+	.long	0x7fa3fd60
+	.long	0x64b1e077
+	.long	0x6dbfeb7a
+	.long	0x5295da59
+	.long	0x5b9bd154
+	.long	0x4089cc43
+	.long	0x4987c74e
+	.long	0x3eddae05
+	.long	0x37d3a508
+	.long	0x2cc1b81f
+	.long	0x25cfb312
+	.long	0x1ae58231
+	.long	0x13eb893c
+	.long	0x08f9942b
+	.long	0x01f79f26
+	.long	0xe64d46bd
+	.long	0xef434db0
+	.long	0xf45150a7
+	.long	0xfd5f5baa
+	.long	0xc2756a89
+	.long	0xcb7b6184
+	.long	0xd0697c93
+	.long	0xd967779e
+	.long	0xae3d1ed5
+	.long	0xa73315d8
+	.long	0xbc2108cf
+	.long	0xb52f03c2
+	.long	0x8a0532e1
+	.long	0x830b39ec
+	.long	0x981924fb
+	.long	0x91172ff6
+	.long	0x4d768dd6
+	.long	0x447886db
+	.long	0x5f6a9bcc
+	.long	0x566490c1
+	.long	0x694ea1e2
+	.long	0x6040aaef
+	.long	0x7b52b7f8
+	.long	0x725cbcf5
+	.long	0x0506d5be
+	.long	0x0c08deb3
+	.long	0x171ac3a4
+	.long	0x1e14c8a9
+	.long	0x213ef98a
+	.long	0x2830f287
+	.long	0x3322ef90
+	.long	0x3a2ce49d
+	.long	0xdd963d06
+	.long	0xd498360b
+	.long	0xcf8a2b1c
+	.long	0xc6842011
+	.long	0xf9ae1132
+	.long	0xf0a01a3f
+	.long	0xebb20728
+	.long	0xe2bc0c25
+	.long	0x95e6656e
+	.long	0x9ce86e63
+	.long	0x87fa7374
+	.long	0x8ef47879
+	.long	0xb1de495a
+	.long	0xb8d04257
+	.long	0xa3c25f40
+	.long	0xaacc544d
+	.long	0xec41f7da
+	.long	0xe54ffcd7
+	.long	0xfe5de1c0
+	.long	0xf753eacd
+	.long	0xc879dbee
+	.long	0xc177d0e3
+	.long	0xda65cdf4
+	.long	0xd36bc6f9
+	.long	0xa431afb2
+	.long	0xad3fa4bf
+	.long	0xb62db9a8
+	.long	0xbf23b2a5
+	.long	0x80098386
+	.long	0x8907888b
+	.long	0x9215959c
+	.long	0x9b1b9e91
+	.long	0x7ca1470a
+	.long	0x75af4c07
+	.long	0x6ebd5110
+	.long	0x67b35a1d
+	.long	0x58996b3e
+	.long	0x51976033
+	.long	0x4a857d24
+	.long	0x438b7629
+	.long	0x34d11f62
+	.long	0x3ddf146f
+	.long	0x26cd0978
+	.long	0x2fc30275
+	.long	0x10e93356
+	.long	0x19e7385b
+	.long	0x02f5254c
+	.long	0x0bfb2e41
+	.long	0xd79a8c61
+	.long	0xde94876c
+	.long	0xc5869a7b
+	.long	0xcc889176
+	.long	0xf3a2a055
+	.long	0xfaacab58
+	.long	0xe1beb64f
+	.long	0xe8b0bd42
+	.long	0x9fead409
+	.long	0x96e4df04
+	.long	0x8df6c213
+	.long	0x84f8c91e
+	.long	0xbbd2f83d
+	.long	0xb2dcf330
+	.long	0xa9ceee27
+	.long	0xa0c0e52a
+	.long	0x477a3cb1
+	.long	0x4e7437bc
+	.long	0x55662aab
+	.long	0x5c6821a6
+	.long	0x63421085
+	.long	0x6a4c1b88
+	.long	0x715e069f
+	.long	0x78500d92
+	.long	0x0f0a64d9
+	.long	0x06046fd4
+	.long	0x1d1672c3
+	.long	0x141879ce
+	.long	0x2b3248ed
+	.long	0x223c43e0
+	.long	0x392e5ef7
+	.long	0x302055fa
+	.long	0x9aec01b7
+	.long	0x93e20aba
+	.long	0x88f017ad
+	.long	0x81fe1ca0
+	.long	0xbed42d83
+	.long	0xb7da268e
+	.long	0xacc83b99
+	.long	0xa5c63094
+	.long	0xd29c59df
+	.long	0xdb9252d2
+	.long	0xc0804fc5
+	.long	0xc98e44c8
+	.long	0xf6a475eb
+	.long	0xffaa7ee6
+	.long	0xe4b863f1
+	.long	0xedb668fc
+	.long	0x0a0cb167
+	.long	0x0302ba6a
+	.long	0x1810a77d
+	.long	0x111eac70
+	.long	0x2e349d53
+	.long	0x273a965e
+	.long	0x3c288b49
+	.long	0x35268044
+	.long	0x427ce90f
+	.long	0x4b72e202
+	.long	0x5060ff15
+	.long	0x596ef418
+	.long	0x6644c53b
+	.long	0x6f4ace36
+	.long	0x7458d321
+	.long	0x7d56d82c
+	.long	0xa1377a0c
+	.long	0xa8397101
+	.long	0xb32b6c16
+	.long	0xba25671b
+	.long	0x850f5638
+	.long	0x8c015d35
+	.long	0x97134022
+	.long	0x9e1d4b2f
+	.long	0xe9472264
+	.long	0xe0492969
+	.long	0xfb5b347e
+	.long	0xf2553f73
+	.long	0xcd7f0e50
+	.long	0xc471055d
+	.long	0xdf63184a
+	.long	0xd66d1347
+	.long	0x31d7cadc
+	.long	0x38d9c1d1
+	.long	0x23cbdcc6
+	.long	0x2ac5d7cb
+	.long	0x15efe6e8
+	.long	0x1ce1ede5
+	.long	0x07f3f0f2
+	.long	0x0efdfbff
+	.long	0x79a792b4
+	.long	0x70a999b9
+	.long	0x6bbb84ae
+	.long	0x62b58fa3
+	.long	0x5d9fbe80
+	.long	0x5491b58d
+	.long	0x4f83a89a
+	.long	0x468da397
+	// Table 3.
+	.long	0x00000000
+	.long	0x0e0b0d09
+	.long	0x1c161a12
+	.long	0x121d171b
+	.long	0x382c3424
+	.long	0x3627392d
+	.long	0x243a2e36
+	.long	0x2a31233f
+	.long	0x70586848
+	.long	0x7e536541
+	.long	0x6c4e725a
+	.long	0x62457f53
+	.long	0x48745c6c
+	.long	0x467f5165
+	.long	0x5462467e
+	.long	0x5a694b77
+	.long	0xe0b0d090
+	.long	0xeebbdd99
+	.long	0xfca6ca82
+	.long	0xf2adc78b
+	.long	0xd89ce4b4
+	.long	0xd697e9bd
+	.long	0xc48afea6
+	.long	0xca81f3af
+	.long	0x90e8b8d8
+	.long	0x9ee3b5d1
+	.long	0x8cfea2ca
+	.long	0x82f5afc3
+	.long	0xa8c48cfc
+	.long	0xa6cf81f5
+	.long	0xb4d296ee
+	.long	0xbad99be7
+	.long	0xdb7bbb3b
+	.long	0xd570b632
+	.long	0xc76da129
+	.long	0xc966ac20
+	.long	0xe3578f1f
+	.long	0xed5c8216
+	.long	0xff41950d
+	.long	0xf14a9804
+	.long	0xab23d373
+	.long	0xa528de7a
+	.long	0xb735c961
+	.long	0xb93ec468
+	.long	0x930fe757
+	.long	0x9d04ea5e
+	.long	0x8f19fd45
+	.long	0x8112f04c
+	.long	0x3bcb6bab
+	.long	0x35c066a2
+	.long	0x27dd71b9
+	.long	0x29d67cb0
+	.long	0x03e75f8f
+	.long	0x0dec5286
+	.long	0x1ff1459d
+	.long	0x11fa4894
+	.long	0x4b9303e3
+	.long	0x45980eea
+	.long	0x578519f1
+	.long	0x598e14f8
+	.long	0x73bf37c7
+	.long	0x7db43ace
+	.long	0x6fa92dd5
+	.long	0x61a220dc
+	.long	0xadf66d76
+	.long	0xa3fd607f
+	.long	0xb1e07764
+	.long	0xbfeb7a6d
+	.long	0x95da5952
+	.long	0x9bd1545b
+	.long	0x89cc4340
+	.long	0x87c74e49
+	.long	0xddae053e
+	.long	0xd3a50837
+	.long	0xc1b81f2c
+	.long	0xcfb31225
+	.long	0xe582311a
+	.long	0xeb893c13
+	.long	0xf9942b08
+	.long	0xf79f2601
+	.long	0x4d46bde6
+	.long	0x434db0ef
+	.long	0x5150a7f4
+	.long	0x5f5baafd
+	.long	0x756a89c2
+	.long	0x7b6184cb
+	.long	0x697c93d0
+	.long	0x67779ed9
+	.long	0x3d1ed5ae
+	.long	0x3315d8a7
+	.long	0x2108cfbc
+	.long	0x2f03c2b5
+	.long	0x0532e18a
+	.long	0x0b39ec83
+	.long	0x1924fb98
+	.long	0x172ff691
+	.long	0x768dd64d
+	.long	0x7886db44
+	.long	0x6a9bcc5f
+	.long	0x6490c156
+	.long	0x4ea1e269
+	.long	0x40aaef60
+	.long	0x52b7f87b
+	.long	0x5cbcf572
+	.long	0x06d5be05
+	.long	0x08deb30c
+	.long	0x1ac3a417
+	.long	0x14c8a91e
+	.long	0x3ef98a21
+	.long	0x30f28728
+	.long	0x22ef9033
+	.long	0x2ce49d3a
+	.long	0x963d06dd
+	.long	0x98360bd4
+	.long	0x8a2b1ccf
+	.long	0x842011c6
+	.long	0xae1132f9
+	.long	0xa01a3ff0
+	.long	0xb20728eb
+	.long	0xbc0c25e2
+	.long	0xe6656e95
+	.long	0xe86e639c
+	.long	0xfa737487
+	.long	0xf478798e
+	.long	0xde495ab1
+	.long	0xd04257b8
+	.long	0xc25f40a3
+	.long	0xcc544daa
+	.long	0x41f7daec
+	.long	0x4ffcd7e5
+	.long	0x5de1c0fe
+	.long	0x53eacdf7
+	.long	0x79dbeec8
+	.long	0x77d0e3c1
+	.long	0x65cdf4da
+	.long	0x6bc6f9d3
+	.long	0x31afb2a4
+	.long	0x3fa4bfad
+	.long	0x2db9a8b6
+	.long	0x23b2a5bf
+	.long	0x09838680
+	.long	0x07888b89
+	.long	0x15959c92
+	.long	0x1b9e919b
+	.long	0xa1470a7c
+	.long	0xaf4c0775
+	.long	0xbd51106e
+	.long	0xb35a1d67
+	.long	0x996b3e58
+	.long	0x97603351
+	.long	0x857d244a
+	.long	0x8b762943
+	.long	0xd11f6234
+	.long	0xdf146f3d
+	.long	0xcd097826
+	.long	0xc302752f
+	.long	0xe9335610
+	.long	0xe7385b19
+	.long	0xf5254c02
+	.long	0xfb2e410b
+	.long	0x9a8c61d7
+	.long	0x94876cde
+	.long	0x869a7bc5
+	.long	0x889176cc
+	.long	0xa2a055f3
+	.long	0xacab58fa
+	.long	0xbeb64fe1
+	.long	0xb0bd42e8
+	.long	0xead4099f
+	.long	0xe4df0496
+	.long	0xf6c2138d
+	.long	0xf8c91e84
+	.long	0xd2f83dbb
+	.long	0xdcf330b2
+	.long	0xceee27a9
+	.long	0xc0e52aa0
+	.long	0x7a3cb147
+	.long	0x7437bc4e
+	.long	0x662aab55
+	.long	0x6821a65c
+	.long	0x42108563
+	.long	0x4c1b886a
+	.long	0x5e069f71
+	.long	0x500d9278
+	.long	0x0a64d90f
+	.long	0x046fd406
+	.long	0x1672c31d
+	.long	0x1879ce14
+	.long	0x3248ed2b
+	.long	0x3c43e022
+	.long	0x2e5ef739
+	.long	0x2055fa30
+	.long	0xec01b79a
+	.long	0xe20aba93
+	.long	0xf017ad88
+	.long	0xfe1ca081
+	.long	0xd42d83be
+	.long	0xda268eb7
+	.long	0xc83b99ac
+	.long	0xc63094a5
+	.long	0x9c59dfd2
+	.long	0x9252d2db
+	.long	0x804fc5c0
+	.long	0x8e44c8c9
+	.long	0xa475ebf6
+	.long	0xaa7ee6ff
+	.long	0xb863f1e4
+	.long	0xb668fced
+	.long	0x0cb1670a
+	.long	0x02ba6a03
+	.long	0x10a77d18
+	.long	0x1eac7011
+	.long	0x349d532e
+	.long	0x3a965e27
+	.long	0x288b493c
+	.long	0x26804435
+	.long	0x7ce90f42
+	.long	0x72e2024b
+	.long	0x60ff1550
+	.long	0x6ef41859
+	.long	0x44c53b66
+	.long	0x4ace366f
+	.long	0x58d32174
+	.long	0x56d82c7d
+	.long	0x377a0ca1
+	.long	0x397101a8
+	.long	0x2b6c16b3
+	.long	0x25671bba
+	.long	0x0f563885
+	.long	0x015d358c
+	.long	0x13402297
+	.long	0x1d4b2f9e
+	.long	0x472264e9
+	.long	0x492969e0
+	.long	0x5b347efb
+	.long	0x553f73f2
+	.long	0x7f0e50cd
+	.long	0x71055dc4
+	.long	0x63184adf
+	.long	0x6d1347d6
+	.long	0xd7cadc31
+	.long	0xd9c1d138
+	.long	0xcbdcc623
+	.long	0xc5d7cb2a
+	.long	0xefe6e815
+	.long	0xe1ede51c
+	.long	0xf3f0f207
+	.long	0xfdfbff0e
+	.long	0xa792b479
+	.long	0xa999b970
+	.long	0xbb84ae6b
+	.long	0xb58fa362
+	.long	0x9fbe805d
+	.long	0x91b58d54
+	.long	0x83a89a4f
+	.long	0x8da39746
+
+
+// Tables for main encryption iterations.
+	.globl	_AESEncryptTable
+	.private_extern	_AESEncryptTable
+	.align	2
+_AESEncryptTable:
+	// Table 0.
+	.long	0xa56363c6
+	.long	0x847c7cf8
+	.long	0x997777ee
+	.long	0x8d7b7bf6
+	.long	0x0df2f2ff
+	.long	0xbd6b6bd6
+	.long	0xb16f6fde
+	.long	0x54c5c591
+	.long	0x50303060
+	.long	0x03010102
+	.long	0xa96767ce
+	.long	0x7d2b2b56
+	.long	0x19fefee7
+	.long	0x62d7d7b5
+	.long	0xe6abab4d
+	.long	0x9a7676ec
+	.long	0x45caca8f
+	.long	0x9d82821f
+	.long	0x40c9c989
+	.long	0x877d7dfa
+	.long	0x15fafaef
+	.long	0xeb5959b2
+	.long	0xc947478e
+	.long	0x0bf0f0fb
+	.long	0xecadad41
+	.long	0x67d4d4b3
+	.long	0xfda2a25f
+	.long	0xeaafaf45
+	.long	0xbf9c9c23
+	.long	0xf7a4a453
+	.long	0x967272e4
+	.long	0x5bc0c09b
+	.long	0xc2b7b775
+	.long	0x1cfdfde1
+	.long	0xae93933d
+	.long	0x6a26264c
+	.long	0x5a36366c
+	.long	0x413f3f7e
+	.long	0x02f7f7f5
+	.long	0x4fcccc83
+	.long	0x5c343468
+	.long	0xf4a5a551
+	.long	0x34e5e5d1
+	.long	0x08f1f1f9
+	.long	0x937171e2
+	.long	0x73d8d8ab
+	.long	0x53313162
+	.long	0x3f15152a
+	.long	0x0c040408
+	.long	0x52c7c795
+	.long	0x65232346
+	.long	0x5ec3c39d
+	.long	0x28181830
+	.long	0xa1969637
+	.long	0x0f05050a
+	.long	0xb59a9a2f
+	.long	0x0907070e
+	.long	0x36121224
+	.long	0x9b80801b
+	.long	0x3de2e2df
+	.long	0x26ebebcd
+	.long	0x6927274e
+	.long	0xcdb2b27f
+	.long	0x9f7575ea
+	.long	0x1b090912
+	.long	0x9e83831d
+	.long	0x742c2c58
+	.long	0x2e1a1a34
+	.long	0x2d1b1b36
+	.long	0xb26e6edc
+	.long	0xee5a5ab4
+	.long	0xfba0a05b
+	.long	0xf65252a4
+	.long	0x4d3b3b76
+	.long	0x61d6d6b7
+	.long	0xceb3b37d
+	.long	0x7b292952
+	.long	0x3ee3e3dd
+	.long	0x712f2f5e
+	.long	0x97848413
+	.long	0xf55353a6
+	.long	0x68d1d1b9
+	.long	0x00000000
+	.long	0x2cededc1
+	.long	0x60202040
+	.long	0x1ffcfce3
+	.long	0xc8b1b179
+	.long	0xed5b5bb6
+	.long	0xbe6a6ad4
+	.long	0x46cbcb8d
+	.long	0xd9bebe67
+	.long	0x4b393972
+	.long	0xde4a4a94
+	.long	0xd44c4c98
+	.long	0xe85858b0
+	.long	0x4acfcf85
+	.long	0x6bd0d0bb
+	.long	0x2aefefc5
+	.long	0xe5aaaa4f
+	.long	0x16fbfbed
+	.long	0xc5434386
+	.long	0xd74d4d9a
+	.long	0x55333366
+	.long	0x94858511
+	.long	0xcf45458a
+	.long	0x10f9f9e9
+	.long	0x06020204
+	.long	0x817f7ffe
+	.long	0xf05050a0
+	.long	0x443c3c78
+	.long	0xba9f9f25
+	.long	0xe3a8a84b
+	.long	0xf35151a2
+	.long	0xfea3a35d
+	.long	0xc0404080
+	.long	0x8a8f8f05
+	.long	0xad92923f
+	.long	0xbc9d9d21
+	.long	0x48383870
+	.long	0x04f5f5f1
+	.long	0xdfbcbc63
+	.long	0xc1b6b677
+	.long	0x75dadaaf
+	.long	0x63212142
+	.long	0x30101020
+	.long	0x1affffe5
+	.long	0x0ef3f3fd
+	.long	0x6dd2d2bf
+	.long	0x4ccdcd81
+	.long	0x140c0c18
+	.long	0x35131326
+	.long	0x2fececc3
+	.long	0xe15f5fbe
+	.long	0xa2979735
+	.long	0xcc444488
+	.long	0x3917172e
+	.long	0x57c4c493
+	.long	0xf2a7a755
+	.long	0x827e7efc
+	.long	0x473d3d7a
+	.long	0xac6464c8
+	.long	0xe75d5dba
+	.long	0x2b191932
+	.long	0x957373e6
+	.long	0xa06060c0
+	.long	0x98818119
+	.long	0xd14f4f9e
+	.long	0x7fdcdca3
+	.long	0x66222244
+	.long	0x7e2a2a54
+	.long	0xab90903b
+	.long	0x8388880b
+	.long	0xca46468c
+	.long	0x29eeeec7
+	.long	0xd3b8b86b
+	.long	0x3c141428
+	.long	0x79dedea7
+	.long	0xe25e5ebc
+	.long	0x1d0b0b16
+	.long	0x76dbdbad
+	.long	0x3be0e0db
+	.long	0x56323264
+	.long	0x4e3a3a74
+	.long	0x1e0a0a14
+	.long	0xdb494992
+	.long	0x0a06060c
+	.long	0x6c242448
+	.long	0xe45c5cb8
+	.long	0x5dc2c29f
+	.long	0x6ed3d3bd
+	.long	0xefacac43
+	.long	0xa66262c4
+	.long	0xa8919139
+	.long	0xa4959531
+	.long	0x37e4e4d3
+	.long	0x8b7979f2
+	.long	0x32e7e7d5
+	.long	0x43c8c88b
+	.long	0x5937376e
+	.long	0xb76d6dda
+	.long	0x8c8d8d01
+	.long	0x64d5d5b1
+	.long	0xd24e4e9c
+	.long	0xe0a9a949
+	.long	0xb46c6cd8
+	.long	0xfa5656ac
+	.long	0x07f4f4f3
+	.long	0x25eaeacf
+	.long	0xaf6565ca
+	.long	0x8e7a7af4
+	.long	0xe9aeae47
+	.long	0x18080810
+	.long	0xd5baba6f
+	.long	0x887878f0
+	.long	0x6f25254a
+	.long	0x722e2e5c
+	.long	0x241c1c38
+	.long	0xf1a6a657
+	.long	0xc7b4b473
+	.long	0x51c6c697
+	.long	0x23e8e8cb
+	.long	0x7cdddda1
+	.long	0x9c7474e8
+	.long	0x211f1f3e
+	.long	0xdd4b4b96
+	.long	0xdcbdbd61
+	.long	0x868b8b0d
+	.long	0x858a8a0f
+	.long	0x907070e0
+	.long	0x423e3e7c
+	.long	0xc4b5b571
+	.long	0xaa6666cc
+	.long	0xd8484890
+	.long	0x05030306
+	.long	0x01f6f6f7
+	.long	0x120e0e1c
+	.long	0xa36161c2
+	.long	0x5f35356a
+	.long	0xf95757ae
+	.long	0xd0b9b969
+	.long	0x91868617
+	.long	0x58c1c199
+	.long	0x271d1d3a
+	.long	0xb99e9e27
+	.long	0x38e1e1d9
+	.long	0x13f8f8eb
+	.long	0xb398982b
+	.long	0x33111122
+	.long	0xbb6969d2
+	.long	0x70d9d9a9
+	.long	0x898e8e07
+	.long	0xa7949433
+	.long	0xb69b9b2d
+	.long	0x221e1e3c
+	.long	0x92878715
+	.long	0x20e9e9c9
+	.long	0x49cece87
+	.long	0xff5555aa
+	.long	0x78282850
+	.long	0x7adfdfa5
+	.long	0x8f8c8c03
+	.long	0xf8a1a159
+	.long	0x80898909
+	.long	0x170d0d1a
+	.long	0xdabfbf65
+	.long	0x31e6e6d7
+	.long	0xc6424284
+	.long	0xb86868d0
+	.long	0xc3414182
+	.long	0xb0999929
+	.long	0x772d2d5a
+	.long	0x110f0f1e
+	.long	0xcbb0b07b
+	.long	0xfc5454a8
+	.long	0xd6bbbb6d
+	.long	0x3a16162c
+	// Table 1.
+	.long	0x6363c6a5
+	.long	0x7c7cf884
+	.long	0x7777ee99
+	.long	0x7b7bf68d
+	.long	0xf2f2ff0d
+	.long	0x6b6bd6bd
+	.long	0x6f6fdeb1
+	.long	0xc5c59154
+	.long	0x30306050
+	.long	0x01010203
+	.long	0x6767cea9
+	.long	0x2b2b567d
+	.long	0xfefee719
+	.long	0xd7d7b562
+	.long	0xabab4de6
+	.long	0x7676ec9a
+	.long	0xcaca8f45
+	.long	0x82821f9d
+	.long	0xc9c98940
+	.long	0x7d7dfa87
+	.long	0xfafaef15
+	.long	0x5959b2eb
+	.long	0x47478ec9
+	.long	0xf0f0fb0b
+	.long	0xadad41ec
+	.long	0xd4d4b367
+	.long	0xa2a25ffd
+	.long	0xafaf45ea
+	.long	0x9c9c23bf
+	.long	0xa4a453f7
+	.long	0x7272e496
+	.long	0xc0c09b5b
+	.long	0xb7b775c2
+	.long	0xfdfde11c
+	.long	0x93933dae
+	.long	0x26264c6a
+	.long	0x36366c5a
+	.long	0x3f3f7e41
+	.long	0xf7f7f502
+	.long	0xcccc834f
+	.long	0x3434685c
+	.long	0xa5a551f4
+	.long	0xe5e5d134
+	.long	0xf1f1f908
+	.long	0x7171e293
+	.long	0xd8d8ab73
+	.long	0x31316253
+	.long	0x15152a3f
+	.long	0x0404080c
+	.long	0xc7c79552
+	.long	0x23234665
+	.long	0xc3c39d5e
+	.long	0x18183028
+	.long	0x969637a1
+	.long	0x05050a0f
+	.long	0x9a9a2fb5
+	.long	0x07070e09
+	.long	0x12122436
+	.long	0x80801b9b
+	.long	0xe2e2df3d
+	.long	0xebebcd26
+	.long	0x27274e69
+	.long	0xb2b27fcd
+	.long	0x7575ea9f
+	.long	0x0909121b
+	.long	0x83831d9e
+	.long	0x2c2c5874
+	.long	0x1a1a342e
+	.long	0x1b1b362d
+	.long	0x6e6edcb2
+	.long	0x5a5ab4ee
+	.long	0xa0a05bfb
+	.long	0x5252a4f6
+	.long	0x3b3b764d
+	.long	0xd6d6b761
+	.long	0xb3b37dce
+	.long	0x2929527b
+	.long	0xe3e3dd3e
+	.long	0x2f2f5e71
+	.long	0x84841397
+	.long	0x5353a6f5
+	.long	0xd1d1b968
+	.long	0x00000000
+	.long	0xededc12c
+	.long	0x20204060
+	.long	0xfcfce31f
+	.long	0xb1b179c8
+	.long	0x5b5bb6ed
+	.long	0x6a6ad4be
+	.long	0xcbcb8d46
+	.long	0xbebe67d9
+	.long	0x3939724b
+	.long	0x4a4a94de
+	.long	0x4c4c98d4
+	.long	0x5858b0e8
+	.long	0xcfcf854a
+	.long	0xd0d0bb6b
+	.long	0xefefc52a
+	.long	0xaaaa4fe5
+	.long	0xfbfbed16
+	.long	0x434386c5
+	.long	0x4d4d9ad7
+	.long	0x33336655
+	.long	0x85851194
+	.long	0x45458acf
+	.long	0xf9f9e910
+	.long	0x02020406
+	.long	0x7f7ffe81
+	.long	0x5050a0f0
+	.long	0x3c3c7844
+	.long	0x9f9f25ba
+	.long	0xa8a84be3
+	.long	0x5151a2f3
+	.long	0xa3a35dfe
+	.long	0x404080c0
+	.long	0x8f8f058a
+	.long	0x92923fad
+	.long	0x9d9d21bc
+	.long	0x38387048
+	.long	0xf5f5f104
+	.long	0xbcbc63df
+	.long	0xb6b677c1
+	.long	0xdadaaf75
+	.long	0x21214263
+	.long	0x10102030
+	.long	0xffffe51a
+	.long	0xf3f3fd0e
+	.long	0xd2d2bf6d
+	.long	0xcdcd814c
+	.long	0x0c0c1814
+	.long	0x13132635
+	.long	0xececc32f
+	.long	0x5f5fbee1
+	.long	0x979735a2
+	.long	0x444488cc
+	.long	0x17172e39
+	.long	0xc4c49357
+	.long	0xa7a755f2
+	.long	0x7e7efc82
+	.long	0x3d3d7a47
+	.long	0x6464c8ac
+	.long	0x5d5dbae7
+	.long	0x1919322b
+	.long	0x7373e695
+	.long	0x6060c0a0
+	.long	0x81811998
+	.long	0x4f4f9ed1
+	.long	0xdcdca37f
+	.long	0x22224466
+	.long	0x2a2a547e
+	.long	0x90903bab
+	.long	0x88880b83
+	.long	0x46468cca
+	.long	0xeeeec729
+	.long	0xb8b86bd3
+	.long	0x1414283c
+	.long	0xdedea779
+	.long	0x5e5ebce2
+	.long	0x0b0b161d
+	.long	0xdbdbad76
+	.long	0xe0e0db3b
+	.long	0x32326456
+	.long	0x3a3a744e
+	.long	0x0a0a141e
+	.long	0x494992db
+	.long	0x06060c0a
+	.long	0x2424486c
+	.long	0x5c5cb8e4
+	.long	0xc2c29f5d
+	.long	0xd3d3bd6e
+	.long	0xacac43ef
+	.long	0x6262c4a6
+	.long	0x919139a8
+	.long	0x959531a4
+	.long	0xe4e4d337
+	.long	0x7979f28b
+	.long	0xe7e7d532
+	.long	0xc8c88b43
+	.long	0x37376e59
+	.long	0x6d6ddab7
+	.long	0x8d8d018c
+	.long	0xd5d5b164
+	.long	0x4e4e9cd2
+	.long	0xa9a949e0
+	.long	0x6c6cd8b4
+	.long	0x5656acfa
+	.long	0xf4f4f307
+	.long	0xeaeacf25
+	.long	0x6565caaf
+	.long	0x7a7af48e
+	.long	0xaeae47e9
+	.long	0x08081018
+	.long	0xbaba6fd5
+	.long	0x7878f088
+	.long	0x25254a6f
+	.long	0x2e2e5c72
+	.long	0x1c1c3824
+	.long	0xa6a657f1
+	.long	0xb4b473c7
+	.long	0xc6c69751
+	.long	0xe8e8cb23
+	.long	0xdddda17c
+	.long	0x7474e89c
+	.long	0x1f1f3e21
+	.long	0x4b4b96dd
+	.long	0xbdbd61dc
+	.long	0x8b8b0d86
+	.long	0x8a8a0f85
+	.long	0x7070e090
+	.long	0x3e3e7c42
+	.long	0xb5b571c4
+	.long	0x6666ccaa
+	.long	0x484890d8
+	.long	0x03030605
+	.long	0xf6f6f701
+	.long	0x0e0e1c12
+	.long	0x6161c2a3
+	.long	0x35356a5f
+	.long	0x5757aef9
+	.long	0xb9b969d0
+	.long	0x86861791
+	.long	0xc1c19958
+	.long	0x1d1d3a27
+	.long	0x9e9e27b9
+	.long	0xe1e1d938
+	.long	0xf8f8eb13
+	.long	0x98982bb3
+	.long	0x11112233
+	.long	0x6969d2bb
+	.long	0xd9d9a970
+	.long	0x8e8e0789
+	.long	0x949433a7
+	.long	0x9b9b2db6
+	.long	0x1e1e3c22
+	.long	0x87871592
+	.long	0xe9e9c920
+	.long	0xcece8749
+	.long	0x5555aaff
+	.long	0x28285078
+	.long	0xdfdfa57a
+	.long	0x8c8c038f
+	.long	0xa1a159f8
+	.long	0x89890980
+	.long	0x0d0d1a17
+	.long	0xbfbf65da
+	.long	0xe6e6d731
+	.long	0x424284c6
+	.long	0x6868d0b8
+	.long	0x414182c3
+	.long	0x999929b0
+	.long	0x2d2d5a77
+	.long	0x0f0f1e11
+	.long	0xb0b07bcb
+	.long	0x5454a8fc
+	.long	0xbbbb6dd6
+	.long	0x16162c3a
+	// Table 2.
+	.long	0x63c6a563
+	.long	0x7cf8847c
+	.long	0x77ee9977
+	.long	0x7bf68d7b
+	.long	0xf2ff0df2
+	.long	0x6bd6bd6b
+	.long	0x6fdeb16f
+	.long	0xc59154c5
+	.long	0x30605030
+	.long	0x01020301
+	.long	0x67cea967
+	.long	0x2b567d2b
+	.long	0xfee719fe
+	.long	0xd7b562d7
+	.long	0xab4de6ab
+	.long	0x76ec9a76
+	.long	0xca8f45ca
+	.long	0x821f9d82
+	.long	0xc98940c9
+	.long	0x7dfa877d
+	.long	0xfaef15fa
+	.long	0x59b2eb59
+	.long	0x478ec947
+	.long	0xf0fb0bf0
+	.long	0xad41ecad
+	.long	0xd4b367d4
+	.long	0xa25ffda2
+	.long	0xaf45eaaf
+	.long	0x9c23bf9c
+	.long	0xa453f7a4
+	.long	0x72e49672
+	.long	0xc09b5bc0
+	.long	0xb775c2b7
+	.long	0xfde11cfd
+	.long	0x933dae93
+	.long	0x264c6a26
+	.long	0x366c5a36
+	.long	0x3f7e413f
+	.long	0xf7f502f7
+	.long	0xcc834fcc
+	.long	0x34685c34
+	.long	0xa551f4a5
+	.long	0xe5d134e5
+	.long	0xf1f908f1
+	.long	0x71e29371
+	.long	0xd8ab73d8
+	.long	0x31625331
+	.long	0x152a3f15
+	.long	0x04080c04
+	.long	0xc79552c7
+	.long	0x23466523
+	.long	0xc39d5ec3
+	.long	0x18302818
+	.long	0x9637a196
+	.long	0x050a0f05
+	.long	0x9a2fb59a
+	.long	0x070e0907
+	.long	0x12243612
+	.long	0x801b9b80
+	.long	0xe2df3de2
+	.long	0xebcd26eb
+	.long	0x274e6927
+	.long	0xb27fcdb2
+	.long	0x75ea9f75
+	.long	0x09121b09
+	.long	0x831d9e83
+	.long	0x2c58742c
+	.long	0x1a342e1a
+	.long	0x1b362d1b
+	.long	0x6edcb26e
+	.long	0x5ab4ee5a
+	.long	0xa05bfba0
+	.long	0x52a4f652
+	.long	0x3b764d3b
+	.long	0xd6b761d6
+	.long	0xb37dceb3
+	.long	0x29527b29
+	.long	0xe3dd3ee3
+	.long	0x2f5e712f
+	.long	0x84139784
+	.long	0x53a6f553
+	.long	0xd1b968d1
+	.long	0x00000000
+	.long	0xedc12ced
+	.long	0x20406020
+	.long	0xfce31ffc
+	.long	0xb179c8b1
+	.long	0x5bb6ed5b
+	.long	0x6ad4be6a
+	.long	0xcb8d46cb
+	.long	0xbe67d9be
+	.long	0x39724b39
+	.long	0x4a94de4a
+	.long	0x4c98d44c
+	.long	0x58b0e858
+	.long	0xcf854acf
+	.long	0xd0bb6bd0
+	.long	0xefc52aef
+	.long	0xaa4fe5aa
+	.long	0xfbed16fb
+	.long	0x4386c543
+	.long	0x4d9ad74d
+	.long	0x33665533
+	.long	0x85119485
+	.long	0x458acf45
+	.long	0xf9e910f9
+	.long	0x02040602
+	.long	0x7ffe817f
+	.long	0x50a0f050
+	.long	0x3c78443c
+	.long	0x9f25ba9f
+	.long	0xa84be3a8
+	.long	0x51a2f351
+	.long	0xa35dfea3
+	.long	0x4080c040
+	.long	0x8f058a8f
+	.long	0x923fad92
+	.long	0x9d21bc9d
+	.long	0x38704838
+	.long	0xf5f104f5
+	.long	0xbc63dfbc
+	.long	0xb677c1b6
+	.long	0xdaaf75da
+	.long	0x21426321
+	.long	0x10203010
+	.long	0xffe51aff
+	.long	0xf3fd0ef3
+	.long	0xd2bf6dd2
+	.long	0xcd814ccd
+	.long	0x0c18140c
+	.long	0x13263513
+	.long	0xecc32fec
+	.long	0x5fbee15f
+	.long	0x9735a297
+	.long	0x4488cc44
+	.long	0x172e3917
+	.long	0xc49357c4
+	.long	0xa755f2a7
+	.long	0x7efc827e
+	.long	0x3d7a473d
+	.long	0x64c8ac64
+	.long	0x5dbae75d
+	.long	0x19322b19
+	.long	0x73e69573
+	.long	0x60c0a060
+	.long	0x81199881
+	.long	0x4f9ed14f
+	.long	0xdca37fdc
+	.long	0x22446622
+	.long	0x2a547e2a
+	.long	0x903bab90
+	.long	0x880b8388
+	.long	0x468cca46
+	.long	0xeec729ee
+	.long	0xb86bd3b8
+	.long	0x14283c14
+	.long	0xdea779de
+	.long	0x5ebce25e
+	.long	0x0b161d0b
+	.long	0xdbad76db
+	.long	0xe0db3be0
+	.long	0x32645632
+	.long	0x3a744e3a
+	.long	0x0a141e0a
+	.long	0x4992db49
+	.long	0x060c0a06
+	.long	0x24486c24
+	.long	0x5cb8e45c
+	.long	0xc29f5dc2
+	.long	0xd3bd6ed3
+	.long	0xac43efac
+	.long	0x62c4a662
+	.long	0x9139a891
+	.long	0x9531a495
+	.long	0xe4d337e4
+	.long	0x79f28b79
+	.long	0xe7d532e7
+	.long	0xc88b43c8
+	.long	0x376e5937
+	.long	0x6ddab76d
+	.long	0x8d018c8d
+	.long	0xd5b164d5
+	.long	0x4e9cd24e
+	.long	0xa949e0a9
+	.long	0x6cd8b46c
+	.long	0x56acfa56
+	.long	0xf4f307f4
+	.long	0xeacf25ea
+	.long	0x65caaf65
+	.long	0x7af48e7a
+	.long	0xae47e9ae
+	.long	0x08101808
+	.long	0xba6fd5ba
+	.long	0x78f08878
+	.long	0x254a6f25
+	.long	0x2e5c722e
+	.long	0x1c38241c
+	.long	0xa657f1a6
+	.long	0xb473c7b4
+	.long	0xc69751c6
+	.long	0xe8cb23e8
+	.long	0xdda17cdd
+	.long	0x74e89c74
+	.long	0x1f3e211f
+	.long	0x4b96dd4b
+	.long	0xbd61dcbd
+	.long	0x8b0d868b
+	.long	0x8a0f858a
+	.long	0x70e09070
+	.long	0x3e7c423e
+	.long	0xb571c4b5
+	.long	0x66ccaa66
+	.long	0x4890d848
+	.long	0x03060503
+	.long	0xf6f701f6
+	.long	0x0e1c120e
+	.long	0x61c2a361
+	.long	0x356a5f35
+	.long	0x57aef957
+	.long	0xb969d0b9
+	.long	0x86179186
+	.long	0xc19958c1
+	.long	0x1d3a271d
+	.long	0x9e27b99e
+	.long	0xe1d938e1
+	.long	0xf8eb13f8
+	.long	0x982bb398
+	.long	0x11223311
+	.long	0x69d2bb69
+	.long	0xd9a970d9
+	.long	0x8e07898e
+	.long	0x9433a794
+	.long	0x9b2db69b
+	.long	0x1e3c221e
+	.long	0x87159287
+	.long	0xe9c920e9
+	.long	0xce8749ce
+	.long	0x55aaff55
+	.long	0x28507828
+	.long	0xdfa57adf
+	.long	0x8c038f8c
+	.long	0xa159f8a1
+	.long	0x89098089
+	.long	0x0d1a170d
+	.long	0xbf65dabf
+	.long	0xe6d731e6
+	.long	0x4284c642
+	.long	0x68d0b868
+	.long	0x4182c341
+	.long	0x9929b099
+	.long	0x2d5a772d
+	.long	0x0f1e110f
+	.long	0xb07bcbb0
+	.long	0x54a8fc54
+	.long	0xbb6dd6bb
+	.long	0x162c3a16
+	// Table 3.
+	.long	0xc6a56363
+	.long	0xf8847c7c
+	.long	0xee997777
+	.long	0xf68d7b7b
+	.long	0xff0df2f2
+	.long	0xd6bd6b6b
+	.long	0xdeb16f6f
+	.long	0x9154c5c5
+	.long	0x60503030
+	.long	0x02030101
+	.long	0xcea96767
+	.long	0x567d2b2b
+	.long	0xe719fefe
+	.long	0xb562d7d7
+	.long	0x4de6abab
+	.long	0xec9a7676
+	.long	0x8f45caca
+	.long	0x1f9d8282
+	.long	0x8940c9c9
+	.long	0xfa877d7d
+	.long	0xef15fafa
+	.long	0xb2eb5959
+	.long	0x8ec94747
+	.long	0xfb0bf0f0
+	.long	0x41ecadad
+	.long	0xb367d4d4
+	.long	0x5ffda2a2
+	.long	0x45eaafaf
+	.long	0x23bf9c9c
+	.long	0x53f7a4a4
+	.long	0xe4967272
+	.long	0x9b5bc0c0
+	.long	0x75c2b7b7
+	.long	0xe11cfdfd
+	.long	0x3dae9393
+	.long	0x4c6a2626
+	.long	0x6c5a3636
+	.long	0x7e413f3f
+	.long	0xf502f7f7
+	.long	0x834fcccc
+	.long	0x685c3434
+	.long	0x51f4a5a5
+	.long	0xd134e5e5
+	.long	0xf908f1f1
+	.long	0xe2937171
+	.long	0xab73d8d8
+	.long	0x62533131
+	.long	0x2a3f1515
+	.long	0x080c0404
+	.long	0x9552c7c7
+	.long	0x46652323
+	.long	0x9d5ec3c3
+	.long	0x30281818
+	.long	0x37a19696
+	.long	0x0a0f0505
+	.long	0x2fb59a9a
+	.long	0x0e090707
+	.long	0x24361212
+	.long	0x1b9b8080
+	.long	0xdf3de2e2
+	.long	0xcd26ebeb
+	.long	0x4e692727
+	.long	0x7fcdb2b2
+	.long	0xea9f7575
+	.long	0x121b0909
+	.long	0x1d9e8383
+	.long	0x58742c2c
+	.long	0x342e1a1a
+	.long	0x362d1b1b
+	.long	0xdcb26e6e
+	.long	0xb4ee5a5a
+	.long	0x5bfba0a0
+	.long	0xa4f65252
+	.long	0x764d3b3b
+	.long	0xb761d6d6
+	.long	0x7dceb3b3
+	.long	0x527b2929
+	.long	0xdd3ee3e3
+	.long	0x5e712f2f
+	.long	0x13978484
+	.long	0xa6f55353
+	.long	0xb968d1d1
+	.long	0x00000000
+	.long	0xc12ceded
+	.long	0x40602020
+	.long	0xe31ffcfc
+	.long	0x79c8b1b1
+	.long	0xb6ed5b5b
+	.long	0xd4be6a6a
+	.long	0x8d46cbcb
+	.long	0x67d9bebe
+	.long	0x724b3939
+	.long	0x94de4a4a
+	.long	0x98d44c4c
+	.long	0xb0e85858
+	.long	0x854acfcf
+	.long	0xbb6bd0d0
+	.long	0xc52aefef
+	.long	0x4fe5aaaa
+	.long	0xed16fbfb
+	.long	0x86c54343
+	.long	0x9ad74d4d
+	.long	0x66553333
+	.long	0x11948585
+	.long	0x8acf4545
+	.long	0xe910f9f9
+	.long	0x04060202
+	.long	0xfe817f7f
+	.long	0xa0f05050
+	.long	0x78443c3c
+	.long	0x25ba9f9f
+	.long	0x4be3a8a8
+	.long	0xa2f35151
+	.long	0x5dfea3a3
+	.long	0x80c04040
+	.long	0x058a8f8f
+	.long	0x3fad9292
+	.long	0x21bc9d9d
+	.long	0x70483838
+	.long	0xf104f5f5
+	.long	0x63dfbcbc
+	.long	0x77c1b6b6
+	.long	0xaf75dada
+	.long	0x42632121
+	.long	0x20301010
+	.long	0xe51affff
+	.long	0xfd0ef3f3
+	.long	0xbf6dd2d2
+	.long	0x814ccdcd
+	.long	0x18140c0c
+	.long	0x26351313
+	.long	0xc32fecec
+	.long	0xbee15f5f
+	.long	0x35a29797
+	.long	0x88cc4444
+	.long	0x2e391717
+	.long	0x9357c4c4
+	.long	0x55f2a7a7
+	.long	0xfc827e7e
+	.long	0x7a473d3d
+	.long	0xc8ac6464
+	.long	0xbae75d5d
+	.long	0x322b1919
+	.long	0xe6957373
+	.long	0xc0a06060
+	.long	0x19988181
+	.long	0x9ed14f4f
+	.long	0xa37fdcdc
+	.long	0x44662222
+	.long	0x547e2a2a
+	.long	0x3bab9090
+	.long	0x0b838888
+	.long	0x8cca4646
+	.long	0xc729eeee
+	.long	0x6bd3b8b8
+	.long	0x283c1414
+	.long	0xa779dede
+	.long	0xbce25e5e
+	.long	0x161d0b0b
+	.long	0xad76dbdb
+	.long	0xdb3be0e0
+	.long	0x64563232
+	.long	0x744e3a3a
+	.long	0x141e0a0a
+	.long	0x92db4949
+	.long	0x0c0a0606
+	.long	0x486c2424
+	.long	0xb8e45c5c
+	.long	0x9f5dc2c2
+	.long	0xbd6ed3d3
+	.long	0x43efacac
+	.long	0xc4a66262
+	.long	0x39a89191
+	.long	0x31a49595
+	.long	0xd337e4e4
+	.long	0xf28b7979
+	.long	0xd532e7e7
+	.long	0x8b43c8c8
+	.long	0x6e593737
+	.long	0xdab76d6d
+	.long	0x018c8d8d
+	.long	0xb164d5d5
+	.long	0x9cd24e4e
+	.long	0x49e0a9a9
+	.long	0xd8b46c6c
+	.long	0xacfa5656
+	.long	0xf307f4f4
+	.long	0xcf25eaea
+	.long	0xcaaf6565
+	.long	0xf48e7a7a
+	.long	0x47e9aeae
+	.long	0x10180808
+	.long	0x6fd5baba
+	.long	0xf0887878
+	.long	0x4a6f2525
+	.long	0x5c722e2e
+	.long	0x38241c1c
+	.long	0x57f1a6a6
+	.long	0x73c7b4b4
+	.long	0x9751c6c6
+	.long	0xcb23e8e8
+	.long	0xa17cdddd
+	.long	0xe89c7474
+	.long	0x3e211f1f
+	.long	0x96dd4b4b
+	.long	0x61dcbdbd
+	.long	0x0d868b8b
+	.long	0x0f858a8a
+	.long	0xe0907070
+	.long	0x7c423e3e
+	.long	0x71c4b5b5
+	.long	0xccaa6666
+	.long	0x90d84848
+	.long	0x06050303
+	.long	0xf701f6f6
+	.long	0x1c120e0e
+	.long	0xc2a36161
+	.long	0x6a5f3535
+	.long	0xaef95757
+	.long	0x69d0b9b9
+	.long	0x17918686
+	.long	0x9958c1c1
+	.long	0x3a271d1d
+	.long	0x27b99e9e
+	.long	0xd938e1e1
+	.long	0xeb13f8f8
+	.long	0x2bb39898
+	.long	0x22331111
+	.long	0xd2bb6969
+	.long	0xa970d9d9
+	.long	0x07898e8e
+	.long	0x33a79494
+	.long	0x2db69b9b
+	.long	0x3c221e1e
+	.long	0x15928787
+	.long	0xc920e9e9
+	.long	0x8749cece
+	.long	0xaaff5555
+	.long	0x50782828
+	.long	0xa57adfdf
+	.long	0x038f8c8c
+	.long	0x59f8a1a1
+	.long	0x09808989
+	.long	0x1a170d0d
+	.long	0x65dabfbf
+	.long	0xd731e6e6
+	.long	0x84c64242
+	.long	0xd0b86868
+	.long	0x82c34141
+	.long	0x29b09999
+	.long	0x5a772d2d
+	.long	0x1e110f0f
+	.long	0x7bcbb0b0
+	.long	0xa8fc5454
+	.long	0x6dd6bbbb
+	.long	0x2c3a1616
+
+
+// Tables for main decryption iterations.
+	.globl	_AESDecryptTable
+	.private_extern	_AESDecryptTable
+	.align	2
+_AESDecryptTable:
+	// Table 0.
+	.long	0x50a7f451
+	.long	0x5365417e
+	.long	0xc3a4171a
+	.long	0x965e273a
+	.long	0xcb6bab3b
+	.long	0xf1459d1f
+	.long	0xab58faac
+	.long	0x9303e34b
+	.long	0x55fa3020
+	.long	0xf66d76ad
+	.long	0x9176cc88
+	.long	0x254c02f5
+	.long	0xfcd7e54f
+	.long	0xd7cb2ac5
+	.long	0x80443526
+	.long	0x8fa362b5
+	.long	0x495ab1de
+	.long	0x671bba25
+	.long	0x980eea45
+	.long	0xe1c0fe5d
+	.long	0x02752fc3
+	.long	0x12f04c81
+	.long	0xa397468d
+	.long	0xc6f9d36b
+	.long	0xe75f8f03
+	.long	0x959c9215
+	.long	0xeb7a6dbf
+	.long	0xda595295
+	.long	0x2d83bed4
+	.long	0xd3217458
+	.long	0x2969e049
+	.long	0x44c8c98e
+	.long	0x6a89c275
+	.long	0x78798ef4
+	.long	0x6b3e5899
+	.long	0xdd71b927
+	.long	0xb64fe1be
+	.long	0x17ad88f0
+	.long	0x66ac20c9
+	.long	0xb43ace7d
+	.long	0x184adf63
+	.long	0x82311ae5
+	.long	0x60335197
+	.long	0x457f5362
+	.long	0xe07764b1
+	.long	0x84ae6bbb
+	.long	0x1ca081fe
+	.long	0x942b08f9
+	.long	0x58684870
+	.long	0x19fd458f
+	.long	0x876cde94
+	.long	0xb7f87b52
+	.long	0x23d373ab
+	.long	0xe2024b72
+	.long	0x578f1fe3
+	.long	0x2aab5566
+	.long	0x0728ebb2
+	.long	0x03c2b52f
+	.long	0x9a7bc586
+	.long	0xa50837d3
+	.long	0xf2872830
+	.long	0xb2a5bf23
+	.long	0xba6a0302
+	.long	0x5c8216ed
+	.long	0x2b1ccf8a
+	.long	0x92b479a7
+	.long	0xf0f207f3
+	.long	0xa1e2694e
+	.long	0xcdf4da65
+	.long	0xd5be0506
+	.long	0x1f6234d1
+	.long	0x8afea6c4
+	.long	0x9d532e34
+	.long	0xa055f3a2
+	.long	0x32e18a05
+	.long	0x75ebf6a4
+	.long	0x39ec830b
+	.long	0xaaef6040
+	.long	0x069f715e
+	.long	0x51106ebd
+	.long	0xf98a213e
+	.long	0x3d06dd96
+	.long	0xae053edd
+	.long	0x46bde64d
+	.long	0xb58d5491
+	.long	0x055dc471
+	.long	0x6fd40604
+	.long	0xff155060
+	.long	0x24fb9819
+	.long	0x97e9bdd6
+	.long	0xcc434089
+	.long	0x779ed967
+	.long	0xbd42e8b0
+	.long	0x888b8907
+	.long	0x385b19e7
+	.long	0xdbeec879
+	.long	0x470a7ca1
+	.long	0xe90f427c
+	.long	0xc91e84f8
+	.long	0x00000000
+	.long	0x83868009
+	.long	0x48ed2b32
+	.long	0xac70111e
+	.long	0x4e725a6c
+	.long	0xfbff0efd
+	.long	0x5638850f
+	.long	0x1ed5ae3d
+	.long	0x27392d36
+	.long	0x64d90f0a
+	.long	0x21a65c68
+	.long	0xd1545b9b
+	.long	0x3a2e3624
+	.long	0xb1670a0c
+	.long	0x0fe75793
+	.long	0xd296eeb4
+	.long	0x9e919b1b
+	.long	0x4fc5c080
+	.long	0xa220dc61
+	.long	0x694b775a
+	.long	0x161a121c
+	.long	0x0aba93e2
+	.long	0xe52aa0c0
+	.long	0x43e0223c
+	.long	0x1d171b12
+	.long	0x0b0d090e
+	.long	0xadc78bf2
+	.long	0xb9a8b62d
+	.long	0xc8a91e14
+	.long	0x8519f157
+	.long	0x4c0775af
+	.long	0xbbdd99ee
+	.long	0xfd607fa3
+	.long	0x9f2601f7
+	.long	0xbcf5725c
+	.long	0xc53b6644
+	.long	0x347efb5b
+	.long	0x7629438b
+	.long	0xdcc623cb
+	.long	0x68fcedb6
+	.long	0x63f1e4b8
+	.long	0xcadc31d7
+	.long	0x10856342
+	.long	0x40229713
+	.long	0x2011c684
+	.long	0x7d244a85
+	.long	0xf83dbbd2
+	.long	0x1132f9ae
+	.long	0x6da129c7
+	.long	0x4b2f9e1d
+	.long	0xf330b2dc
+	.long	0xec52860d
+	.long	0xd0e3c177
+	.long	0x6c16b32b
+	.long	0x99b970a9
+	.long	0xfa489411
+	.long	0x2264e947
+	.long	0xc48cfca8
+	.long	0x1a3ff0a0
+	.long	0xd82c7d56
+	.long	0xef903322
+	.long	0xc74e4987
+	.long	0xc1d138d9
+	.long	0xfea2ca8c
+	.long	0x360bd498
+	.long	0xcf81f5a6
+	.long	0x28de7aa5
+	.long	0x268eb7da
+	.long	0xa4bfad3f
+	.long	0xe49d3a2c
+	.long	0x0d927850
+	.long	0x9bcc5f6a
+	.long	0x62467e54
+	.long	0xc2138df6
+	.long	0xe8b8d890
+	.long	0x5ef7392e
+	.long	0xf5afc382
+	.long	0xbe805d9f
+	.long	0x7c93d069
+	.long	0xa92dd56f
+	.long	0xb31225cf
+	.long	0x3b99acc8
+	.long	0xa77d1810
+	.long	0x6e639ce8
+	.long	0x7bbb3bdb
+	.long	0x097826cd
+	.long	0xf418596e
+	.long	0x01b79aec
+	.long	0xa89a4f83
+	.long	0x656e95e6
+	.long	0x7ee6ffaa
+	.long	0x08cfbc21
+	.long	0xe6e815ef
+	.long	0xd99be7ba
+	.long	0xce366f4a
+	.long	0xd4099fea
+	.long	0xd67cb029
+	.long	0xafb2a431
+	.long	0x31233f2a
+	.long	0x3094a5c6
+	.long	0xc066a235
+	.long	0x37bc4e74
+	.long	0xa6ca82fc
+	.long	0xb0d090e0
+	.long	0x15d8a733
+	.long	0x4a9804f1
+	.long	0xf7daec41
+	.long	0x0e50cd7f
+	.long	0x2ff69117
+	.long	0x8dd64d76
+	.long	0x4db0ef43
+	.long	0x544daacc
+	.long	0xdf0496e4
+	.long	0xe3b5d19e
+	.long	0x1b886a4c
+	.long	0xb81f2cc1
+	.long	0x7f516546
+	.long	0x04ea5e9d
+	.long	0x5d358c01
+	.long	0x737487fa
+	.long	0x2e410bfb
+	.long	0x5a1d67b3
+	.long	0x52d2db92
+	.long	0x335610e9
+	.long	0x1347d66d
+	.long	0x8c61d79a
+	.long	0x7a0ca137
+	.long	0x8e14f859
+	.long	0x893c13eb
+	.long	0xee27a9ce
+	.long	0x35c961b7
+	.long	0xede51ce1
+	.long	0x3cb1477a
+	.long	0x59dfd29c
+	.long	0x3f73f255
+	.long	0x79ce1418
+	.long	0xbf37c773
+	.long	0xeacdf753
+	.long	0x5baafd5f
+	.long	0x146f3ddf
+	.long	0x86db4478
+	.long	0x81f3afca
+	.long	0x3ec468b9
+	.long	0x2c342438
+	.long	0x5f40a3c2
+	.long	0x72c31d16
+	.long	0x0c25e2bc
+	.long	0x8b493c28
+	.long	0x41950dff
+	.long	0x7101a839
+	.long	0xdeb30c08
+	.long	0x9ce4b4d8
+	.long	0x90c15664
+	.long	0x6184cb7b
+	.long	0x70b632d5
+	.long	0x745c6c48
+	.long	0x4257b8d0
+	// Table 1.
+	.long	0xa7f45150
+	.long	0x65417e53
+	.long	0xa4171ac3
+	.long	0x5e273a96
+	.long	0x6bab3bcb
+	.long	0x459d1ff1
+	.long	0x58faacab
+	.long	0x03e34b93
+	.long	0xfa302055
+	.long	0x6d76adf6
+	.long	0x76cc8891
+	.long	0x4c02f525
+	.long	0xd7e54ffc
+	.long	0xcb2ac5d7
+	.long	0x44352680
+	.long	0xa362b58f
+	.long	0x5ab1de49
+	.long	0x1bba2567
+	.long	0x0eea4598
+	.long	0xc0fe5de1
+	.long	0x752fc302
+	.long	0xf04c8112
+	.long	0x97468da3
+	.long	0xf9d36bc6
+	.long	0x5f8f03e7
+	.long	0x9c921595
+	.long	0x7a6dbfeb
+	.long	0x595295da
+	.long	0x83bed42d
+	.long	0x217458d3
+	.long	0x69e04929
+	.long	0xc8c98e44
+	.long	0x89c2756a
+	.long	0x798ef478
+	.long	0x3e58996b
+	.long	0x71b927dd
+	.long	0x4fe1beb6
+	.long	0xad88f017
+	.long	0xac20c966
+	.long	0x3ace7db4
+	.long	0x4adf6318
+	.long	0x311ae582
+	.long	0x33519760
+	.long	0x7f536245
+	.long	0x7764b1e0
+	.long	0xae6bbb84
+	.long	0xa081fe1c
+	.long	0x2b08f994
+	.long	0x68487058
+	.long	0xfd458f19
+	.long	0x6cde9487
+	.long	0xf87b52b7
+	.long	0xd373ab23
+	.long	0x024b72e2
+	.long	0x8f1fe357
+	.long	0xab55662a
+	.long	0x28ebb207
+	.long	0xc2b52f03
+	.long	0x7bc5869a
+	.long	0x0837d3a5
+	.long	0x872830f2
+	.long	0xa5bf23b2
+	.long	0x6a0302ba
+	.long	0x8216ed5c
+	.long	0x1ccf8a2b
+	.long	0xb479a792
+	.long	0xf207f3f0
+	.long	0xe2694ea1
+	.long	0xf4da65cd
+	.long	0xbe0506d5
+	.long	0x6234d11f
+	.long	0xfea6c48a
+	.long	0x532e349d
+	.long	0x55f3a2a0
+	.long	0xe18a0532
+	.long	0xebf6a475
+	.long	0xec830b39
+	.long	0xef6040aa
+	.long	0x9f715e06
+	.long	0x106ebd51
+	.long	0x8a213ef9
+	.long	0x06dd963d
+	.long	0x053eddae
+	.long	0xbde64d46
+	.long	0x8d5491b5
+	.long	0x5dc47105
+	.long	0xd406046f
+	.long	0x155060ff
+	.long	0xfb981924
+	.long	0xe9bdd697
+	.long	0x434089cc
+	.long	0x9ed96777
+	.long	0x42e8b0bd
+	.long	0x8b890788
+	.long	0x5b19e738
+	.long	0xeec879db
+	.long	0x0a7ca147
+	.long	0x0f427ce9
+	.long	0x1e84f8c9
+	.long	0x00000000
+	.long	0x86800983
+	.long	0xed2b3248
+	.long	0x70111eac
+	.long	0x725a6c4e
+	.long	0xff0efdfb
+	.long	0x38850f56
+	.long	0xd5ae3d1e
+	.long	0x392d3627
+	.long	0xd90f0a64
+	.long	0xa65c6821
+	.long	0x545b9bd1
+	.long	0x2e36243a
+	.long	0x670a0cb1
+	.long	0xe757930f
+	.long	0x96eeb4d2
+	.long	0x919b1b9e
+	.long	0xc5c0804f
+	.long	0x20dc61a2
+	.long	0x4b775a69
+	.long	0x1a121c16
+	.long	0xba93e20a
+	.long	0x2aa0c0e5
+	.long	0xe0223c43
+	.long	0x171b121d
+	.long	0x0d090e0b
+	.long	0xc78bf2ad
+	.long	0xa8b62db9
+	.long	0xa91e14c8
+	.long	0x19f15785
+	.long	0x0775af4c
+	.long	0xdd99eebb
+	.long	0x607fa3fd
+	.long	0x2601f79f
+	.long	0xf5725cbc
+	.long	0x3b6644c5
+	.long	0x7efb5b34
+	.long	0x29438b76
+	.long	0xc623cbdc
+	.long	0xfcedb668
+	.long	0xf1e4b863
+	.long	0xdc31d7ca
+	.long	0x85634210
+	.long	0x22971340
+	.long	0x11c68420
+	.long	0x244a857d
+	.long	0x3dbbd2f8
+	.long	0x32f9ae11
+	.long	0xa129c76d
+	.long	0x2f9e1d4b
+	.long	0x30b2dcf3
+	.long	0x52860dec
+	.long	0xe3c177d0
+	.long	0x16b32b6c
+	.long	0xb970a999
+	.long	0x489411fa
+	.long	0x64e94722
+	.long	0x8cfca8c4
+	.long	0x3ff0a01a
+	.long	0x2c7d56d8
+	.long	0x903322ef
+	.long	0x4e4987c7
+	.long	0xd138d9c1
+	.long	0xa2ca8cfe
+	.long	0x0bd49836
+	.long	0x81f5a6cf
+	.long	0xde7aa528
+	.long	0x8eb7da26
+	.long	0xbfad3fa4
+	.long	0x9d3a2ce4
+	.long	0x9278500d
+	.long	0xcc5f6a9b
+	.long	0x467e5462
+	.long	0x138df6c2
+	.long	0xb8d890e8
+	.long	0xf7392e5e
+	.long	0xafc382f5
+	.long	0x805d9fbe
+	.long	0x93d0697c
+	.long	0x2dd56fa9
+	.long	0x1225cfb3
+	.long	0x99acc83b
+	.long	0x7d1810a7
+	.long	0x639ce86e
+	.long	0xbb3bdb7b
+	.long	0x7826cd09
+	.long	0x18596ef4
+	.long	0xb79aec01
+	.long	0x9a4f83a8
+	.long	0x6e95e665
+	.long	0xe6ffaa7e
+	.long	0xcfbc2108
+	.long	0xe815efe6
+	.long	0x9be7bad9
+	.long	0x366f4ace
+	.long	0x099fead4
+	.long	0x7cb029d6
+	.long	0xb2a431af
+	.long	0x233f2a31
+	.long	0x94a5c630
+	.long	0x66a235c0
+	.long	0xbc4e7437
+	.long	0xca82fca6
+	.long	0xd090e0b0
+	.long	0xd8a73315
+	.long	0x9804f14a
+	.long	0xdaec41f7
+	.long	0x50cd7f0e
+	.long	0xf691172f
+	.long	0xd64d768d
+	.long	0xb0ef434d
+	.long	0x4daacc54
+	.long	0x0496e4df
+	.long	0xb5d19ee3
+	.long	0x886a4c1b
+	.long	0x1f2cc1b8
+	.long	0x5165467f
+	.long	0xea5e9d04
+	.long	0x358c015d
+	.long	0x7487fa73
+	.long	0x410bfb2e
+	.long	0x1d67b35a
+	.long	0xd2db9252
+	.long	0x5610e933
+	.long	0x47d66d13
+	.long	0x61d79a8c
+	.long	0x0ca1377a
+	.long	0x14f8598e
+	.long	0x3c13eb89
+	.long	0x27a9ceee
+	.long	0xc961b735
+	.long	0xe51ce1ed
+	.long	0xb1477a3c
+	.long	0xdfd29c59
+	.long	0x73f2553f
+	.long	0xce141879
+	.long	0x37c773bf
+	.long	0xcdf753ea
+	.long	0xaafd5f5b
+	.long	0x6f3ddf14
+	.long	0xdb447886
+	.long	0xf3afca81
+	.long	0xc468b93e
+	.long	0x3424382c
+	.long	0x40a3c25f
+	.long	0xc31d1672
+	.long	0x25e2bc0c
+	.long	0x493c288b
+	.long	0x950dff41
+	.long	0x01a83971
+	.long	0xb30c08de
+	.long	0xe4b4d89c
+	.long	0xc1566490
+	.long	0x84cb7b61
+	.long	0xb632d570
+	.long	0x5c6c4874
+	.long	0x57b8d042
+	// Table 2.
+	.long	0xf45150a7
+	.long	0x417e5365
+	.long	0x171ac3a4
+	.long	0x273a965e
+	.long	0xab3bcb6b
+	.long	0x9d1ff145
+	.long	0xfaacab58
+	.long	0xe34b9303
+	.long	0x302055fa
+	.long	0x76adf66d
+	.long	0xcc889176
+	.long	0x02f5254c
+	.long	0xe54ffcd7
+	.long	0x2ac5d7cb
+	.long	0x35268044
+	.long	0x62b58fa3
+	.long	0xb1de495a
+	.long	0xba25671b
+	.long	0xea45980e
+	.long	0xfe5de1c0
+	.long	0x2fc30275
+	.long	0x4c8112f0
+	.long	0x468da397
+	.long	0xd36bc6f9
+	.long	0x8f03e75f
+	.long	0x9215959c
+	.long	0x6dbfeb7a
+	.long	0x5295da59
+	.long	0xbed42d83
+	.long	0x7458d321
+	.long	0xe0492969
+	.long	0xc98e44c8
+	.long	0xc2756a89
+	.long	0x8ef47879
+	.long	0x58996b3e
+	.long	0xb927dd71
+	.long	0xe1beb64f
+	.long	0x88f017ad
+	.long	0x20c966ac
+	.long	0xce7db43a
+	.long	0xdf63184a
+	.long	0x1ae58231
+	.long	0x51976033
+	.long	0x5362457f
+	.long	0x64b1e077
+	.long	0x6bbb84ae
+	.long	0x81fe1ca0
+	.long	0x08f9942b
+	.long	0x48705868
+	.long	0x458f19fd
+	.long	0xde94876c
+	.long	0x7b52b7f8
+	.long	0x73ab23d3
+	.long	0x4b72e202
+	.long	0x1fe3578f
+	.long	0x55662aab
+	.long	0xebb20728
+	.long	0xb52f03c2
+	.long	0xc5869a7b
+	.long	0x37d3a508
+	.long	0x2830f287
+	.long	0xbf23b2a5
+	.long	0x0302ba6a
+	.long	0x16ed5c82
+	.long	0xcf8a2b1c
+	.long	0x79a792b4
+	.long	0x07f3f0f2
+	.long	0x694ea1e2
+	.long	0xda65cdf4
+	.long	0x0506d5be
+	.long	0x34d11f62
+	.long	0xa6c48afe
+	.long	0x2e349d53
+	.long	0xf3a2a055
+	.long	0x8a0532e1
+	.long	0xf6a475eb
+	.long	0x830b39ec
+	.long	0x6040aaef
+	.long	0x715e069f
+	.long	0x6ebd5110
+	.long	0x213ef98a
+	.long	0xdd963d06
+	.long	0x3eddae05
+	.long	0xe64d46bd
+	.long	0x5491b58d
+	.long	0xc471055d
+	.long	0x06046fd4
+	.long	0x5060ff15
+	.long	0x981924fb
+	.long	0xbdd697e9
+	.long	0x4089cc43
+	.long	0xd967779e
+	.long	0xe8b0bd42
+	.long	0x8907888b
+	.long	0x19e7385b
+	.long	0xc879dbee
+	.long	0x7ca1470a
+	.long	0x427ce90f
+	.long	0x84f8c91e
+	.long	0x00000000
+	.long	0x80098386
+	.long	0x2b3248ed
+	.long	0x111eac70
+	.long	0x5a6c4e72
+	.long	0x0efdfbff
+	.long	0x850f5638
+	.long	0xae3d1ed5
+	.long	0x2d362739
+	.long	0x0f0a64d9
+	.long	0x5c6821a6
+	.long	0x5b9bd154
+	.long	0x36243a2e
+	.long	0x0a0cb167
+	.long	0x57930fe7
+	.long	0xeeb4d296
+	.long	0x9b1b9e91
+	.long	0xc0804fc5
+	.long	0xdc61a220
+	.long	0x775a694b
+	.long	0x121c161a
+	.long	0x93e20aba
+	.long	0xa0c0e52a
+	.long	0x223c43e0
+	.long	0x1b121d17
+	.long	0x090e0b0d
+	.long	0x8bf2adc7
+	.long	0xb62db9a8
+	.long	0x1e14c8a9
+	.long	0xf1578519
+	.long	0x75af4c07
+	.long	0x99eebbdd
+	.long	0x7fa3fd60
+	.long	0x01f79f26
+	.long	0x725cbcf5
+	.long	0x6644c53b
+	.long	0xfb5b347e
+	.long	0x438b7629
+	.long	0x23cbdcc6
+	.long	0xedb668fc
+	.long	0xe4b863f1
+	.long	0x31d7cadc
+	.long	0x63421085
+	.long	0x97134022
+	.long	0xc6842011
+	.long	0x4a857d24
+	.long	0xbbd2f83d
+	.long	0xf9ae1132
+	.long	0x29c76da1
+	.long	0x9e1d4b2f
+	.long	0xb2dcf330
+	.long	0x860dec52
+	.long	0xc177d0e3
+	.long	0xb32b6c16
+	.long	0x70a999b9
+	.long	0x9411fa48
+	.long	0xe9472264
+	.long	0xfca8c48c
+	.long	0xf0a01a3f
+	.long	0x7d56d82c
+	.long	0x3322ef90
+	.long	0x4987c74e
+	.long	0x38d9c1d1
+	.long	0xca8cfea2
+	.long	0xd498360b
+	.long	0xf5a6cf81
+	.long	0x7aa528de
+	.long	0xb7da268e
+	.long	0xad3fa4bf
+	.long	0x3a2ce49d
+	.long	0x78500d92
+	.long	0x5f6a9bcc
+	.long	0x7e546246
+	.long	0x8df6c213
+	.long	0xd890e8b8
+	.long	0x392e5ef7
+	.long	0xc382f5af
+	.long	0x5d9fbe80
+	.long	0xd0697c93
+	.long	0xd56fa92d
+	.long	0x25cfb312
+	.long	0xacc83b99
+	.long	0x1810a77d
+	.long	0x9ce86e63
+	.long	0x3bdb7bbb
+	.long	0x26cd0978
+	.long	0x596ef418
+	.long	0x9aec01b7
+	.long	0x4f83a89a
+	.long	0x95e6656e
+	.long	0xffaa7ee6
+	.long	0xbc2108cf
+	.long	0x15efe6e8
+	.long	0xe7bad99b
+	.long	0x6f4ace36
+	.long	0x9fead409
+	.long	0xb029d67c
+	.long	0xa431afb2
+	.long	0x3f2a3123
+	.long	0xa5c63094
+	.long	0xa235c066
+	.long	0x4e7437bc
+	.long	0x82fca6ca
+	.long	0x90e0b0d0
+	.long	0xa73315d8
+	.long	0x04f14a98
+	.long	0xec41f7da
+	.long	0xcd7f0e50
+	.long	0x91172ff6
+	.long	0x4d768dd6
+	.long	0xef434db0
+	.long	0xaacc544d
+	.long	0x96e4df04
+	.long	0xd19ee3b5
+	.long	0x6a4c1b88
+	.long	0x2cc1b81f
+	.long	0x65467f51
+	.long	0x5e9d04ea
+	.long	0x8c015d35
+	.long	0x87fa7374
+	.long	0x0bfb2e41
+	.long	0x67b35a1d
+	.long	0xdb9252d2
+	.long	0x10e93356
+	.long	0xd66d1347
+	.long	0xd79a8c61
+	.long	0xa1377a0c
+	.long	0xf8598e14
+	.long	0x13eb893c
+	.long	0xa9ceee27
+	.long	0x61b735c9
+	.long	0x1ce1ede5
+	.long	0x477a3cb1
+	.long	0xd29c59df
+	.long	0xf2553f73
+	.long	0x141879ce
+	.long	0xc773bf37
+	.long	0xf753eacd
+	.long	0xfd5f5baa
+	.long	0x3ddf146f
+	.long	0x447886db
+	.long	0xafca81f3
+	.long	0x68b93ec4
+	.long	0x24382c34
+	.long	0xa3c25f40
+	.long	0x1d1672c3
+	.long	0xe2bc0c25
+	.long	0x3c288b49
+	.long	0x0dff4195
+	.long	0xa8397101
+	.long	0x0c08deb3
+	.long	0xb4d89ce4
+	.long	0x566490c1
+	.long	0xcb7b6184
+	.long	0x32d570b6
+	.long	0x6c48745c
+	.long	0xb8d04257
+	// Table 3.
+	.long	0x5150a7f4
+	.long	0x7e536541
+	.long	0x1ac3a417
+	.long	0x3a965e27
+	.long	0x3bcb6bab
+	.long	0x1ff1459d
+	.long	0xacab58fa
+	.long	0x4b9303e3
+	.long	0x2055fa30
+	.long	0xadf66d76
+	.long	0x889176cc
+	.long	0xf5254c02
+	.long	0x4ffcd7e5
+	.long	0xc5d7cb2a
+	.long	0x26804435
+	.long	0xb58fa362
+	.long	0xde495ab1
+	.long	0x25671bba
+	.long	0x45980eea
+	.long	0x5de1c0fe
+	.long	0xc302752f
+	.long	0x8112f04c
+	.long	0x8da39746
+	.long	0x6bc6f9d3
+	.long	0x03e75f8f
+	.long	0x15959c92
+	.long	0xbfeb7a6d
+	.long	0x95da5952
+	.long	0xd42d83be
+	.long	0x58d32174
+	.long	0x492969e0
+	.long	0x8e44c8c9
+	.long	0x756a89c2
+	.long	0xf478798e
+	.long	0x996b3e58
+	.long	0x27dd71b9
+	.long	0xbeb64fe1
+	.long	0xf017ad88
+	.long	0xc966ac20
+	.long	0x7db43ace
+	.long	0x63184adf
+	.long	0xe582311a
+	.long	0x97603351
+	.long	0x62457f53
+	.long	0xb1e07764
+	.long	0xbb84ae6b
+	.long	0xfe1ca081
+	.long	0xf9942b08
+	.long	0x70586848
+	.long	0x8f19fd45
+	.long	0x94876cde
+	.long	0x52b7f87b
+	.long	0xab23d373
+	.long	0x72e2024b
+	.long	0xe3578f1f
+	.long	0x662aab55
+	.long	0xb20728eb
+	.long	0x2f03c2b5
+	.long	0x869a7bc5
+	.long	0xd3a50837
+	.long	0x30f28728
+	.long	0x23b2a5bf
+	.long	0x02ba6a03
+	.long	0xed5c8216
+	.long	0x8a2b1ccf
+	.long	0xa792b479
+	.long	0xf3f0f207
+	.long	0x4ea1e269
+	.long	0x65cdf4da
+	.long	0x06d5be05
+	.long	0xd11f6234
+	.long	0xc48afea6
+	.long	0x349d532e
+	.long	0xa2a055f3
+	.long	0x0532e18a
+	.long	0xa475ebf6
+	.long	0x0b39ec83
+	.long	0x40aaef60
+	.long	0x5e069f71
+	.long	0xbd51106e
+	.long	0x3ef98a21
+	.long	0x963d06dd
+	.long	0xddae053e
+	.long	0x4d46bde6
+	.long	0x91b58d54
+	.long	0x71055dc4
+	.long	0x046fd406
+	.long	0x60ff1550
+	.long	0x1924fb98
+	.long	0xd697e9bd
+	.long	0x89cc4340
+	.long	0x67779ed9
+	.long	0xb0bd42e8
+	.long	0x07888b89
+	.long	0xe7385b19
+	.long	0x79dbeec8
+	.long	0xa1470a7c
+	.long	0x7ce90f42
+	.long	0xf8c91e84
+	.long	0x00000000
+	.long	0x09838680
+	.long	0x3248ed2b
+	.long	0x1eac7011
+	.long	0x6c4e725a
+	.long	0xfdfbff0e
+	.long	0x0f563885
+	.long	0x3d1ed5ae
+	.long	0x3627392d
+	.long	0x0a64d90f
+	.long	0x6821a65c
+	.long	0x9bd1545b
+	.long	0x243a2e36
+	.long	0x0cb1670a
+	.long	0x930fe757
+	.long	0xb4d296ee
+	.long	0x1b9e919b
+	.long	0x804fc5c0
+	.long	0x61a220dc
+	.long	0x5a694b77
+	.long	0x1c161a12
+	.long	0xe20aba93
+	.long	0xc0e52aa0
+	.long	0x3c43e022
+	.long	0x121d171b
+	.long	0x0e0b0d09
+	.long	0xf2adc78b
+	.long	0x2db9a8b6
+	.long	0x14c8a91e
+	.long	0x578519f1
+	.long	0xaf4c0775
+	.long	0xeebbdd99
+	.long	0xa3fd607f
+	.long	0xf79f2601
+	.long	0x5cbcf572
+	.long	0x44c53b66
+	.long	0x5b347efb
+	.long	0x8b762943
+	.long	0xcbdcc623
+	.long	0xb668fced
+	.long	0xb863f1e4
+	.long	0xd7cadc31
+	.long	0x42108563
+	.long	0x13402297
+	.long	0x842011c6
+	.long	0x857d244a
+	.long	0xd2f83dbb
+	.long	0xae1132f9
+	.long	0xc76da129
+	.long	0x1d4b2f9e
+	.long	0xdcf330b2
+	.long	0x0dec5286
+	.long	0x77d0e3c1
+	.long	0x2b6c16b3
+	.long	0xa999b970
+	.long	0x11fa4894
+	.long	0x472264e9
+	.long	0xa8c48cfc
+	.long	0xa01a3ff0
+	.long	0x56d82c7d
+	.long	0x22ef9033
+	.long	0x87c74e49
+	.long	0xd9c1d138
+	.long	0x8cfea2ca
+	.long	0x98360bd4
+	.long	0xa6cf81f5
+	.long	0xa528de7a
+	.long	0xda268eb7
+	.long	0x3fa4bfad
+	.long	0x2ce49d3a
+	.long	0x500d9278
+	.long	0x6a9bcc5f
+	.long	0x5462467e
+	.long	0xf6c2138d
+	.long	0x90e8b8d8
+	.long	0x2e5ef739
+	.long	0x82f5afc3
+	.long	0x9fbe805d
+	.long	0x697c93d0
+	.long	0x6fa92dd5
+	.long	0xcfb31225
+	.long	0xc83b99ac
+	.long	0x10a77d18
+	.long	0xe86e639c
+	.long	0xdb7bbb3b
+	.long	0xcd097826
+	.long	0x6ef41859
+	.long	0xec01b79a
+	.long	0x83a89a4f
+	.long	0xe6656e95
+	.long	0xaa7ee6ff
+	.long	0x2108cfbc
+	.long	0xefe6e815
+	.long	0xbad99be7
+	.long	0x4ace366f
+	.long	0xead4099f
+	.long	0x29d67cb0
+	.long	0x31afb2a4
+	.long	0x2a31233f
+	.long	0xc63094a5
+	.long	0x35c066a2
+	.long	0x7437bc4e
+	.long	0xfca6ca82
+	.long	0xe0b0d090
+	.long	0x3315d8a7
+	.long	0xf14a9804
+	.long	0x41f7daec
+	.long	0x7f0e50cd
+	.long	0x172ff691
+	.long	0x768dd64d
+	.long	0x434db0ef
+	.long	0xcc544daa
+	.long	0xe4df0496
+	.long	0x9ee3b5d1
+	.long	0x4c1b886a
+	.long	0xc1b81f2c
+	.long	0x467f5165
+	.long	0x9d04ea5e
+	.long	0x015d358c
+	.long	0xfa737487
+	.long	0xfb2e410b
+	.long	0xb35a1d67
+	.long	0x9252d2db
+	.long	0xe9335610
+	.long	0x6d1347d6
+	.long	0x9a8c61d7
+	.long	0x377a0ca1
+	.long	0x598e14f8
+	.long	0xeb893c13
+	.long	0xceee27a9
+	.long	0xb735c961
+	.long	0xe1ede51c
+	.long	0x7a3cb147
+	.long	0x9c59dfd2
+	.long	0x553f73f2
+	.long	0x1879ce14
+	.long	0x73bf37c7
+	.long	0x53eacdf7
+	.long	0x5f5baafd
+	.long	0xdf146f3d
+	.long	0x7886db44
+	.long	0xca81f3af
+	.long	0xb93ec468
+	.long	0x382c3424
+	.long	0xc25f40a3
+	.long	0x1672c31d
+	.long	0xbc0c25e2
+	.long	0x288b493c
+	.long	0xff41950d
+	.long	0x397101a8
+	.long	0x08deb30c
+	.long	0xd89ce4b4
+	.long	0x6490c156
+	.long	0x7b6184cb
+	.long	0xd570b632
+	.long	0x48745c6c
+	.long	0xd04257b8
+
+
+// SubBytes embedded in words tables.
+	.globl	_AESSubBytesWordTable
+	.private_extern	_AESSubBytesWordTable
+	.align	2
+_AESSubBytesWordTable:
+	// Table 0.
+	.long	0x00000063
+	.long	0x0000007c
+	.long	0x00000077
+	.long	0x0000007b
+	.long	0x000000f2
+	.long	0x0000006b
+	.long	0x0000006f
+	.long	0x000000c5
+	.long	0x00000030
+	.long	0x00000001
+	.long	0x00000067
+	.long	0x0000002b
+	.long	0x000000fe
+	.long	0x000000d7
+	.long	0x000000ab
+	.long	0x00000076
+	.long	0x000000ca
+	.long	0x00000082
+	.long	0x000000c9
+	.long	0x0000007d
+	.long	0x000000fa
+	.long	0x00000059
+	.long	0x00000047
+	.long	0x000000f0
+	.long	0x000000ad
+	.long	0x000000d4
+	.long	0x000000a2
+	.long	0x000000af
+	.long	0x0000009c
+	.long	0x000000a4
+	.long	0x00000072
+	.long	0x000000c0
+	.long	0x000000b7
+	.long	0x000000fd
+	.long	0x00000093
+	.long	0x00000026
+	.long	0x00000036
+	.long	0x0000003f
+	.long	0x000000f7
+	.long	0x000000cc
+	.long	0x00000034
+	.long	0x000000a5
+	.long	0x000000e5
+	.long	0x000000f1
+	.long	0x00000071
+	.long	0x000000d8
+	.long	0x00000031
+	.long	0x00000015
+	.long	0x00000004
+	.long	0x000000c7
+	.long	0x00000023
+	.long	0x000000c3
+	.long	0x00000018
+	.long	0x00000096
+	.long	0x00000005
+	.long	0x0000009a
+	.long	0x00000007
+	.long	0x00000012
+	.long	0x00000080
+	.long	0x000000e2
+	.long	0x000000eb
+	.long	0x00000027
+	.long	0x000000b2
+	.long	0x00000075
+	.long	0x00000009
+	.long	0x00000083
+	.long	0x0000002c
+	.long	0x0000001a
+	.long	0x0000001b
+	.long	0x0000006e
+	.long	0x0000005a
+	.long	0x000000a0
+	.long	0x00000052
+	.long	0x0000003b
+	.long	0x000000d6
+	.long	0x000000b3
+	.long	0x00000029
+	.long	0x000000e3
+	.long	0x0000002f
+	.long	0x00000084
+	.long	0x00000053
+	.long	0x000000d1
+	.long	0x00000000
+	.long	0x000000ed
+	.long	0x00000020
+	.long	0x000000fc
+	.long	0x000000b1
+	.long	0x0000005b
+	.long	0x0000006a
+	.long	0x000000cb
+	.long	0x000000be
+	.long	0x00000039
+	.long	0x0000004a
+	.long	0x0000004c
+	.long	0x00000058
+	.long	0x000000cf
+	.long	0x000000d0
+	.long	0x000000ef
+	.long	0x000000aa
+	.long	0x000000fb
+	.long	0x00000043
+	.long	0x0000004d
+	.long	0x00000033
+	.long	0x00000085
+	.long	0x00000045
+	.long	0x000000f9
+	.long	0x00000002
+	.long	0x0000007f
+	.long	0x00000050
+	.long	0x0000003c
+	.long	0x0000009f
+	.long	0x000000a8
+	.long	0x00000051
+	.long	0x000000a3
+	.long	0x00000040
+	.long	0x0000008f
+	.long	0x00000092
+	.long	0x0000009d
+	.long	0x00000038
+	.long	0x000000f5
+	.long	0x000000bc
+	.long	0x000000b6
+	.long	0x000000da
+	.long	0x00000021
+	.long	0x00000010
+	.long	0x000000ff
+	.long	0x000000f3
+	.long	0x000000d2
+	.long	0x000000cd
+	.long	0x0000000c
+	.long	0x00000013
+	.long	0x000000ec
+	.long	0x0000005f
+	.long	0x00000097
+	.long	0x00000044
+	.long	0x00000017
+	.long	0x000000c4
+	.long	0x000000a7
+	.long	0x0000007e
+	.long	0x0000003d
+	.long	0x00000064
+	.long	0x0000005d
+	.long	0x00000019
+	.long	0x00000073
+	.long	0x00000060
+	.long	0x00000081
+	.long	0x0000004f
+	.long	0x000000dc
+	.long	0x00000022
+	.long	0x0000002a
+	.long	0x00000090
+	.long	0x00000088
+	.long	0x00000046
+	.long	0x000000ee
+	.long	0x000000b8
+	.long	0x00000014
+	.long	0x000000de
+	.long	0x0000005e
+	.long	0x0000000b
+	.long	0x000000db
+	.long	0x000000e0
+	.long	0x00000032
+	.long	0x0000003a
+	.long	0x0000000a
+	.long	0x00000049
+	.long	0x00000006
+	.long	0x00000024
+	.long	0x0000005c
+	.long	0x000000c2
+	.long	0x000000d3
+	.long	0x000000ac
+	.long	0x00000062
+	.long	0x00000091
+	.long	0x00000095
+	.long	0x000000e4
+	.long	0x00000079
+	.long	0x000000e7
+	.long	0x000000c8
+	.long	0x00000037
+	.long	0x0000006d
+	.long	0x0000008d
+	.long	0x000000d5
+	.long	0x0000004e
+	.long	0x000000a9
+	.long	0x0000006c
+	.long	0x00000056
+	.long	0x000000f4
+	.long	0x000000ea
+	.long	0x00000065
+	.long	0x0000007a
+	.long	0x000000ae
+	.long	0x00000008
+	.long	0x000000ba
+	.long	0x00000078
+	.long	0x00000025
+	.long	0x0000002e
+	.long	0x0000001c
+	.long	0x000000a6
+	.long	0x000000b4
+	.long	0x000000c6
+	.long	0x000000e8
+	.long	0x000000dd
+	.long	0x00000074
+	.long	0x0000001f
+	.long	0x0000004b
+	.long	0x000000bd
+	.long	0x0000008b
+	.long	0x0000008a
+	.long	0x00000070
+	.long	0x0000003e
+	.long	0x000000b5
+	.long	0x00000066
+	.long	0x00000048
+	.long	0x00000003
+	.long	0x000000f6
+	.long	0x0000000e
+	.long	0x00000061
+	.long	0x00000035
+	.long	0x00000057
+	.long	0x000000b9
+	.long	0x00000086
+	.long	0x000000c1
+	.long	0x0000001d
+	.long	0x0000009e
+	.long	0x000000e1
+	.long	0x000000f8
+	.long	0x00000098
+	.long	0x00000011
+	.long	0x00000069
+	.long	0x000000d9
+	.long	0x0000008e
+	.long	0x00000094
+	.long	0x0000009b
+	.long	0x0000001e
+	.long	0x00000087
+	.long	0x000000e9
+	.long	0x000000ce
+	.long	0x00000055
+	.long	0x00000028
+	.long	0x000000df
+	.long	0x0000008c
+	.long	0x000000a1
+	.long	0x00000089
+	.long	0x0000000d
+	.long	0x000000bf
+	.long	0x000000e6
+	.long	0x00000042
+	.long	0x00000068
+	.long	0x00000041
+	.long	0x00000099
+	.long	0x0000002d
+	.long	0x0000000f
+	.long	0x000000b0
+	.long	0x00000054
+	.long	0x000000bb
+	.long	0x00000016
+	// Table 1.
+	.long	0x00006300
+	.long	0x00007c00
+	.long	0x00007700
+	.long	0x00007b00
+	.long	0x0000f200
+	.long	0x00006b00
+	.long	0x00006f00
+	.long	0x0000c500
+	.long	0x00003000
+	.long	0x00000100
+	.long	0x00006700
+	.long	0x00002b00
+	.long	0x0000fe00
+	.long	0x0000d700
+	.long	0x0000ab00
+	.long	0x00007600
+	.long	0x0000ca00
+	.long	0x00008200
+	.long	0x0000c900
+	.long	0x00007d00
+	.long	0x0000fa00
+	.long	0x00005900
+	.long	0x00004700
+	.long	0x0000f000
+	.long	0x0000ad00
+	.long	0x0000d400
+	.long	0x0000a200
+	.long	0x0000af00
+	.long	0x00009c00
+	.long	0x0000a400
+	.long	0x00007200
+	.long	0x0000c000
+	.long	0x0000b700
+	.long	0x0000fd00
+	.long	0x00009300
+	.long	0x00002600
+	.long	0x00003600
+	.long	0x00003f00
+	.long	0x0000f700
+	.long	0x0000cc00
+	.long	0x00003400
+	.long	0x0000a500
+	.long	0x0000e500
+	.long	0x0000f100
+	.long	0x00007100
+	.long	0x0000d800
+	.long	0x00003100
+	.long	0x00001500
+	.long	0x00000400
+	.long	0x0000c700
+	.long	0x00002300
+	.long	0x0000c300
+	.long	0x00001800
+	.long	0x00009600
+	.long	0x00000500
+	.long	0x00009a00
+	.long	0x00000700
+	.long	0x00001200
+	.long	0x00008000
+	.long	0x0000e200
+	.long	0x0000eb00
+	.long	0x00002700
+	.long	0x0000b200
+	.long	0x00007500
+	.long	0x00000900
+	.long	0x00008300
+	.long	0x00002c00
+	.long	0x00001a00
+	.long	0x00001b00
+	.long	0x00006e00
+	.long	0x00005a00
+	.long	0x0000a000
+	.long	0x00005200
+	.long	0x00003b00
+	.long	0x0000d600
+	.long	0x0000b300
+	.long	0x00002900
+	.long	0x0000e300
+	.long	0x00002f00
+	.long	0x00008400
+	.long	0x00005300
+	.long	0x0000d100
+	.long	0x00000000
+	.long	0x0000ed00
+	.long	0x00002000
+	.long	0x0000fc00
+	.long	0x0000b100
+	.long	0x00005b00
+	.long	0x00006a00
+	.long	0x0000cb00
+	.long	0x0000be00
+	.long	0x00003900
+	.long	0x00004a00
+	.long	0x00004c00
+	.long	0x00005800
+	.long	0x0000cf00
+	.long	0x0000d000
+	.long	0x0000ef00
+	.long	0x0000aa00
+	.long	0x0000fb00
+	.long	0x00004300
+	.long	0x00004d00
+	.long	0x00003300
+	.long	0x00008500
+	.long	0x00004500
+	.long	0x0000f900
+	.long	0x00000200
+	.long	0x00007f00
+	.long	0x00005000
+	.long	0x00003c00
+	.long	0x00009f00
+	.long	0x0000a800
+	.long	0x00005100
+	.long	0x0000a300
+	.long	0x00004000
+	.long	0x00008f00
+	.long	0x00009200
+	.long	0x00009d00
+	.long	0x00003800
+	.long	0x0000f500
+	.long	0x0000bc00
+	.long	0x0000b600
+	.long	0x0000da00
+	.long	0x00002100
+	.long	0x00001000
+	.long	0x0000ff00
+	.long	0x0000f300
+	.long	0x0000d200
+	.long	0x0000cd00
+	.long	0x00000c00
+	.long	0x00001300
+	.long	0x0000ec00
+	.long	0x00005f00
+	.long	0x00009700
+	.long	0x00004400
+	.long	0x00001700
+	.long	0x0000c400
+	.long	0x0000a700
+	.long	0x00007e00
+	.long	0x00003d00
+	.long	0x00006400
+	.long	0x00005d00
+	.long	0x00001900
+	.long	0x00007300
+	.long	0x00006000
+	.long	0x00008100
+	.long	0x00004f00
+	.long	0x0000dc00
+	.long	0x00002200
+	.long	0x00002a00
+	.long	0x00009000
+	.long	0x00008800
+	.long	0x00004600
+	.long	0x0000ee00
+	.long	0x0000b800
+	.long	0x00001400
+	.long	0x0000de00
+	.long	0x00005e00
+	.long	0x00000b00
+	.long	0x0000db00
+	.long	0x0000e000
+	.long	0x00003200
+	.long	0x00003a00
+	.long	0x00000a00
+	.long	0x00004900
+	.long	0x00000600
+	.long	0x00002400
+	.long	0x00005c00
+	.long	0x0000c200
+	.long	0x0000d300
+	.long	0x0000ac00
+	.long	0x00006200
+	.long	0x00009100
+	.long	0x00009500
+	.long	0x0000e400
+	.long	0x00007900
+	.long	0x0000e700
+	.long	0x0000c800
+	.long	0x00003700
+	.long	0x00006d00
+	.long	0x00008d00
+	.long	0x0000d500
+	.long	0x00004e00
+	.long	0x0000a900
+	.long	0x00006c00
+	.long	0x00005600
+	.long	0x0000f400
+	.long	0x0000ea00
+	.long	0x00006500
+	.long	0x00007a00
+	.long	0x0000ae00
+	.long	0x00000800
+	.long	0x0000ba00
+	.long	0x00007800
+	.long	0x00002500
+	.long	0x00002e00
+	.long	0x00001c00
+	.long	0x0000a600
+	.long	0x0000b400
+	.long	0x0000c600
+	.long	0x0000e800
+	.long	0x0000dd00
+	.long	0x00007400
+	.long	0x00001f00
+	.long	0x00004b00
+	.long	0x0000bd00
+	.long	0x00008b00
+	.long	0x00008a00
+	.long	0x00007000
+	.long	0x00003e00
+	.long	0x0000b500
+	.long	0x00006600
+	.long	0x00004800
+	.long	0x00000300
+	.long	0x0000f600
+	.long	0x00000e00
+	.long	0x00006100
+	.long	0x00003500
+	.long	0x00005700
+	.long	0x0000b900
+	.long	0x00008600
+	.long	0x0000c100
+	.long	0x00001d00
+	.long	0x00009e00
+	.long	0x0000e100
+	.long	0x0000f800
+	.long	0x00009800
+	.long	0x00001100
+	.long	0x00006900
+	.long	0x0000d900
+	.long	0x00008e00
+	.long	0x00009400
+	.long	0x00009b00
+	.long	0x00001e00
+	.long	0x00008700
+	.long	0x0000e900
+	.long	0x0000ce00
+	.long	0x00005500
+	.long	0x00002800
+	.long	0x0000df00
+	.long	0x00008c00
+	.long	0x0000a100
+	.long	0x00008900
+	.long	0x00000d00
+	.long	0x0000bf00
+	.long	0x0000e600
+	.long	0x00004200
+	.long	0x00006800
+	.long	0x00004100
+	.long	0x00009900
+	.long	0x00002d00
+	.long	0x00000f00
+	.long	0x0000b000
+	.long	0x00005400
+	.long	0x0000bb00
+	.long	0x00001600
+	// Table 2.
+	.long	0x00630000
+	.long	0x007c0000
+	.long	0x00770000
+	.long	0x007b0000
+	.long	0x00f20000
+	.long	0x006b0000
+	.long	0x006f0000
+	.long	0x00c50000
+	.long	0x00300000
+	.long	0x00010000
+	.long	0x00670000
+	.long	0x002b0000
+	.long	0x00fe0000
+	.long	0x00d70000
+	.long	0x00ab0000
+	.long	0x00760000
+	.long	0x00ca0000
+	.long	0x00820000
+	.long	0x00c90000
+	.long	0x007d0000
+	.long	0x00fa0000
+	.long	0x00590000
+	.long	0x00470000
+	.long	0x00f00000
+	.long	0x00ad0000
+	.long	0x00d40000
+	.long	0x00a20000
+	.long	0x00af0000
+	.long	0x009c0000
+	.long	0x00a40000
+	.long	0x00720000
+	.long	0x00c00000
+	.long	0x00b70000
+	.long	0x00fd0000
+	.long	0x00930000
+	.long	0x00260000
+	.long	0x00360000
+	.long	0x003f0000
+	.long	0x00f70000
+	.long	0x00cc0000
+	.long	0x00340000
+	.long	0x00a50000
+	.long	0x00e50000
+	.long	0x00f10000
+	.long	0x00710000
+	.long	0x00d80000
+	.long	0x00310000
+	.long	0x00150000
+	.long	0x00040000
+	.long	0x00c70000
+	.long	0x00230000
+	.long	0x00c30000
+	.long	0x00180000
+	.long	0x00960000
+	.long	0x00050000
+	.long	0x009a0000
+	.long	0x00070000
+	.long	0x00120000
+	.long	0x00800000
+	.long	0x00e20000
+	.long	0x00eb0000
+	.long	0x00270000
+	.long	0x00b20000
+	.long	0x00750000
+	.long	0x00090000
+	.long	0x00830000
+	.long	0x002c0000
+	.long	0x001a0000
+	.long	0x001b0000
+	.long	0x006e0000
+	.long	0x005a0000
+	.long	0x00a00000
+	.long	0x00520000
+	.long	0x003b0000
+	.long	0x00d60000
+	.long	0x00b30000
+	.long	0x00290000
+	.long	0x00e30000
+	.long	0x002f0000
+	.long	0x00840000
+	.long	0x00530000
+	.long	0x00d10000
+	.long	0x00000000
+	.long	0x00ed0000
+	.long	0x00200000
+	.long	0x00fc0000
+	.long	0x00b10000
+	.long	0x005b0000
+	.long	0x006a0000
+	.long	0x00cb0000
+	.long	0x00be0000
+	.long	0x00390000
+	.long	0x004a0000
+	.long	0x004c0000
+	.long	0x00580000
+	.long	0x00cf0000
+	.long	0x00d00000
+	.long	0x00ef0000
+	.long	0x00aa0000
+	.long	0x00fb0000
+	.long	0x00430000
+	.long	0x004d0000
+	.long	0x00330000
+	.long	0x00850000
+	.long	0x00450000
+	.long	0x00f90000
+	.long	0x00020000
+	.long	0x007f0000
+	.long	0x00500000
+	.long	0x003c0000
+	.long	0x009f0000
+	.long	0x00a80000
+	.long	0x00510000
+	.long	0x00a30000
+	.long	0x00400000
+	.long	0x008f0000
+	.long	0x00920000
+	.long	0x009d0000
+	.long	0x00380000
+	.long	0x00f50000
+	.long	0x00bc0000
+	.long	0x00b60000
+	.long	0x00da0000
+	.long	0x00210000
+	.long	0x00100000
+	.long	0x00ff0000
+	.long	0x00f30000
+	.long	0x00d20000
+	.long	0x00cd0000
+	.long	0x000c0000
+	.long	0x00130000
+	.long	0x00ec0000
+	.long	0x005f0000
+	.long	0x00970000
+	.long	0x00440000
+	.long	0x00170000
+	.long	0x00c40000
+	.long	0x00a70000
+	.long	0x007e0000
+	.long	0x003d0000
+	.long	0x00640000
+	.long	0x005d0000
+	.long	0x00190000
+	.long	0x00730000
+	.long	0x00600000
+	.long	0x00810000
+	.long	0x004f0000
+	.long	0x00dc0000
+	.long	0x00220000
+	.long	0x002a0000
+	.long	0x00900000
+	.long	0x00880000
+	.long	0x00460000
+	.long	0x00ee0000
+	.long	0x00b80000
+	.long	0x00140000
+	.long	0x00de0000
+	.long	0x005e0000
+	.long	0x000b0000
+	.long	0x00db0000
+	.long	0x00e00000
+	.long	0x00320000
+	.long	0x003a0000
+	.long	0x000a0000
+	.long	0x00490000
+	.long	0x00060000
+	.long	0x00240000
+	.long	0x005c0000
+	.long	0x00c20000
+	.long	0x00d30000
+	.long	0x00ac0000
+	.long	0x00620000
+	.long	0x00910000
+	.long	0x00950000
+	.long	0x00e40000
+	.long	0x00790000
+	.long	0x00e70000
+	.long	0x00c80000
+	.long	0x00370000
+	.long	0x006d0000
+	.long	0x008d0000
+	.long	0x00d50000
+	.long	0x004e0000
+	.long	0x00a90000
+	.long	0x006c0000
+	.long	0x00560000
+	.long	0x00f40000
+	.long	0x00ea0000
+	.long	0x00650000
+	.long	0x007a0000
+	.long	0x00ae0000
+	.long	0x00080000
+	.long	0x00ba0000
+	.long	0x00780000
+	.long	0x00250000
+	.long	0x002e0000
+	.long	0x001c0000
+	.long	0x00a60000
+	.long	0x00b40000
+	.long	0x00c60000
+	.long	0x00e80000
+	.long	0x00dd0000
+	.long	0x00740000
+	.long	0x001f0000
+	.long	0x004b0000
+	.long	0x00bd0000
+	.long	0x008b0000
+	.long	0x008a0000
+	.long	0x00700000
+	.long	0x003e0000
+	.long	0x00b50000
+	.long	0x00660000
+	.long	0x00480000
+	.long	0x00030000
+	.long	0x00f60000
+	.long	0x000e0000
+	.long	0x00610000
+	.long	0x00350000
+	.long	0x00570000
+	.long	0x00b90000
+	.long	0x00860000
+	.long	0x00c10000
+	.long	0x001d0000
+	.long	0x009e0000
+	.long	0x00e10000
+	.long	0x00f80000
+	.long	0x00980000
+	.long	0x00110000
+	.long	0x00690000
+	.long	0x00d90000
+	.long	0x008e0000
+	.long	0x00940000
+	.long	0x009b0000
+	.long	0x001e0000
+	.long	0x00870000
+	.long	0x00e90000
+	.long	0x00ce0000
+	.long	0x00550000
+	.long	0x00280000
+	.long	0x00df0000
+	.long	0x008c0000
+	.long	0x00a10000
+	.long	0x00890000
+	.long	0x000d0000
+	.long	0x00bf0000
+	.long	0x00e60000
+	.long	0x00420000
+	.long	0x00680000
+	.long	0x00410000
+	.long	0x00990000
+	.long	0x002d0000
+	.long	0x000f0000
+	.long	0x00b00000
+	.long	0x00540000
+	.long	0x00bb0000
+	.long	0x00160000
+	// Table 3.
+	.long	0x63000000
+	.long	0x7c000000
+	.long	0x77000000
+	.long	0x7b000000
+	.long	0xf2000000
+	.long	0x6b000000
+	.long	0x6f000000
+	.long	0xc5000000
+	.long	0x30000000
+	.long	0x01000000
+	.long	0x67000000
+	.long	0x2b000000
+	.long	0xfe000000
+	.long	0xd7000000
+	.long	0xab000000
+	.long	0x76000000
+	.long	0xca000000
+	.long	0x82000000
+	.long	0xc9000000
+	.long	0x7d000000
+	.long	0xfa000000
+	.long	0x59000000
+	.long	0x47000000
+	.long	0xf0000000
+	.long	0xad000000
+	.long	0xd4000000
+	.long	0xa2000000
+	.long	0xaf000000
+	.long	0x9c000000
+	.long	0xa4000000
+	.long	0x72000000
+	.long	0xc0000000
+	.long	0xb7000000
+	.long	0xfd000000
+	.long	0x93000000
+	.long	0x26000000
+	.long	0x36000000
+	.long	0x3f000000
+	.long	0xf7000000
+	.long	0xcc000000
+	.long	0x34000000
+	.long	0xa5000000
+	.long	0xe5000000
+	.long	0xf1000000
+	.long	0x71000000
+	.long	0xd8000000
+	.long	0x31000000
+	.long	0x15000000
+	.long	0x04000000
+	.long	0xc7000000
+	.long	0x23000000
+	.long	0xc3000000
+	.long	0x18000000
+	.long	0x96000000
+	.long	0x05000000
+	.long	0x9a000000
+	.long	0x07000000
+	.long	0x12000000
+	.long	0x80000000
+	.long	0xe2000000
+	.long	0xeb000000
+	.long	0x27000000
+	.long	0xb2000000
+	.long	0x75000000
+	.long	0x09000000
+	.long	0x83000000
+	.long	0x2c000000
+	.long	0x1a000000
+	.long	0x1b000000
+	.long	0x6e000000
+	.long	0x5a000000
+	.long	0xa0000000
+	.long	0x52000000
+	.long	0x3b000000
+	.long	0xd6000000
+	.long	0xb3000000
+	.long	0x29000000
+	.long	0xe3000000
+	.long	0x2f000000
+	.long	0x84000000
+	.long	0x53000000
+	.long	0xd1000000
+	.long	0x00000000
+	.long	0xed000000
+	.long	0x20000000
+	.long	0xfc000000
+	.long	0xb1000000
+	.long	0x5b000000
+	.long	0x6a000000
+	.long	0xcb000000
+	.long	0xbe000000
+	.long	0x39000000
+	.long	0x4a000000
+	.long	0x4c000000
+	.long	0x58000000
+	.long	0xcf000000
+	.long	0xd0000000
+	.long	0xef000000
+	.long	0xaa000000
+	.long	0xfb000000
+	.long	0x43000000
+	.long	0x4d000000
+	.long	0x33000000
+	.long	0x85000000
+	.long	0x45000000
+	.long	0xf9000000
+	.long	0x02000000
+	.long	0x7f000000
+	.long	0x50000000
+	.long	0x3c000000
+	.long	0x9f000000
+	.long	0xa8000000
+	.long	0x51000000
+	.long	0xa3000000
+	.long	0x40000000
+	.long	0x8f000000
+	.long	0x92000000
+	.long	0x9d000000
+	.long	0x38000000
+	.long	0xf5000000
+	.long	0xbc000000
+	.long	0xb6000000
+	.long	0xda000000
+	.long	0x21000000
+	.long	0x10000000
+	.long	0xff000000
+	.long	0xf3000000
+	.long	0xd2000000
+	.long	0xcd000000
+	.long	0x0c000000
+	.long	0x13000000
+	.long	0xec000000
+	.long	0x5f000000
+	.long	0x97000000
+	.long	0x44000000
+	.long	0x17000000
+	.long	0xc4000000
+	.long	0xa7000000
+	.long	0x7e000000
+	.long	0x3d000000
+	.long	0x64000000
+	.long	0x5d000000
+	.long	0x19000000
+	.long	0x73000000
+	.long	0x60000000
+	.long	0x81000000
+	.long	0x4f000000
+	.long	0xdc000000
+	.long	0x22000000
+	.long	0x2a000000
+	.long	0x90000000
+	.long	0x88000000
+	.long	0x46000000
+	.long	0xee000000
+	.long	0xb8000000
+	.long	0x14000000
+	.long	0xde000000
+	.long	0x5e000000
+	.long	0x0b000000
+	.long	0xdb000000
+	.long	0xe0000000
+	.long	0x32000000
+	.long	0x3a000000
+	.long	0x0a000000
+	.long	0x49000000
+	.long	0x06000000
+	.long	0x24000000
+	.long	0x5c000000
+	.long	0xc2000000
+	.long	0xd3000000
+	.long	0xac000000
+	.long	0x62000000
+	.long	0x91000000
+	.long	0x95000000
+	.long	0xe4000000
+	.long	0x79000000
+	.long	0xe7000000
+	.long	0xc8000000
+	.long	0x37000000
+	.long	0x6d000000
+	.long	0x8d000000
+	.long	0xd5000000
+	.long	0x4e000000
+	.long	0xa9000000
+	.long	0x6c000000
+	.long	0x56000000
+	.long	0xf4000000
+	.long	0xea000000
+	.long	0x65000000
+	.long	0x7a000000
+	.long	0xae000000
+	.long	0x08000000
+	.long	0xba000000
+	.long	0x78000000
+	.long	0x25000000
+	.long	0x2e000000
+	.long	0x1c000000
+	.long	0xa6000000
+	.long	0xb4000000
+	.long	0xc6000000
+	.long	0xe8000000
+	.long	0xdd000000
+	.long	0x74000000
+	.long	0x1f000000
+	.long	0x4b000000
+	.long	0xbd000000
+	.long	0x8b000000
+	.long	0x8a000000
+	.long	0x70000000
+	.long	0x3e000000
+	.long	0xb5000000
+	.long	0x66000000
+	.long	0x48000000
+	.long	0x03000000
+	.long	0xf6000000
+	.long	0x0e000000
+	.long	0x61000000
+	.long	0x35000000
+	.long	0x57000000
+	.long	0xb9000000
+	.long	0x86000000
+	.long	0xc1000000
+	.long	0x1d000000
+	.long	0x9e000000
+	.long	0xe1000000
+	.long	0xf8000000
+	.long	0x98000000
+	.long	0x11000000
+	.long	0x69000000
+	.long	0xd9000000
+	.long	0x8e000000
+	.long	0x94000000
+	.long	0x9b000000
+	.long	0x1e000000
+	.long	0x87000000
+	.long	0xe9000000
+	.long	0xce000000
+	.long	0x55000000
+	.long	0x28000000
+	.long	0xdf000000
+	.long	0x8c000000
+	.long	0xa1000000
+	.long	0x89000000
+	.long	0x0d000000
+	.long	0xbf000000
+	.long	0xe6000000
+	.long	0x42000000
+	.long	0x68000000
+	.long	0x41000000
+	.long	0x99000000
+	.long	0x2d000000
+	.long	0x0f000000
+	.long	0xb0000000
+	.long	0x54000000
+	.long	0xbb000000
+	.long	0x16000000
+
+
+// InvSubBytes embedded in words tables.
+	.globl	_AESInvSubBytesWordTable
+	.private_extern	_AESInvSubBytesWordTable
+	.align	2
+_AESInvSubBytesWordTable:
+	// Table 0.
+	.long	0x00000052
+	.long	0x00000009
+	.long	0x0000006a
+	.long	0x000000d5
+	.long	0x00000030
+	.long	0x00000036
+	.long	0x000000a5
+	.long	0x00000038
+	.long	0x000000bf
+	.long	0x00000040
+	.long	0x000000a3
+	.long	0x0000009e
+	.long	0x00000081
+	.long	0x000000f3
+	.long	0x000000d7
+	.long	0x000000fb
+	.long	0x0000007c
+	.long	0x000000e3
+	.long	0x00000039
+	.long	0x00000082
+	.long	0x0000009b
+	.long	0x0000002f
+	.long	0x000000ff
+	.long	0x00000087
+	.long	0x00000034
+	.long	0x0000008e
+	.long	0x00000043
+	.long	0x00000044
+	.long	0x000000c4
+	.long	0x000000de
+	.long	0x000000e9
+	.long	0x000000cb
+	.long	0x00000054
+	.long	0x0000007b
+	.long	0x00000094
+	.long	0x00000032
+	.long	0x000000a6
+	.long	0x000000c2
+	.long	0x00000023
+	.long	0x0000003d
+	.long	0x000000ee
+	.long	0x0000004c
+	.long	0x00000095
+	.long	0x0000000b
+	.long	0x00000042
+	.long	0x000000fa
+	.long	0x000000c3
+	.long	0x0000004e
+	.long	0x00000008
+	.long	0x0000002e
+	.long	0x000000a1
+	.long	0x00000066
+	.long	0x00000028
+	.long	0x000000d9
+	.long	0x00000024
+	.long	0x000000b2
+	.long	0x00000076
+	.long	0x0000005b
+	.long	0x000000a2
+	.long	0x00000049
+	.long	0x0000006d
+	.long	0x0000008b
+	.long	0x000000d1
+	.long	0x00000025
+	.long	0x00000072
+	.long	0x000000f8
+	.long	0x000000f6
+	.long	0x00000064
+	.long	0x00000086
+	.long	0x00000068
+	.long	0x00000098
+	.long	0x00000016
+	.long	0x000000d4
+	.long	0x000000a4
+	.long	0x0000005c
+	.long	0x000000cc
+	.long	0x0000005d
+	.long	0x00000065
+	.long	0x000000b6
+	.long	0x00000092
+	.long	0x0000006c
+	.long	0x00000070
+	.long	0x00000048
+	.long	0x00000050
+	.long	0x000000fd
+	.long	0x000000ed
+	.long	0x000000b9
+	.long	0x000000da
+	.long	0x0000005e
+	.long	0x00000015
+	.long	0x00000046
+	.long	0x00000057
+	.long	0x000000a7
+	.long	0x0000008d
+	.long	0x0000009d
+	.long	0x00000084
+	.long	0x00000090
+	.long	0x000000d8
+	.long	0x000000ab
+	.long	0x00000000
+	.long	0x0000008c
+	.long	0x000000bc
+	.long	0x000000d3
+	.long	0x0000000a
+	.long	0x000000f7
+	.long	0x000000e4
+	.long	0x00000058
+	.long	0x00000005
+	.long	0x000000b8
+	.long	0x000000b3
+	.long	0x00000045
+	.long	0x00000006
+	.long	0x000000d0
+	.long	0x0000002c
+	.long	0x0000001e
+	.long	0x0000008f
+	.long	0x000000ca
+	.long	0x0000003f
+	.long	0x0000000f
+	.long	0x00000002
+	.long	0x000000c1
+	.long	0x000000af
+	.long	0x000000bd
+	.long	0x00000003
+	.long	0x00000001
+	.long	0x00000013
+	.long	0x0000008a
+	.long	0x0000006b
+	.long	0x0000003a
+	.long	0x00000091
+	.long	0x00000011
+	.long	0x00000041
+	.long	0x0000004f
+	.long	0x00000067
+	.long	0x000000dc
+	.long	0x000000ea
+	.long	0x00000097
+	.long	0x000000f2
+	.long	0x000000cf
+	.long	0x000000ce
+	.long	0x000000f0
+	.long	0x000000b4
+	.long	0x000000e6
+	.long	0x00000073
+	.long	0x00000096
+	.long	0x000000ac
+	.long	0x00000074
+	.long	0x00000022
+	.long	0x000000e7
+	.long	0x000000ad
+	.long	0x00000035
+	.long	0x00000085
+	.long	0x000000e2
+	.long	0x000000f9
+	.long	0x00000037
+	.long	0x000000e8
+	.long	0x0000001c
+	.long	0x00000075
+	.long	0x000000df
+	.long	0x0000006e
+	.long	0x00000047
+	.long	0x000000f1
+	.long	0x0000001a
+	.long	0x00000071
+	.long	0x0000001d
+	.long	0x00000029
+	.long	0x000000c5
+	.long	0x00000089
+	.long	0x0000006f
+	.long	0x000000b7
+	.long	0x00000062
+	.long	0x0000000e
+	.long	0x000000aa
+	.long	0x00000018
+	.long	0x000000be
+	.long	0x0000001b
+	.long	0x000000fc
+	.long	0x00000056
+	.long	0x0000003e
+	.long	0x0000004b
+	.long	0x000000c6
+	.long	0x000000d2
+	.long	0x00000079
+	.long	0x00000020
+	.long	0x0000009a
+	.long	0x000000db
+	.long	0x000000c0
+	.long	0x000000fe
+	.long	0x00000078
+	.long	0x000000cd
+	.long	0x0000005a
+	.long	0x000000f4
+	.long	0x0000001f
+	.long	0x000000dd
+	.long	0x000000a8
+	.long	0x00000033
+	.long	0x00000088
+	.long	0x00000007
+	.long	0x000000c7
+	.long	0x00000031
+	.long	0x000000b1
+	.long	0x00000012
+	.long	0x00000010
+	.long	0x00000059
+	.long	0x00000027
+	.long	0x00000080
+	.long	0x000000ec
+	.long	0x0000005f
+	.long	0x00000060
+	.long	0x00000051
+	.long	0x0000007f
+	.long	0x000000a9
+	.long	0x00000019
+	.long	0x000000b5
+	.long	0x0000004a
+	.long	0x0000000d
+	.long	0x0000002d
+	.long	0x000000e5
+	.long	0x0000007a
+	.long	0x0000009f
+	.long	0x00000093
+	.long	0x000000c9
+	.long	0x0000009c
+	.long	0x000000ef
+	.long	0x000000a0
+	.long	0x000000e0
+	.long	0x0000003b
+	.long	0x0000004d
+	.long	0x000000ae
+	.long	0x0000002a
+	.long	0x000000f5
+	.long	0x000000b0
+	.long	0x000000c8
+	.long	0x000000eb
+	.long	0x000000bb
+	.long	0x0000003c
+	.long	0x00000083
+	.long	0x00000053
+	.long	0x00000099
+	.long	0x00000061
+	.long	0x00000017
+	.long	0x0000002b
+	.long	0x00000004
+	.long	0x0000007e
+	.long	0x000000ba
+	.long	0x00000077
+	.long	0x000000d6
+	.long	0x00000026
+	.long	0x000000e1
+	.long	0x00000069
+	.long	0x00000014
+	.long	0x00000063
+	.long	0x00000055
+	.long	0x00000021
+	.long	0x0000000c
+	.long	0x0000007d
+	// Table 1.
+	.long	0x00005200
+	.long	0x00000900
+	.long	0x00006a00
+	.long	0x0000d500
+	.long	0x00003000
+	.long	0x00003600
+	.long	0x0000a500
+	.long	0x00003800
+	.long	0x0000bf00
+	.long	0x00004000
+	.long	0x0000a300
+	.long	0x00009e00
+	.long	0x00008100
+	.long	0x0000f300
+	.long	0x0000d700
+	.long	0x0000fb00
+	.long	0x00007c00
+	.long	0x0000e300
+	.long	0x00003900
+	.long	0x00008200
+	.long	0x00009b00
+	.long	0x00002f00
+	.long	0x0000ff00
+	.long	0x00008700
+	.long	0x00003400
+	.long	0x00008e00
+	.long	0x00004300
+	.long	0x00004400
+	.long	0x0000c400
+	.long	0x0000de00
+	.long	0x0000e900
+	.long	0x0000cb00
+	.long	0x00005400
+	.long	0x00007b00
+	.long	0x00009400
+	.long	0x00003200
+	.long	0x0000a600
+	.long	0x0000c200
+	.long	0x00002300
+	.long	0x00003d00
+	.long	0x0000ee00
+	.long	0x00004c00
+	.long	0x00009500
+	.long	0x00000b00
+	.long	0x00004200
+	.long	0x0000fa00
+	.long	0x0000c300
+	.long	0x00004e00
+	.long	0x00000800
+	.long	0x00002e00
+	.long	0x0000a100
+	.long	0x00006600
+	.long	0x00002800
+	.long	0x0000d900
+	.long	0x00002400
+	.long	0x0000b200
+	.long	0x00007600
+	.long	0x00005b00
+	.long	0x0000a200
+	.long	0x00004900
+	.long	0x00006d00
+	.long	0x00008b00
+	.long	0x0000d100
+	.long	0x00002500
+	.long	0x00007200
+	.long	0x0000f800
+	.long	0x0000f600
+	.long	0x00006400
+	.long	0x00008600
+	.long	0x00006800
+	.long	0x00009800
+	.long	0x00001600
+	.long	0x0000d400
+	.long	0x0000a400
+	.long	0x00005c00
+	.long	0x0000cc00
+	.long	0x00005d00
+	.long	0x00006500
+	.long	0x0000b600
+	.long	0x00009200
+	.long	0x00006c00
+	.long	0x00007000
+	.long	0x00004800
+	.long	0x00005000
+	.long	0x0000fd00
+	.long	0x0000ed00
+	.long	0x0000b900
+	.long	0x0000da00
+	.long	0x00005e00
+	.long	0x00001500
+	.long	0x00004600
+	.long	0x00005700
+	.long	0x0000a700
+	.long	0x00008d00
+	.long	0x00009d00
+	.long	0x00008400
+	.long	0x00009000
+	.long	0x0000d800
+	.long	0x0000ab00
+	.long	0x00000000
+	.long	0x00008c00
+	.long	0x0000bc00
+	.long	0x0000d300
+	.long	0x00000a00
+	.long	0x0000f700
+	.long	0x0000e400
+	.long	0x00005800
+	.long	0x00000500
+	.long	0x0000b800
+	.long	0x0000b300
+	.long	0x00004500
+	.long	0x00000600
+	.long	0x0000d000
+	.long	0x00002c00
+	.long	0x00001e00
+	.long	0x00008f00
+	.long	0x0000ca00
+	.long	0x00003f00
+	.long	0x00000f00
+	.long	0x00000200
+	.long	0x0000c100
+	.long	0x0000af00
+	.long	0x0000bd00
+	.long	0x00000300
+	.long	0x00000100
+	.long	0x00001300
+	.long	0x00008a00
+	.long	0x00006b00
+	.long	0x00003a00
+	.long	0x00009100
+	.long	0x00001100
+	.long	0x00004100
+	.long	0x00004f00
+	.long	0x00006700
+	.long	0x0000dc00
+	.long	0x0000ea00
+	.long	0x00009700
+	.long	0x0000f200
+	.long	0x0000cf00
+	.long	0x0000ce00
+	.long	0x0000f000
+	.long	0x0000b400
+	.long	0x0000e600
+	.long	0x00007300
+	.long	0x00009600
+	.long	0x0000ac00
+	.long	0x00007400
+	.long	0x00002200
+	.long	0x0000e700
+	.long	0x0000ad00
+	.long	0x00003500
+	.long	0x00008500
+	.long	0x0000e200
+	.long	0x0000f900
+	.long	0x00003700
+	.long	0x0000e800
+	.long	0x00001c00
+	.long	0x00007500
+	.long	0x0000df00
+	.long	0x00006e00
+	.long	0x00004700
+	.long	0x0000f100
+	.long	0x00001a00
+	.long	0x00007100
+	.long	0x00001d00
+	.long	0x00002900
+	.long	0x0000c500
+	.long	0x00008900
+	.long	0x00006f00
+	.long	0x0000b700
+	.long	0x00006200
+	.long	0x00000e00
+	.long	0x0000aa00
+	.long	0x00001800
+	.long	0x0000be00
+	.long	0x00001b00
+	.long	0x0000fc00
+	.long	0x00005600
+	.long	0x00003e00
+	.long	0x00004b00
+	.long	0x0000c600
+	.long	0x0000d200
+	.long	0x00007900
+	.long	0x00002000
+	.long	0x00009a00
+	.long	0x0000db00
+	.long	0x0000c000
+	.long	0x0000fe00
+	.long	0x00007800
+	.long	0x0000cd00
+	.long	0x00005a00
+	.long	0x0000f400
+	.long	0x00001f00
+	.long	0x0000dd00
+	.long	0x0000a800
+	.long	0x00003300
+	.long	0x00008800
+	.long	0x00000700
+	.long	0x0000c700
+	.long	0x00003100
+	.long	0x0000b100
+	.long	0x00001200
+	.long	0x00001000
+	.long	0x00005900
+	.long	0x00002700
+	.long	0x00008000
+	.long	0x0000ec00
+	.long	0x00005f00
+	.long	0x00006000
+	.long	0x00005100
+	.long	0x00007f00
+	.long	0x0000a900
+	.long	0x00001900
+	.long	0x0000b500
+	.long	0x00004a00
+	.long	0x00000d00
+	.long	0x00002d00
+	.long	0x0000e500
+	.long	0x00007a00
+	.long	0x00009f00
+	.long	0x00009300
+	.long	0x0000c900
+	.long	0x00009c00
+	.long	0x0000ef00
+	.long	0x0000a000
+	.long	0x0000e000
+	.long	0x00003b00
+	.long	0x00004d00
+	.long	0x0000ae00
+	.long	0x00002a00
+	.long	0x0000f500
+	.long	0x0000b000
+	.long	0x0000c800
+	.long	0x0000eb00
+	.long	0x0000bb00
+	.long	0x00003c00
+	.long	0x00008300
+	.long	0x00005300
+	.long	0x00009900
+	.long	0x00006100
+	.long	0x00001700
+	.long	0x00002b00
+	.long	0x00000400
+	.long	0x00007e00
+	.long	0x0000ba00
+	.long	0x00007700
+	.long	0x0000d600
+	.long	0x00002600
+	.long	0x0000e100
+	.long	0x00006900
+	.long	0x00001400
+	.long	0x00006300
+	.long	0x00005500
+	.long	0x00002100
+	.long	0x00000c00
+	.long	0x00007d00
+	// Table 2.
+	.long	0x00520000
+	.long	0x00090000
+	.long	0x006a0000
+	.long	0x00d50000
+	.long	0x00300000
+	.long	0x00360000
+	.long	0x00a50000
+	.long	0x00380000
+	.long	0x00bf0000
+	.long	0x00400000
+	.long	0x00a30000
+	.long	0x009e0000
+	.long	0x00810000
+	.long	0x00f30000
+	.long	0x00d70000
+	.long	0x00fb0000
+	.long	0x007c0000
+	.long	0x00e30000
+	.long	0x00390000
+	.long	0x00820000
+	.long	0x009b0000
+	.long	0x002f0000
+	.long	0x00ff0000
+	.long	0x00870000
+	.long	0x00340000
+	.long	0x008e0000
+	.long	0x00430000
+	.long	0x00440000
+	.long	0x00c40000
+	.long	0x00de0000
+	.long	0x00e90000
+	.long	0x00cb0000
+	.long	0x00540000
+	.long	0x007b0000
+	.long	0x00940000
+	.long	0x00320000
+	.long	0x00a60000
+	.long	0x00c20000
+	.long	0x00230000
+	.long	0x003d0000
+	.long	0x00ee0000
+	.long	0x004c0000
+	.long	0x00950000
+	.long	0x000b0000
+	.long	0x00420000
+	.long	0x00fa0000
+	.long	0x00c30000
+	.long	0x004e0000
+	.long	0x00080000
+	.long	0x002e0000
+	.long	0x00a10000
+	.long	0x00660000
+	.long	0x00280000
+	.long	0x00d90000
+	.long	0x00240000
+	.long	0x00b20000
+	.long	0x00760000
+	.long	0x005b0000
+	.long	0x00a20000
+	.long	0x00490000
+	.long	0x006d0000
+	.long	0x008b0000
+	.long	0x00d10000
+	.long	0x00250000
+	.long	0x00720000
+	.long	0x00f80000
+	.long	0x00f60000
+	.long	0x00640000
+	.long	0x00860000
+	.long	0x00680000
+	.long	0x00980000
+	.long	0x00160000
+	.long	0x00d40000
+	.long	0x00a40000
+	.long	0x005c0000
+	.long	0x00cc0000
+	.long	0x005d0000
+	.long	0x00650000
+	.long	0x00b60000
+	.long	0x00920000
+	.long	0x006c0000
+	.long	0x00700000
+	.long	0x00480000
+	.long	0x00500000
+	.long	0x00fd0000
+	.long	0x00ed0000
+	.long	0x00b90000
+	.long	0x00da0000
+	.long	0x005e0000
+	.long	0x00150000
+	.long	0x00460000
+	.long	0x00570000
+	.long	0x00a70000
+	.long	0x008d0000
+	.long	0x009d0000
+	.long	0x00840000
+	.long	0x00900000
+	.long	0x00d80000
+	.long	0x00ab0000
+	.long	0x00000000
+	.long	0x008c0000
+	.long	0x00bc0000
+	.long	0x00d30000
+	.long	0x000a0000
+	.long	0x00f70000
+	.long	0x00e40000
+	.long	0x00580000
+	.long	0x00050000
+	.long	0x00b80000
+	.long	0x00b30000
+	.long	0x00450000
+	.long	0x00060000
+	.long	0x00d00000
+	.long	0x002c0000
+	.long	0x001e0000
+	.long	0x008f0000
+	.long	0x00ca0000
+	.long	0x003f0000
+	.long	0x000f0000
+	.long	0x00020000
+	.long	0x00c10000
+	.long	0x00af0000
+	.long	0x00bd0000
+	.long	0x00030000
+	.long	0x00010000
+	.long	0x00130000
+	.long	0x008a0000
+	.long	0x006b0000
+	.long	0x003a0000
+	.long	0x00910000
+	.long	0x00110000
+	.long	0x00410000
+	.long	0x004f0000
+	.long	0x00670000
+	.long	0x00dc0000
+	.long	0x00ea0000
+	.long	0x00970000
+	.long	0x00f20000
+	.long	0x00cf0000
+	.long	0x00ce0000
+	.long	0x00f00000
+	.long	0x00b40000
+	.long	0x00e60000
+	.long	0x00730000
+	.long	0x00960000
+	.long	0x00ac0000
+	.long	0x00740000
+	.long	0x00220000
+	.long	0x00e70000
+	.long	0x00ad0000
+	.long	0x00350000
+	.long	0x00850000
+	.long	0x00e20000
+	.long	0x00f90000
+	.long	0x00370000
+	.long	0x00e80000
+	.long	0x001c0000
+	.long	0x00750000
+	.long	0x00df0000
+	.long	0x006e0000
+	.long	0x00470000
+	.long	0x00f10000
+	.long	0x001a0000
+	.long	0x00710000
+	.long	0x001d0000
+	.long	0x00290000
+	.long	0x00c50000
+	.long	0x00890000
+	.long	0x006f0000
+	.long	0x00b70000
+	.long	0x00620000
+	.long	0x000e0000
+	.long	0x00aa0000
+	.long	0x00180000
+	.long	0x00be0000
+	.long	0x001b0000
+	.long	0x00fc0000
+	.long	0x00560000
+	.long	0x003e0000
+	.long	0x004b0000
+	.long	0x00c60000
+	.long	0x00d20000
+	.long	0x00790000
+	.long	0x00200000
+	.long	0x009a0000
+	.long	0x00db0000
+	.long	0x00c00000
+	.long	0x00fe0000
+	.long	0x00780000
+	.long	0x00cd0000
+	.long	0x005a0000
+	.long	0x00f40000
+	.long	0x001f0000
+	.long	0x00dd0000
+	.long	0x00a80000
+	.long	0x00330000
+	.long	0x00880000
+	.long	0x00070000
+	.long	0x00c70000
+	.long	0x00310000
+	.long	0x00b10000
+	.long	0x00120000
+	.long	0x00100000
+	.long	0x00590000
+	.long	0x00270000
+	.long	0x00800000
+	.long	0x00ec0000
+	.long	0x005f0000
+	.long	0x00600000
+	.long	0x00510000
+	.long	0x007f0000
+	.long	0x00a90000
+	.long	0x00190000
+	.long	0x00b50000
+	.long	0x004a0000
+	.long	0x000d0000
+	.long	0x002d0000
+	.long	0x00e50000
+	.long	0x007a0000
+	.long	0x009f0000
+	.long	0x00930000
+	.long	0x00c90000
+	.long	0x009c0000
+	.long	0x00ef0000
+	.long	0x00a00000
+	.long	0x00e00000
+	.long	0x003b0000
+	.long	0x004d0000
+	.long	0x00ae0000
+	.long	0x002a0000
+	.long	0x00f50000
+	.long	0x00b00000
+	.long	0x00c80000
+	.long	0x00eb0000
+	.long	0x00bb0000
+	.long	0x003c0000
+	.long	0x00830000
+	.long	0x00530000
+	.long	0x00990000
+	.long	0x00610000
+	.long	0x00170000
+	.long	0x002b0000
+	.long	0x00040000
+	.long	0x007e0000
+	.long	0x00ba0000
+	.long	0x00770000
+	.long	0x00d60000
+	.long	0x00260000
+	.long	0x00e10000
+	.long	0x00690000
+	.long	0x00140000
+	.long	0x00630000
+	.long	0x00550000
+	.long	0x00210000
+	.long	0x000c0000
+	.long	0x007d0000
+	// Table 3.
+	.long	0x52000000
+	.long	0x09000000
+	.long	0x6a000000
+	.long	0xd5000000
+	.long	0x30000000
+	.long	0x36000000
+	.long	0xa5000000
+	.long	0x38000000
+	.long	0xbf000000
+	.long	0x40000000
+	.long	0xa3000000
+	.long	0x9e000000
+	.long	0x81000000
+	.long	0xf3000000
+	.long	0xd7000000
+	.long	0xfb000000
+	.long	0x7c000000
+	.long	0xe3000000
+	.long	0x39000000
+	.long	0x82000000
+	.long	0x9b000000
+	.long	0x2f000000
+	.long	0xff000000
+	.long	0x87000000
+	.long	0x34000000
+	.long	0x8e000000
+	.long	0x43000000
+	.long	0x44000000
+	.long	0xc4000000
+	.long	0xde000000
+	.long	0xe9000000
+	.long	0xcb000000
+	.long	0x54000000
+	.long	0x7b000000
+	.long	0x94000000
+	.long	0x32000000
+	.long	0xa6000000
+	.long	0xc2000000
+	.long	0x23000000
+	.long	0x3d000000
+	.long	0xee000000
+	.long	0x4c000000
+	.long	0x95000000
+	.long	0x0b000000
+	.long	0x42000000
+	.long	0xfa000000
+	.long	0xc3000000
+	.long	0x4e000000
+	.long	0x08000000
+	.long	0x2e000000
+	.long	0xa1000000
+	.long	0x66000000
+	.long	0x28000000
+	.long	0xd9000000
+	.long	0x24000000
+	.long	0xb2000000
+	.long	0x76000000
+	.long	0x5b000000
+	.long	0xa2000000
+	.long	0x49000000
+	.long	0x6d000000
+	.long	0x8b000000
+	.long	0xd1000000
+	.long	0x25000000
+	.long	0x72000000
+	.long	0xf8000000
+	.long	0xf6000000
+	.long	0x64000000
+	.long	0x86000000
+	.long	0x68000000
+	.long	0x98000000
+	.long	0x16000000
+	.long	0xd4000000
+	.long	0xa4000000
+	.long	0x5c000000
+	.long	0xcc000000
+	.long	0x5d000000
+	.long	0x65000000
+	.long	0xb6000000
+	.long	0x92000000
+	.long	0x6c000000
+	.long	0x70000000
+	.long	0x48000000
+	.long	0x50000000
+	.long	0xfd000000
+	.long	0xed000000
+	.long	0xb9000000
+	.long	0xda000000
+	.long	0x5e000000
+	.long	0x15000000
+	.long	0x46000000
+	.long	0x57000000
+	.long	0xa7000000
+	.long	0x8d000000
+	.long	0x9d000000
+	.long	0x84000000
+	.long	0x90000000
+	.long	0xd8000000
+	.long	0xab000000
+	.long	0x00000000
+	.long	0x8c000000
+	.long	0xbc000000
+	.long	0xd3000000
+	.long	0x0a000000
+	.long	0xf7000000
+	.long	0xe4000000
+	.long	0x58000000
+	.long	0x05000000
+	.long	0xb8000000
+	.long	0xb3000000
+	.long	0x45000000
+	.long	0x06000000
+	.long	0xd0000000
+	.long	0x2c000000
+	.long	0x1e000000
+	.long	0x8f000000
+	.long	0xca000000
+	.long	0x3f000000
+	.long	0x0f000000
+	.long	0x02000000
+	.long	0xc1000000
+	.long	0xaf000000
+	.long	0xbd000000
+	.long	0x03000000
+	.long	0x01000000
+	.long	0x13000000
+	.long	0x8a000000
+	.long	0x6b000000
+	.long	0x3a000000
+	.long	0x91000000
+	.long	0x11000000
+	.long	0x41000000
+	.long	0x4f000000
+	.long	0x67000000
+	.long	0xdc000000
+	.long	0xea000000
+	.long	0x97000000
+	.long	0xf2000000
+	.long	0xcf000000
+	.long	0xce000000
+	.long	0xf0000000
+	.long	0xb4000000
+	.long	0xe6000000
+	.long	0x73000000
+	.long	0x96000000
+	.long	0xac000000
+	.long	0x74000000
+	.long	0x22000000
+	.long	0xe7000000
+	.long	0xad000000
+	.long	0x35000000
+	.long	0x85000000
+	.long	0xe2000000
+	.long	0xf9000000
+	.long	0x37000000
+	.long	0xe8000000
+	.long	0x1c000000
+	.long	0x75000000
+	.long	0xdf000000
+	.long	0x6e000000
+	.long	0x47000000
+	.long	0xf1000000
+	.long	0x1a000000
+	.long	0x71000000
+	.long	0x1d000000
+	.long	0x29000000
+	.long	0xc5000000
+	.long	0x89000000
+	.long	0x6f000000
+	.long	0xb7000000
+	.long	0x62000000
+	.long	0x0e000000
+	.long	0xaa000000
+	.long	0x18000000
+	.long	0xbe000000
+	.long	0x1b000000
+	.long	0xfc000000
+	.long	0x56000000
+	.long	0x3e000000
+	.long	0x4b000000
+	.long	0xc6000000
+	.long	0xd2000000
+	.long	0x79000000
+	.long	0x20000000
+	.long	0x9a000000
+	.long	0xdb000000
+	.long	0xc0000000
+	.long	0xfe000000
+	.long	0x78000000
+	.long	0xcd000000
+	.long	0x5a000000
+	.long	0xf4000000
+	.long	0x1f000000
+	.long	0xdd000000
+	.long	0xa8000000
+	.long	0x33000000
+	.long	0x88000000
+	.long	0x07000000
+	.long	0xc7000000
+	.long	0x31000000
+	.long	0xb1000000
+	.long	0x12000000
+	.long	0x10000000
+	.long	0x59000000
+	.long	0x27000000
+	.long	0x80000000
+	.long	0xec000000
+	.long	0x5f000000
+	.long	0x60000000
+	.long	0x51000000
+	.long	0x7f000000
+	.long	0xa9000000
+	.long	0x19000000
+	.long	0xb5000000
+	.long	0x4a000000
+	.long	0x0d000000
+	.long	0x2d000000
+	.long	0xe5000000
+	.long	0x7a000000
+	.long	0x9f000000
+	.long	0x93000000
+	.long	0xc9000000
+	.long	0x9c000000
+	.long	0xef000000
+	.long	0xa0000000
+	.long	0xe0000000
+	.long	0x3b000000
+	.long	0x4d000000
+	.long	0xae000000
+	.long	0x2a000000
+	.long	0xf5000000
+	.long	0xb0000000
+	.long	0xc8000000
+	.long	0xeb000000
+	.long	0xbb000000
+	.long	0x3c000000
+	.long	0x83000000
+	.long	0x53000000
+	.long	0x99000000
+	.long	0x61000000
+	.long	0x17000000
+	.long	0x2b000000
+	.long	0x04000000
+	.long	0x7e000000
+	.long	0xba000000
+	.long	0x77000000
+	.long	0xd6000000
+	.long	0x26000000
+	.long	0xe1000000
+	.long	0x69000000
+	.long	0x14000000
+	.long	0x63000000
+	.long	0x55000000
+	.long	0x21000000
+	.long	0x0c000000
+	.long	0x7d000000

ADDED   Source/AESedp/Intel/DecryptCBC.s
Index: Source/AESedp/Intel/DecryptCBC.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/DecryptCBC.s
@@ -0,0 +1,294 @@
+#include "../AESAssembly.h"
+
+
+// Generate object code only if this implementation has been requested.
+#if defined UseAESedp_IntelAssembly
+
+
+/*	AESDecryptCBC.s -- Decrypt blocks with AES in Cipher Block Chaining mode.
+
+	Written by Eric Postpischil, January 24, 2008.
+*/
+
+
+/*	Define a macro to select a value based on architecture.  This reduces
+	some of the architecture conditionalization later in the source.
+*/
+#if defined __i386__
+	#define	Arch(i386, x86_64)	i386
+#elif defined __x86_64__
+	#define	Arch(i386, x86_64)	x86_64
+#endif
+
+
+/*	Rename the general registers.  This makes it easier to keep track of them
+	and provides names for the "whole register" that are uniform between i386
+	and x86_64.
+*/
+#if defined __i386__
+	#define	r0	%eax	// Available for any use.
+	#define	r1	%ecx	// Available for any use, some special purposes (loop).
+	#define	r2	%edx	// Available for any use.
+	#define	r3	%ebx	// Must be preserved by called routine.
+	#define	r4	%esp	// Stack pointer.
+	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
+	#define	r6	%esi	// Must be preserved by called routine.
+	#define	r7	%edi	// Must be preserved by called routine.
+#elif defined __x86_64__
+	#define	r0	%rax	// Available for any use.
+	#define	r1	%rcx	// Available for any use.
+	#define	r2	%rdx	// Available for any use.
+	#define	r3	%rbx	// Must be preserved by called routine.
+	#define	r4	%rsp	// Stack pointer.
+	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
+	#define	r6	%rsi	// Available for any use.
+	#define	r7	%rdi	// Available for any use.
+	#define	r8	%r8		// Available for any use.
+	#define	r9	%r9		// Available for any use.
+	#define	r10	%r10	// Available for any use.
+	#define	r11	%r11	// Available for any use.
+	#define	r12	%r12	// Must be preserved by called routine.
+	#define	r13	%r13	// Must be preserved by called routine.
+	#define	r14	%r14	// Must be preserved by called routine.
+	#define	r15	%r15	// Must be preserved by called routine.
+#else
+	#error "Unknown architecture."
+#endif
+
+
+/*	Routine:
+
+		_AESDecryptCBC.
+
+	Function:
+
+		This routine uses _AESDecryptWithExpandedKey to decrypt blocks in
+		Cipher Block Chaining mode, which requires chaining the AES state
+		from block to block.  In CBC mode, each output block is (after the
+		underlying decryption) XORed with the previous input block.  On the
+		first iteration, the previous input block is supplied from a chain
+		buffer.
+
+	Input:
+
+		void *O				// Output
+		const void *I		// Input
+		void *ChainBuffer	// Chain buffer / initial value.
+		void *Key			// Expanded Key.
+		long Blocks			// Number of 16-byte blocks to process.
+		long Rounds			// Number of rounds.
+
+	Output:
+
+		Decrypted text is written to *O.
+
+		The final input block is written to *ChainBuffer.
+*/
+	.globl _AESDecryptCBC
+	.private_extern	_AESDecryptCBC
+_AESDecryptCBC:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	RegisterSaveSize	(3*4)
+	#elif defined __x86_64__
+		push	r12
+		push	r13
+		push	r14
+		push	r15
+		#define	RegisterSaveSize	(5*8)
+	#endif
+
+/*	B is the number of bytes from the top of stack just before the instruction
+	that called this routine to the top of stack after we push the frame
+	pointer and other registers.  It provides information needed to align our
+	stack frame.
+*/
+#define	B	(RegisterSaveSize + 2*Arch(4, 8))
+
+/*	Allocate space on the stack for 16 bytes for the AES state, 16 bytes to
+	save the chain value, and, on i386, 16 bytes for four four-byte arguments,
+	and padding needed to produce 16-byte alignment.
+*/
+#define	LocalsSize	((16*2 + Arch(16, 0) + B + 15 & -16) - B)
+#define	StackFrame	(LocalsSize + B)
+
+/*	LocalState is the offset from the stack pointer to where we store the AES
+ 	state.
+*/
+#define	LocalState	Arch(16, 0)
+#define	SavedChain	Arch(32, 16)	// Offset to saved chain value.
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+// Non-volatile registers.
+#define	I			r3
+#define	O			r5
+#define	Blocks		Arch(r6, r12)
+#define	ChainBuffer	Arch(r7, r13)
+#define	Rounds		Arch(Not used, r14)
+#define	Key			Arch(Not used, r15)
+
+// Volatile registers.
+#define	t0			r0
+#define	v0			%xmm0
+#define	vState0		%xmm4
+
+// Arguments passed to us.
+#if defined __i386__
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+4*(i)(r4)
+#endif
+#define	ArgO			Arch(Argument(0), r7)
+#define	ArgI			Arch(Argument(1), r6)
+#define	ArgChainBuffer	Arch(Argument(2), r2)
+#define	ArgKey			Arch(Argument(3), r1)
+#define	ArgBlocks		Arch(Argument(4), r8)
+#define	ArgRounds		Arch(Argument(5), r9)
+
+	/*	Get some arguments.  We need to move these from the stack (on i386)
+		or volatile registers (on x86_64) to non-volatile registers where we
+		can use them and keep them during calls to a subroutine.
+	*/
+	mov		ArgO, O
+	mov		ArgI, I
+	mov		ArgChainBuffer, ChainBuffer
+	mov		ArgBlocks, Blocks
+
+	// Convert Blocks from number of blocks to displacement in bytes.
+	imul	$16, Blocks
+	je		done	// Leave if we were given zero blocks.
+
+	// Save last input block to write to ChainBuffer later.
+	movupd	-16(I, Blocks), v0
+	movapd	v0, SavedChain(r4)
+
+	#if defined __i386__
+
+		// Put arguments we will pass on stack.
+		mov		ArgRounds, t0
+		mov		t0,    3*4(r4)
+
+		mov		ArgKey, t0
+		mov		t0,    2*4(r4)
+
+		lea		LocalState(r4), t0
+		mov		t0,    0*4(r4)
+
+	#else
+
+		// Put arguments we will pass into non-volatile registers.
+		mov		ArgRounds, Rounds
+		mov		ArgKey,    Key
+
+	#endif
+
+	add		$-16, Blocks
+
+	jle		2f			// Skip main loop if there was only one block.
+
+// Main loop.
+1:
+	#if defined __i386__
+
+		// Pass address of current input block.
+		lea		(I, Blocks), t0
+		mov		t0, 1*4(r4)
+
+	#else
+
+		// Pass arguments to subroutine.
+		#define	PassedRounds	r1
+		#define	PassedKey		r2
+		#define	PassedInput		r6
+		#define	PassedOutput	r7
+		mov		Rounds,         PassedRounds
+		mov		Key,            PassedKey
+		lea		(I, Blocks),    PassedInput
+		lea		LocalState(r4), PassedOutput
+
+	#endif
+
+	// Decrypt state.
+	call	_AESDecryptWithExpandedKey
+
+	// XOR decrypted block with previous chain value.
+	movapd	LocalState(r4), vState0
+	movupd	-16(I, Blocks), v0
+	pxor	v0, vState0
+
+	// Write to output.
+	movupd	vState0, 0*4(O, Blocks)
+
+	add		$-16, Blocks
+
+	jg		1b
+2:
+
+/*	First block is separate because it gets chain value from ChainBuffer
+	rather than from the input stream.
+*/
+	#if defined __i386__
+
+		// Pass address of current input block.
+		lea		(I, Blocks), t0
+		mov		t0, 1*4(r4)
+
+	#else
+
+		// Pass arguments to subroutine.
+		#define	PassedRounds	r1
+		#define	PassedKey		r2
+		#define	PassedInput		r6
+		#define	PassedOutput	r7
+		mov		Rounds,         PassedRounds
+		mov		Key,            PassedKey
+		lea		(I, Blocks),    PassedInput
+		lea		LocalState(r4), PassedOutput
+
+	#endif
+
+	// Decrypt state.
+	call	_AESDecryptWithExpandedKey
+
+	// XOR decrypted block with previous chain value.
+	movapd	LocalState(r4), vState0
+	movupd	(ChainBuffer), v0
+	pxor	v0, vState0
+
+	// Write to output.
+	movupd	vState0, 0*4(O, Blocks)
+
+	// Save state for chaining in future calls.
+	movapd	SavedChain(r4), v0
+	movupd	v0, (ChainBuffer)
+
+done:
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+		pop		r15
+		pop		r14
+		pop		r13
+		pop		r12
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#endif	// defined UseAESedp_IntelAssembly

ADDED   Source/AESedp/Intel/EncryptCBC.s
Index: Source/AESedp/Intel/EncryptCBC.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/EncryptCBC.s
@@ -0,0 +1,298 @@
+#include "../AESAssembly.h"
+
+
+// Generate object code only if this implementation has been requested.
+#if defined UseAESedp_IntelAssembly
+
+
+/*	AESEncryptCBC.s -- Encrypt blocks with AES in Cipher Block Chaining mode.
+
+	Written by Eric Postpischil, January 24, 2008.
+*/
+
+
+/*	Define a macro to select a value based on architecture.  This reduces
+	some of the architecture conditionalization later in the source.
+*/
+#if defined __i386__
+	#define	Arch(i386, x86_64)	i386
+#elif defined __x86_64__
+	#define	Arch(i386, x86_64)	x86_64
+#endif
+
+
+/*	Rename the general registers.  This makes it easier to keep track of them
+	and provides names for the "whole register" that are uniform between i386
+	and x86_64.
+*/
+#if defined __i386__
+	#define	r0	%eax	// Available for any use.
+	#define	r1	%ecx	// Available for any use, some special purposes (loop).
+	#define	r2	%edx	// Available for any use.
+	#define	r3	%ebx	// Must be preserved by called routine.
+	#define	r4	%esp	// Stack pointer.
+	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
+	#define	r6	%esi	// Must be preserved by called routine.
+	#define	r7	%edi	// Must be preserved by called routine.
+#elif defined __x86_64__
+	#define	r0	%rax	// Available for any use.
+	#define	r1	%rcx	// Available for any use.
+	#define	r2	%rdx	// Available for any use.
+	#define	r3	%rbx	// Must be preserved by called routine.
+	#define	r4	%rsp	// Stack pointer.
+	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
+	#define	r6	%rsi	// Available for any use.
+	#define	r7	%rdi	// Available for any use.
+	#define	r8	%r8		// Available for any use.
+	#define	r9	%r9		// Available for any use.
+	#define	r10	%r10	// Available for any use.
+	#define	r11	%r11	// Available for any use.
+	#define	r12	%r12	// Must be preserved by called routine.
+	#define	r13	%r13	// Must be preserved by called routine.
+	#define	r14	%r14	// Must be preserved by called routine.
+	#define	r15	%r15	// Must be preserved by called routine.
+#else
+	#error "Unknown architecture."
+#endif
+
+
+/*	Routine:
+
+		_AESEncryptCBC.
+
+	Function:
+
+		This routine uses _AESEncryptWithExpandedKey to encrypt blocks in
+		Cipher Block Chaining mode, which requires chaining the AES state
+		from block to block.  In CBC mode, an initial block is XORed with the
+		first input block, and then each output block is XORed with the next
+		input block.
+
+	Input:
+
+		void *O				// Output
+		const void *I		// Input
+		void *ChainBuffer	// Chain buffer / initial value.
+		void *Key			// Expanded Key.
+		long Blocks			// Number of 16-byte blocks to process.
+		long Rounds			// Number of rounds.
+
+	Output:
+
+		Encrypted text is written to *O.
+
+		The final output block is written to *ChainBuffer.
+*/
+	.globl _AESEncryptCBC
+	.private_extern	_AESEncryptCBC
+_AESEncryptCBC:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	RegisterSaveSize	(3*4)
+	#elif defined __x86_64__
+		push	r12
+		push	r13
+		push	r14
+		push	r15
+		#define	RegisterSaveSize	(5*8)
+	#endif
+
+/*	B is the number of bytes from the top of stack just before the instruction
+	that called this routine to the top of stack after we push the frame
+	pointer and other registers.  It provides information needed to align our
+	stack frame.
+*/
+#define	B	(RegisterSaveSize + 2*Arch(4, 8))
+
+/*	Allocate space on the stack for 16 bytes for the AES state and, on i386,
+	16 bytes for four four-byte arguments, and padding needed to produce
+	16-byte alignment.
+*/
+#define	LocalsSize	((16 + Arch(16, 0) + B + 15 & -16) - B)
+#define	StackFrame	(LocalsSize + B)
+
+/*	LocalState is the offset from the stack pointer to where we store the AES
+ 	state.
+*/
+#define	LocalState	Arch(16, 0)
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+// Non-volatile registers.
+#define	I			r3
+#define	O			r5
+#define	Blocks		Arch(r6, r12)
+#define	ChainBuffer	Arch(r7, r13)
+#define	Rounds		Arch(Not used, r14)
+#define	Key			Arch(Not used, r15)
+
+// Volatile registers.
+#define	t0			r0
+#define	v0			%xmm0
+#define	v1			%xmm1
+#define	v2			%xmm2
+#define	v3			%xmm3
+#define	vState0		%xmm4
+#define	vState1		%xmm5
+#define	vState2		%xmm6
+#define	vState3		%xmm7
+
+// Arguments passed to us.
+#if defined __i386__
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+4*(i)(r4)
+#endif
+#define	ArgO			Arch(Argument(0), r7)
+#define	ArgI			Arch(Argument(1), r6)
+#define	ArgChainBuffer	Arch(Argument(2), r2)
+#define	ArgKey			Arch(Argument(3), r1)
+#define	ArgBlocks		Arch(Argument(4), r8)
+#define	ArgRounds		Arch(Argument(5), r9)
+
+	/*	Get some arguments.  We need to move these from the stack (on i386)
+		or volatile registers (on x86_64) to non-volatile registers where we
+		can use them and keep them during calls to a subroutine.
+	*/
+	mov		ArgO, O
+	mov		ArgI, I
+	mov		ArgChainBuffer, ChainBuffer
+	mov		ArgBlocks, Blocks
+
+	// Read the initial value from the chain buffer.
+	movd	0*4(ChainBuffer), vState0
+	movd	1*4(ChainBuffer), vState1
+	movd	2*4(ChainBuffer), vState2
+	movd	3*4(ChainBuffer), vState3
+
+	/*	Convert Blocks from number of blocks to displacement in bytes from
+		end of input to current input location.  (We will increment it from
+		iteration to iteration.  When it reaches zero, we are done.)
+	*/
+	imul	$-16, Blocks
+	je		done	// Leave if we were given zero blocks.
+
+	// Adjust input and output pointers to use ends as base addresses.
+	sub		Blocks, I
+	sub		Blocks, O
+
+	#if defined __i386__
+
+		// Put arguments we will pass on stack.
+		mov		ArgRounds, t0
+		mov		t0,    3*4(r4)
+
+		mov		ArgKey, t0
+		mov		t0,    2*4(r4)
+
+		lea		LocalState(r4), t0
+		mov		t0,    1*4(r4)
+		mov		t0,    0*4(r4)
+
+	#else
+
+		// Put arguments we will pass into non-volatile registers.
+		mov		ArgRounds, Rounds
+		mov		ArgKey,    Key
+
+	#endif
+
+1:
+	// Read next input block.
+	movd	0*4(I, Blocks), v0
+	movd	1*4(I, Blocks), v1
+	movd	2*4(I, Blocks), v2
+	movd	3*4(I, Blocks), v3
+
+	// Chain block with state.
+	pxor	v0, vState0
+	pxor	v1, vState1
+	pxor	v2, vState2
+	pxor	v3, vState3
+
+	// Store state for passing to encryption routine.
+	movd	vState0, 0*4+LocalState(r4)
+	movd	vState1, 1*4+LocalState(r4)
+	movd	vState2, 2*4+LocalState(r4)
+	movd	vState3, 3*4+LocalState(r4)
+
+	#if defined __x86_64__
+
+		// Pass arguments to subroutine.
+		#define	PassedRounds	r1
+		#define	PassedKey		r2
+		#define	PassedInput		r6
+		#define	PassedOutput	r7
+		mov		Rounds,         PassedRounds
+		mov		Key,            PassedKey
+		lea		LocalState(r4), PassedInput
+		lea		(O, Blocks),    PassedOutput
+
+	#endif
+
+	// Encrypt state.
+	call	_AESEncryptWithExpandedKey
+
+	#if defined __i386__
+
+		// Get encrypted state.
+		movd	0*4+LocalState(r4), vState0
+		movd	1*4+LocalState(r4), vState1
+		movd	2*4+LocalState(r4), vState2
+		movd	3*4+LocalState(r4), vState3
+
+		// Write to output.
+		movd	vState0, 0*4(O, Blocks)
+		movd	vState1, 1*4(O, Blocks)
+		movd	vState2, 2*4(O, Blocks)
+		movd	vState3, 3*4(O, Blocks)
+
+	#else
+
+		// Get output for chaining.
+		movd	0*4(O, Blocks), vState0
+		movd	1*4(O, Blocks), vState1
+		movd	2*4(O, Blocks), vState2
+		movd	3*4(O, Blocks), vState3
+
+	#endif
+
+	add		$16, Blocks
+
+	jl		1b
+
+	// Save state for chaining in future calls.
+	movd	vState0, 0*4(ChainBuffer)
+	movd	vState1, 1*4(ChainBuffer)
+	movd	vState2, 2*4(ChainBuffer)
+	movd	vState3, 3*4(ChainBuffer)
+
+done:
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+		pop		r15
+		pop		r14
+		pop		r13
+		pop		r12
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#endif	// defined UseAESedp_IntelAssembly

ADDED   Source/AESedp/Intel/EncryptDecrypt.s
Index: Source/AESedp/Intel/EncryptDecrypt.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/EncryptDecrypt.s
@@ -0,0 +1,505 @@
+/*	This file defines _AESEncryptWithExpandedKey or _AESDecryptWithExpandedKey,
+	according to the value of the Select preprocessor symbol.  This file is
+	designed to be included in another assembly file using the preprocessor
+	#include directive, to benefit from some assembly-time calculations.
+
+	These two routines are nearly identical.  They differ only in the tables
+	they use, the direction they iterate through the key, and the permutation
+	performed on part of the state.
+
+	Written by Eric Postpischil, January 2008.
+*/
+
+
+#if Select == 0
+	#define	Name		_AESEncryptWithExpandedKey	// Routine name.
+	#define	MTable		_AESEncryptTable			// Main table.
+	#define	FTable		_AESSubBytesWordTable		// Final table.
+	#define	P0			S0							// State permutation.
+	#define	P1			S1
+	#define	P2			S2
+	#define	P3			S3
+	#define	Increment	+16							// ExpandedKey increment.
+#elif Select == 1
+	#define	Name		_AESDecryptWithExpandedKey	// Routine name.
+	#define	MTable		_AESDecryptTable			// Main table.
+	#define	FTable		_AESInvSubBytesWordTable	// Final table.
+	#define	P0			S2							// State permutation.
+	#define	P1			S3
+	#define	P2			S0
+	#define	P3			S1
+	#define	Increment	-16							// ExpandedKey increment.
+#endif	// Select
+
+
+/*	Routine:
+
+		_AESEncryptWithExpandedKey (if Select is 0) or
+		_AESDecryptWithExpandedKey (if Select is 1).
+
+	Function:
+
+		Perform the AES cipher or its inverse as defined in Federal Information
+		Processing Standards Publication 197 (FIPS-197), November 26, 2001.
+
+		The inverse cipher here is the "Equivalent Inverse Cipher" in FIPS-197.
+
+	Input:
+
+		Constant data:
+				
+			For encryption:
+
+				The following names must be locally defined so the assembler
+				can calculate certain offsets.
+
+				static const Word _AESEncryptTable[4][256].
+
+					_AESEncryptTable[i] contains the tables T[i] defined in AES
+					Proposal: Rijndael, version 2, 03/09/99, by Joan Daemen and
+					Vincent Rijmen, section 5.2.1, page 18.  These tables
+					combine the SubBytes and MixColumns operations.
+
+				static const Word _AESSubBytesWordTable[256].
+
+					_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
+					SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
+					differs from _AESEncryptTable in that it does not include
+					the MixColumn operation.  It is used in performing the last
+					round, which differs fromm the previous rounds in that it
+					does not include the MixColumn operation.
+
+			For decryption:
+
+				static const Word _AESDecryptTable[4][256].
+
+					The analog of _AESEncryptTable for decryption.
+
+				static const Word _AESSubBytesWordTable[256].
+
+					_AESInvSubBytesWordTable[i][j] = InvSubBytes(j) << 8*i,
+					where InvSubBytes is defined in FIPS-197.
+					_AESInvSubBytesWordTable differs from _AESDecryptTable in
+					that it does not include the InvMixColumn operation.  It is
+					used in performing the last round, which differs fromm the
+					previous rounds in that it does not include the
+					InvMixColumn operation.
+
+		Arguments:
+
+			Byte *OutputText.
+
+				Address of output, 16 bytes.  Best if four-byte aligned.
+
+			const Byte *InputText.
+
+				Address of input, 16 bytes.  Best if four-byte aligned.
+
+			const Byte *ExpandedKey.
+
+				Address of expanded key, which has 4 * (Nr+1) bytes.  Best if
+				four-byte aligned.
+
+			int Nr
+
+				Number of rounds.
+
+	Output:
+
+		Encrypted or decrypted data is written to *OutputText.
+*/
+	.globl Name
+	.private_extern	Name
+Name:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers and set RegisterSave size to the number of bytes used.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	RegisterSaveSize	(3*4)
+	#elif defined __x86_64__
+		#define	RegisterSaveSize	(1*8)
+	#endif
+
+#define	LocalsSize	Arch(4, 0)	// Number of bytes used for local variables.
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+// Number of bytes from the stack pointer to the return address.
+#define	StackFrame	(LocalsSize+RegisterSaveSize)
+
+#if defined __i386__
+
+	// Define location of argument i (presuming 4-byte arguments).
+	#define	Argument(i)	StackFrame+8+4*(i)(%esp)
+
+	#define	ArgOutputText	Argument(0)
+	#define	ArgInputText	Argument(1)
+	#define	ArgExpandedKey	Argument(2)
+	#define	ArgNr			Argument(3)
+
+#elif defined __x86_64__
+
+	// Arguments.
+	#define	OutputText		r7	// Needed near end of routine.
+	#define	InputText		r6	// Used early then overwritten for other use.
+	#define	ArgExpandedKey	r2
+	#define	ArgNr			r1
+		/*	The arguments passed in r1 and r2 overlaps registers we need for
+		 	other work, so they must be moved early in the routine.
+		*/
+
+#endif
+
+#define	BaseP		Arch(r7, r9)	// Base pointer for addressing global data.
+#define	ExpandedKey	Arch(t0, r10)	// Address of expanded key.
+
+/*	The Work registers defined below are used to hold parts of the AES state
+	while we dissect or assemble it.  They must be assigned to the A, B, C, and
+	D registers so that we can access the bytes in %al, %ah, and so on.
+*/
+#define	Work0d	r0d
+#define	Work0l	r0l
+#define	Work0h	r0h
+#define	Work1d	r3d
+#define	Work1l	r3l
+#define	Work1h	r3h
+#define	Work2d	r1d
+#define	Work2l	r1l
+#define	Work2h	r1h
+#define	Work3d	r2d
+#define	Work3l	r2l
+#define	Work3h	r2h
+
+#define	t0		r5
+#define	t0d		r5d		// Low 32 bits of t0.
+#define	t0l		r5l		// Low byte of t0.
+
+#define	t1		r6
+
+/*	S0, S1, S2, and S3 are where we assemble the new AES state when computing
+	a regular round.  S1, S2, and S3 are assigned to the Work registers, but
+	S0 needs to go somewhere else because Work0 holds part of the old state.
+*/
+#define	S0		Arch(t1, r8d)
+#define	S1		Work1d
+#define	S2		Work2d
+#define	S3		Work3d
+
+/*	These XMM registers are used as holding space, because it is faster to
+	spill to these registers than to the stack.  (On x86_64, we do not need
+	to spill, because there are additional general registers available.
+	However, using more general registers requires saving them to the stack
+	and restoring them.  I timed it, and no time was saved.)
+*/
+#define	vS1		%xmm1
+#define	vS2		%xmm2
+#define	vS3		%xmm3
+#if defined __i386__
+	#define	vExpandedKey	%xmm4
+	#define	vIncrement		%xmm5
+#endif
+
+	// Get argument.
+	mov	ArgExpandedKey, ExpandedKey
+
+// Store sentinel value of ExpandedKey on stack on i386, a register on x86_64.
+#define	ExpandedKeyEnd	Arch((r4), r11)
+
+	/*	Convert ArgNr from rounds to number of bytes to move through expanded
+		key to get to (but not beyond) last 16-byte block.
+	*/
+	mov		ArgNr, r0
+	shl		$4, r0
+
+	#if Select == 0
+		// For encryption, prepare to iterate forward through expanded key.
+		add		ExpandedKey, r0
+		mov		r0, ExpandedKeyEnd
+	#else
+		// For decryption, prepare to iterate backward through expanded key.
+		mov		ExpandedKey, ExpandedKeyEnd
+		add		r0, ExpandedKey
+	#endif
+
+	// Initialize State from input text.
+	#if defined __i386__
+		mov		ArgInputText, BaseP
+		#define	InputText	BaseP
+	#endif
+	mov		0*4(InputText), Work0d
+	mov		1*4(InputText), S1
+	mov		2*4(InputText), S2
+	mov		3*4(InputText), S3
+#undef	InputText	// Register is reused after this for other purposes.
+
+	// Add round key and save results.
+	xor		0*4(ExpandedKey), Work0d	// S0 is in dissection register.
+	xor		1*4(ExpandedKey), S1
+	movd	S1, vS1						// Save S1 to S3 in vector registers.
+	xor		2*4(ExpandedKey), S2
+	movd	S2, vS2
+	xor		3*4(ExpandedKey), S3
+	movd	S3, vS3
+
+	add		$Increment, ExpandedKey		 // Advance to next round key.
+
+	#if defined __i386__
+		// Save expanded key address and increment in vector registers.
+		mov		$Increment, t1
+		movp	ExpandedKey, vExpandedKey
+		movp	t1, vIncrement
+	#endif
+
+	// Set up relative addressing.
+	#if defined __i386__
+
+		// Get address of 0 in BaseP.
+			call	0f				// Push program counter onto stack.
+		0:
+			pop		BaseP			// Get program counter.
+
+		// Define macros to help address data.
+#define	LookupM(table, index)	MTable-0b+(table)*TableSize(BaseP, index, 4)
+#define LookupF(table, index)	FTable-0b+(table)*TableSize(BaseP, index, 4)
+
+	#elif defined __x86_64__
+
+		lea	MTable(%rip), BaseP
+
+		// Define macros to help address data.
+		#define	LookupM(table, index)	(table)*TableSize(BaseP, index, 4)
+		#define	LookupF(table, index)	(table)*TableSize(BaseP, index, 4)
+
+/*	With these definitions of LookupM and LookupF, BaseP must be loaded with
+	the address of the table at the point where it is used.  So we need an
+	instruction to change BaseP after we are done with MTable and before we
+	start using FTable.  I would prefer to use something like:
+
+		.set	FMinusM, FTable - MTable
+		#define LookupF(table, index)	\
+			FMinusM+(table)*TableSize(BaseP, index, 4)
+
+	Then BaseP would not need to change.  However, this fails due to an
+	assembler/linker bug, <rdar://problem/5683882>.
+*/
+
+	#endif
+
+	// Get round key.
+	mov		0*4(ExpandedKey), S0
+	mov		1*4(ExpandedKey), S1
+	mov		2*4(ExpandedKey), S2
+	mov		3*4(ExpandedKey), S3
+
+1:
+	/*	Word 0 of the current state must be in Work0 now, and the next round
+		key must be in S0 to S3.
+	*/
+
+	// Process previous S0.
+	movzx	Work0l, t0
+	xor		LookupM(0, t0), S0
+	movzx	Work0h, t0d
+	xor		LookupM(1, t0), P3
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(2, t0), S2
+	movzx	Work0h, t0d
+	xor		LookupM(3, t0), P1
+
+	// Process previous S1.
+	movd	vS1, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(0, t0), S1
+	movzx	Work0h, t0d
+	xor		LookupM(1, t0), P0
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(2, t0), S3
+	movzx	Work0h, t0d
+	xor		LookupM(3, t0), P2
+
+	// Process previous S2.
+	movd	vS2, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(0, t0), S2
+	movzx	Work0h, t0d
+	xor		LookupM(1, t0), P1
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(2, t0), S0
+	movzx	Work0h, t0d
+	xor		LookupM(3, t0), P3
+
+	// Process previous S3.
+	movd	vS3, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(0, t0), S3
+	movzx	Work0h, t0d
+	xor		LookupM(1, t0), P2
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupM(2, t0), S1
+	movzx	Work0h, t0d
+	xor		LookupM(3, t0), P0
+
+	#if defined __i386__
+		paddd	vIncrement, vExpandedKey
+		movp	vExpandedKey, ExpandedKey
+	#else
+		add		$Increment, ExpandedKey
+	#endif
+
+	// Save state for next iteration and load next round key.
+	mov		S0, Work0d
+	mov		0*4(ExpandedKey), S0
+	movd	S1, vS1
+	mov		1*4(ExpandedKey), S1
+	movd	S2, vS2
+	mov		2*4(ExpandedKey), S2
+	movd	S3, vS3
+	mov		3*4(ExpandedKey), S3
+
+	cmp		ExpandedKeyEnd, ExpandedKey
+	jne		1b
+
+	/*	Word 0 of the current state must be in Work0 now, and the next round
+		key must be in S0 to S3.
+	*/
+
+	// Work around assembler bug.  See comments above about Radar 5683882.
+	#if defined __x86_64__
+		lea	FTable(%rip), BaseP
+	#endif
+
+	// Process previous S0.
+	movzx	Work0l, t0
+	xor		LookupF(0, t0), S0
+	movzx	Work0h, t0d
+	xor		LookupF(1, t0), P3
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(2, t0), S2
+	movzx	Work0h, t0d
+	xor		LookupF(3, t0), P1
+
+	// Process previous S1.
+	movd	vS1, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(0, t0), S1
+	movzx	Work0h, t0d
+	xor		LookupF(1, t0), P0
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(2, t0), S3
+	movzx	Work0h, t0d
+	xor		LookupF(3, t0), P2
+
+	// Process previous S2.
+	movd	vS2, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(0, t0), S2
+	movzx	Work0h, t0d
+	xor		LookupF(1, t0), P1
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(2, t0), S0
+	movzx	Work0h, t0d
+	xor		LookupF(3, t0), P3
+
+	// Process previous S3.
+	movd	vS3, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(0, t0), S3
+	movzx	Work0h, t0d
+	xor		LookupF(1, t0), P2
+	shr		$16, Work0d
+	movzx	Work0l, t0d
+	xor		LookupF(2, t0), S1
+	movzx	Work0h, t0d
+	xor		LookupF(3, t0), P0
+
+	#if defined __i386__	// Architecture.
+		// Get OutputText address.
+		#define	OutputText	BaseP
+		mov		ArgOutputText, OutputText
+	#endif	// Architecture.
+
+	// Write output.
+	mov		S0, 0*4(OutputText)
+	mov		S1, 1*4(OutputText)
+	mov		S2, 2*4(OutputText)
+	mov		S3, 3*4(OutputText)
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#undef	ArgExpandedKey
+#undef	ArgInputText
+#undef	ArgNr
+#undef	ArgOutputText
+#undef	Argument
+#undef	BaseP
+#undef	ExpandedKey
+#undef	ExpandedKeyEnd
+#undef	FTable
+#undef	InputText
+#undef	LocalsSize
+#undef	LookupM
+#undef	LookupF
+#undef	MTable
+#undef	OutputText
+#undef	RegisterSaveSize
+#undef	S0
+#undef	S1
+#undef	S2
+#undef	S3
+#undef	StackFrame
+#undef	Work0d
+#undef	Work0h
+#undef	Work0l
+#undef	Work1d
+#undef	Work1h
+#undef	Work1l
+#undef	Work2d
+#undef	Work2h
+#undef	Work2l
+#undef	Work3d
+#undef	Work3h
+#undef	Work3l
+#undef	t0
+#undef	t0d
+#undef	t0l
+#undef	t1
+#undef	vExpandedKey
+#undef	vS1
+#undef	vS2
+#undef	vS3
+
+#undef	Name
+#undef	MTable
+#undef	FTable
+#undef	P0
+#undef	P1
+#undef	P2
+#undef	P3
+#undef	Increment

ADDED   Source/AESedp/Intel/ExpandKeyForDecryption.s
Index: Source/AESedp/Intel/ExpandKeyForDecryption.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/ExpandKeyForDecryption.s
@@ -0,0 +1,914 @@
+/*	This file defines _AESExpandKeyForDecryption.  It is designed to be
+	included in another assembly file with the preprocessor #include directive,
+	to benefit from some assembly-time calculations.
+
+	Written by Eric Postpischil, January 2008.
+
+	The comments here do not say much about the algorithm; the code just
+	follows the FIPS-197 specification.  I recommend reading the specification
+	before working with this code or examining the C code in the parent
+	directory that illustrates key expansion.
+
+	One complication is that this routine both expands the key and applies
+	InvMixColumn to most of the words in the expanded key.  This modifies the
+	key for use with the Equivalent Inverse Cipher.
+
+	During key expansion, there are sequences of four or six words that are
+	produced like this:
+
+		E[i+0] = E[i+0-Nk] ^ f(E[i-1]), where f is some function.
+		E[i+1] = E[i+1-Nk] ^ E[i+0].
+		E[i+2] = E[i+2-Nk] ^ E[i+1].
+		E[i+3] = E[i+3-Nk] ^ E[i+2].
+
+	When Nk is four or eight, the sequence stops there.  When it is six, it
+	goes on for two more words.  Let I be the InvMixColumn function.  for the
+	Equivalent Inverse Cipher, we want to store I(E[i+0]), I(E[i+1]),
+	I(E[i+2]), I(E[i+3]) (and two more when Nk is six).  However, we do not
+	need to calculate I four times.  In AES' finite field, I is a linear
+	combination of the four bytes of its input.  The ^ operation on the bits
+	that represent field elements is an addition in the Galois field.  So
+	I(a ^ b) = I(a) ^ I(b).  Then we have:
+
+		I(E[i+0]) = I(E[i+0-Nk] ^ f(E[i-1])) = I(E[i+0-Nk]) ^ I(f(E[i-1])).
+		I(E[i+1]) = I(E[i+1-Nk]) ^ I(E[i+0]).
+		I(E[i+2]) = I(E[i+2-Nk]) ^ I(E[i+1]).
+		I(E[i+3]) = I(E[i+3-Nk]) ^ I(E[i+2]).
+
+	To compute this, we compute I(f(E[i-1])) and XOR it with the previously
+	stored E[i+0-Nk])) to get I(E[i+0])).  Then we XOR that with the previously
+	stored E[i+1-Nk])) to get I(E[i+1])), and so on.
+
+	Note that to compute I(f(E[i-1])), we need to have E[i-1].  So we have to
+	compute the pre-InvMixColumn words of the expanded key; it is not
+	sufficient to have the post-InvMixColumn words.
+*/
+
+
+/*	Routine:
+
+		_AESExpandKeyForDecryption.
+
+	Function:
+
+		Expand the user's cipher key into the key schedule, as defined in
+		Federal Information Processing Standards Publication 197 (FIPS-197),
+		November 26, 2001.
+
+		For decryption, the key is modified as shown in Figure 15 in FIPS-197,
+		to support the Equivalent Inverse Cipher.
+
+	Input:
+
+		Constant data:
+
+			The following names must be locally defined so the assembler
+			can calculate certain offsets.
+
+			static const Word _AESSubBytesWordTable[4][256].
+
+				_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
+				SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
+				differs from _AESEncryptTable in that it does not include
+				the MixColumn operation.  It is used in performing the last
+				round, which differs fromm the previous rounds in that it
+				does not include the MixColumn operation.
+
+			static const Word _AESSInvMixColumnTable[4][256].
+
+				_AESInvMixColumnTable[i][j] contains the contribution of byte
+				j to element i of the InvMixColumn operation.
+
+				The four bytes of the word _AESInvMixColumnTable[0][j] are:
+
+					{0xe}*{j}, {0x9}*{j}, {0xd}*{j}, {0xb}*{j},
+
+				listed in increasing address order, where multiplication is
+				performed in the Galois field.  {j} designates the element of
+				the Galois field represented by j.  _AESInvMixColumn[i][j] has
+				the same bytes, rotated right in the order shown above.
+
+			static const Byte _AESRcon[].
+
+				Round constants, beginning with AESRcon[1] for the first round
+				(AESRcon[0] is padding.)
+	
+		Arguments:
+
+			Word *ExpandedKey
+
+				Address of output.
+
+			const AESKey *Key
+
+				Address of user's cipher key.
+
+			long Nk
+
+				Number of four-byte words in user's cipher key.
+
+	Output:
+
+		The expanded key is written to *ExpandedKey.
+*/
+
+#define	dr		r0d				// Dissection register.
+#define	drl		r0l				// Low 8 bits of dissection register.
+#define	drh		r0h				// Second-lowest 8 bits of dissection register.
+
+#define	t0		r1
+#define	t0d		r1d				// Low 32 bits of t0.
+
+#define	STable	r2				// Address of SubBytes table.  Overlaps Nk.
+#define	ITable	r3				// Address of InvMixColumn table.
+#define	offset	r5				// Address offset and loop sentinel.
+
+#define	R		r6				// Address of round constant.
+#define	K		r6				// User key pointer, second x86_64 argument.
+	// R and K overlap.
+
+#define	E		r7				// Expanded key pointer, first x86_64 argument.
+
+#define	ve0		%xmm0
+#define	ve1		%xmm1
+#define	ve2		%xmm2
+#define	ve3		%xmm3
+#define	ve4		%xmm4
+#define	ve5		%xmm5
+#define	vt1		%xmm6
+#define	vt0		%xmm7
+
+#define	LookupS(table, index)	(table)*TableSize(STable, index, 4)
+#define	LookupI(table, index)	(table)*TableSize(ITable, index, 4)
+
+
+/*	InvMixColumn puts InvMixColumn(dr) into vt0.  This is a non-standard
+	subroutine.  It does not conform to the ABI.  It is an integral part of
+	_ExpandKeyForDecryption and shares register use with it.
+*/
+InvMixColumn:
+	movzx	drl, t0
+	movd	LookupI(0, t0), vt0		// Look up byte 0 in table 0.
+	movzx	drh, t0d
+	movd	LookupI(1, t0), vt1		// Look up byte 1 in table 1.
+	pxor	vt1, vt0
+	shr		$16, dr
+	movzx	drl, t0d
+	movd	LookupI(2, t0), vt1		// Look up byte 2 in table 2.
+	pxor	vt1, vt0
+	movzx	drh, t0d
+	movd	LookupI(3, t0), vt1		// Look up byte 3 in table 3.
+	pxor	vt1, vt0
+	ret
+
+
+	// SubWordRotWord adds (XORs) SubWord(RotWord(dr)) to vt0.
+	.macro	SubWordRotWord
+		movzx	drl, t0
+		movd	LookupS(3, t0), vt1		// Look up byte 0 in table 3.
+		pxor	vt1, vt0
+		movzx	drh, t0d
+		movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
+		pxor	vt1, vt0
+		shr		$$16, dr
+		movzx	drl, t0d
+		movd	LookupS(1, t0), vt1		// Look up byte 2 in table 1.
+		pxor	vt1, vt0
+		movzx	drh, t0d
+		movd	LookupS(2, t0), vt1		// Look up byte 3 in table 2.
+		pxor	vt1, vt0
+	.endm
+
+
+	// SubWord puts SubWord(dr) into vt0.
+	.macro	SubWord
+		movzx	drl, t0
+		movd	LookupS(0, t0), vt0		// Look up byte 0 in table 0.
+		movzx	drh, t0d
+		movd	LookupS(1, t0), vt1		// Look up byte 1 in table 1.
+		pxor	vt1,vt0
+		shr		$$16, dr
+		movzx	drl, t0d
+		movd	LookupS(2, t0), vt1		// Look up byte 2 in table 2.
+		pxor	vt1,vt0
+		movzx	drh, t0d
+		movd	LookupS(3, t0), vt1		// Look up byte 3 in table 3.
+		pxor	vt1,vt0
+	.endm
+
+
+	.globl _AESExpandKeyForDecryption
+	.private_extern	_AESExpandKeyForDecryption
+_AESExpandKeyForDecryption:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	RegisterSaveSize	(3*4)
+	#elif defined __x86_64__
+		#define	RegisterSaveSize	(1*8)
+		// Add pushes of r12 to r15 if used.
+	#endif
+
+#define	LocalsSize	0
+#define	StackFrame	(LocalsSize+RegisterSaveSize)
+	// Locals plus the registers we pushed after the new stack frame.
+
+/*	Define stack offset to storage space for local data.  This is in the red
+	zone.  We point far enough down to allow space for eight four-byte words
+	plus a return address (4 or 8 bytes on i386 or x86_64) for our internal
+	subroutine calls.
+*/
+#define	Local	(-8*4-8)
+
+#if defined __i386__
+
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+8+4*(i)(r4)
+
+	// Load arguments.
+	mov		Argument(0), E
+	mov		Argument(1), K
+	#define	Nk	Argument(2)
+
+#elif defined __x86_64__
+
+	#define	Nk		r2			// Number of words in key.  Overlaps STable.
+
+#endif
+
+	cmp		$6,	 Nk
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+	// First words of expanded key are copied from user key.
+	movd	0*4(K), ve0
+	movd	1*4(K), ve1
+	movd	2*4(K), ve2
+	movd	3*4(K), ve3
+	je		DKeyHas6Words
+	jg		DKeyHas8Words
+	// Fall through to DKeyHas4Words.
+
+DKeyHas4Words:
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESInvMixColumnTable-0b(STable), ITable
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESInvMixColumnTable(%rip), ITable
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	/*	With a four-word key, there are ten rounds (eleven 16-byte key blocks),
+		nine of which have InvMixColumn applied.
+	*/
+	mov		$-9*4*4, offset
+	sub		offset, E
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E, offset)
+	movd	ve1, 1*4(E, offset)
+	movd	ve2, 2*4(E, offset)
+	movd	ve3, 3*4(E, offset)
+
+/*	Here is the first iteration of the key expansion.  It is separate from the
+	main loop below because we need to apply InvMixColumn to each of the
+	outputs, in ve0 through ve3.  In the main loop, the technique described at
+	the top of this file is used to compute the proper outputs while using
+	InvMixColumn only once.
+*/
+	add		$1, R					// Advance pointer.
+	movd	ve3, dr					// Put previous word into work register.
+	movzx	(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	pxor	ve0, ve1
+	pxor	ve1, ve2
+	pxor	ve2, ve3
+
+	add		$4*4, offset
+
+	/*	Apply InvMixColumn to each word.  The transformed values are stored in
+		the expanded key.  The original values are retained in registers for
+		further computation.
+	*/
+	movd	ve0, dr
+	call	InvMixColumn
+	movd	vt0, 0*4(E, offset)
+
+	movd	ve1, dr
+	call	InvMixColumn
+	movd	vt0, 1*4(E, offset)
+
+	movd	ve2, dr
+	call	InvMixColumn
+	movd	vt0, 2*4(E, offset)
+
+	movd	ve3, dr
+	call	InvMixColumn
+	movd	vt0, 3*4(E, offset)
+
+//	Here is the main loop.
+1:
+	add		$1, R					// Advance pointer.
+	movd	ve3, dr					// Put previous word into work register.
+	movzx	(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	pxor	ve0, ve1
+	pxor	ve1, ve2
+	pxor	ve2, ve3
+		/*	Dr. Brian Gladman uses a technique with a single XOR here instead
+			of the previous four.  There is some periodic behavior in the key
+			expansion, and Gladman maintains E[4*i+3] for the latest four
+			values of i.  XORing the value in vt0 with one of these yields its
+			replacement.  However, using this technique requires additional
+			instructions before the loop (to initialize the values) and after
+			it (to extract the final values to be stored) and either some way
+			to rotate or index four values in the loop or a four-fold unrolling
+			of the loop to provide the indexing.  Experiment suggests the
+			former is not worthwhile.  Unrolling the loop might give a small
+			gain, at the cost of increased use of instruction cache, increased
+			instructions loads the first time the routine is executed, and
+			increased code complexity, so I decided against it.
+		*/
+
+	// Apply InvMixColumn to the difference.
+	movd	vt0, dr
+	call	InvMixColumn
+
+	add		$4*4, offset
+
+	// Chain the transformed difference to previously transformed outputs.
+	movd	(0-4)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 0*4(E, offset)
+
+	movd	(1-4)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 1*4(E, offset)
+
+	movd	(2-4)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 2*4(E, offset)
+
+	movd	(3-4)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 3*4(E, offset)
+
+	jl		1b
+
+// Here is the final iteration, which does not perform InvMixColumn.
+
+	movd	ve3, dr					// Put previous word into work register.
+	movzx	1(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	movd	ve0, 4*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 5*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 6*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 7*4(E, offset)
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+DKeyHas6Words:
+	movd	4*4(K), ve4
+	movd	5*4(K), ve5
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESInvMixColumnTable-0b(STable), ITable
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESInvMixColumnTable(%rip), ITable
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	/*	With a six-word key, there are twelve rounds (thirteen 16-byte key
+		blocks), eleven of which have InvMixColumn applied.  The key expansion
+		proceeds in iterations of six four-byte words, so the termination
+		condition is a bit complicated.  We set offset to the negative of 10
+		four four-byte words, and the loop branch does another iteration if
+		offset is less than or equal to zero, meaning the number of iterations
+		performed so far is less than or equal to 10.  Thus, after ten
+		iterations, it branches again.  After the eleventh iteration, it
+		stops.  Code after the end of the loop computes the twelfth key block,
+		which does not have InvMixColumn applied.
+	*/
+	mov		$-10*4*4, offset
+	sub		offset, E
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E, offset)
+	movd	ve1, 1*4(E, offset)
+	movd	ve2, 2*4(E, offset)
+	movd	ve3, 3*4(E, offset)
+
+	/*	The first four words are stored untransformed.  After that, words in
+		the expanded key are transformed by InvMixColumn.
+	*/
+	movd	ve4, dr
+	call	InvMixColumn
+	movd	vt0, 4*4(E, offset)
+
+	movd	ve5, dr
+	call	InvMixColumn
+	movd	vt0, 5*4(E, offset)
+
+/*	Here is the first iteration of the key expansion.  It is separate from the
+	main loop below because we need to apply InvMixColumn to each of the
+	outputs, in ve0 through ve5.  In the main loop, the technique described at
+	the top of this file is used to compute the proper outputs while using
+	InvMixColumn only once.
+*/
+	add		$1, R					// Advance pointer.
+	movd	ve5, dr					// Put previous word into work register.
+	movzx	(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	pxor	ve0, ve1
+	pxor	ve1, ve2
+	pxor	ve2, ve3
+	pxor	ve3, ve4
+	pxor	ve4, ve5
+
+	add		$6*4, offset
+
+	/*	Apply InvMixColumn to each word.  The transformed values are stored in
+		the expanded key.  The original values are retained in registers for
+		further computation.
+	*/
+	movd	ve0, dr
+	call	InvMixColumn
+	movd	vt0, 0*4(E, offset)
+
+	movd	ve1, dr
+	call	InvMixColumn
+	movd	vt0, 1*4(E, offset)
+
+	movd	ve2, dr
+	call	InvMixColumn
+	movd	vt0, 2*4(E, offset)
+
+	movd	ve3, dr
+	call	InvMixColumn
+	movd	vt0, 3*4(E, offset)
+
+	movd	(4-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 4*4(E, offset)
+
+	movd	(5-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 5*4(E, offset)
+
+//	Here is the main loop.
+1:
+	add		$1, R					// Advance pointer.
+	movd	ve5, dr					// Put previous word into work register.
+	movzx	(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	pxor	ve0, ve1
+	pxor	ve1, ve2
+	pxor	ve2, ve3
+	pxor	ve3, ve4
+	pxor	ve4, ve5
+
+	// Apply InvMixColumn to the difference.
+	movd	vt0, dr
+	call	InvMixColumn
+
+	add		$6*4, offset
+
+	// Chain the transformed difference to previously transformed outputs.
+	movd	(0-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 0*4(E, offset)
+
+	movd	(1-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 1*4(E, offset)
+
+	movd	(2-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 2*4(E, offset)
+
+	movd	(3-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 3*4(E, offset)
+
+	movd	(4-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 4*4(E, offset)
+
+	movd	(5-6)*4(E, offset), vt1
+	pxor	vt1, vt0
+	movd	vt0, 5*4(E, offset)
+
+	jle		1b
+
+// Here is the final iteration, which does not perform InvMixColumn.
+
+	movd	ve5, dr					// Put previous word into work register.
+	movzx	1(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+	pxor	vt0, ve0
+
+	// Chain to successive words.
+	movd	ve0, 6*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 7*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 8*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 9*4(E, offset)
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+DKeyHas8Words:
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E)
+	movd	ve1, 1*4(E)
+	movd	ve2, 2*4(E)
+	movd	ve3, 3*4(E)
+	movd	4*4(K), ve0
+	movd	5*4(K), ve1
+	movd	6*4(K), ve2
+	movd	7*4(K), ve3
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESInvMixColumnTable-0b(STable), ITable
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESInvMixColumnTable(%rip), ITable
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	/*	With an eight-word key, there are fourteen rounds (fifteen 16-byte key
+		blocks), thirteen of which have InvMixColumn applied.
+	*/
+	mov		$-12*4*4, offset
+	sub		offset, E
+
+	// Save untransformed values in stack area.
+	movd	ve0, 4*4+Local(r4)
+	movd	ve1, 5*4+Local(r4)
+	movd	ve2, 6*4+Local(r4)
+	movd	ve3, 7*4+Local(r4)
+
+	/*	Apply InvMixColumn to words 4 through 7.  The transformed values are
+		stored in the expanded key.  The original values are saved in the stack
+		area for further computation.
+	*/
+	movd	ve0, dr
+	call	InvMixColumn
+	movd	vt0, 4*4(E, offset)
+
+	movd	ve1, dr
+	call	InvMixColumn
+	movd	vt0, 5*4(E, offset)
+
+	movd	ve2, dr
+	call	InvMixColumn
+	movd	vt0, 6*4(E, offset)
+
+	movd	ve3, dr
+	call	InvMixColumn
+	movd	vt0, 7*4(E, offset)
+
+/*	Here is the first iteration of the key expansion.  It is separate from the
+	main loop below because we need to apply InvMixColumn to each of the
+	outputs, in ve0 through ve3.  In the main loop, the technique described at
+	the top of this file is used to compute the proper outputs while using
+	InvMixColumn only once.
+*/
+	add		$1, R					// Advance pointer.
+	movd	ve3, dr					// Put previous word into work register.
+	movzx	(R), t0d				// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+
+	add		$8*4, offset
+
+	movd	(0-8)*4(E, offset), ve0		// Get old word.
+	pxor	vt0, ve0
+	movd	ve0, 0*4+Local(r4)			// Save on stack.
+	movd	ve0, dr
+	call	InvMixColumn
+	movd	vt0, 0*4(E, offset)			// Write to expanded key.
+
+	/*	 Chain to successive words and apply InvMixColumn to each word.  The
+		 transformed values are stored in the expanded key.  The original
+		 values are retained in local data for further computation.
+	*/
+	movd	(1-8)*4(E, offset), ve1		// Get old word.
+	pxor	ve0, ve1					// Chain.
+	movd	ve1, 1*4+Local(r4)			// Save on stack.
+	movd	ve1, dr
+	call	InvMixColumn
+	movd	vt0, 1*4(E, offset)			// Write to expanded key.
+
+	movd	(2-8)*4(E, offset), ve2		// Get old word.
+	pxor	ve1, ve2					// Chain.
+	movd	ve2, 2*4+Local(r4)			// Save on stack.
+	movd	ve2, dr
+	call	InvMixColumn
+	movd	vt0, 2*4(E, offset)			// Write to expanded key.
+
+	movd	(3-8)*4(E, offset), ve3		// Get old word.
+	pxor	ve2, ve3					// Chain.
+	movd	ve3, 3*4+Local(r4)			// Save on stack.
+	movd	ve3, dr
+	call	InvMixColumn
+	movd	vt0, 3*4(E, offset)			// Write to expanded key.
+
+	movd	ve3, dr						// Put previous word into work register.
+	SubWord
+
+	movd	4*4+Local(r4), ve0			// Get old word.
+	pxor	vt0, ve0					// Chain.
+	movd	ve0, 4*4+Local(r4)			// Save on stack.
+
+	movd	5*4+Local(r4), ve1			// Get old word.
+	pxor	ve0, ve1					// Chain.
+	movd	ve1, 5*4+Local(r4)			// Save on stack.
+
+	movd	6*4+Local(r4), ve2			// Get old word.
+	pxor	ve1, ve2					// Chain.
+	movd	ve2, 6*4+Local(r4)			// Save on stack.
+
+	movd	7*4+Local(r4), ve3			// Get old word.
+	pxor	ve2, ve3					// Chain.
+	movd	ve3, 7*4+Local(r4)			// Save on stack.
+
+	movd	vt0, dr						// Move change to work register.
+	call	InvMixColumn
+
+	movd	(4-8)*4(E, offset), vt1		// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, 4*4(E, offset)			// Write new word to expanded key.
+
+	movd	(5-8)*4(E, offset), vt1		// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, 5*4(E, offset)			// Write new word to expanded key.
+
+	movd	(6-8)*4(E, offset), vt1		// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, 6*4(E, offset)			// Write new word to expanded key.
+
+	movd	(7-8)*4(E, offset), vt1		// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, 7*4(E, offset)			// Write new word to expanded key.
+
+//	Here is the main loop.
+1:
+	add		$1, R						// Advance pointer.
+	movd	ve3, dr						// Put previous word into work register.
+	movzx	(R), t0d					// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+
+	movd	0*4+Local(r4), ve0			// Get old word.
+	pxor	vt0, ve0
+	movd	ve0, 0*4+Local(r4)			// Save on stack.
+
+	// Chain to successive words.
+	movd	1*4+Local(r4), ve1			// Get old word.
+	pxor	ve0, ve1					// Chain.
+	movd	ve1, 1*4+Local(r4)			// Save on stack.
+
+	movd	2*4+Local(r4), ve2			// Get old word.
+	pxor	ve1, ve2					// Chain.
+	movd	ve2, 2*4+Local(r4)			// Save on stack.
+
+	movd	3*4+Local(r4), ve3			// Get old word.
+	pxor	ve2, ve3					// Chain.
+	movd	ve3, 3*4+Local(r4)			// Save on stack.
+
+	movd	vt0, dr						// Move change to work register.
+	call	InvMixColumn
+
+	movd	0*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (0+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	1*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (1+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	2*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (2+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	3*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (3+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	ve3, dr						// Put previous word into work register.
+	SubWord
+
+	movd	4*4+Local(r4), ve0			// Get old word.
+	pxor	vt0, ve0					// Chain.
+	movd	ve0, 4*4+Local(r4)			// Save on stack.
+
+	movd	5*4+Local(r4), ve1			// Get old word.
+	pxor	ve0, ve1					// Chain.
+	movd	ve1, 5*4+Local(r4)			// Save on stack.
+
+	movd	6*4+Local(r4), ve2			// Get old word.
+	pxor	ve1, ve2					// Chain.
+	movd	ve2, 6*4+Local(r4)			// Save on stack.
+
+	movd	7*4+Local(r4), ve3			// Get old word.
+	pxor	ve2, ve3					// Chain.
+	movd	ve3, 7*4+Local(r4)			// Save on stack.
+
+	movd	vt0, dr						// Move change to work register.
+	call	InvMixColumn
+
+	movd	4*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (4+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	5*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (5+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	6*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (6+8)*4(E, offset)		// Write new word to expanded key.
+
+	movd	7*4(E, offset), vt1			// Get old word.
+	pxor	vt1, vt0					// Chain.
+	movd	vt0, (7+8)*4(E, offset)		// Write new word to expanded key.
+
+	add		$8*4, offset
+
+	jl		1b
+
+	movd	ve3, dr						// Put previous word into work register.
+	movzx	1(R), t0d					// Get round constant.
+	movd	t0d, vt0
+
+	SubWordRotWord
+
+	movd	0*4+Local(r4), ve0			// Get old word.
+	pxor	vt0, ve0					// Chain.
+	movd	ve0, (0+8)*4(E, offset)
+
+	// Chain to successive words.
+	movd	1*4+Local(r4), ve1			// Get old word.
+	pxor	ve0, ve1					// Chain.
+	movd	ve1, (1+8)*4(E, offset)
+
+	movd	2*4+Local(r4), ve2			// Get old word.
+	pxor	ve1, ve2					// Chain.
+	movd	ve2, (2+8)*4(E, offset)
+
+	movd	3*4+Local(r4), ve3			// Get old word.
+	pxor	ve2, ve3					// Chain.
+	movd	ve3, (3+8)*4(E, offset)
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64__
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#undef	Address
+#undef	Argument
+#undef	E
+#undef	ITable
+#undef	K
+#undef	LocalsSize
+#undef	LookupI
+#undef	LookupS
+#undef	Nk
+#undef	R
+#undef	RegisterSaveSize
+#undef	STable
+#undef	StackFrame
+#undef	dr
+#undef	drh
+#undef	drl
+#undef	offset
+#undef	t0
+#undef	t0d
+#undef	ve0
+#undef	ve1
+#undef	ve2
+#undef	ve3
+#undef	ve4
+#undef	ve5
+#undef	vt0
+#undef	vt1

ADDED   Source/AESedp/Intel/ExpandKeyForEncryption.s
Index: Source/AESedp/Intel/ExpandKeyForEncryption.s
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/ExpandKeyForEncryption.s
@@ -0,0 +1,496 @@
+/*	This file defines _AESExpandKeyForEncryption.  It is designed to be
+	included in another assembly file with the preprocessor #include directive,
+	to benefit from some assembly-time calculations.
+
+	Written by Eric Postpischil, January 2008.
+
+	The comments here do not say much about the algorithm; the code just
+	follows the FIPS-197 specification.  I recommend reading the specification
+	before working with this code or examining the C code in the parent
+	directory that illustrates key expansion.
+*/
+
+
+/*	Routine:
+
+		_AESExpandKeyForEncryption.
+
+	Function:
+
+		Expand the user's cipher key into the key schedule, as defined in
+		Federal Information Processing Standards Publication 197 (FIPS-197),
+		November 26, 2001.
+
+	Input:
+
+		Constant data:
+
+			The following names must be locally defined so the assembler
+			can calculate certain offsets.
+
+			static const Word _AESSubBytesWordTable[4][256].
+
+				_AESSubBytesWordTable[i][j] = SubBytes(j) << 8*i, where
+				SubBytes is defined in FIPS-197.  _AESSubBytesWordTable
+				differs from _AESEncryptTable in that it does not include
+				the MixColumn operation.  It is used in performing the last
+				round, which differs fromm the previous rounds in that it
+				does not include the MixColumn operation.
+
+			static const Byte _AESRcon[].
+
+				Round constants, beginning with AESRcon[1] for the first round
+				(AESRcon[0] is padding.)
+	
+		Arguments:
+
+			Word *ExpandedKey
+
+				Address of output.
+
+			const AESKey *Key
+
+				Address of user's cipher key.
+
+			long Nk
+
+				Number of four-byte words in user's cipher key.
+
+	Output:
+
+		The expanded key is written to *ExpandedKey.
+*/
+	.globl _AESExpandKeyForEncryption
+	.private_extern	_AESExpandKeyForEncryption
+_AESExpandKeyForEncryption:
+
+#define	dr		r0d				// Dissection register.
+#define	drl		r0l				// Low 8 bits of dissection register.
+#define	drh		r0h				// Second-lowest 8 bits of dissection register.
+
+#define	t0		r1
+#define	t0d		r1d				// Low 32 bits of t0.
+
+#define	offset	r5				// Address offset and loop sentinel.
+
+#define	R		r6				// Address of round constant.
+#define	K		r6				// User key pointer, second x86_64 argument.
+	// R and K overlap.
+
+#define	E		r7				// Expanded key pointer, first x86_64 argument.
+
+#define	ve0		%xmm0
+#define	ve1		%xmm1
+#define	ve2		%xmm2
+#define	ve3		%xmm3
+#define	vt3		%xmm4
+#define	vt2		%xmm5
+#define	vt1		%xmm6
+#define	vt0		%xmm7
+
+#define	LookupS(table, index)	(table)*TableSize(STable, index, 4)
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	RegisterSaveSize	(2*4)
+	#elif defined __x86_64__
+		#define	RegisterSaveSize	(0*8)
+		// Add pushes of r12 to r15 if used.
+	#endif
+
+#define	LocalsSize	0
+#define	StackFrame	(LocalsSize+RegisterSaveSize)
+	// Locals plus the registers we pushed after the new stack frame.
+
+#if defined __i386__
+
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+8+4*(i)(r4)
+
+	// Load arguments.
+	mov		Argument(0), E
+	mov		Argument(1), K
+	#define	Nk	Argument(2)
+
+#elif defined __x86_64__
+
+	#define	Nk		r2			// Number of words in key.  Overlaps STable.
+
+#endif
+
+	cmp		$6,	 Nk
+// Stop using r2 for Nk and start using it for STable.
+#undef	Nk
+#define	STable	r2
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+	// First words of expanded key are copied from user key.
+	movd	0*4(K), ve0
+	movd	1*4(K), ve1
+	movd	2*4(K), ve2
+	movd	3*4(K), ve3
+	je		EKeyHas6Words
+	jg		EKeyHas8Words
+	// Fall through to EKeyHas4Words.
+
+EKeyHas4Words:
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	// With a four-word key, there are ten rounds (eleven 16-byte key blocks).
+	mov		$-10*4*4, offset
+	sub		offset, E
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E, offset)
+	movd	ve1, 1*4(E, offset)
+	movd	ve2, 2*4(E, offset)
+	movd	ve3, 3*4(E, offset)
+
+1:
+	add		$1, R				// Advance pointer.
+	movd	ve3, dr				// Put previous word into dissection register.
+	movzx	(R), t0d			// Get round constant.
+	movd	t0d, vt3
+	pxor	vt3, ve0			// XOR with word from four words back.
+
+	// Perform SubWord(RotWord(dr)).
+	movzx	drl, t0
+	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
+	movzx	drh, t0d
+	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
+	shr		$16, dr
+	movzx	drl, t0d
+	movd	LookupS(1, t0), vt2		// Look up byte 2 in table 1.
+	movzx	drh, t0d
+	movd	LookupS(2, t0), vt3		// Look up byte 3 in table 2.
+	pxor	vt1, vt0
+	pxor	vt3, vt2
+	pxor	vt0, ve0
+	pxor	vt2, ve0
+
+	add		$4*4, offset
+
+	// Chain to successive words.
+	movd	ve0, 0*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 1*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 2*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 3*4(E, offset)
+
+	jne		1b
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64
+	#endif
+	pop		r5
+
+	ret
+
+
+// Reset definitions for next case.
+#undef	vt3
+#undef	vt2
+#define	ve4	%xmm4
+#define	ve5	%xmm5
+
+
+EKeyHas6Words:
+	movd	4*4(K), ve4
+	movd	5*4(K), ve5
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	/*	With a six-word key, there are twelve rounds (thirteen 16-byte key
+		blocks).
+	*/
+	mov		$-12*4*4, offset
+	sub		offset, E
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E, offset)
+	movd	ve1, 1*4(E, offset)
+	movd	ve2, 2*4(E, offset)
+	movd	ve3, 3*4(E, offset)
+	movd	ve4, 4*4(E, offset)
+	movd	ve5, 5*4(E, offset)
+
+/*	Jump into loop body.  The key expansion processes six four-byte words per
+	iteration.  52 are needed in the key.  So only four are needed in the last
+	iteration.
+*/
+	jmp		2f		
+1:
+	// Continue chaining to successive words.
+	pxor	ve3, ve4
+	movd	ve4, 4*4(E, offset)
+	pxor	ve4, ve5
+	movd	ve5, 5*4(E, offset)
+2:
+	add		$1, R				// Advance pointer.
+	movd	ve5, dr				// Put previous word into dissection register.
+	movzx	(R), t0				// Get round constant.
+	movd	t0d, vt1
+	pxor	vt1, ve0			// XOR with word from six words back.
+
+	// Perform SubWord(RotWord(dr)).
+	movzx	drl, t0d
+	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
+	movzx	drh, t0d
+	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
+	shr		$16, dr
+	movzx	drl, t0d
+	pxor	vt1, vt0
+	pxor	vt0, ve0
+	movd	LookupS(1, t0), vt0		// Look up byte 2 in table 1.
+	movzx	drh, t0d
+	movd	LookupS(2, t0), vt1		// Look up byte 3 in table 2.
+	pxor	vt1, vt0
+	pxor	vt0, ve0
+
+	add		$6*4, offset
+
+	// Chain to successive words.
+	movd	ve0, 0*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 1*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 2*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 3*4(E, offset)
+
+	jne		1b
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64
+	#endif
+	pop		r5
+
+	ret
+
+
+// Reset definitions for next case.
+#undef	ve4
+#undef	ve5
+#define	vt3	%xmm4
+#define	vt2	%xmm5
+
+
+EKeyHas8Words:
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 0*4(E)
+	movd	ve1, 1*4(E)
+	movd	ve2, 2*4(E)
+	movd	ve3, 3*4(E)
+	movd	4*4(K), ve0
+	movd	5*4(K), ve1
+	movd	6*4(K), ve2
+	movd	7*4(K), ve3
+
+	// K cannot be used after we write to R, since they use the same register.
+
+	#if defined __i386__
+		// Get address of 0 in R.
+			call	0f			// Push program counter onto stack.
+		0:
+			pop		STable		// Get program counter.
+
+		lea		_AESRcon-0b(STable), R
+		lea		_AESSubBytesWordTable-0b(STable), STable
+
+	#elif defined __x86_64__
+
+		lea		_AESRcon(%rip), R
+		lea		_AESSubBytesWordTable(%rip), STable
+
+	#endif
+
+	/*	With an eight-word key, there are fourteen rounds (fifteen 16-byte key
+	 	blocks).
+	*/
+	mov		$-14*4*4, offset
+	sub		offset, E
+
+	// Store initial words of expanded key, which are copies of user's key.
+	movd	ve0, 4*4(E, offset)
+	movd	ve1, 5*4(E, offset)
+	movd	ve2, 6*4(E, offset)
+	movd	ve3, 7*4(E, offset)
+
+/*	Jump into loop body.  The key expansion processes eight four-byte words per
+	iteration.  60 are needed in the key.  So only four are needed in the last
+	iteration.
+*/
+	jmp		2f		
+1:
+	movd	ve3, dr				// Put previous word into dissection register.
+
+	/*	Get word from eight words back (it is four words back from where E
+	 	currently points, and we use it to prepare the value to be stored
+		four words beyond where E currently points).
+	*/
+	movd	-4*4(E, offset), ve0
+
+	// Perform SubWord(dr).
+	movzx	drl, t0
+	movd	LookupS(0, t0), vt0		// Look up byte 0 in table 0.
+	movzx	drh, t0d
+	movd	LookupS(1, t0), vt1		// Look up byte 1 in table 1.
+	shr		$16, dr
+	movzx	drl, t0d
+	movd	LookupS(2, t0), vt2		// Look up byte 2 in table 2.
+	movzx	drh, t0d
+	movd	LookupS(3, t0), vt3		// Look up byte 3 in table 3.
+	pxor	vt1, vt0
+	pxor	vt3, vt2
+	pxor	vt0, ve0
+	pxor	vt2, ve0
+
+	movd	-3*4(E, offset), ve1	// Get words from eight words back.
+	movd	-2*4(E, offset), ve2
+	movd	-1*4(E, offset), ve3
+
+	// Chain to successive words.
+	movd	ve0, 4*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 5*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 6*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 7*4(E, offset)
+
+2:
+	add		$1, R				// Advance pointer.
+	movd	ve3, dr				// Put previous word into dissection register.
+	movzx	(R), t0d			// Get round constant.
+	movd	t0d, vt1
+	movd	0*4(E, offset), ve0	// Get word from eight words back.
+	pxor	vt1, ve0
+
+	// Perform SubWord(RotWord(dr)).
+	movzx	drl, t0
+	movd	LookupS(3, t0), vt0		// Look up byte 0 in table 3.
+	movzx	drh, t0d
+	movd	LookupS(0, t0), vt1		// Look up byte 1 in table 0.
+	shr		$16, dr
+	movzx	drl, t0d
+	movd	LookupS(1, t0), vt2		// Look up byte 2 in table 1.
+	movzx	drh, t0d
+	movd	LookupS(2, t0), vt3		// Look up byte 3 in table 2.
+	pxor	vt1, vt0
+	pxor	vt3, vt2
+	pxor	vt0, ve0
+	pxor	vt2, ve0
+
+	movd	1*4(E, offset), ve1
+	movd	2*4(E, offset), ve2
+	movd	3*4(E, offset), ve3
+
+	add		$8*4, offset
+
+	// Chain to successive words.
+	movd	ve0, 0*4(E, offset)
+	pxor	ve0, ve1
+	movd	ve1, 1*4(E, offset)
+	pxor	ve1, ve2
+	movd	ve2, 2*4(E, offset)
+	pxor	ve2, ve3
+	movd	ve3, 3*4(E, offset)
+
+	jne		1b
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		// Add pops of r15 to r12 if used.
+		pop		r7
+		pop		r6
+	#elif defined __x86_64
+	#endif
+	pop		r5
+
+	ret
+
+
+#undef	Address
+#undef	Argument
+#undef	E
+#undef	LocalsSize
+#undef	LookupS
+#undef	R
+#undef	RegisterSaveSize
+#undef	STable
+#undef	StackFrame
+#undef	dr
+#undef	drh
+#undef	drl
+#undef	offset
+#undef	t0
+#undef	t0d
+#undef	ve0
+#undef	ve1
+#undef	ve2
+#undef	ve3
+#undef	vt0
+#undef	vt1
+#undef	vt2
+#undef	vt3

ADDED   Source/AESedp/Intel/ReadMe.txt
Index: Source/AESedp/Intel/ReadMe.txt
==================================================================
--- /dev/null
+++ Source/AESedp/Intel/ReadMe.txt
@@ -0,0 +1,4 @@
+This directory contains implementations of core AES routines (the actual
+encryption, decryption, and key expansion) for the i386 (IA-32) and x86_64
+(EMT64) architectures.  These routines are intended to be called by routines
+in the parent directory.

ADDED   Source/AESedp/MakeData.c
Index: Source/AESedp/MakeData.c
==================================================================
--- /dev/null
+++ Source/AESedp/MakeData.c
@@ -0,0 +1,513 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define	UseAESedp	// Tell AES.h to define things for AESedp.
+#include "AES.h"
+
+
+/*	In comments below, {n} designates the Galois field element represented by
+	the byte n.  See notes about Galois field multiplication in ReadMe.txt.
+
+	So 3+5 is addition of ordinary integers, and 3+5 == 8, while {3}+{5} is
+	addition in the field, and {3} + {5} = {3 XOR 5} = {6}.)
+*/
+
+
+// Define constants for languages.
+typedef enum { C, IntelAssembly } Language;
+
+
+/*	LogBase3[i] will contain the base-three logarithm of i in the 256-element
+	Galois field defined by AES.  That is, {3}**LogBase3[i] == {3}**i.
+*/
+static Byte LogBase3[256];
+
+/*	AntilogBase3[i] will contain {3}**i in the 256-element Galois field defined
+	by AES.  It contains extra elements so that the antilog of a+b can be found
+	by looking up a+b directly, without having to reduce modulo the period, for
+	0 <= a, b < 255.
+
+	(254 is the greatest value we encounter.  Each a or b we use is the
+	base-three logarithm of some element.  As a primitive root, the powers of
+	three cycle through all non-zero elements of the field, of which there are
+	255, so the exponents cover 0 to 254 before the powers repeat.)
+*/
+static Byte AntilogBase3[254+254+1];
+
+
+static void InitializeLogTables(void)
+{
+	// log({1}) is zero, so start {p} (power) at {1} and l (logarithm) at 0.
+	Byte p = 1;
+	int l = 0;
+	do
+	{
+		// Record table entries.
+		LogBase3[p] = l;
+		AntilogBase3[l] = p;
+
+		/*	Observe that {2}*{p} is {p << 1 ^ (a & 0x80 ? 0x1b : 0)}, per notes
+			in ReadMe.txt.  We produce {3}*{p}:
+
+				{3}*{p}
+					= {1}*{p} + {2}*{p}
+					= {1}*{p} + {p << 1 ^ (a & 0x80 ? 0x1b : 0)}
+					= {p ^ p << 1 ^ (p & 0x80 ? 0x1b : 0)}.
+		*/
+		p ^= p << 1 ^ (p & 0x80 ? 0x1b : 0);
+		++l;
+
+	} while (p != 1);	// Stop when we have gone around completely.
+
+	/*	The antilogarithms are periodic with a period of 255, and we want to
+		look up elements as high as 254+254 (the largest that a sum of two
+		logarithms could be), so we replicate the table beyond the first
+		period.
+	*/
+	for (l = 255; l < 254+254; ++l)
+		AntilogBase3[l] = AntilogBase3[l-255];
+}
+
+
+/*	MultiplyByte(Byte b, Byte c) returns {b}*{c}.  It requires tables that must
+	be initialized before this routine is used.
+*/
+static Byte MultiplyByte(Byte b, Byte c)
+{
+	// Calculate product by adding logarithms, but avoid logarithms of zero.
+	return b == 0 || c == 0 ? 0 : AntilogBase3[LogBase3[b] + LogBase3[c]];
+}
+
+
+// Return {0} if {b} is {0} and the multiplicative inverse of {b} otherwise.
+static Byte InverseByte(Byte b)
+{
+	return b == 0 ? 0 : AntilogBase3[255 - LogBase3[b]];
+}
+
+
+// Perform AES' SubBytes operation on a single byte.
+static Byte SubByte(Byte b)
+{
+	unsigned int r = InverseByte(b);
+
+	// Duplicate r as a proxy for a rotate operation.
+	r = r | r<<8;
+
+	// Apply the standard's affine transformation.
+	return r ^ r>>4 ^ r>>5 ^ r>>6 ^ r>>7 ^ 0x63;
+}
+
+
+// Define and populate tables for the SubBytes and InvSubBytes operations.
+static Byte SubBytesTable[256];
+static Byte InvSubBytesTable[256];
+
+
+static void InitializeSubBytesTable(void)
+{
+	for (int i = 0; i < 256; ++i)
+		SubBytesTable[i] = SubByte((Byte) i);
+}
+
+
+static void InitializeInvSubBytesTable(void)
+{
+	for (int i = 0; i < 256; ++i)
+		InvSubBytesTable[SubByte((Byte) i)] = i;
+}
+
+
+/*	Print tables for SubBytes function providing the output byte embedded in
+	various places in a word, so that the table entries can be used with
+	fewer byte manipulations.
+*/
+static void PrintSubBytesWordTable(Language language)
+{
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// SubBytes embedded in words tables.\n"
+				"const Word AESSubBytesWordTable[4][256] =\n"
+				"{\n");
+			for (int j = 0; j < 4; ++j)
+			{
+				printf("\t{\n");
+				for (int i = 0; i < 256; ++i)
+					printf("\t\t0x%08x,\n", SubBytesTable[i] << j*8);
+				printf("\t},\n");
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// SubBytes embedded in words tables.\n"
+				"\t.globl\t_AESSubBytesWordTable\n"
+				"\t.private_extern\t_AESSubBytesWordTable\n"
+				"\t.align\t2\n"
+				"_AESSubBytesWordTable:\n");
+			for (int j = 0; j < 4; ++j)
+			{
+				printf("\t// Table %d.\n", j);
+				for (int i = 0; i < 256; ++i)
+					printf("\t.long\t0x%08x\n", SubBytesTable[i] << j*8);
+			}
+			break;
+	}
+}
+
+
+/*	Print tables for InvSubBytes function providing the output byte embedded in
+	various places in a word, so that the table entries can be used with
+	fewer byte manipulations.
+*/
+static void PrintInvSubBytesWordTable(Language language)
+{
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// InvSubBytes embedded in words tables.\n"
+				"const Word AESInvSubBytesWordTable[4][256] =\n"
+				"{\n");
+			for (int j = 0; j < 4; ++j)
+			{
+				printf("\t{\n");
+				for (int i = 0; i < 256; ++i)
+					printf("\t\t0x%08x,\n", InvSubBytesTable[i] << j*8);
+				printf("\t},\n");
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// InvSubBytes embedded in words tables.\n"
+				"\t.globl\t_AESInvSubBytesWordTable\n"
+				"\t.private_extern\t_AESInvSubBytesWordTable\n"
+				"\t.align\t2\n"
+				"_AESInvSubBytesWordTable:\n");
+			for (int j = 0; j < 4; ++j)
+			{
+				printf("\t// Table %d.\n", j);
+				for (int i = 0; i < 256; ++i)
+					printf("\t.long\t0x%08x\n", InvSubBytesTable[i] << j*8);
+			}
+			break;
+	}
+}
+
+
+// Print the round constants.
+static void PrintRcon(Language language)
+{
+	union { Byte c[4]; Word w; } t = { { 1, 0, 0, 0 } };
+
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// Round constants.\n"
+				"const Byte AESRcon[] =\n"
+				"{\n"
+				"\t0,\t// Not used, included for indexing simplicity.\n");
+			for (int i = 1; i < MaxRcon; ++i)
+			{
+				printf("\t0x%02x,\n", t.w);
+				t.c[0] = MultiplyByte(0x2, t.c[0]);
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// Round constants.\n"
+				"\t.globl\t_AESRcon\n"
+				"\t.private_extern\t_AESRcon\n"
+				"_AESRcon:\n"
+				"\t.byte\t0\t// Not used, included for indexing simplicity.\n");
+			for (int i = 1; i < MaxRcon; ++i)
+			{
+				printf("\t.byte\t0x%02x\n", t.w);
+				t.c[0] = MultiplyByte(0x2, t.c[0]);
+			}
+			break;
+	}
+}
+
+
+// Print tables for the InvMixColumn operation.
+static void PrintInvMixColumnTable(Language language)
+{
+	Word T[4][256];
+
+	for (int i = 0; i < 256; ++i)
+	{
+		union { Byte b[4]; Word w; } c;
+
+		Byte s9 = MultiplyByte(0x9, i);
+		Byte sb = MultiplyByte(0xb, i);
+		Byte sd = MultiplyByte(0xd, i);
+		Byte se = MultiplyByte(0xe, i);
+
+		c.b[0] = se;
+		c.b[1] = s9;
+		c.b[2] = sd;
+		c.b[3] = sb;
+		T[0][i] = c.w;
+
+		c.b[0] = sb;
+		c.b[1] = se;
+		c.b[2] = s9;
+		c.b[3] = sd;
+		T[1][i] = c.w;
+
+		c.b[0] = sd;
+		c.b[1] = sb;
+		c.b[2] = se;
+		c.b[3] = s9;
+		T[2][i] = c.w;
+
+		c.b[0] = s9;
+		c.b[1] = sd;
+		c.b[2] = sb;
+		c.b[3] = se;
+		T[3][i] = c.w;
+	}
+
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// Tables for InvMixColumn.\n"
+				"const Word AESInvMixColumnTable[4][256] =\n"
+				"{\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t{\n");
+				for (int j = 0; j < 256; ++j)
+					printf("\t\t0x%08x,\n", T[i][j]);
+				printf("\t},\n");
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// Tables for InvMixColumn.\n"
+				"\t.globl\t_AESInvMixColumnTable\n"
+				"\t.private_extern\t_AESInvMixColumnTable\n"
+				"\t.align\t2\n"
+				"_AESInvMixColumnTable:\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t// Table %d.\n", i);
+				for (int j = 0; j < 256; ++j)
+					printf("\t.long\t0x%08x\n", T[i][j]);
+			}
+			break;
+	}
+}
+
+
+/*	Print the tables defined AES Proposal: Rijndael, amended, 9/04/2003,
+	section 5.2.1.  These combine the MixColumn and SubBytes operations.
+*/
+static void PrintEncryptTable(Language language)
+{
+	Word T[4][256];
+
+	for (int i = 0; i < 256; ++i)
+	{
+		union { Byte b[4]; Word w; } c;
+
+		Byte s1 = SubBytesTable[i];
+		Byte s2 = MultiplyByte(0x2, s1);
+		Byte s3 = s1 ^ s2;
+
+		c.b[0] = s2;
+		c.b[1] = s1;
+		c.b[2] = s1;
+		c.b[3] = s3;
+		T[0][i] = c.w;
+
+		c.b[0] = s3;
+		c.b[1] = s2;
+		//c.b[2] = s1;
+		c.b[3] = s1;
+		T[1][i] = c.w;
+
+		c.b[0] = s1;
+		c.b[1] = s3;
+		c.b[2] = s2;
+		//c.b[3] = s1;
+		T[2][i] = c.w;
+
+		//c.b[0] = s1;
+		c.b[1] = s1;
+		c.b[2] = s3;
+		c.b[3] = s2;
+		T[3][i] = c.w;
+	}
+
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// Tables for main encryption iterations.\n"
+				"const Word AESEncryptTable[4][256] =\n"
+				"{\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t{\n");
+				for (int j = 0; j < 256; ++j)
+					printf("\t\t0x%08x,\n", T[i][j]);
+				printf("\t},\n");
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// Tables for main encryption iterations.\n"
+				"\t.globl\t_AESEncryptTable\n"
+				"\t.private_extern\t_AESEncryptTable\n"
+				"\t.align\t2\n"
+				"_AESEncryptTable:\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t// Table %d.\n", i);
+				for (int j = 0; j < 256; ++j)
+					printf("\t.long\t0x%08x\n", T[i][j]);
+			}
+			break;
+	}
+}
+
+
+/*	Print the inverse tables.  These correspond to the tables above, but for
+	decyrption.  These combine the InvSubBytes and InvMixColumn operations.
+*/
+static void PrintDecryptTable(Language language)
+{
+	Word T[4][256];
+
+	for (int i = 0; i < 256; ++i)
+	{
+		union { Byte b[4]; Word w; } c;
+
+		Byte si = InvSubBytesTable[i];
+
+		Byte s9 = MultiplyByte(0x9, si);
+		Byte sb = MultiplyByte(0xb, si);
+		Byte sd = MultiplyByte(0xd, si);
+		Byte se = MultiplyByte(0xe, si);
+
+		c.b[0] = se;
+		c.b[1] = s9;
+		c.b[2] = sd;
+		c.b[3] = sb;
+		T[0][i] = c.w;
+
+		c.b[0] = sb;
+		c.b[1] = se;
+		c.b[2] = s9;
+		c.b[3] = sd;
+		T[1][i] = c.w;
+
+		c.b[0] = sd;
+		c.b[1] = sb;
+		c.b[2] = se;
+		c.b[3] = s9;
+		T[2][i] = c.w;
+
+		c.b[0] = s9;
+		c.b[1] = sd;
+		c.b[2] = sb;
+		c.b[3] = se;
+		T[3][i] = c.w;
+	}
+
+	switch (language)
+	{
+		case C:
+			printf("\n\n"
+				"// Tables for main decryption iterations.\n"
+				"const Word AESDecryptTable[4][256] =\n"
+				"{\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t{\n");
+				for (int j = 0; j < 256; ++j)
+					printf("\t\t0x%08x,\n", T[i][j]);
+				printf("\t},\n");
+			}
+			printf("};\n");
+			break;
+
+		case IntelAssembly:
+			printf("\n\n"
+				"// Tables for main decryption iterations.\n"
+				"\t.globl\t_AESDecryptTable\n"
+				"\t.private_extern\t_AESDecryptTable\n"
+				"\t.align\t2\n"
+				"_AESDecryptTable:\n");
+			for (int i = 0; i < 4; ++i)
+			{
+				printf("\t// Table %d.\n", i);
+				for (int j = 0; j < 256; ++j)
+					printf("\t.long\t0x%08x\n", T[i][j]);
+			}
+			break;
+	}
+}
+
+
+static void Usage(const char *ProgramName)
+{
+	fprintf(stderr,
+		"%s:  This program must have exactly one argument, \"C\" to generate\n"
+		"C or \"Intel\" to generate GCC i386/x86_64 assembly.\n", ProgramName);
+	exit(EXIT_FAILURE);
+}
+
+
+int main(int argc, char *argv[])
+{
+	if (argc != 2)
+		Usage(argv[0]);
+
+	Language language;
+
+	// Figure out which language to generate, C or Intel assembly.
+	if (0 == strcmp(argv[1], "C"))
+		language = C;
+	else if (0 == strcmp(argv[1], "Intel"))
+		language = IntelAssembly;
+	else
+		Usage(argv[0]);
+
+	printf("// This file was generated by " __FILE__ ".\n");
+
+	if (language == C)
+		printf("\n\n#include \"AES.h\"\n");
+
+	if (language == IntelAssembly)
+		printf("\n\n\t.const\n");
+
+	InitializeLogTables();
+	InitializeSubBytesTable();
+	InitializeInvSubBytesTable();
+
+	PrintRcon(language);
+	PrintInvMixColumnTable(language);
+	PrintEncryptTable(language);
+	PrintDecryptTable(language);
+	PrintSubBytesWordTable(language);
+	PrintInvSubBytesWordTable(language);
+
+	return 0;
+}

ADDED   Source/AESedp/ReadMe.txt
Index: Source/AESedp/ReadMe.txt
==================================================================
--- /dev/null
+++ Source/AESedp/ReadMe.txt
@@ -0,0 +1,54 @@
+This directory contains an implementation of AES intended to plug into the
+CommonCrypto interface.  This main directory contains a C implementation which
+is not particularly fast but which works and illustrates the techniques used.
+The Intel subdirectory contains routines providing a fast implementation for
+the i386 (IA-32) and x86_64 (EMT64) architectures.  The Intel routines replace
+certain routines in AES.c when UseAESedp_IntelAssembly is defined in AES.h and
+UseAESedp_GeneralC is not defined.
+
+Below is a summary of some of the arithmetic used in AES.  This is not an
+introduction to AES, just a note about why we use bitwise XOR for "addition" of
+AES elements and various expressions for "multiplication."
+
+AES defines a 256-element Galois field over the integers modulo 2 modulo the
+polynomial p(x) = x**8 + x**4 + x**3 + x + 1.  This means:
+
+	Only the residues modulo 2 of the coefficients are relevant, so each
+	coefficient is effectively either 0 or 1.  1+1 yields zero.
+
+	Only the residues modulo p(x) of the polynomials are relevant, so each
+	polynomial is effectively a degree-seven or less polynomial.  (Any result,
+	say from multiplication, that yields a polynomial with a term x**8 or
+	greater is reduced by dividing it by p(x).)
+
+	Each element of the field is a polynomial with eight coefficients (for
+	each power of x from x**7 to x**0), and each coefficients is a single bit.
+	So we can represent an element in an eight-bit byte.
+
+	XORing two bytes is the same as adding two polynomials.
+
+	To multiply a polynomial by x, shift the byte left one bit.  If the x**8
+	bit is on, then subtract p(x), which is represented by 0x11b.  (No more
+	than one subtraction is needed, because the x**8 coefficient is at most
+	one.)  Equivalently:
+
+		unsigned char MultiplyByX(unsigned char b)
+		{ return b << 1 ^ (b & 0x80 ? 0x1b : 0); }
+
+	Two polynomials can be multiplied by using the above operations to
+	multiply by powers of x and add appropriate powers.
+
+AES defines another field with polynomials whose coefficients are elements in
+the previous Galois field.  This larger field has a characteristic polynomial
+of x**4 + 1.  This means:
+
+	Elements in this field have four coefficients, each of which can be
+	represented by a byte.
+
+	Elements are added by adding their coefficients, which are adding by XORing
+	their byte representations.  So an XOR of two four-byte words containing
+	the representations of two elements is the sum of the two elements.
+
+	Because the characteristic polynomial is x**4 + 1 and b == -b in this
+	field, multiplying a polynomial by x effectively rotates the four bytes
+	that represent it left one byte.

ADDED   Source/AESedp/makefile
Index: Source/AESedp/makefile
==================================================================
--- /dev/null
+++ Source/AESedp/makefile
@@ -0,0 +1,29 @@
+default:
+	@echo This makefile builds Data.c and Intel/Data.s, which contain constant
+	@echo data for the AES implementation.  These files do not normally need to
+	@echo be rebuilt, so they are checked into the source code repository.  They
+	@echo should be changed only when the implementation changes and needs
+	@echo data in a different format.
+	@echo
+	@echo To rebuild the files, execute "make all".
+
+.PHONY:	all clean
+Targets = Data.c Intel/Data.s
+all:	$(Targets)
+
+CFLAGS += -O3 -std=c99 -Wmost -Werror
+
+.INTERMEDIATE:	MakeData
+MakeData:	MakeData.c
+
+# Do not leave bad output files if the build fails.
+.DELETE_ON_ERROR:	$(Targets)
+
+Data.c:	MakeData
+	./$< >$@ C
+
+Intel/Data.s:	MakeData
+	./$< >$@ Intel
+
+clean:
+	-rm $(Targets)

ADDED   Source/BlockCipher.c
Index: Source/BlockCipher.c
==================================================================
--- /dev/null
+++ Source/BlockCipher.c
@@ -0,0 +1,819 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BlockCipher.c - CommonCryptor service provider for block ciphers.
+ *
+ * Created 3/20/2006 by Doug Mitchell.
+ */
+
+#include <CommonCrypto/CommonCryptor.h>
+#include "CommonCryptorPriv.h"
+#include <stdlib.h>
+#include <strings.h>
+#include <CommonCrypto/opensslDES.h>	/* SPI */
+#include <CommonCrypto/ccCast.h>		/* SPI */
+#include <CommonCrypto/ccRC2.h>		/* SPI */
+#include <CommonCrypto/aesopt.h>
+
+#include <stddef.h>					/* for offsetof() */
+#include <stdbool.h>
+
+/* select an AES implementation */
+#define AES_GLADMAN_STD		0
+#define AES_GLADMAN_NEW		1
+
+#if		AES_GLADMAN_STD
+#include <AES/ccRijndaelGladman.h>
+#elif	AES_GLADMAN_NEW
+#include <CommonCrypto/aesopt.h>
+#endif
+
+#define CC_DEBUG	0
+#if		CC_DEBUG
+#include <stdio.h>
+
+#define dprintf(args...)	printf(args)
+#else
+#define dprintf(args...)
+#endif	/* CC_DEBUG */
+
+/*
+ * To avoid dynamic allocation of buffers, we just hard-code the 
+ * knowledge of the max block size here. This must be kept up to date
+ * with block sizes of algortihms that are added to this module.
+ */
+#define CC_MAX_BLOCK_SIZE	kCCBlockSizeAES128
+
+static void ccBlockCipherProcessOneBlock(
+	void *ctx,
+	const void *blockIn,
+	void *blockOut);
+
+/* 
+ * The functions a symmetric encryption algorithm must implement
+ * to work with this module. Single-block encrypt and decrypt are of the form
+ * bcProcessBlockFcn. Multi-block encrypt and decrypt are of the form
+ * bcProcessBlocksFcn. Exactly one pair of (bcProcessBlockFcn, 
+ * bcProcessBlocksFcn) functions is avaialble for a given cipher. 
+ * The keyLength arg to bcSetKeyFcn is in bytes.
+ */
+typedef int (*bcSetKeyFcn)(
+	void *ctx, 
+	const void *rawKey, 
+	size_t keyLength, 
+	int forEncrypt);
+/* 
+ * This is used for algorithms that perform their own CBC. If this is not called,
+ * ECB is assumed.
+ */
+typedef void (*bcSetIvFcn)(
+	void *ctx,
+	int forEncrypt, 
+	const void *iv);
+	
+/* process one block */
+typedef void (*bcProcessBlockFcn)(
+	void *ctx, 
+	const void *blockIn, 
+	void *blockOut);
+	
+/* process multiple blocks */
+typedef void (*bcProcessBlocksFcn)(
+	void *ctx, 
+	const void *blocksIn, 
+	size_t numBlocks, 
+	void *blocksOut);
+
+/*
+ * Everything we need to know about an algorithm.
+ */
+typedef struct {
+	CCAlgorithm			alg;
+	size_t				blockSize;
+	size_t				minKeySize;
+	size_t				maxKeySize;
+	bool				algDoesCbc;	/* algorithm does CBC itself */
+	bcSetKeyFcn			setKey;
+	bcSetIvFcn			setIv;
+	bcProcessBlockFcn	encrypt;
+	bcProcessBlockFcn	decrypt;
+	bcProcessBlocksFcn	encryptBlocks;
+	bcProcessBlocksFcn	decryptBlocks;
+	size_t				ctxSize;	/* size of alg-specific context */
+} CCAlgInfo;
+
+/* 
+ * The list of algorithms we know about.
+ * The casts for the function pointers are necessary to allow
+ * implementations to keep meaningful context pointers (and,
+ * possibly, char * in/out pointers) in their interfaces. 
+ */
+static const CCAlgInfo bcAlgInfos[] = 
+{
+	/* AES with 128-bit blocks */
+	{ kCCAlgorithmAES128, kCCBlockSizeAES128, kCCKeySizeAES128, kCCKeySizeAES256,
+	  true,
+	  (bcSetKeyFcn)aes_cc_set_key,
+	  (bcSetIvFcn)aes_cc_set_iv,
+	  ccBlockCipherProcessOneBlock, 
+	  ccBlockCipherProcessOneBlock,
+	  (bcProcessBlocksFcn)aes_cc_encrypt,
+	  (bcProcessBlocksFcn)aes_cc_decrypt,
+	  sizeof(aes_cc_ctx)
+	},
+	/* DES */
+	{ kCCAlgorithmDES, kCCBlockSizeDES, kCCKeySizeDES, kCCKeySizeDES, 
+	  false, 
+	  (bcSetKeyFcn)osDesSetkey,
+	  NULL,
+	  (bcProcessBlockFcn)osDesEncrypt,
+	  (bcProcessBlockFcn)osDesDecrypt,
+	  NULL, NULL,
+	  sizeof(DES_key_schedule)
+	},
+	/* Triple DES EDE */
+	{ kCCAlgorithm3DES, kCCBlockSize3DES, kCCKeySize3DES, kCCKeySize3DES, 
+	  false,
+	  (bcSetKeyFcn)osDes3Setkey,
+	  NULL,
+	  (bcProcessBlockFcn)osDes3Encrypt,
+	  (bcProcessBlockFcn)osDes3Decrypt,
+	  NULL, NULL,
+	  sizeof(DES3_Schedule)
+	},
+	/* CAST */
+	{ kCCAlgorithmCAST, kCCBlockSizeCAST, kCCKeySizeMinCAST, kCCKeySizeMaxCAST,
+	  false,
+	  (bcSetKeyFcn)cast_cc_set_key,
+	  NULL,
+	  (bcProcessBlockFcn)cast_cc_encrypt,
+	  (bcProcessBlockFcn)cast_cc_decrypt,
+	  NULL, NULL,
+	  sizeof(CAST_KEY)
+	},
+	/* RC2 */
+	{ kCCAlgorithmRC2, kCCBlockSizeRC2, kCCKeySizeMinRC2, kCCKeySizeMaxRC2,
+	  false,
+	  (bcSetKeyFcn)rc2_cc_set_key,
+	  NULL,
+	  (bcProcessBlockFcn)rc2_cc_encrypt,
+	  (bcProcessBlockFcn)rc2_cc_decrypt,
+	  NULL, NULL,
+	  sizeof(RC2_Schedule)
+	}
+};
+#define NUM_CC_ALG_INFOS	(sizeof(bcAlgInfos) / sizeof(bcAlgInfos[0]))
+
+/* 
+ * Runtime context. This follows CommonCryptor's CCCryptor struct, but
+ * we don't need to know that here. 
+ */
+struct _CCBlockCipherContext {
+	const CCAlgInfo		*algInfo;
+	bcProcessBlockFcn	update;	
+	bcProcessBlocksFcn	updateBlocks;	
+	uint8_t				inBuf[CC_MAX_BLOCK_SIZE];		/* for buffering input */
+	size_t				inBufSize;						/* valid bytes in inBuf */
+	uint8_t				chainBuf[CC_MAX_BLOCK_SIZE];	/* for CBC */
+	bool				encrypting;
+	bool				pkcsPad;
+	bool				cbc;					/* what caller asked for */
+	bool				doCbc;					/* cbc & !algInfo->algDoesCbc */
+	char				algCtx[1];				/* start of alg-specific context */
+};
+typedef struct _CCBlockCipherContext *CCBlockCipherContext;
+
+#define MAC_BLOCK_SIZE	32
+
+/* set IV per ctx->encrypting */
+static void ccBlockCipherSetIV(
+	CCBlockCipherContext ctx,
+	const void *iv)
+{
+	uint8_t *buf;
+	uint8_t blockSize;
+	
+	if(ctx->algInfo->algDoesCbc) {
+		uint8_t nullIv[MAC_BLOCK_SIZE];
+		
+		if(iv == NULL) {
+			/* NULL IV semantics does not apply at the CCAlgInfo layer */
+			memset(nullIv, 0, sizeof(nullIv));
+			iv = nullIv;
+		}
+		ctx->algInfo->setIv(ctx->algCtx, ctx->encrypting, iv);
+		return;
+	}
+	
+	/* IV ==> inBuf for encrypt, chainBuf for decrypt */
+	blockSize = ctx->algInfo->blockSize;
+	if(ctx->encrypting) {
+		buf = ctx->inBuf;
+	}
+	else {
+		buf = ctx->chainBuf;
+	}
+	
+	/* actual IV is optional */
+	if(iv == NULL) {
+		memset(buf, 0, blockSize);
+	}
+	else {
+		memmove(buf, iv, blockSize);
+	}
+}
+
+/* locate CCAlgInfo for a given algorithm */
+static const CCAlgInfo *ccBlockCipherFindAlgInfo(
+	CCAlgorithm alg)
+{
+	const CCAlgInfo *algInfo = bcAlgInfos;
+	unsigned dex;
+
+	for(dex=0; dex<NUM_CC_ALG_INFOS; dex++) {
+		if(algInfo->alg == alg) {
+			return algInfo;
+		}
+		algInfo++;
+	}
+	return NULL;
+}
+
+/*
+ * One-block encrypt/decrypt for algorithms that don't provide it 
+ * themselves.
+ */
+static void ccBlockCipherProcessOneBlock(
+	void *ctx,
+	const void *blockIn,
+	void *blockOut)
+{
+	/* The ctx we've been given is the algCtx; we need a CCBlockCipherContext...*/
+	char *ourCtx = (char *)ctx - offsetof(struct _CCBlockCipherContext, algCtx);
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ourCtx;
+	cryptCtx->updateBlocks(ctx, blockIn, 1, blockOut);
+}
+
+/* service provider interface */
+
+/* 
+ * Determine SPI-specific context size, including algorithm-specific
+ * context.
+ */
+static CCCryptorStatus CCBlockCipherContextSize(
+	CCOperation op, 
+	CCAlgorithm alg, 
+	size_t *ctxSize)
+{
+	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
+	
+	if(algInfo == NULL) {
+		return kCCParamError;
+	}
+	*ctxSize = offsetof(struct _CCBlockCipherContext, algCtx) + algInfo->ctxSize;
+	return kCCSuccess;
+}
+
+static CCCryptorStatus CCBlockCipherInit(
+	void *ctx,
+	CCOperation op,			/* kCCEncrypt, kCCDecrypt */
+	CCAlgorithm alg,		/* kCCAlgorithmDES, etc. */
+	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
+	const void *key,		/* raw key material */
+	size_t keyLength,	
+	const void *iv)			/* optional initialization vector */
+{
+	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
+	
+	if((algInfo == NULL) || (key == NULL)) {
+		return kCCParamError;
+	}
+	if((keyLength < algInfo->minKeySize) || 
+	   (keyLength > algInfo->maxKeySize)) {
+		return kCCParamError;
+	}
+	cryptCtx->algInfo = algInfo;
+	switch(op) {
+		case kCCEncrypt:
+			cryptCtx->update = algInfo->encrypt;
+			cryptCtx->updateBlocks = algInfo->encryptBlocks;
+			cryptCtx->encrypting = true;
+			break;
+		case kCCDecrypt:
+			cryptCtx->update = algInfo->decrypt;
+			cryptCtx->updateBlocks = algInfo->decryptBlocks;
+			cryptCtx->encrypting = false;
+			break;
+		default:
+			return kCCParamError;
+	}
+	cryptCtx->pkcsPad = (options & kCCOptionPKCS7Padding) ? true : false;
+	if(!(options & kCCOptionECBMode)) {
+		cryptCtx->cbc = true;
+		if(algInfo->algDoesCbc) {
+			cryptCtx->doCbc = false;
+		}
+		else {
+			cryptCtx->doCbc = true;
+		}
+	}
+	else {
+		cryptCtx->cbc = false;
+		cryptCtx->doCbc = false;
+	}
+	cryptCtx->inBufSize = 0;
+	
+	/* perform key schedule */
+	if(algInfo->setKey(cryptCtx->algCtx, key, keyLength, cryptCtx->encrypting)) {
+		/* assume only error is bad key length */
+		return kCCParamError;
+	}
+	/* then IV if necessary */
+	if(cryptCtx->cbc) {
+		ccBlockCipherSetIV(cryptCtx, iv);
+	}
+	return kCCSuccess;
+}
+
+static CCCryptorStatus CCBlockCipherRelease(
+	void *ctx)
+{
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
+
+	memset(cryptCtx, 0, 
+		offsetof(struct _CCBlockCipherContext, algCtx) + cryptCtx->algInfo->ctxSize - 1);
+	return kCCSuccess;
+}
+
+/* 
+ * Update, arbitrary input size.
+ * This always leaves data in ctx->inBuf if we're decrypting and 
+ * padding is enabled. 
+ */
+static CCCryptorStatus CCBlockCipherUpdate(
+	void *ctx,
+	const void *dataIn,
+	size_t dataInLen,
+	void *dataOut,           /* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)		/* number of bytes written */
+{
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
+	uint8_t		*uInp = (uint8_t *)dataIn;
+	uint8_t		*uOutp = (uint8_t *)dataOut;
+	size_t	 	uInSize = dataInLen;	// input bytes to go
+	size_t 		uOutSize = 0;			// ouput bytes generated
+	size_t		uOutLeft = dataOutAvailable;	// bytes remaining in outp
+	size_t 		toMove;
+	size_t		blocks;
+	unsigned	i;
+	bool		needLeftOver;
+	const CCAlgInfo	*algInfo;
+	size_t		blockSize;
+	unsigned	leftOver;
+	
+	if((dataIn == NULL) || (dataOut == NULL) || (dataOutMoved == NULL)) {
+		return kCCParamError;
+	}
+	needLeftOver = !cryptCtx->encrypting && cryptCtx->pkcsPad;
+	algInfo = cryptCtx->algInfo;
+	blockSize = algInfo->blockSize;
+	
+	/* 
+	 * First make sure the caller has provided enough output buffer. 
+	 * This routine only outputs complete blocks, and each output
+	 * block requires a full block of input. 
+	 */
+	size_t totalInBytes = dataInLen + cryptCtx->inBufSize;	
+	size_t totalBlocks = totalInBytes / blockSize;		/* truncated! */
+	if(needLeftOver && (totalBlocks > 0)) {
+		/* subtract one block that we keep for Final(), but only if 
+		 * totalInBytes is well aligned - if it's not, we process
+		 * the bufferred block */
+		if((totalBlocks * blockSize) == totalInBytes) {
+			totalBlocks--;
+		}
+	}
+	size_t totalOutBytes = totalBlocks * blockSize;
+	
+	#if 0
+	dprintf("dataInLen %lu inBufSize %lu totalBlocks %lu dataOutAvailable %lu\n",
+		(unsigned long)dataInLen, (unsigned long)cryptCtx->inBufSize,
+		(unsigned long)totalBlocks, (unsigned long)dataOutAvailable);
+	#endif
+	
+	if(totalOutBytes > dataOutAvailable) {
+		dprintf("CCBlockCipherUpdate: o/f encr %d totalOutBytes %lu dataOutAvailable %lu\n",
+			cryptCtx->encrypting, totalOutBytes, dataOutAvailable);
+		return kCCBufferTooSmall;
+	}
+	
+	/* first deal with pending data */
+	if(cryptCtx->inBufSize) {
+		/* attempt to fill inBuf from inp */
+		toMove = blockSize - cryptCtx->inBufSize;
+		if(toMove > uInSize) {
+			toMove = uInSize;
+		}
+		if(cryptCtx->encrypting && cryptCtx->doCbc) {
+			/* xor into last cipherblock or IV */
+			uint8_t *dst = &cryptCtx->inBuf[cryptCtx->inBufSize];
+			for(i=0; i<toMove; i++) {
+				*dst ^= *uInp++;
+				dst++;
+			}
+		}
+		else {
+			/* use incoming data as is */
+			memmove(cryptCtx->inBuf+cryptCtx->inBufSize, uInp, toMove);
+			uInp += toMove;
+		}
+		uInSize             -= toMove;
+		cryptCtx->inBufSize += toMove;
+		
+		/* 
+		 * Process inBuf if it's full, but skip if no more data in uInp and
+		 * inBuf might be needed for unpadding on decrypt.
+		 */
+		if((cryptCtx->inBufSize == blockSize) && !((uInSize == 0) && needLeftOver)) {
+			if(uOutLeft < blockSize) {
+				/* output overflow - shouldn't happen (we checked) */
+				dprintf("kCCBufferTooSmall 3: uOutLeft %lu\n", 
+					(unsigned long)uOutLeft);
+				return kCCBufferTooSmall;
+			}
+			cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, uOutp);
+			if(cryptCtx->doCbc) {
+				if(cryptCtx->encrypting) {
+					/* save ciphertext for chaining next block */
+					memmove(cryptCtx->inBuf, uOutp, blockSize);
+				}
+				else {
+					/* xor in last ciphertext */
+					uint8_t *src = cryptCtx->chainBuf;
+					for(i=0; i<blockSize; i++) {
+						uOutp[i] ^= *src++;
+					}
+					/* save this ciphertext for next chain */
+					memmove(cryptCtx->chainBuf, cryptCtx->inBuf, blockSize);
+				}
+			}
+			uOutSize += blockSize;
+			uOutp    += blockSize;
+			uOutLeft -= blockSize;
+			cryptCtx->inBufSize = 0;
+		}
+	}	/* processing inBuf */
+	
+	if(uInSize == 0) {
+		/* done */
+		*dataOutMoved = uOutSize;
+		return kCCSuccess;
+	}
+	
+	/* 
+	 * en/decrypt even blocks in (remaining) inp.  
+	 */
+	leftOver = uInSize % blockSize;
+	if((leftOver == 0) && needLeftOver) {
+		/* 
+		 * Even blocks coming in, but we really need to leave some data
+		 * in the buffer because we're decrypting with PKCS padding). 
+		 * Save one block for inBuf.
+		 */
+		leftOver = blockSize; 
+	}
+	toMove = uInSize - leftOver;
+	blocks = toMove / blockSize;
+	if(cryptCtx->updateBlocks && !cryptCtx->doCbc && (blocks != 0)) {
+		/* optimized multi block processing */
+		size_t thisMove = blocks * blockSize;
+		cryptCtx->updateBlocks(cryptCtx->algCtx, uInp, blocks, uOutp);
+		uOutSize += thisMove;
+		uOutp    += thisMove;
+		uInp	 += thisMove;
+		uOutLeft -= thisMove;
+		toMove   -= thisMove; 
+	}
+	else if(cryptCtx->encrypting) {
+		/* encrypt a block at a time */
+		while(toMove) {
+			if(uOutLeft < blockSize) {
+				/* output overflow - shouldn't happen (we checked) */
+				dprintf("kCCBufferTooSmall 1: uOutLeft %lu\n", 
+					(unsigned long)uOutLeft);
+				return kCCBufferTooSmall;
+			}
+			if(!cryptCtx->doCbc) {
+				/* encrypt directly from input to output */
+				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
+			}
+			else {
+				/* xor into last ciphertext, encrypt the result */
+				uint8_t *dst = cryptCtx->inBuf;
+				for(i=0; i<blockSize; i++) {
+					*dst ^= uInp[i];
+					dst++;
+				}
+				cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, uOutp);
+				
+				/* save new ciphertext for next chain */
+				memmove(cryptCtx->inBuf, uOutp, blockSize);
+			}
+			uOutSize += blockSize;
+			uOutp    += blockSize;
+			uInp	 += blockSize;
+			uOutLeft -= blockSize;
+			toMove   -= blockSize; 
+		}	/* main encrypt loop */
+	}	
+	else {
+		/* decrypt a block at a time */
+		while(toMove) {
+			if(uOutLeft < blockSize) {
+				/* output overflow - we already checked */
+				dprintf("kCCBufferTooSmall 2: uOutLeft %lu toMove %lu\n", 
+					(unsigned long)uOutLeft, (unsigned long)toMove);
+				return kCCBufferTooSmall;
+			}
+			if(cryptCtx->doCbc) {
+				uint8_t *src = cryptCtx->chainBuf;
+				
+				/* save this ciphertext for chain; don't assume in != out */
+				memmove(cryptCtx->inBuf, uInp, blockSize);
+				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
+				
+				/* chain in previous ciphertext */
+				for(i=0; i<blockSize; i++) {
+					uOutp[i] ^= *src++;
+				}
+				
+				/* save current ciphertext for next block */
+				memmove(cryptCtx->chainBuf, cryptCtx->inBuf, blockSize);
+			}
+			else {
+				/* ECB */
+				cryptCtx->update(cryptCtx->algCtx, uInp, uOutp);
+			}
+			uOutSize += blockSize;
+			uOutp    += blockSize;
+			uInp	 += blockSize;
+			uOutLeft -= blockSize;
+			toMove   -= blockSize; 
+		}	/* main decrypt loop */
+	}
+	
+	/* leftover bytes from inp --> inBuf */
+	if(leftOver) {
+		if(cryptCtx->encrypting && cryptCtx->doCbc) {
+			/* xor into last cipherblock or IV */
+			uint8_t *dst = cryptCtx->inBuf;
+			for(i=0; i<leftOver; i++) {
+				*dst ^= *uInp++;
+				dst++;
+			}
+		}
+		else {
+			memmove(cryptCtx->inBuf, uInp, leftOver);
+		}
+	}
+	cryptCtx->inBufSize = leftOver;
+	*dataOutMoved = uOutSize;
+	return kCCSuccess;
+}
+
+static CCCryptorStatus CCBlockCipherFinal(
+   void *ctx,
+   void *dataOut,           /* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)		/* number of bytes written */
+{
+	size_t			uOutSize = 0;			// ouput bytes generated
+	size_t			actMoved;
+	unsigned		i;
+	const CCAlgInfo	*algInfo;
+	size_t			blockSize;
+	CCCryptorStatus	ourRtn = kCCSuccess;
+	CCBlockCipherContext	cryptCtx = (CCBlockCipherContext)ctx;
+	
+	if((dataOut == NULL) || (dataOutMoved == NULL)) {
+		return kCCParamError;
+	}
+	algInfo = cryptCtx->algInfo;
+	blockSize = algInfo->blockSize;
+	
+	if(cryptCtx->encrypting) {
+		/* 
+		 * First ensure that the caller provided sufficient output
+		 * buffer space. 
+		 * If we have any bufferred input, or we are doing padding, 
+		 * the output is exactly one block. Otherwise the output
+		 * is zero.
+		 */
+		size_t required = 0;
+		if((cryptCtx->inBufSize != 0) || (cryptCtx->pkcsPad)) {
+			required = blockSize;
+		}
+		if(required > dataOutAvailable) {
+			dprintf("CCBlockCipherFinal: o/f (1): required %lu dataOutAvailable %lu\n",
+				required, dataOutAvailable);
+			return kCCBufferTooSmall;
+		}
+		
+		if(cryptCtx->pkcsPad) {
+			/* 
+			 * PKCS5/7 padding: pad byte = size of padding. 
+			 */
+			size_t padSize = blockSize - cryptCtx->inBufSize;
+			uint8_t *padPtr  = cryptCtx->inBuf + cryptCtx->inBufSize;
+			if(!cryptCtx->doCbc) {
+				for(i=0; i<padSize; i++) {
+					*padPtr++ = padSize;
+				}
+			}
+			else {
+				for(i=0; i<padSize; i++) {
+					*padPtr++ ^= padSize;
+				}
+			}
+			cryptCtx->inBufSize = blockSize;
+		}	/* PKCS padding */
+		
+		/*
+		 * Encrypt final inBuf. Abort if not full (meaning, padding 
+		 * is disabled and caller gave us unaligned plaintext).
+		 */
+		if(cryptCtx->inBufSize) {
+			if(cryptCtx->inBufSize != blockSize) {
+				ourRtn = kCCParamError;
+				goto errOut;
+			}
+			cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, dataOut);
+			uOutSize += blockSize;
+			cryptCtx->inBufSize = 0;
+		}
+		*dataOutMoved = uOutSize;
+	}	/* encrypting */
+	
+	else {
+		if(cryptCtx->inBufSize == 0) {
+			if(cryptCtx->pkcsPad) {
+				/* we must have never gotten a block's worth of ciphertext */
+				ourRtn = kCCParamError;
+				goto errOut;
+			}
+			else {
+				/* simple decrypt op complete */
+				*dataOutMoved = 0;
+				goto errOut;
+			}
+		}
+		
+		/*
+		 * Decrypt - must have exactly one block of ciphertext.
+		 */
+		if(cryptCtx->inBufSize != blockSize) {
+			ourRtn = kCCParamError;
+			goto errOut;
+		}
+		if(dataOutAvailable < blockSize) {
+			dprintf("CCBlockCipherFinal: o/f (2): dataOutAvailable %lu\n", 
+				(unsigned long)dataOutAvailable);
+			return kCCBufferTooSmall;
+		}
+
+		cryptCtx->update(cryptCtx->algCtx, cryptCtx->inBuf, dataOut);
+		if(cryptCtx->doCbc) {
+			/* chain in previous ciphertext one more time */
+			uint8_t *src = cryptCtx->chainBuf;
+			uint8_t *dst = dataOut;
+			for(i=0; i<blockSize; i++) {
+				*dst ^= *src++;
+				dst++;
+			}
+		}
+		actMoved = blockSize;
+		if(cryptCtx->pkcsPad) {
+			/* ensure integrity of padding byte(s) */
+			unsigned char *cp = (unsigned char *)dataOut;
+			unsigned padSize = cp[blockSize - 1];
+			if(padSize > blockSize) {
+				/* result of garbled ciphertext or wrong key */
+				ourRtn = kCCDecodeError;
+				goto errOut;
+			}
+			uint8_t *padPtr = cp + blockSize - padSize;
+			unsigned i;
+			for(i=0; i<padSize; i++) {
+				if(*padPtr++ != padSize) {
+					ourRtn = kCCDecodeError;
+					goto errOut;
+				}
+			}
+			actMoved -= padSize;
+		}
+		*dataOutMoved = actMoved;
+	}	/* decrypting */
+	
+errOut:
+	return ourRtn;
+}
+
+static CCCryptorStatus CCBlockCipherReset(
+	void *ctx,
+	const void *iv)
+{
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
+
+	if(cryptCtx->cbc) {
+		ccBlockCipherSetIV(cryptCtx, iv);
+	}
+	cryptCtx->inBufSize = 0;
+	return kCCSuccess;
+}
+
+/* normal OutputSize */
+static size_t CCBlockCipherOutputSize(
+	void *ctx, size_t inputLength, bool final)
+{
+	CCBlockCipherContext cryptCtx = (CCBlockCipherContext)ctx;
+	
+	size_t blockSize = cryptCtx->algInfo->blockSize;
+	size_t totalInBytes = inputLength + cryptCtx->inBufSize;	
+	size_t blocks = totalInBytes / blockSize;		/* truncated! */
+	
+	if(final && cryptCtx->encrypting && cryptCtx->pkcsPad) {
+		/* one extra block for padding as appropriate */
+		blocks++;
+	}
+	
+	/* 
+	 * Note we ignore the needLeftOver corner case calculated in Update();
+	 * we just take outputSize := inputSize, in full blocks.
+	 */
+	return blocks * blockSize;
+}
+
+/* one-shot output size */
+static CCCryptorStatus CCBlockCipherOneShotSize(
+	CCOperation op,
+	CCAlgorithm alg,
+	CCOptions options,
+	size_t inputLen,
+	size_t *outputLen)
+{
+	const CCAlgInfo *algInfo = ccBlockCipherFindAlgInfo(alg);
+	size_t totalBlocks;	
+	size_t blockSize;
+
+	if(algInfo == NULL) {
+		return kCCParamError;
+	}
+	blockSize = algInfo->blockSize;
+	totalBlocks = (inputLen + blockSize - 1) / blockSize;
+	if((op == kCCEncrypt) && (options & kCCOptionPKCS7Padding)) {
+		if((totalBlocks * blockSize) == inputLen) {
+			/* encrypting, padding, well-aligned input: add another block */
+			totalBlocks++;
+		}
+	}
+	*outputLen = totalBlocks * blockSize;
+	return kCCSuccess;
+}
+
+/* 
+ * Callouts used by CommonCryptor.
+ */
+const CCCryptSpiCallouts ccBlockCipherCallouts = 
+{
+	CCBlockCipherContextSize,
+	CCBlockCipherInit,
+	CCBlockCipherRelease,
+	CCBlockCipherUpdate,
+	CCBlockCipherFinal,
+	CCBlockCipherReset,
+	CCBlockCipherOutputSize,
+	CCBlockCipherOneShotSize
+};

ADDED   Source/BlockCipher.h
Index: Source/BlockCipher.h
==================================================================
--- /dev/null
+++ Source/BlockCipher.h
@@ -0,0 +1,47 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/* 
+ * BlockCipher.h - CommonCryptor SPI interface for block ciphers.
+ */
+
+#ifndef	_CC_BLOCK_CIPHER_
+#define	_CC_BLOCK_CIPHER_
+
+#include "CommonCryptorPriv.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * CommonCryptor access all of our functionality through these callouts. 
+ */
+extern const CCCryptSpiCallouts ccBlockCipherCallouts;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_BLOCK_CIPHER_ */
+

ADDED   Source/CAST/c_ecb.c
Index: Source/CAST/c_ecb.c
==================================================================
--- /dev/null
+++ Source/CAST/c_ecb.c
@@ -0,0 +1,83 @@
+/* crypto/cast/c_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/cast.h>
+#include "cast_lcl.h"
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+#include <openssl/opensslv.h>
+
+const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT;
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+		      CAST_KEY *ks, int enc)
+	{
+	CAST_LONG l,d[2];
+
+	n2l(in,l); d[0]=l;
+	n2l(in,l); d[1]=l;
+	if (enc)
+		CAST_encrypt(d,ks);
+	else
+		CAST_decrypt(d,ks);
+	l=d[0]; l2n(l,out);
+	l=d[1]; l2n(l,out);
+	l=d[0]=d[1]=0;
+	}
+

ADDED   Source/CAST/c_enc.c
Index: Source/CAST/c_enc.c
==================================================================
--- /dev/null
+++ Source/CAST/c_enc.c
@@ -0,0 +1,210 @@
+/* crypto/cast/c_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/cast.h>
+#include "cast_lcl.h"
+
+void CAST_encrypt(CAST_LONG *data, CAST_KEY *key)
+	{
+	register CAST_LONG l,r,*k,t;
+
+	k= &(key->data[0]);
+	l=data[0];
+	r=data[1];
+
+	E_CAST( 0,k,l,r,+,^,-);
+	E_CAST( 1,k,r,l,^,-,+);
+	E_CAST( 2,k,l,r,-,+,^);
+	E_CAST( 3,k,r,l,+,^,-);
+	E_CAST( 4,k,l,r,^,-,+);
+	E_CAST( 5,k,r,l,-,+,^);
+	E_CAST( 6,k,l,r,+,^,-);
+	E_CAST( 7,k,r,l,^,-,+);
+	E_CAST( 8,k,l,r,-,+,^);
+	E_CAST( 9,k,r,l,+,^,-);
+	E_CAST(10,k,l,r,^,-,+);
+	E_CAST(11,k,r,l,-,+,^);
+	if(!key->short_key)
+	    {
+	    E_CAST(12,k,l,r,+,^,-);
+	    E_CAST(13,k,r,l,^,-,+);
+	    E_CAST(14,k,l,r,-,+,^);
+	    E_CAST(15,k,r,l,+,^,-);
+	    }
+
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
+
+void CAST_decrypt(CAST_LONG *data, CAST_KEY *key)
+	{
+	register CAST_LONG l,r,*k,t;
+
+	k= &(key->data[0]);
+	l=data[0];
+	r=data[1];
+
+	if(!key->short_key)
+	    {
+	    E_CAST(15,k,l,r,+,^,-);
+	    E_CAST(14,k,r,l,-,+,^);
+	    E_CAST(13,k,l,r,^,-,+);
+	    E_CAST(12,k,r,l,+,^,-);
+	    }
+	E_CAST(11,k,l,r,-,+,^);
+	E_CAST(10,k,r,l,^,-,+);
+	E_CAST( 9,k,l,r,+,^,-);
+	E_CAST( 8,k,r,l,-,+,^);
+	E_CAST( 7,k,l,r,^,-,+);
+	E_CAST( 6,k,r,l,+,^,-);
+	E_CAST( 5,k,l,r,-,+,^);
+	E_CAST( 4,k,r,l,^,-,+);
+	E_CAST( 3,k,l,r,+,^,-);
+	E_CAST( 2,k,r,l,-,+,^);
+	E_CAST( 1,k,l,r,^,-,+);
+	E_CAST( 0,k,r,l,+,^,-);
+
+	data[1]=l&0xffffffffL;
+	data[0]=r&0xffffffffL;
+	}
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+/* CBC logic not needed here */
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+	     CAST_KEY *ks, unsigned char *iv, int enc)
+	{
+	register CAST_LONG tin0,tin1;
+	register CAST_LONG tout0,tout1,xor0,xor1;
+	register long l=length;
+	CAST_LONG tin[2];
+
+	if (enc)
+		{
+		n2l(iv,tout0);
+		n2l(iv,tout1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		if (l != -8)
+			{
+			n2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_encrypt(tin,ks);
+			tout0=tin[0];
+			tout1=tin[1];
+			l2n(tout0,out);
+			l2n(tout1,out);
+			}
+		l2n(tout0,iv);
+		l2n(tout1,iv);
+		}
+	else
+		{
+		n2l(iv,xor0);
+		n2l(iv,xor1);
+		iv-=8;
+		for (l-=8; l>=0; l-=8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2n(tout0,out);
+			l2n(tout1,out);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		if (l != -8)
+			{
+			n2l(in,tin0);
+			n2l(in,tin1);
+			tin[0]=tin0;
+			tin[1]=tin1;
+			CAST_decrypt(tin,ks);
+			tout0=tin[0]^xor0;
+			tout1=tin[1]^xor1;
+			l2nn(tout0,tout1,out,l+8);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		l2n(xor0,iv);
+		l2n(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+#endif	/* _APPLE_COMMON_CRYPTO_ */

ADDED   Source/CAST/c_skey.c
Index: Source/CAST/c_skey.c
==================================================================
--- /dev/null
+++ Source/CAST/c_skey.c
@@ -0,0 +1,166 @@
+/* crypto/cast/c_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/cast.h>
+#include "cast_lcl.h"
+#include "cast_s.h"
+
+#define CAST_exp(l,A,a,n) \
+	A[n/4]=l; \
+	a[n+3]=(l    )&0xff; \
+	a[n+2]=(l>> 8)&0xff; \
+	a[n+1]=(l>>16)&0xff; \
+	a[n+0]=(l>>24)&0xff;
+
+#define S4 CAST_S_table4
+#define S5 CAST_S_table5
+#define S6 CAST_S_table6
+#define S7 CAST_S_table7
+
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+	{
+	CAST_LONG x[16];
+	CAST_LONG z[16];
+	CAST_LONG k[32];
+	CAST_LONG X[4],Z[4];
+	CAST_LONG l,*K;
+	int i;
+
+	for (i=0; i<16; i++) x[i]=0;
+	if (len > 16) len=16;
+	for (i=0; i<len; i++)
+		x[i]=data[i];
+	if(len <= 10)
+	    key->short_key=1;
+	else
+	    key->short_key=0;
+
+	K= &k[0];
+	X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
+	X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
+	X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
+	X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
+
+	for (;;)
+		{
+	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+	CAST_exp(l,Z,z, 0);
+	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+	CAST_exp(l,Z,z, 4);
+	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+	CAST_exp(l,Z,z, 8);
+	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+	CAST_exp(l,Z,z,12);
+
+	K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
+	K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
+	K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
+	K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
+
+	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+	CAST_exp(l,X,x, 0);
+	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+	CAST_exp(l,X,x, 4);
+	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+	CAST_exp(l,X,x, 8);
+	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+	CAST_exp(l,X,x,12);
+
+	K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
+	K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
+	K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
+	K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
+
+	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+	CAST_exp(l,Z,z, 0);
+	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+	CAST_exp(l,Z,z, 4);
+	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+	CAST_exp(l,Z,z, 8);
+	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+	CAST_exp(l,Z,z,12);
+
+	K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
+	K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
+	K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
+	K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
+
+	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+	CAST_exp(l,X,x, 0);
+	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+	CAST_exp(l,X,x, 4);
+	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+	CAST_exp(l,X,x, 8);
+	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+	CAST_exp(l,X,x,12);
+
+	K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
+	K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
+	K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
+	K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
+	if (K != k)  break;
+	K+=16;
+		}
+
+	for (i=0; i<16; i++)
+		{
+		key->data[i*2]=k[i];
+		key->data[i*2+1]=((k[i+16])+16)&0x1f;
+		}
+	}
+

ADDED   Source/CAST/cast_lcl.h
Index: Source/CAST/cast_lcl.h
==================================================================
--- /dev/null
+++ Source/CAST/cast_lcl.h
@@ -0,0 +1,258 @@
+/* crypto/cast/cast_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifdef WIN32
+#include <stdlib.h>
+#endif
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+
+#define OPENSSL_EXTERN	extern
+//#include "openssl/e_os.h" /* OPENSSL_EXTERN */
+
+#undef c2l
+#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
+			 l|=((unsigned long)(*((c)++)))<< 8L, \
+			 l|=((unsigned long)(*((c)++)))<<16L, \
+			 l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+			case 5: l2|=((unsigned long)(*(--(c))));     \
+			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+			case 1: l1|=((unsigned long)(*(--(c))));     \
+				} \
+			}
+
+#undef l2c
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((unsigned long)(*(--(c))))    ; \
+			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+			case 4: l1 =((unsigned long)(*(--(c))))    ; \
+			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+				} \
+			}
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+				} \
+			}
+
+#undef n2l
+#if	defined(__GNUC__) && defined(__ppc__)
+/* alignment tolerant big-endian optimization */
+	#define n2l(c,l)	{ l= *((unsigned long *)c); c += 4; }
+#else
+/* little endian, etc. */
+	#define n2l(c,l)	(l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+#endif
+
+#undef l2n
+#if	defined(__GNUC__) && defined(__ppc__)
+	/* alignment tolerant big-endian optimization */
+	#define l2n(l,c)	{ *((unsigned long *)c) = l; c += 4; }
+#else
+	/* little endian, etc. */
+	#define l2n(l,c)    (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+						 
+#endif	/* GNU, big endian */
+
+#if defined(WIN32) && defined(_MSC_VER)
+#define ROTL(a,n)     (_lrotl(a,n))
+#else
+#define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
+#endif
+
+#define C_M    0x3fc
+#define C_0    22L
+#define C_1    14L
+#define C_2     6L
+#define C_3     2L /* left shift */
+
+/* The rotate has an extra 16 added to it to help the x86 asm */
+#if defined(CAST_PTR)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	int i; \
+	t=(key[n*2] OP1 R)&0xffffffffL; \
+	i=key[n*2+1]; \
+	t=ROTL(t,i); \
+	L^= (((((*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table0+((t>>C_2)&C_M)) OP2 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
+		*(CAST_LONG *)((unsigned char *) \
+			CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
+	}
+#elif defined(CAST_PTR2)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	int i; \
+	CAST_LONG u,v,w; \
+	w=(key[n*2] OP1 R)&0xffffffffL; \
+	i=key[n*2+1]; \
+	w=ROTL(w,i); \
+	u=w>>C_2; \
+	v=w<<C_3; \
+	u&=C_M; \
+	v&=C_M; \
+	t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
+	u=w>>C_0; \
+	t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
+	v=w>>C_1; \
+	u&=C_M; \
+	v&=C_M; \
+	t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
+	t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
+	L^=(t&0xffffffff); \
+	}
+#else
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+	{ \
+	CAST_LONG a,b,c,d; \
+	t=(key[n*2] OP1 R)&0xffffffff; \
+	t=ROTL(t,(key[n*2+1])); \
+	a=CAST_S_table0[(t>> 8)&0xff]; \
+	b=CAST_S_table1[(t    )&0xff]; \
+	c=CAST_S_table2[(t>>24)&0xff]; \
+	d=CAST_S_table3[(t>>16)&0xff]; \
+	L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
+	}
+#endif
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+/* CommonCrypto defines */
+#define OPENSSL_GLOBAL
+/* 
+ * These rename this tables to avoid symbols collision between libSystem 
+ * and libcrypto.
+ */
+#define CAST_S_table0	CC_CAST_S_table0
+#define CAST_S_table1	CC_CAST_S_table1
+#define CAST_S_table2	CC_CAST_S_table2
+#define CAST_S_table3	CC_CAST_S_table3
+#define CAST_S_table4	CC_CAST_S_table4
+#define CAST_S_table5	CC_CAST_S_table5
+#define CAST_S_table6	CC_CAST_S_table6
+#define CAST_S_table7	CC_CAST_S_table7
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256];
+OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256];

ADDED   Source/CAST/cast_s.h
Index: Source/CAST/cast_s.h
==================================================================
--- /dev/null
+++ Source/CAST/cast_s.h
@@ -0,0 +1,586 @@
+/* crypto/cast/cast_s.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={
+	0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
+	0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
+	0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
+	0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
+	0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
+	0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
+	0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
+	0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
+	0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
+	0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
+	0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
+	0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
+	0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
+	0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
+	0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
+	0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
+	0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
+	0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
+	0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
+	0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
+	0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
+	0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
+	0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
+	0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
+	0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
+	0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
+	0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
+	0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
+	0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
+	0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
+	0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
+	0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
+	0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
+	0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
+	0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
+	0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
+	0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
+	0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
+	0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
+	0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
+	0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
+	0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
+	0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
+	0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
+	0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
+	0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
+	0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
+	0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
+	0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
+	0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
+	0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
+	0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
+	0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
+	0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
+	0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
+	0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
+	0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
+	0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
+	0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
+	0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
+	0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
+	0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
+	0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
+	0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={
+	0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
+	0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
+	0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
+	0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
+	0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
+	0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
+	0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
+	0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
+	0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
+	0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
+	0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
+	0x62143154,0x0d554b63,0x5d681121,0xc866c359,
+	0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
+	0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
+	0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
+	0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
+	0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
+	0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
+	0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
+	0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
+	0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
+	0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
+	0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
+	0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
+	0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
+	0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
+	0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
+	0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
+	0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
+	0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
+	0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
+	0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
+	0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
+	0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
+	0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
+	0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
+	0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
+	0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
+	0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
+	0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
+	0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
+	0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
+	0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
+	0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
+	0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
+	0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
+	0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
+	0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
+	0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
+	0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
+	0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
+	0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
+	0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
+	0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
+	0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
+	0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
+	0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
+	0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
+	0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
+	0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
+	0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
+	0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
+	0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
+	0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={
+	0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
+	0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
+	0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
+	0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
+	0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
+	0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
+	0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
+	0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
+	0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
+	0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
+	0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
+	0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
+	0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
+	0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
+	0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
+	0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
+	0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
+	0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
+	0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
+	0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
+	0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
+	0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
+	0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
+	0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
+	0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
+	0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
+	0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
+	0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
+	0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
+	0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
+	0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
+	0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
+	0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
+	0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
+	0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
+	0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
+	0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
+	0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
+	0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
+	0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
+	0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
+	0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
+	0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
+	0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
+	0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
+	0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
+	0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
+	0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
+	0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
+	0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
+	0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
+	0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
+	0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
+	0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
+	0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
+	0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
+	0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
+	0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
+	0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
+	0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
+	0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
+	0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
+	0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
+	0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={
+	0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
+	0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
+	0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
+	0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
+	0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
+	0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
+	0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
+	0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
+	0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
+	0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
+	0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
+	0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
+	0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
+	0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
+	0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
+	0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
+	0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
+	0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
+	0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
+	0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
+	0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
+	0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
+	0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
+	0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
+	0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
+	0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
+	0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
+	0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
+	0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
+	0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
+	0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
+	0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
+	0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
+	0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
+	0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
+	0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
+	0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
+	0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
+	0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
+	0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
+	0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
+	0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
+	0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
+	0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
+	0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
+	0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
+	0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
+	0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
+	0x109873f6,0x00613096,0xc32d9521,0xada121ff,
+	0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
+	0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
+	0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
+	0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
+	0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
+	0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
+	0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
+	0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
+	0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
+	0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
+	0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
+	0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
+	0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
+	0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
+	0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={
+	0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
+	0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
+	0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
+	0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
+	0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
+	0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
+	0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
+	0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
+	0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
+	0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
+	0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
+	0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
+	0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
+	0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
+	0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
+	0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
+	0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
+	0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
+	0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
+	0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
+	0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
+	0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
+	0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
+	0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
+	0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
+	0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
+	0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
+	0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
+	0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
+	0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
+	0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
+	0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
+	0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
+	0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
+	0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
+	0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
+	0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
+	0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
+	0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
+	0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
+	0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
+	0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
+	0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
+	0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
+	0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
+	0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
+	0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
+	0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
+	0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
+	0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
+	0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
+	0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
+	0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
+	0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
+	0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
+	0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
+	0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
+	0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
+	0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
+	0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
+	0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
+	0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
+	0xe822fe15,0x88570983,0x750e6249,0xda627e55,
+	0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={
+	0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
+	0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
+	0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
+	0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
+	0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
+	0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
+	0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
+	0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
+	0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
+	0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
+	0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
+	0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
+	0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
+	0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
+	0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
+	0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
+	0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
+	0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
+	0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
+	0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
+	0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
+	0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
+	0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
+	0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
+	0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
+	0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
+	0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
+	0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
+	0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
+	0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
+	0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
+	0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
+	0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
+	0x20951063,0x4576698d,0xb6fad407,0x592af950,
+	0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
+	0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
+	0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
+	0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
+	0x7dede786,0xc39a3373,0x42410005,0x6a091751,
+	0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
+	0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
+	0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
+	0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
+	0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
+	0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
+	0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
+	0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
+	0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
+	0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
+	0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
+	0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
+	0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
+	0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
+	0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
+	0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
+	0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
+	0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
+	0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
+	0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
+	0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
+	0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
+	0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
+	0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
+	0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={
+	0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
+	0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
+	0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
+	0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
+	0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
+	0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
+	0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
+	0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
+	0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
+	0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
+	0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
+	0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
+	0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
+	0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
+	0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
+	0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
+	0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
+	0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
+	0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
+	0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
+	0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
+	0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
+	0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
+	0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
+	0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
+	0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
+	0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
+	0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
+	0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
+	0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
+	0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
+	0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
+	0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
+	0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
+	0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
+	0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
+	0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
+	0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
+	0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
+	0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
+	0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
+	0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
+	0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
+	0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
+	0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
+	0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
+	0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
+	0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
+	0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
+	0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
+	0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
+	0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
+	0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
+	0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
+	0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
+	0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
+	0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
+	0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
+	0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
+	0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
+	0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
+	0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
+	0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
+	0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
+	};
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={
+	0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
+	0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
+	0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
+	0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
+	0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
+	0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
+	0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
+	0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
+	0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
+	0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
+	0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
+	0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
+	0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
+	0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
+	0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
+	0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
+	0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
+	0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
+	0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
+	0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
+	0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
+	0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
+	0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
+	0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
+	0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
+	0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
+	0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
+	0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
+	0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
+	0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
+	0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
+	0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
+	0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
+	0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
+	0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
+	0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
+	0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
+	0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
+	0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
+	0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
+	0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
+	0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
+	0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
+	0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
+	0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
+	0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
+	0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
+	0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
+	0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
+	0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
+	0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
+	0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
+	0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
+	0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
+	0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
+	0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
+	0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
+	0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
+	0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
+	0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
+	0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
+	0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
+	0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
+	0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
+	};

ADDED   Source/CAST/ccCast.c
Index: Source/CAST/ccCast.c
==================================================================
--- /dev/null
+++ Source/CAST/ccCast.c
@@ -0,0 +1,54 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ccCAST.c - shim between openssl-based CAST and CommonEncryption.
+ *
+ * Created 3/30/06 by Doug Mitchell. 
+ */
+
+#include <CommonCrypto/ccCast.h>
+#include <sys/types.h>
+
+int cast_cc_set_key(
+	CAST_KEY *cx, 
+	const void *rawKey, 
+	size_t keyLength,
+	int forEncrypt)
+{
+	CAST_set_key(cx, keyLength, rawKey);
+	return 0;
+}
+
+void cast_cc_encrypt(CAST_KEY *cx, const void *blockIn, void *blockOut)
+{
+	CAST_ecb_encrypt((const unsigned char *)blockIn, (unsigned char *)blockOut,
+		cx, CAST_ENCRYPT);
+}
+
+void cast_cc_decrypt(CAST_KEY *cx, const void *blockIn, void *blockOut)
+{
+	CAST_ecb_encrypt((const unsigned char *)blockIn, (unsigned char *)blockOut,
+		cx, CAST_DECRYPT);
+}
+

ADDED   Source/CommonCrypto/CommonCryptoPriv.h
Index: Source/CommonCrypto/CommonCryptoPriv.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/CommonCryptoPriv.h
@@ -0,0 +1,37 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CommonCryptoPriv.h - private typedefs and defines for ComonCrypto 
+ */
+ 
+#ifndef	_COMMON_CRYPTO_PRIV_H_
+#define _COMMON_CRYPTO_PRIV_H_
+
+/*
+ * All CommomCrypto-specific mods to the various open source implementations
+ * in this package are flagged with this symbol.
+ */
+#define _APPLE_COMMON_CRYPTO_
+
+#endif	/* _COMMON_CRYPTO_PRIV_H_ */

ADDED   Source/CommonCrypto/aes.h
Index: Source/CommonCrypto/aes.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/aes.h
@@ -0,0 +1,237 @@
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue 28/01/2004
+
+ This file contains the definitions required to use AES in C. See aesopt.h
+ for optimisation details.
+*/
+
+#if !defined( _CC_AES_H_ )
+#define _CC_AES_H_
+
+// Generate nothing if this file has been included in an assembly language file.
+#if !__ASSEMBLER__
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+
+/*  This include is used to find 8 & 32 bit unsigned integer types  */
+#include <machine/limits.h>
+
+#include <TargetConditionals.h>
+#if TARGET_OS_EMBEDDED && __arm__
+#define CC_AES_USE_HARDWARE				1
+#endif
+
+#if CC_AES_USE_HARDWARE
+#define CC_AES_MAX_KEYSIZE				32 //32 bytes or 256 bits
+#endif
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+/*	CommonCrypto-specific mods. 
+
+	_APPLE_COMMON_CRYPTO_, when defined, enables the following:
+	
+	 -- IV/chain buffer stored in the aes_{en,de}crypt_ctx (though it 
+	    can still be passed to the encrypt/decrypt routines)
+	 -- ECB/CBC controlled per ctx->cbcEnable
+	 -- common SPI functions 
+	 -- disables AES_VAR
+*/
+
+#define AES_128     /* define if AES with 128 bit keys is needed    */
+#define AES_192     /* define if AES with 192 bit keys is needed    */
+#define AES_256     /* define if AES with 256 bit keys is needed    */
+#ifndef		_APPLE_COMMON_CRYPTO_
+#define AES_VAR     /* define if a variable key size is needed      */
+#endif
+
+/* The following must also be set in assembler files if being used  */
+
+#define AES_ENCRYPT /* if support for encryption is needed          */
+#define AES_DECRYPT /* if support for decryption is needed          */
+//#define AES_ERR_CHK /* for parameter checks & error return codes    */
+
+#if UCHAR_MAX == 0xff                   /* an unsigned 8 bit type   */
+  typedef unsigned char      aes_08t;
+#else
+#  error Please define aes_08t as an 8-bit unsigned integer type in aes.h
+#endif
+
+#if UINT_MAX == 4294967295              /* an unsigned 32 bit type  */
+  typedef   unsigned int     aes_32t;
+#elif ULONG_MAX == 4294967295ul
+  typedef   unsigned long    aes_32t;
+#else
+#  error Please define aes_32t as a 32-bit unsigned integer type in aes.h
+#endif
+
+#define AES_BLOCK_SIZE  16  /* the AES block size in bytes          */
+#define N_COLS           4  /* the number of columns in the state   */
+
+/* The key schedule length is 11, 13 or 15 16-byte blocks for 128,  */
+/* 192 or 256-bit keys respectively. That is 176, 208 or 240 bytes  */
+/* or 44, 52 or 60 32-bit words. For simplicity this code allocates */
+/* the maximum 60 word array for the key schedule for all key sizes */
+
+#if defined( AES_VAR ) || defined( AES_256 )
+#define KS_LENGTH       60
+#elif defined( AES_192 )
+#define KS_LENGTH       52
+#else
+#define KS_LENGTH       44
+#endif
+
+#if defined( AES_ERR_CHK )
+#define aes_ret     int
+#define aes_good    0
+#define aes_error  -1
+#else
+#define aes_ret     void
+#endif
+
+#if !defined( AES_DLL )                 /* implement normal/DLL functions   */
+#define aes_rval    aes_ret
+#else
+#define aes_rval    aes_ret __declspec(dllexport) _stdcall
+#endif
+
+typedef struct
+{   aes_32t ks[KS_LENGTH];
+    aes_32t rn;
+	#ifdef	_APPLE_COMMON_CRYPTO_
+	unsigned char chainBuf[AES_BLOCK_SIZE];
+	aes_32t cbcEnable;
+	#if CC_AES_USE_HARDWARE
+	unsigned char keyBytes[CC_AES_MAX_KEYSIZE];
+	aes_32t keyLength;
+	#endif
+	#endif
+} aes_encrypt_ctx;
+
+typedef struct
+{   aes_32t ks[KS_LENGTH];
+    aes_32t rn;
+	#ifdef	_APPLE_COMMON_CRYPTO_
+	unsigned char chainBuf[AES_BLOCK_SIZE];
+	aes_32t cbcEnable;
+	#if CC_AES_USE_HARDWARE
+	unsigned char keyBytes[CC_AES_MAX_KEYSIZE];
+	aes_32t keyLength;
+	#endif
+	#endif
+} aes_decrypt_ctx;
+
+typedef struct
+{   
+	aes_decrypt_ctx decrypt;
+    aes_encrypt_ctx encrypt;
+} aes_ctx;
+
+
+/* This routine must be called before first use if non-static       */
+/* tables are being used                                            */
+
+void gen_tabs(void);
+
+/* The key length (klen) is input in bytes when it is in the range  */
+/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */
+
+#if defined( AES_ENCRYPT )
+
+#if defined(AES_128) || defined(AES_VAR)
+aes_rval aes_encrypt_key128(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_192) || defined(AES_VAR)
+aes_rval aes_encrypt_key192(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_256) || defined(AES_VAR)
+aes_rval aes_encrypt_key256(const unsigned char *in_key, aes_encrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_VAR)
+aes_rval aes_encrypt_key(const unsigned char *in_key, int key_len, aes_encrypt_ctx cx[1]);
+#endif
+
+aes_rval aes_encrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
+					 unsigned char *out_blk, aes_encrypt_ctx cx[1]);
+#endif
+
+#if defined( AES_DECRYPT )
+
+#if defined(AES_128) || defined(AES_VAR)
+aes_rval aes_decrypt_key128(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_192) || defined(AES_VAR)
+aes_rval aes_decrypt_key192(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_256) || defined(AES_VAR)
+aes_rval aes_decrypt_key256(const unsigned char *in_key, aes_decrypt_ctx cx[1]);
+#endif
+
+#if defined(AES_VAR)
+aes_rval aes_decrypt_key(const unsigned char *in_key, int key_len, aes_decrypt_ctx cx[1]);
+#endif
+
+aes_rval aes_decrypt_cbc(const unsigned char *in_blk, const unsigned char *in_iv, unsigned int num_blk,
+					 unsigned char *out_blk, aes_decrypt_ctx cx[1]);
+#endif
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+typedef union
+{   
+	aes_decrypt_ctx decrypt;
+    aes_encrypt_ctx encrypt;
+} aes_cc_ctx;
+
+int aes_cc_set_key(aes_cc_ctx *cx, const void *rawKey, aes_32t keyLength, 
+	int forEncrypt);
+void aes_cc_set_iv(aes_cc_ctx *cx, int forEncrypt, const void *iv);
+void aes_cc_encrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
+	void *blocksOut);
+void aes_cc_decrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
+	void *blocksOut);
+#endif
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif	// !__ASSEMBLER__
+
+#endif	/* _CC_AES_H_ */

ADDED   Source/CommonCrypto/aesopt.h
Index: Source/CommonCrypto/aesopt.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/aesopt.h
@@ -0,0 +1,789 @@
+/*
+The bulk of this file is from Dr. Brian Gladman's AES implementation, described
+in the comments below.  But some code has been added to select the
+implementation.  See comments below, where UseGladmanAES is defined.  The new
+code does not alter Gladman's AES implementation except to completely include
+or exclude it from compilation.
+
+		-- Eric Postpischil, January 8, 2008.
+
+
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue 28/01/2004
+
+ My thanks go to Dag Arne Osvik for devising the schemes used here for key
+ length derivation from the form of the key schedule
+
+ This file contains the compilation options for AES (Rijndael) and code
+ that is common across encryption, key scheduling and table generation.
+
+ OPERATION
+
+ These source code files implement the AES algorithm Rijndael designed by
+ Joan Daemen and Vincent Rijmen. This version is designed for the standard
+ block size of 16 bytes and for key sizes of 128, 192 and 256 bits (16, 24
+ and 32 bytes).
+
+ This version is designed for flexibility and speed using operations on
+ 32-bit words rather than operations on bytes.  It can be compiled with
+ either big or little endian internal byte order but is faster when the
+ native byte order for the processor is used.
+
+ THE CIPHER INTERFACE
+
+ The cipher interface is implemented as an array of bytes in which lower
+ AES bit sequence indexes map to higher numeric significance within bytes.
+
+  aes_08t                 (an unsigned  8-bit type)
+  aes_32t                 (an unsigned 32-bit type)
+  struct aes_encrypt_ctx  (structure for the cipher encryption context)
+  struct aes_decrypt_ctx  (structure for the cipher decryption context)
+  aes_rval                the function return type
+
+  C subroutine calls:
+
+  aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1]);
+  aes_rval aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1]);
+  aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1]);
+  aes_rval aes_encrypt(const unsigned char *in, unsigned char *out,
+                                                  const aes_encrypt_ctx cx[1]);
+
+  aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1]);
+  aes_rval aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1]);
+  aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1]);
+  aes_rval aes_decrypt(const unsigned char *in, unsigned char *out,
+                                                  const aes_decrypt_ctx cx[1]);
+
+ IMPORTANT NOTE: If you are using this C interface with dynamic tables make sure that
+ you call genTabs() before AES is used so that the tables are initialised.
+
+ C++ aes class subroutines:
+
+     Class AESencrypt  for encryption
+
+      Construtors:
+          AESencrypt(void)
+          AESencrypt(const unsigned char *key) - 128 bit key
+      Members:
+          aes_rval key128(const unsigned char *key)
+          aes_rval key192(const unsigned char *key)
+          aes_rval key256(const unsigned char *key)
+          aes_rval encrypt(const unsigned char *in, unsigned char *out) const
+
+      Class AESdecrypt  for encryption
+      Construtors:
+          AESdecrypt(void)
+          AESdecrypt(const unsigned char *key) - 128 bit key
+      Members:
+          aes_rval key128(const unsigned char *key)
+          aes_rval key192(const unsigned char *key)
+          aes_rval key256(const unsigned char *key)
+          aes_rval decrypt(const unsigned char *in, unsigned char *out) const
+
+    COMPILATION
+
+    The files used to provide AES (Rijndael) are
+
+    a. aes.h for the definitions needed for use in C.
+    b. aescpp.h for the definitions needed for use in C++.
+    c. aesopt.h for setting compilation options (also includes common code).
+    d. aescrypt.c for encryption and decrytpion, or
+    e. aeskey.c for key scheduling.
+    f. aestab.c for table loading or generation.
+    g. aescrypt.asm for encryption and decryption using assembler code.
+    h. aescrypt.mmx.asm for encryption and decryption using MMX assembler.
+
+    To compile AES (Rijndael) for use in C code use aes.h and set the
+    defines here for the facilities you need (key lengths, encryption
+    and/or decryption). Do not define AES_DLL or AES_CPP.  Set the options
+    for optimisations and table sizes here.
+
+    To compile AES (Rijndael) for use in in C++ code use aescpp.h but do
+    not define AES_DLL
+
+    To compile AES (Rijndael) in C as a Dynamic Link Library DLL) use
+    aes.h and include the AES_DLL define.
+
+    CONFIGURATION OPTIONS (here and in aes.h)
+
+    a. set AES_DLL in aes.h if AES (Rijndael) is to be compiled as a DLL
+    b. You may need to set PLATFORM_BYTE_ORDER to define the byte order.
+    c. If you want the code to run in a specific internal byte order, then
+       ALGORITHM_BYTE_ORDER must be set accordingly.
+    d. set other configuration options decribed below.
+*/
+
+#if !defined( _CC_AESOPT_H )
+#define _CC_AESOPT_H
+
+/*	Select which AES implementation to use.  Preprocessor directives decide
+	whether to define UseGladmanAES or UseAESedp or, in the future, other
+	symbols.  Source files for the implementations contain preprocessor
+	directives to compile their code iff the matching symbol is defined.
+
+	The names GladmanAES and AESedp come from the directories containing the
+	source code.  (I prefer putting "AES" first and am tempted to renamed
+	"GladmanAES" to "AESGladman", since this groups directories by algorithm in
+	listings, but I am resisting for the moment.)
+*/
+#if defined __i386__ || defined __x86_64__
+	// On Intel architectures, use AESedp.
+	#define	UseAESedp
+#else
+	// Otherwise, use Gladman AES.
+	#define	UseGladmanAES
+#endif
+
+/*	Suppressing all source in a module would yield an empty module after
+	preprocessing.  GCC allows this, but standard C requires a module to
+	contain at least one external declaration.  So here we make an otherwise
+	unused declaration that generates no object code.
+*/
+#if !defined __ASSEMBLER__
+	typedef char DummyDeclarationToMakeValidC;
+#endif
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/aes.h>
+
+/*  CONFIGURATION - USE OF DEFINES
+
+    Later in this section there are a number of defines that control the
+    operation of the code.  In each section, the purpose of each define is
+    explained so that the relevant form can be included or excluded by
+    setting either 1's or 0's respectively on the branches of the related
+    #if clauses.
+
+    PLATFORM SPECIFIC INCLUDES AND BYTE ORDER IN 32-BIT WORDS
+
+    To obtain the highest speed on processors with 32-bit words, this code
+    needs to determine the byte order of the target machine. The following
+    block of code is an attempt to capture the most obvious ways in which
+    various environemnts define byte order. It may well fail, in which case
+    the definitions will need to be set by editing at the points marked
+    **** EDIT HERE IF NECESSARY **** below.  My thanks go to Peter Gutmann
+    for his assistance with this endian detection nightmare.
+*/
+
+#define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
+#define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
+
+#if defined(__GNUC__) || defined(__GNU_LIBRARY__)
+#  if defined(__FreeBSD__) || defined(__OpenBSD__)
+#    include <sys/endian.h>
+#  elif defined( BSD ) && BSD >= 199103
+#      include <machine/endian.h>
+#  elif defined(__APPLE__)
+#    if defined(__BIG_ENDIAN__) && !defined( BIG_ENDIAN )
+#      define BIG_ENDIAN
+#    elif defined(__LITTLE_ENDIAN__) && !defined( LITTLE_ENDIAN )
+#      define LITTLE_ENDIAN
+#    endif
+#  else
+#    include <endian.h>
+#    if defined(__BEOS__)
+#      include <byteswap.h>
+#    endif
+#  endif
+#endif
+
+#if !defined(PLATFORM_BYTE_ORDER)
+#  if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
+#    if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    endif
+#  elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
+#    if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#   endif
+#  elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
+#    if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    endif
+#  endif
+#endif
+
+/*  if the platform is still unknown, try to find its byte order    */
+/*  from commonly used machine defines                              */
+
+#if !defined(PLATFORM_BYTE_ORDER)
+
+#if   defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       || \
+      defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    || \
+      defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) || \
+      defined( vax )       || defined( vms )     || defined( VMS )        || \
+      defined( __VMS )	   || defined(__x86_64__)
+#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+
+#elif defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  || \
+      defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   || \
+      defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       || \
+      defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) || \
+      defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) || \
+      defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
+#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+
+#elif 0     /* **** EDIT HERE IF NECESSARY **** */
+#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#elif 0     /* **** EDIT HERE IF NECESSARY **** */
+#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#else
+#  error Please edit aesopt.h (line 234 or 236) to set the platform byte order
+#endif
+
+#endif
+
+/*  SOME LOCAL DEFINITIONS  */
+
+#define NO_TABLES              0
+#define ONE_TABLE              1
+#define FOUR_TABLES            4
+#define NONE                   0
+#define PARTIAL                1
+#define FULL                   2
+
+#if defined(bswap32)
+#define aes_sw32    bswap32
+#elif defined(bswap_32)
+#define aes_sw32    bswap_32
+#else
+#define brot(x,n)   (((aes_32t)(x) <<  n) | ((aes_32t)(x) >> (32 - n)))
+#define aes_sw32(x) ((brot((x),8) & 0x00ff00ff) | (brot((x),24) & 0xff00ff00))
+#endif
+
+/*  1. FUNCTIONS REQUIRED
+
+    This implementation provides subroutines for encryption, decryption
+    and for setting the three key lengths (separately) for encryption
+    and decryption. When the assembler code is not being used the following
+    definition blocks allow the selection of the routines that are to be
+    included in the compilation.
+*/
+#if defined( AES_ENCRYPT )
+#define ENCRYPTION
+#define ENCRYPTION_KEY_SCHEDULE
+#endif
+
+#if defined( AES_DECRYPT )
+#define DECRYPTION
+#define DECRYPTION_KEY_SCHEDULE
+#endif
+
+/*  2. ASSEMBLER SUPPORT
+
+    This define (which can be on the command line) enables the use of the
+    assembler code routines for encryption and decryption with the C code
+    only providing key scheduling
+*/
+#if 0 && !defined(AES_ASM)
+#define AES_ASM
+#endif
+
+/*  3. BYTE ORDER WITHIN 32 BIT WORDS
+
+    The fundamental data processing units in Rijndael are 8-bit bytes. The
+    input, output and key input are all enumerated arrays of bytes in which
+    bytes are numbered starting at zero and increasing to one less than the
+    number of bytes in the array in question. This enumeration is only used
+    for naming bytes and does not imply any adjacency or order relationship
+    from one byte to another. When these inputs and outputs are considered
+    as bit sequences, bits 8*n to 8*n+7 of the bit sequence are mapped to
+    byte[n] with bit 8n+i in the sequence mapped to bit 7-i within the byte.
+    In this implementation bits are numbered from 0 to 7 starting at the
+    numerically least significant end of each byte (bit n represents 2^n).
+
+    However, Rijndael can be implemented more efficiently using 32-bit
+    words by packing bytes into words so that bytes 4*n to 4*n+3 are placed
+    into word[n]. While in principle these bytes can be assembled into words
+    in any positions, this implementation only supports the two formats in
+    which bytes in adjacent positions within words also have adjacent byte
+    numbers. This order is called big-endian if the lowest numbered bytes
+    in words have the highest numeric significance and little-endian if the
+    opposite applies.
+
+    This code can work in either order irrespective of the order used by the
+    machine on which it runs. Normally the internal byte order will be set
+    to the order of the processor on which the code is to be run but this
+    define can be used to reverse this in special situations
+
+    NOTE: Assembler code versions rely on PLATFORM_BYTE_ORDER being set
+*/
+#if 1 || defined(AES_ASM)
+#define ALGORITHM_BYTE_ORDER PLATFORM_BYTE_ORDER
+#elif 0
+#define ALGORITHM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#elif 0
+#define ALGORITHM_BYTE_ORDER BRG_BIG_ENDIAN
+#else
+#error The algorithm byte order is not defined
+#endif
+
+/*  4. FAST INPUT/OUTPUT OPERATIONS.
+
+    On some machines it is possible to improve speed by transferring the
+    bytes in the input and output arrays to and from the internal 32-bit
+    variables by addressing these arrays as if they are arrays of 32-bit
+    words.  On some machines this will always be possible but there may
+    be a large performance penalty if the byte arrays are not aligned on
+    the normal word boundaries. On other machines this technique will
+    lead to memory access errors when such 32-bit word accesses are not
+    properly aligned. The option SAFE_IO avoids such problems but will
+    often be slower on those machines that support misaligned access
+    (especially so if care is taken to align the input  and output byte
+    arrays on 32-bit word boundaries). If SAFE_IO is not defined it is
+    assumed that access to byte arrays as if they are arrays of 32-bit
+    words will not cause problems when such accesses are misaligned.
+*/
+#if 0 && !defined(_MSC_VER)
+#define SAFE_IO
+#endif
+
+/*  5. LOOP UNROLLING
+
+    The code for encryption and decrytpion cycles through a number of rounds
+    that can be implemented either in a loop or by expanding the code into a
+    long sequence of instructions, the latter producing a larger program but
+    one that will often be much faster. The latter is called loop unrolling.
+    There are also potential speed advantages in expanding two iterations in
+    a loop with half the number of iterations, which is called partial loop
+    unrolling.  The following options allow partial or full loop unrolling
+    to be set independently for encryption and decryption
+*/
+#if 1
+#define ENC_UNROLL  FULL
+#elif 0
+#define ENC_UNROLL  PARTIAL
+#else
+#define ENC_UNROLL  NONE
+#endif
+
+#if 1
+#define DEC_UNROLL  FULL
+#elif 0
+#define DEC_UNROLL  PARTIAL
+#else
+#define DEC_UNROLL  NONE
+#endif
+
+/*  6. FAST FINITE FIELD OPERATIONS
+
+    If this section is included, tables are used to provide faster finite
+    field arithmetic (this has no effect if FIXED_TABLES is defined).
+*/
+#if 1
+#define FF_TABLES
+#endif
+
+/*  7. INTERNAL STATE VARIABLE FORMAT
+
+    The internal state of Rijndael is stored in a number of local 32-bit
+    word varaibles which can be defined either as an array or as individual
+    names variables. Include this section if you want to store these local
+    varaibles in arrays. Otherwise individual local variables will be used.
+*/
+#if 0
+#define ARRAYS
+#endif
+
+/* In this implementation the columns of the state array are each held in
+   32-bit words. The state array can be held in various ways: in an array
+   of words, in a number of individual word variables or in a number of
+   processor registers. The following define maps a variable name x and
+   a column number c to the way the state array variable is to be held.
+   The first define below maps the state into an array x[c] whereas the
+   second form maps the state into a number of individual variables x0,
+   x1, etc.  Another form could map individual state colums to machine
+   register names.
+*/
+
+#if defined(ARRAYS)
+#define s(x,c) x[c]
+#else
+#define s(x,c) x##c
+#endif
+
+/*  8. FIXED OR DYNAMIC TABLES
+
+    When this section is included the tables used by the code are compiled
+    statically into the binary file.  Otherwise the subroutine gen_tabs()
+    must be called to compute them before the code is first used.
+*/
+#if 1
+#define FIXED_TABLES
+#endif
+
+/*  9. TABLE ALIGNMENT
+
+    On some sytsems speed will be improved by aligning the AES large lookup
+    tables on particular boundaries. This define should be set to a power of
+    two giving the desired alignment. It can be left undefined if alignment
+    is not needed.  This option is specific to the Microsft VC++ compiler -
+    it seems to sometimes cause trouble for the VC++ version 6 compiler.
+*/
+
+#if 0 && defined(_MSC_VER) && (_MSC_VER >= 1300)
+#define TABLE_ALIGN 64
+#endif
+
+/*  10. INTERNAL TABLE CONFIGURATION
+
+    This cipher proceeds by repeating in a number of cycles known as 'rounds'
+    which are implemented by a round function which can optionally be speeded
+    up using tables.  The basic tables are each 256 32-bit words, with either
+    one or four tables being required for each round function depending on
+    how much speed is required. The encryption and decryption round functions
+    are different and the last encryption and decrytpion round functions are
+    different again making four different round functions in all.
+
+    This means that:
+      1. Normal encryption and decryption rounds can each use either 0, 1
+         or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
+      2. The last encryption and decryption rounds can also use either 0, 1
+         or 4 tables and table spaces of 0, 1024 or 4096 bytes each.
+
+    Include or exclude the appropriate definitions below to set the number
+    of tables used by this implementation.
+*/
+
+#if 1   /* set tables for the normal encryption round */
+#define ENC_ROUND   FOUR_TABLES
+#elif 0
+#define ENC_ROUND   ONE_TABLE
+#else
+#define ENC_ROUND   NO_TABLES
+#endif
+
+#if 1   /* set tables for the last encryption round */
+#define LAST_ENC_ROUND  FOUR_TABLES
+#elif 0
+#define LAST_ENC_ROUND  ONE_TABLE
+#else
+#define LAST_ENC_ROUND  NO_TABLES
+#endif
+
+#if 1   /* set tables for the normal decryption round */
+#define DEC_ROUND   FOUR_TABLES
+#elif 0
+#define DEC_ROUND   ONE_TABLE
+#else
+#define DEC_ROUND   NO_TABLES
+#endif
+
+#if 1   /* set tables for the last decryption round */
+#define LAST_DEC_ROUND  FOUR_TABLES
+#elif 0
+#define LAST_DEC_ROUND  ONE_TABLE
+#else
+#define LAST_DEC_ROUND  NO_TABLES
+#endif
+
+/*  The decryption key schedule can be speeded up with tables in the same
+    way that the round functions can.  Include or exclude the following
+    defines to set this requirement.
+*/
+#if 1
+#define KEY_SCHED   FOUR_TABLES
+#elif 0
+#define KEY_SCHED   ONE_TABLE
+#else
+#define KEY_SCHED   NO_TABLES
+#endif
+
+/*  11. TABLE POINTER CACHING
+
+    Normally tables are referenced directly, Enable this option if you wish to
+    cache pointers to the tables in the encrypt/decrypt code.  Note that this
+	only works if you are using FOUR_TABLES for the ROUND you enable this for.
+*/
+#if 1
+#define ENC_ROUND_CACHE_TABLES
+#endif
+#if 1
+#define LAST_ENC_ROUND_CACHE_TABLES
+#endif
+#if 1
+#define DEC_ROUND_CACHE_TABLES
+#endif
+#if 1
+#define LAST_DEC_ROUND_CACHE_TABLES
+#endif
+
+/* END OF CONFIGURATION OPTIONS */
+
+#define RC_LENGTH   (5 * (AES_BLOCK_SIZE / 4 - 2))
+
+/* Disable or report errors on some combinations of options */
+
+#if ENC_ROUND == NO_TABLES && LAST_ENC_ROUND != NO_TABLES
+#undef  LAST_ENC_ROUND
+#define LAST_ENC_ROUND  NO_TABLES
+#elif ENC_ROUND == ONE_TABLE && LAST_ENC_ROUND == FOUR_TABLES
+#undef  LAST_ENC_ROUND
+#define LAST_ENC_ROUND  ONE_TABLE
+#endif
+
+#if ENC_ROUND == NO_TABLES && ENC_UNROLL != NONE
+#undef  ENC_UNROLL
+#define ENC_UNROLL  NONE
+#endif
+
+#if DEC_ROUND == NO_TABLES && LAST_DEC_ROUND != NO_TABLES
+#undef  LAST_DEC_ROUND
+#define LAST_DEC_ROUND  NO_TABLES
+#elif DEC_ROUND == ONE_TABLE && LAST_DEC_ROUND == FOUR_TABLES
+#undef  LAST_DEC_ROUND
+#define LAST_DEC_ROUND  ONE_TABLE
+#endif
+
+#if DEC_ROUND == NO_TABLES && DEC_UNROLL != NONE
+#undef  DEC_UNROLL
+#define DEC_UNROLL  NONE
+#endif
+
+/*  upr(x,n):  rotates bytes within words by n positions, moving bytes to
+               higher index positions with wrap around into low positions
+    ups(x,n):  moves bytes by n positions to higher index positions in
+               words but without wrap around
+    bval(x,n): extracts a byte from a word
+
+    NOTE:      The definitions given here are intended only for use with
+               unsigned variables and with shift counts that are compile
+               time constants
+*/
+
+#if (ALGORITHM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
+#define upr(x,n)        (((aes_32t)(x) << (8 * (n))) | ((aes_32t)(x) >> (32 - 8 * (n))))
+#define ups(x,n)        ((aes_32t) (x) << (8 * (n)))
+#define bval(x,n)       ((aes_08t)((x) >> (8 * (n))))
+#define bytes2word(b0, b1, b2, b3)  \
+        (((aes_32t)(b3) << 24) | ((aes_32t)(b2) << 16) | ((aes_32t)(b1) << 8) | (b0))
+#endif
+
+#if (ALGORITHM_BYTE_ORDER == BRG_BIG_ENDIAN)
+#define upr(x,n)        (((aes_32t)(x) >> (8 * (n))) | ((aes_32t)(x) << (32 - 8 * (n))))
+#define ups(x,n)        ((aes_32t) (x) >> (8 * (n))))
+#define bval(x,n)       ((aes_08t)((x) >> (24 - 8 * (n))))
+#define bytes2word(b0, b1, b2, b3)  \
+        (((aes_32t)(b0) << 24) | ((aes_32t)(b1) << 16) | ((aes_32t)(b2) << 8) | (b3))
+#endif
+
+#if defined(SAFE_IO)
+
+#define word_in(x,c)    bytes2word(((aes_08t*)(x)+4*c)[0], ((aes_08t*)(x)+4*c)[1], \
+                                   ((aes_08t*)(x)+4*c)[2], ((aes_08t*)(x)+4*c)[3])
+#define word_out(x,c,v) { ((aes_08t*)(x)+4*c)[0] = bval(v,0); ((aes_08t*)(x)+4*c)[1] = bval(v,1); \
+                          ((aes_08t*)(x)+4*c)[2] = bval(v,2); ((aes_08t*)(x)+4*c)[3] = bval(v,3); }
+
+#elif (ALGORITHM_BYTE_ORDER == PLATFORM_BYTE_ORDER)
+
+#define word_in(x,c)    (*((aes_32t*)(x)+(c)))
+#define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = (v))
+
+#else
+
+#define word_in(x,c)    aes_sw32(*((aes_32t*)(x)+(c)))
+#define word_out(x,c,v) (*((aes_32t*)(x)+(c)) = aes_sw32(v))
+
+#endif
+
+/* the finite field modular polynomial and elements */
+
+#define WPOLY   0x011b
+#define BPOLY     0x1b
+
+/* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+#define m1  0x80808080
+#define m2  0x7f7f7f7f
+#define gf_mulx(x)  ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * BPOLY))
+
+/* The following defines provide alternative definitions of gf_mulx that might
+   give improved performance if a fast 32-bit multiply is not available. Note
+   that a temporary variable u needs to be defined where gf_mulx is used.
+
+#define gf_mulx(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
+#define m4  (0x01010101 * BPOLY)
+#define gf_mulx(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
+*/
+
+/* Work out which tables are needed for the different options   */
+
+#if defined( AES_ASM )
+#if defined( ENC_ROUND )
+#undef  ENC_ROUND
+#endif
+#define ENC_ROUND   FOUR_TABLES
+#if defined( LAST_ENC_ROUND )
+#undef  LAST_ENC_ROUND
+#endif
+#define LAST_ENC_ROUND  FOUR_TABLES
+#if defined( DEC_ROUND )
+#undef  DEC_ROUND
+#endif
+#define DEC_ROUND   FOUR_TABLES
+#if defined( LAST_DEC_ROUND )
+#undef  LAST_DEC_ROUND
+#endif
+#define LAST_DEC_ROUND  FOUR_TABLES
+#if defined( KEY_SCHED )
+#undef  KEY_SCHED
+#define KEY_SCHED   FOUR_TABLES
+#endif
+#endif
+
+#if defined(ENCRYPTION) || defined(AES_ASM)
+#if ENC_ROUND == ONE_TABLE
+#define FT1_SET
+#elif ENC_ROUND == FOUR_TABLES
+#define FT4_SET
+#else
+#define SBX_SET
+#endif
+#if LAST_ENC_ROUND == ONE_TABLE
+#define FL1_SET
+#elif LAST_ENC_ROUND == FOUR_TABLES
+#define FL4_SET
+#elif !defined(SBX_SET)
+#define SBX_SET
+#endif
+#endif
+
+#if defined(DECRYPTION) || defined(AES_ASM)
+#if DEC_ROUND == ONE_TABLE
+#define IT1_SET
+#elif DEC_ROUND == FOUR_TABLES
+#define IT4_SET
+#else
+#define ISB_SET
+#endif
+#if LAST_DEC_ROUND == ONE_TABLE
+#define IL1_SET
+#elif LAST_DEC_ROUND == FOUR_TABLES
+#define IL4_SET
+#elif !defined(ISB_SET)
+#define ISB_SET
+#endif
+#endif
+
+#if defined(ENCRYPTION_KEY_SCHEDULE) || defined(DECRYPTION_KEY_SCHEDULE)
+#if KEY_SCHED == ONE_TABLE
+#define LS1_SET
+#define IM1_SET
+#elif KEY_SCHED == FOUR_TABLES
+#define LS4_SET
+#define IM4_SET
+#elif !defined(SBX_SET)
+#define SBX_SET
+#endif
+#endif
+
+/* generic definitions of Rijndael macros that use tables    */
+
+#define no_table(x,box,vf,rf,c) bytes2word( \
+    box[bval(vf(x,0,c),rf(0,c))], \
+    box[bval(vf(x,1,c),rf(1,c))], \
+    box[bval(vf(x,2,c),rf(2,c))], \
+    box[bval(vf(x,3,c),rf(3,c))])
+
+#define one_table(x,op,tab,vf,rf,c) \
+ (     tab[bval(vf(x,0,c),rf(0,c))] \
+  ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
+  ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
+  ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
+
+#define four_tables(x,tab,vf,rf,c) \
+ (  tab[0][bval(vf(x,0,c),rf(0,c))] \
+  ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
+  ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
+  ^ tab[3][bval(vf(x,3,c),rf(3,c))])
+
+#define four_cached_tables(x,tab,vf,rf,c) \
+(  tab##0[bval(vf(x,0,c),rf(0,c))] \
+   ^ tab##1[bval(vf(x,1,c),rf(1,c))] \
+   ^ tab##2[bval(vf(x,2,c),rf(2,c))] \
+   ^ tab##3[bval(vf(x,3,c),rf(3,c))])
+
+#define vf1(x,r,c)  (x)
+#define rf1(r,c)    (r)
+#define rf2(r,c)    ((8+r-c)&3)
+
+/* perform forward and inverse column mix operation on four bytes in long word x in */
+/* parallel. NOTE: x must be a simple variable, NOT an expression in these macros.  */
+
+#if defined(FM4_SET)    /* not currently used */
+#define fwd_mcol(x)     four_tables(x,t_use(f,m),vf1,rf1,0)
+#elif defined(FM1_SET)  /* not currently used */
+#define fwd_mcol(x)     one_table(x,upr,t_use(f,m),vf1,rf1,0)
+#else
+#define dec_fmvars      aes_32t g2
+#define fwd_mcol(x)     (g2 = gf_mulx(x), g2 ^ upr((x) ^ g2, 3) ^ upr((x), 2) ^ upr((x), 1))
+#endif
+
+#if defined(IM4_SET)
+#define inv_mcol(x)     four_tables(x,t_use(i,m),vf1,rf1,0)
+#elif defined(IM1_SET)
+#define inv_mcol(x)     one_table(x,upr,t_use(i,m),vf1,rf1,0)
+#else
+#define dec_imvars      aes_32t g2, g4, g9
+#define inv_mcol(x)     (g2 = gf_mulx(x), g4 = gf_mulx(g2), g9 = (x) ^ gf_mulx(g4), g4 ^= g9, \
+                        (x) ^ g2 ^ g4 ^ upr(g2 ^ g9, 3) ^ upr(g4, 2) ^ upr(g9, 1))
+#endif
+
+#if defined(FL4_SET)
+#define ls_box(x,c)     four_tables(x,t_use(f,l),vf1,rf2,c)
+#elif   defined(LS4_SET)
+#define ls_box(x,c)     four_tables(x,t_use(l,s),vf1,rf2,c)
+#elif defined(FL1_SET)
+#define ls_box(x,c)     one_table(x,upr,t_use(f,l),vf1,rf2,c)
+#elif defined(LS1_SET)
+#define ls_box(x,c)     one_table(x,upr,t_use(l,s),vf1,rf2,c)
+#else
+#define ls_box(x,c)     no_table(x,t_use(s,box),vf1,rf2,c)
+#endif
+
+#endif	/* _CC_AESOPT_H */

ADDED   Source/CommonCrypto/cast.h
Index: Source/CommonCrypto/cast.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/cast.h
@@ -0,0 +1,119 @@
+/* crypto/cast/cast.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef CC_CAST_H
+#define CC_CAST_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <stdint.h>
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+/* avoid symbol collision with libSystem & libcrypto */
+#define CAST_set_key		CC_CAST_set_key
+#define CAST_ecb_encrypt	CC_CAST_ecb_encrypt
+#define CAST_encrypt		CC_CAST_encrypt
+#define CAST_decrypt		CC_CAST_decrypt
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#ifdef NO_CAST
+#error CAST is disabled.
+#endif
+
+#define CAST_ENCRYPT	1
+#define CAST_DECRYPT	0
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+#define CAST_LONG uint32_t
+#else
+#define CAST_LONG unsigned long
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#define CAST_BLOCK			8			/* block size in bytes */
+#define CAST_KEY_LENGTH		16			/* MAX key size in bytes */
+#define CAST_MIN_KEY_LENGTH	5			/* MIN key size in bytes */
+typedef struct cast_key_st
+	{
+	CAST_LONG data[32];
+	int short_key;	/* Use reduced rounds for short key */
+	} CAST_KEY;
+
+ 
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
+		      int enc);
+void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
+#ifndef	_APPLE_COMMON_CRYPTO_
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+		      CAST_KEY *ks, unsigned char *iv, int enc);
+void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+			long length, CAST_KEY *schedule, unsigned char *ivec,
+			int *num, int enc);
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
+			long length, CAST_KEY *schedule, unsigned char *ivec,
+			int *num);
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+#ifdef  __cplusplus
+}
+#endif
+
+#endif	/* CC_CAST_H */

ADDED   Source/CommonCrypto/ccCast.h
Index: Source/CommonCrypto/ccCast.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/ccCast.h
@@ -0,0 +1,54 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ccCast.h - shim between openssl-based CAST and CommonEncryption.
+ *
+ * Created 3/30/06 by Doug Mitchell. 
+ */
+
+#ifndef	_CC_CCCAST_H_
+#define _CC_CCCAST_H_
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/cast.h>
+#include <sys/types.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+int cast_cc_set_key(
+	CAST_KEY *cx, 
+	const void *rawKey, 
+	size_t keyLength,
+	int forEncrypt);
+
+void cast_cc_encrypt(CAST_KEY *cx, const void *blockIn, void *blockOut);
+void cast_cc_decrypt(CAST_KEY *cx, const void *blockIn, void *blockOut);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif	/* _CC_CCCAST_H_ */

ADDED   Source/CommonCrypto/ccRC2.h
Index: Source/CommonCrypto/ccRC2.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/ccRC2.h
@@ -0,0 +1,43 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef	_CC_RC2_H_
+#define _CC_RC2_H_
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/rc2.h>
+#include <sys/types.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+int rc2_cc_set_key(RC2_Schedule *cx, const void *rawKey, size_t keyLength);
+void rc2_cc_encrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut);
+void rc2_cc_decrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif	/* _CC_RC2_H_ */

ADDED   Source/CommonCrypto/opensslDES.h
Index: Source/CommonCrypto/opensslDES.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/opensslDES.h
@@ -0,0 +1,133 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 
+ * This is pared-down version of <openssl/des.h>, shorn of 
+ * everything except the bare-bones single-block encrypt/decrypt
+ * routine DES_encrypt1() and the types and #defines needed to use
+ * it. Plus it has the shim code needed to use this function in 
+ * CommonEncryption. 
+ */
+ 
+#ifndef	_CC_OPENSSL_DES_H_
+#define _CC_OPENSSL_DES_H_
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+
+#define OPENSSL_DISABLE_OLD_DES_SUPPORT
+
+// #include <ccOpenssl/des_locl.h>
+#include <stdint.h>
+#include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* 
+ * These typedefs and defines moved here from des.h to allow
+ * this interface to be exported (via private SPI) to the CSP.
+ */
+typedef unsigned char DES_cblock[8];
+typedef /* const */ unsigned char const_DES_cblock[8];
+/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
+ * and const_DES_cblock * are incompatible pointer types. */
+
+#undef	DES_LONG
+#define DES_LONG	uint32_t
+
+typedef struct DES_ks
+    {
+    union
+	{
+	DES_cblock cblock;
+	/* make sure things are correct size on machines with
+	 * 8 byte longs */
+	DES_LONG deslong[2];
+	} ks[16];
+    } DES_key_schedule;
+
+
+int osDesSetkey(DES_key_schedule *dinst, char *key, size_t keyLength,
+	int forEencrypt);
+void osDesEncrypt(DES_key_schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output);
+void osDesDecrypt(DES_key_schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output);
+
+/* triple DES */
+typedef struct {
+	DES_key_schedule	ks[3];
+} DES3_Schedule;
+
+int osDes3Setkey(DES3_Schedule *dinst, char *key, size_t keyLength,
+	int forEencrypt);
+void osDes3Encrypt(DES3_Schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output);
+void osDes3Decrypt(DES3_Schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_OPENSSL_DES_H_ */

ADDED   Source/CommonCrypto/rc2.h
Index: Source/CommonCrypto/rc2.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/rc2.h
@@ -0,0 +1,35 @@
+
+#ifndef	_RC2_H_
+#define _RC2_H_
+
+typedef struct rc2_key_st {
+    unsigned short xkey[64];
+} RC2_Schedule;
+
+/**********************************************************************\ 
+* Expand a variable-length user key (between 1 and 128 bytes) to a     * 
+* 64-short working rc2 key, of at most "bits" effective key bits.      * 
+* The effective key bits parameter looks like an export control hack.  * 
+* For normal use, it should always be set to 1024.  For convenience,   * 
+* zero is accepted as an alias for 1024.                               * 
+\**********************************************************************/ 
+void rc2_keyschedule( RC2_Schedule *key_schedule, 
+                      const unsigned char *key, 
+                      unsigned len, 
+                      unsigned bits );
+
+/**********************************************************************\ 
+* Encrypt an 8-byte block of plaintext using the given key.            * 
+\**********************************************************************/ 
+void rc2_encrypt( const RC2_Schedule *key_schedule, 
+                  const unsigned char *plain, 
+                  unsigned char *cipher );
+
+/**********************************************************************\ 
+* Decrypt an 8-byte block of ciphertext using the given key.           * 
+\**********************************************************************/ 
+void rc2_decrypt( const RC2_Schedule *key_schedule, 
+                  unsigned char *plain, 
+                  const unsigned char *cipher );
+
+#endif /* _RC2_H_ */

ADDED   Source/CommonCrypto/rc4.h
Index: Source/CommonCrypto/rc4.h
==================================================================
--- /dev/null
+++ Source/CommonCrypto/rc4.h
@@ -0,0 +1,126 @@
+/*
+ * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please obtain
+ * a copy of the License at http://www.apple.com/publicsource and read it before
+ * using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
+ * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
+ * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
+ * specific language governing rights and limitations under the License.
+ */
+
+
+/* crypto/rc4/rc4.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC4_H
+#define HEADER_RC4_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef NO_RC4
+#error RC4 is disabled.
+#endif
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+/* we just need one typedef... */
+#include <stdint.h>
+typedef uint32_t RC4_INT;
+
+/* and we'll map to unique function names to avoid collisions with libcrypto */
+#define RC4_set_key	CC_RC4_set_key
+#define RC4			CC_RC4
+
+#else	/* _APPLE_COMMON_CRYPTO_ */
+#include <openssl/opensslconf.h> /* RC4_INT */
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#define RC4_MIN_KEY_SIZE_BYTES	1
+#define RC4_MAX_KEY_SIZE_BYTES	512
+
+typedef struct rc4_key_st
+	{
+	RC4_INT x,y;
+	RC4_INT data[256];
+	} RC4_KEY;
+
+ 
+#ifndef	_APPLE_COMMON_CRYPTO_
+const char *RC4_options(void);
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+		unsigned char *outdata);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif

ADDED   Source/CommonCryptor.c
Index: Source/CommonCryptor.c
==================================================================
--- /dev/null
+++ Source/CommonCryptor.c
@@ -0,0 +1,338 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CommonCryptor.c - common crypto context.
+ *
+ * Created 3/27/06 by Doug Mitchell. 
+ */
+
+#include <CommonCrypto/CommonCryptor.h>
+#include "CommonCryptorPriv.h"
+#include "BlockCipher.h"
+#include "StreamCipher.h"
+#include <stdlib.h>
+#include <strings.h>
+#include <stddef.h>			/* for offsetof() */
+
+/* 
+ * ComonCryptor's portion of a CCCryptorRef. 
+ */
+typedef struct _CCCryptor {
+	/* if true, we mallocd this and must free it in CCCryptorRelease() */
+	bool						weMallocd;
+	/* total size of context (ours plus SPI-specific) */
+	size_t						contextSize;
+	/* op info */
+	CCOperation					op;
+	CCAlgorithm					alg;
+	/* SPI info */
+	const CCCryptSpiCallouts	*callouts;
+	/* start of SPI-specific context */
+	char						spiCtx[1];
+} CCCryptor;
+
+
+static const CCCryptSpiCallouts *ccSpiCallouts(
+	CCOperation op,	
+	CCAlgorithm alg)
+{
+	switch(alg) {
+		case kCCAlgorithmAES128:
+		case kCCAlgorithmDES:
+		case kCCAlgorithm3DES:
+		case kCCAlgorithmCAST:
+		case kCCAlgorithmRC2:
+			return &ccBlockCipherCallouts;
+		case kCCAlgorithmRC4:
+			return &ccRC4Callouts;
+		default:
+			return NULL;
+	}
+}
+
+CCCryptorStatus CCCryptorCreate(
+	CCOperation op,             /* kCCEncrypt, etc. */
+	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
+	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
+	const void *key,            /* raw key material */
+	size_t keyLength,	
+	const void *iv,             /* optional initialization vector */
+	CCCryptorRef *cryptorRef)  /* RETURNED */
+{
+	const CCCryptSpiCallouts *callouts;
+	CCCryptorStatus crtn;
+	CCCryptor *cryptor = NULL;
+	size_t requiredLen;
+	
+	if(cryptorRef == NULL) {
+		return kCCParamError;
+	}
+	callouts = ccSpiCallouts(op, alg);
+	if(callouts == NULL) {
+		return kCCParamError;
+	}
+	
+	/* how much space do we and the SPI need? */
+	crtn = callouts->contextSize(op, alg, &requiredLen);
+	if(crtn) {
+		return crtn;
+	}
+	requiredLen += offsetof(CCCryptor, spiCtx);
+	
+	/* alloc and init our portion */
+	cryptor = (CCCryptor *)malloc(requiredLen);
+	if(cryptor == NULL) {
+		return kCCMemoryFailure;
+	}
+	cryptor->weMallocd = true;
+	cryptor->contextSize = requiredLen;
+	cryptor->op = op;
+	cryptor->alg = alg;
+	cryptor->callouts = callouts;
+
+	/* SPI-specific init */
+	crtn = callouts->init(cryptor->spiCtx, op, alg, options, 
+		key, keyLength, iv);
+	if(crtn) {
+		free(cryptor);
+		return crtn;
+	}
+	*cryptorRef = cryptor;
+	return kCCSuccess;
+}
+
+CCCryptorStatus CCCryptorCreateFromData(
+	CCOperation op,             /* kCCEncrypt, etc. */
+	CCAlgorithm alg,            /* kCCAlgorithmDES, etc. */
+	CCOptions options,          /* kCCOptionPKCS7Padding, etc. */
+	const void *key,            /* raw key material */
+	size_t keyLength,	
+	const void *iv,             /* optional initialization vector */
+	const void *data,			/* caller-supplied memory */
+	size_t dataLength,			/* length of data in bytes */
+	CCCryptorRef *cryptorRef,   /* RETURNED */
+	size_t *dataUsed)			/* optional, RETURNED */
+{
+	const CCCryptSpiCallouts *callouts;
+	CCCryptorStatus crtn;
+	CCCryptor *cryptor = NULL;
+	size_t requiredLen;
+	
+	if((data == NULL) || (cryptorRef == NULL)) {
+		return kCCParamError;
+	}
+	callouts = ccSpiCallouts(op, alg);
+	if(callouts == NULL) {
+		return kCCParamError;
+	}
+	
+	/* how much space do we and the SPI need? */
+	crtn = callouts->contextSize(op, alg, &requiredLen);
+	if(crtn) {
+		return crtn;
+	}
+	requiredLen += offsetof(CCCryptor, spiCtx);
+	if(dataLength < requiredLen) {
+		if(dataUsed != NULL) {
+			*dataUsed = requiredLen;
+		}
+		return kCCBufferTooSmall;
+	}
+	cryptor = (CCCryptor *)data;
+
+	/* init our portion */
+	cryptor->weMallocd = false;
+	cryptor->contextSize = requiredLen;
+	cryptor->op = op;
+	cryptor->alg = alg;
+	cryptor->callouts = callouts;
+
+	/* SPI-specific init */
+	crtn = callouts->init(cryptor->spiCtx, op, alg, options, 
+		key, keyLength, iv);
+	if(crtn) {
+		return crtn;
+	}
+	*cryptorRef = cryptor;
+	if(dataUsed != NULL) {
+		*dataUsed = requiredLen;
+	}
+	return kCCSuccess;
+}
+
+CCCryptorStatus CCCryptorRelease(
+	CCCryptorRef cryptor)
+{
+	bool weMallocd;
+	size_t zeroSize;
+	
+	if(cryptor == NULL) {
+		return kCCParamError;
+	}
+	if(cryptor->callouts->release) {
+		cryptor->callouts->release(cryptor->spiCtx);
+		zeroSize = offsetof(CCCryptor, spiCtx);
+	}
+	else {
+		/* provider says: "just zero everything" */
+		zeroSize = cryptor->contextSize;
+	}
+	weMallocd = cryptor->weMallocd;
+	memset(cryptor, 0, zeroSize);
+	if(weMallocd) {
+		free(cryptor);
+	}
+	return kCCSuccess;
+}
+
+CCCryptorStatus CCCryptorUpdate(
+	CCCryptorRef cryptor,
+	const void *dataIn,
+	size_t dataInLength,
+	void *dataOut,				/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)		/* number of bytes written */
+{
+	if(cryptor == NULL) {
+		return kCCParamError;
+	}
+	return cryptor->callouts->update(cryptor->spiCtx, 
+		dataIn, dataInLength, 
+		dataOut, dataOutAvailable, dataOutMoved);
+}
+
+CCCryptorStatus CCCryptorFinal(
+	CCCryptorRef cryptor,
+	void *dataOut,			/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)		/* number of bytes written */
+{
+	if(cryptor == NULL) {
+		return kCCParamError;
+	}
+	return cryptor->callouts->final(cryptor->spiCtx, 
+		dataOut, dataOutAvailable, dataOutMoved);
+}
+
+size_t CCCryptorGetOutputLength(
+	CCCryptorRef cryptor,
+	size_t inputLength,
+	bool final)
+{
+	if(cryptor == NULL) {
+		return 0;
+	}
+	return cryptor->callouts->outputSize(cryptor->spiCtx, 
+		inputLength, final);
+}
+
+CCCryptorStatus CCCryptorReset(
+	CCCryptorRef cryptor,
+	const void *iv)
+{
+	if(cryptor == NULL) {
+		return kCCParamError;
+	}
+	if(cryptor->callouts->reset == NULL) {
+		return kCCUnimplemented;
+	}
+	return cryptor->callouts->reset(cryptor->spiCtx, iv);
+}
+
+
+/* 
+ * One-shot is mostly service provider independent, except for the
+ * dataOutLength check.
+ */
+CCCryptorStatus CCCrypt(
+	CCOperation op,			/* kCCEncrypt, etc. */
+	CCAlgorithm alg,		/* kCCAlgorithmAES128, etc. */
+	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
+	const void *key,
+	size_t keyLength,
+	const void *iv,			/* optional initialization vector */
+	const void *dataIn,		/* optional per op and alg */
+	size_t dataInLength,
+	void *dataOut,			/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)	
+{
+	const CCCryptSpiCallouts *callouts;
+	size_t outputSize;
+	CCCryptorRef cryptor = NULL;
+	CCCryptorStatus crtn;
+	size_t totalMoved = 0;
+	size_t remaining;
+	size_t thisMove;
+	char *outp;
+
+	if(dataOutMoved == NULL) {
+		return kCCParamError;
+	}
+	/* remaining fields technically legal, here */
+	
+	/* the only SPI-specific task is validating dataOutLength */
+	callouts = ccSpiCallouts(op, alg);
+	if(callouts == NULL) {
+		return kCCParamError;
+	}
+	crtn = callouts->oneShotSize(op, alg, options, dataInLength, &outputSize);
+	if(crtn) {
+		return crtn;
+	}
+	if(outputSize > dataOutAvailable) {
+		*dataOutMoved = outputSize;
+		return kCCBufferTooSmall;
+	}
+	
+	/* looks like it should be legal */
+	crtn = CCCryptorCreate(op, alg, options,
+		key, keyLength, iv, &cryptor);
+	if(crtn) {
+		return crtn;
+	}
+	remaining = dataOutAvailable;
+	outp = (char *)dataOut;
+	if((dataIn != NULL) && (dataInLength != 0)) {
+		crtn = CCCryptorUpdate(cryptor, dataIn, dataInLength,
+			outp, remaining, &thisMove);
+		if(crtn) {
+			goto errOut;
+		}
+		outp       += thisMove;
+		totalMoved += thisMove;
+		remaining  -= thisMove;
+	}
+	crtn = CCCryptorFinal(cryptor, outp, remaining, &thisMove);
+	if(crtn == kCCSuccess) {
+		totalMoved += thisMove;
+		*dataOutMoved = totalMoved;
+	}
+	
+errOut:
+	if(cryptor) {
+		CCCryptorRelease(cryptor);
+	}
+	return crtn;
+}

ADDED   Source/CommonCryptorPriv.h
Index: Source/CommonCryptorPriv.h
==================================================================
--- /dev/null
+++ Source/CommonCryptorPriv.h
@@ -0,0 +1,106 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/* 
+ * CommonCryptorPriv.h - interface between CommonCryptor and operation- and
+ *						 algorithm-specific service providers. 
+ */
+
+#ifndef	_CC_COMMON_CRYPTOR_PRIV_
+#define	_CC_COMMON_CRYPTOR_PRIV_
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/CommonCryptor.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Service provider callouts, called from the public functions declared
+ * in CommonCryptor.h. Semantics are the same as the corresponding functions
+ * in that header, except for the void * passed to *ccCryptSpiInitFcn (which 
+ * otherwise corresponds to CCCryptorCreate()), the allocation of which is 
+ * handled at the CCCryptor layer. 
+ */
+
+/*
+ * Return the size in bytes of SPI-specific context required for
+ * specified op and algorithm.
+ */
+typedef CCCryptorStatus (*ccCryptorSpiContextSize)(CCOperation op, CCAlgorithm alg, size_t *ctxSize);
+
+/* remainder mirror the public functions in CCCryptor.h */
+typedef CCCryptorStatus (*ccCryptorSpiInitFcn)(
+	void *ctx,
+	CCOperation op,
+	CCAlgorithm alg,
+	CCOptions options,
+	const void *key,
+	size_t keyLength,
+	const void *iv);
+/* release is optional - if not present, SPI-specific context is zeroed */
+typedef CCCryptorStatus (*ccCryptorSpiRelease)(void *ctx);
+typedef CCCryptorStatus (*ccCryptorSpiUpdate)(void *ctx,
+	const void *dataIn,
+	size_t dataInLength,
+	void *dataOut,			/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved);
+typedef CCCryptorStatus (*ccCryptorSpiFinal)(void *ctx,
+	void *dataOut,			/* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved);
+/* reset is optional - if not present, kCCUnimplemented */
+typedef CCCryptorStatus (*ccCryptorSpiReset)(void *ctx,
+	const void *iv);
+typedef size_t (*ccCryptorSpiOutputSize)(void *ctx,
+	size_t inputLength,
+	bool final);	
+typedef CCCryptorStatus (*ccCryptorSpiOneShotSize)(
+	CCOperation op,
+	CCAlgorithm alg,
+	CCOptions options,
+	size_t inputLen,
+	size_t *outputLen);
+	
+/* 
+ * Callouts for one service provider. 
+ */
+typedef struct {
+	ccCryptorSpiContextSize	contextSize;
+	ccCryptorSpiInitFcn		init;
+	ccCryptorSpiRelease		release;
+	ccCryptorSpiUpdate		update;
+	ccCryptorSpiFinal		final;
+	ccCryptorSpiReset		reset;		/* optional: NULL --> kCCUnimplemented */
+	ccCryptorSpiOutputSize	outputSize;
+	ccCryptorSpiOneShotSize	oneShotSize;
+} CCCryptSpiCallouts;
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_COMMON_CRYPTOR_PRIV_ */

ADDED   Source/CommonDigestPriv.h
Index: Source/CommonDigestPriv.h
==================================================================
--- /dev/null
+++ Source/CommonDigestPriv.h
@@ -0,0 +1,84 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CommonDigestPriv.h - private typedefs and defines for ComonCrypto digest routines
+ */
+ 
+#ifndef	_COMMON_DIGEST_PRIV_H_
+#define _COMMON_DIGEST_PRIV_H_
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/CommonDigest.h>
+
+/* MD2 */
+
+#define MD2_DIGEST_LENGTH	CC_MD2_DIGEST_LENGTH
+#define MD2_BLOCK			CC_MD2_BLOCK_LONG
+typedef	CC_MD2_CTX			MD2_CTX;
+typedef CC_LONG				MD2_INT;
+
+/* MD4 */
+
+#define MD4_DIGEST_LENGTH 	CC_MD4_DIGEST_LENGTH
+#define MD4_CBLOCK			CC_MD4_BLOCK_BYTES
+#define MD4_LBLOCK			(MD4_CBLOCK/4)
+#define MD4_LONG_LOG2 		3
+typedef CC_MD4_CTX			MD4_CTX;
+typedef CC_LONG				MD4_LONG;
+
+/* MD5 */
+
+#define MD5_DIGEST_LENGTH 	CC_MD5_DIGEST_LENGTH
+#define MD5_CBLOCK			CC_MD5_BLOCK_BYTES
+#define MD5_LBLOCK			(MD5_CBLOCK/4)
+typedef CC_MD5_CTX			MD5_CTX;
+typedef CC_LONG				MD5_LONG;
+
+/* SHA1 */
+
+#define SHA_DIGEST_LENGTH 	CC_SHA1_DIGEST_LENGTH
+#define SHA_CBLOCK			CC_SHA1_BLOCK_BYTES
+#define SHA_LBLOCK			CC_SHA1_BLOCK_LONG
+#define SHA_LONG_LOG2 		2
+#define SHA_LAST_BLOCK  	(SHA_CBLOCK-8)
+typedef CC_SHA1_CTX			SHA_CTX;
+typedef CC_LONG				SHA_LONG;
+
+/* 
+ * Macro to make an algorithm-specific one shot.
+ */
+#define CC_DIGEST_ONE_SHOT(fcnName, ctxName, initFcn, updateFcn, finalFcn)	\
+unsigned char * fcnName (const void *data, CC_LONG len, unsigned char *md) \
+{									\
+	ctxName ctx;					\
+	if(md == NULL) {				\
+		return NULL;				\
+	}								\
+	initFcn(&ctx);					\
+	updateFcn(&ctx, data, len);		\
+	finalFcn(md, &ctx);				\
+	return md;						\
+}
+
+#endif	/* _COMMON_DIGEST_PRIV_H_ */

ADDED   Source/CommonHMAC.c
Index: Source/CommonHMAC.c
==================================================================
--- /dev/null
+++ Source/CommonHMAC.c
@@ -0,0 +1,214 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CommonHMAC.h - Keyed Message Authentication Code (HMAC) functions.
+ *
+ * Created 3/27/2006 by Doug Mitchell.
+ */
+
+#include <CommonCrypto/CommonHMAC.h>
+#include <strings.h>
+#include <stdlib.h>
+#include <assert.h>
+
+#ifndef	NDEBUG
+#define ASSERT(s)
+#else
+#define ASSERT(s)	assert(s)
+#endif
+
+/* 
+ * Callouts for digest ops.
+ * The void *ctx pointers are needed to accommodate different underlying
+ * digest context types. 
+ */
+typedef void (*ccDigestInit)(void *ctx);
+typedef void (*ccDigestUpdate)(void *ctx, const void *data, CC_LONG len);
+typedef void (*ccDigestFinal)(unsigned char *md, void *ctx);
+
+#define HMAC_MAX_BLOCK_SIZE		CC_SHA512_BLOCK_BYTES
+#define HMAC_MAX_DIGEST_SIZE	CC_SHA512_DIGEST_LENGTH
+
+/* 
+ * This is what a CCHmacContext actually points to.
+ */
+typedef struct {
+	uint32_t			digestLen;
+	uint32_t			blockLen;
+	union {
+		CC_MD5_CTX		md5Ctx;
+		CC_SHA1_CTX		sha1Ctx;
+		CC_SHA256_CTX 	sha256Ctx;
+		CC_SHA512_CTX 	sha512Ctx;
+	} digest;
+	uint8_t				k_opad[HMAC_MAX_BLOCK_SIZE];	/* max block size */
+	
+	ccDigestInit		digestInit;
+	ccDigestUpdate		digestUpdate;
+	ccDigestFinal		digestFinal;
+} _CCHmacContext;
+
+void CCHmacInit(
+	CCHmacContext *ctx, 
+	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
+	const void *key,
+	size_t keyLength)			/* length of key in bytes */
+{
+	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
+	uint8_t			tk[HMAC_MAX_DIGEST_SIZE];
+	uint8_t			*keyP;
+	uint32_t		byte;
+	uint8_t			k_ipad[HMAC_MAX_BLOCK_SIZE]; 
+
+	/* if this fails, it's time to adjust CC_HMAC_CONTEXT_SIZE */
+	ASSERT(sizeof(_CCHmacContext) < sizeof(CCHmacContext));
+	
+	if(hmacCtx == NULL) {
+		return;
+	}
+	
+	memset(hmacCtx, 0, sizeof(*hmacCtx));
+	
+	switch(algorithm) {
+		case kCCHmacAlgMD5:
+			hmacCtx->digestLen    = CC_MD5_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_MD5_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_MD5_Init;
+			hmacCtx->digestUpdate = (void *)CC_MD5_Update;
+			hmacCtx->digestFinal  = (void *)CC_MD5_Final;
+			break;
+		case kCCHmacAlgSHA1:
+			hmacCtx->digestLen    = CC_SHA1_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_SHA1_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_SHA1_Init;
+			hmacCtx->digestUpdate = (void *)CC_SHA1_Update;
+			hmacCtx->digestFinal  = (void *)CC_SHA1_Final;
+			break;
+		case kCCHmacAlgSHA224:
+			hmacCtx->digestLen    = CC_SHA224_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_SHA224_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_SHA224_Init;
+			hmacCtx->digestUpdate = (void *)CC_SHA224_Update;
+			hmacCtx->digestFinal  = (void *)CC_SHA224_Final;
+			break;
+		case kCCHmacAlgSHA256:
+			hmacCtx->digestLen    = CC_SHA256_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_SHA256_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_SHA256_Init;
+			hmacCtx->digestUpdate = (void *)CC_SHA256_Update;
+			hmacCtx->digestFinal  = (void *)CC_SHA256_Final;
+			break;
+		case kCCHmacAlgSHA384:
+			hmacCtx->digestLen    = CC_SHA384_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_SHA384_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_SHA384_Init;
+			hmacCtx->digestUpdate = (void *)CC_SHA384_Update;
+			hmacCtx->digestFinal  = (void *)CC_SHA384_Final;
+			break;
+		case kCCHmacAlgSHA512:
+			hmacCtx->digestLen    = CC_SHA512_DIGEST_LENGTH;
+			hmacCtx->blockLen     = CC_SHA512_BLOCK_BYTES;
+			hmacCtx->digestInit   = (void *)CC_SHA512_Init;
+			hmacCtx->digestUpdate = (void *)CC_SHA512_Update;
+			hmacCtx->digestFinal  = (void *)CC_SHA512_Final;
+			break;
+		default:
+			return;
+	}
+	
+	hmacCtx->digestInit(&hmacCtx->digest);
+	
+	/* If the key is longer than block size, reset it to key=digest(key) */
+	if (keyLength <= hmacCtx->blockLen)
+		keyP = (uint8_t *)key;
+	else {
+		hmacCtx->digestUpdate(&hmacCtx->digest, key, keyLength);
+		hmacCtx->digestFinal(tk, &hmacCtx->digest);
+		keyP = tk;
+		keyLength = hmacCtx->digestLen;
+		hmacCtx->digestInit(&hmacCtx->digest);
+	}
+	
+	/* The HMAC_<DIG> transform looks like:
+	   <DIG> (K XOR opad || <DIG> (K XOR ipad || text))
+	   Where K is a n byte key
+	   ipad is the byte 0x36 repeated 64 times.
+	   opad is the byte 0x5c repeated 64 times.
+	   text is the data being protected.
+	  */
+	/* Copy the key into k_ipad and k_opad while doing the XOR. */
+	for (byte = 0; byte < keyLength; byte++)
+	{
+		k_ipad[byte] = keyP[byte] ^ 0x36;
+		hmacCtx->k_opad[byte] = keyP[byte] ^ 0x5c;
+	}
+	/* Fill the remainder of k_ipad and k_opad with 0 XORed with the appropriate value. */
+	if (keyLength < hmacCtx->blockLen)
+	{
+		memset (k_ipad + keyLength, 0x36, hmacCtx->blockLen - keyLength);
+		memset (hmacCtx->k_opad + keyLength, 0x5c, hmacCtx->blockLen - keyLength);
+	}
+	hmacCtx->digestUpdate(&hmacCtx->digest, k_ipad, hmacCtx->blockLen);
+}
+
+void CCHmacUpdate(
+	CCHmacContext *ctx, 
+	const void *dataIn,
+	size_t dataInLength)			/* length of data in bytes */
+{
+	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
+	hmacCtx->digestUpdate(&hmacCtx->digest, dataIn, dataInLength);
+}
+
+void CCHmacFinal(
+	CCHmacContext *ctx, 
+	void *macOut)
+{
+	_CCHmacContext	*hmacCtx = (_CCHmacContext *)ctx;
+	hmacCtx->digestFinal(macOut, &hmacCtx->digest);
+	hmacCtx->digestInit(&hmacCtx->digest);
+	/* Perform outer digest */
+	hmacCtx->digestUpdate(&hmacCtx->digest, hmacCtx->k_opad, hmacCtx->blockLen);
+	hmacCtx->digestUpdate(&hmacCtx->digest, macOut, hmacCtx->digestLen);
+	hmacCtx->digestFinal(macOut, &hmacCtx->digest);
+}
+
+/*
+ * Stateless, one-shot HMAC function. 
+ * Output is written to caller-spullied buffer, as in CCHmacFinal().
+ */
+void CCHmac(
+	CCHmacAlgorithm algorithm,	/* kCCHmacSHA1, kCCHmacMD5 */
+	const void *key,
+	size_t keyLength,			/* length of key in bytes */
+	const void *data,
+	size_t dataLength,			/* length of data in bytes */
+	void *macOut)				/* MAC written here */
+{
+	CCHmacContext ctx;
+	
+	CCHmacInit(&ctx, algorithm, key, keyLength);
+	CCHmacUpdate(&ctx, data, dataLength);
+	CCHmacFinal(&ctx, macOut);
+}

ADDED   Source/Digest/md2_dgst.c
Index: Source/Digest/md2_dgst.c
==================================================================
--- /dev/null
+++ Source/Digest/md2_dgst.c
@@ -0,0 +1,240 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "CommonDigestPriv.h"
+#ifndef	 _APPLE_COMMON_CRYPTO_
+#include <openssl/md2.h>
+#include "opensslv.h"
+#endif
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
+#endif
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR	unsigned char
+
+static void md2_block(MD2_CTX *c, const unsigned char *d);
+/* The magic S table - I have converted it to hex since it is
+ * basically just a random byte string. */
+static const MD2_INT S[256]={
+	0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+	0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+	0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+	0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+	0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+	0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+	0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+	0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+	0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+	0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+	0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+	0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+	0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+	0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+	0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+	0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+	0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+	0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+	0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+	0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+	0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+	0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+	0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+	0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+	0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+	0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+	0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+	0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+	0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+	0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+	0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+	0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+	};
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+const char *MD2_options(void)
+	{
+	if (sizeof(MD2_INT) == 1)
+		return("md2(char)");
+	else
+		return("md2(int)");
+	}
+#endif
+
+int CC_MD2_Init(MD2_CTX *c)
+	{
+	c->num=0;
+	memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+	memset(c->data,0,MD2_BLOCK);
+    return 1;
+	}
+
+int CC_MD2_Update(MD2_CTX *c, const void *inData, CC_LONG len)
+	{
+    const unsigned char *data = (const unsigned char *)inData;
+	register UCHAR *p;
+
+	if (len == 0) return 1;
+
+	p=c->data;
+	if (c->num != 0)
+		{
+		if ((c->num+len) >= MD2_BLOCK)
+			{
+			memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+			md2_block(c,c->data);
+			data+=(MD2_BLOCK - c->num);
+			len-=(MD2_BLOCK - c->num);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			memcpy(&(p[c->num]),data,(int)len);
+			/* data+=len; */
+			c->num+=(int)len;
+			return 1;
+			}
+		}
+	/* we now can process the input data in blocks of MD2_BLOCK
+	 * chars and save the leftovers to c->data. */
+	while (len >= MD2_BLOCK)
+		{
+		md2_block(c,data);
+		data+=MD2_BLOCK;
+		len-=MD2_BLOCK;
+		}
+	memcpy(p,data,(int)len);
+	c->num=(int)len;
+    return 1;
+	}
+
+static void md2_block(MD2_CTX *c, const unsigned char *d)
+	{
+	register MD2_INT t,*sp1,*sp2;
+	register int i,j;
+	MD2_INT state[48];
+
+	sp1=c->state;
+	sp2=c->cksm;
+	j=sp2[MD2_BLOCK-1];
+	for (i=0; i<16; i++)
+		{
+		state[i]=sp1[i];
+		state[i+16]=t=d[i];
+		state[i+32]=(t^sp1[i]);
+		j=sp2[i]^=S[t^j];
+		}
+	t=0;
+	for (i=0; i<18; i++)
+		{
+		for (j=0; j<48; j+=8)
+			{
+			t= state[j+ 0]^=S[t];
+			t= state[j+ 1]^=S[t];
+			t= state[j+ 2]^=S[t];
+			t= state[j+ 3]^=S[t];
+			t= state[j+ 4]^=S[t];
+			t= state[j+ 5]^=S[t];
+			t= state[j+ 6]^=S[t];
+			t= state[j+ 7]^=S[t];
+			}
+		t=(t+i)&0xff;
+		}
+	memcpy(sp1,state,16*sizeof(MD2_INT));
+	memset(state,0,48*sizeof(MD2_INT));
+	}
+
+int CC_MD2_Final(unsigned char *md, MD2_CTX *c)
+	{
+	int i,v;
+	register UCHAR *cp;
+	register MD2_INT *p1,*p2;
+
+	cp=c->data;
+	p1=c->state;
+	p2=c->cksm;
+	v=MD2_BLOCK-c->num;
+	for (i=c->num; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)v;
+
+	md2_block(c,cp);
+
+	for (i=0; i<MD2_BLOCK; i++)
+		cp[i]=(UCHAR)p2[i];
+	md2_block(c,cp);
+
+	for (i=0; i<16; i++)
+		md[i]=(UCHAR)(p1[i]&0xff);
+	memset((char *)&c,0,sizeof(c));
+    return 1;
+	}
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+CC_DIGEST_ONE_SHOT(CC_MD2, CC_MD2_CTX, CC_MD2_Init, CC_MD2_Update, CC_MD2_Final)
+
+#endif

ADDED   Source/Digest/md32_common.h
Index: Source/Digest/md32_common.h
==================================================================
--- /dev/null
+++ Source/Digest/md32_common.h
@@ -0,0 +1,638 @@
+/* crypto/md32_common.h */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This is a generic 32 bit "collector" for message digest algorithms.
+ * Whenever needed it collects input character stream into chunks of
+ * 32 bit values and invokes a block function that performs actual hash
+ * calculations.
+ *
+ * Porting guide.
+ *
+ * Obligatory macros:
+ *
+ * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
+ *	this macro defines byte order of input stream.
+ * HASH_CBLOCK
+ *	size of a unit chunk HASH_BLOCK operates on.
+ * HASH_LONG
+ *	has to be at lest 32 bit wide, if it's wider, then
+ *	HASH_LONG_LOG2 *has to* be defined along
+ * HASH_CTX
+ *	context structure that at least contains following
+ *	members:
+ *		typedef struct {
+ *			...
+ *			HASH_LONG	Nl,Nh;
+ *			HASH_LONG	data[HASH_LBLOCK];
+ *			int		num;
+ *			...
+ *			} HASH_CTX;
+ * HASH_UPDATE
+ *	name of "Update" function, implemented here.
+ * HASH_TRANSFORM
+ *	name of "Transform" function, implemented here.
+ * HASH_FINAL
+ *	name of "Final" function, implemented here.
+ * HASH_BLOCK_HOST_ORDER
+ *	name of "block" function treating *aligned* input message
+ *	in host byte order, implemented externally.
+ * HASH_BLOCK_DATA_ORDER
+ *	name of "block" function treating *unaligned* input message
+ *	in original (data) byte order, implemented externally (it
+ *	actually is optional if data and host are of the same
+ *	"endianess").
+ * HASH_MAKE_STRING
+ *	macro convering context variables to an ASCII hash string.
+ *
+ * Optional macros:
+ *
+ * B_ENDIAN or L_ENDIAN
+ *	defines host byte-order.
+ * HASH_LONG_LOG2
+ *	defaults to 2 if not states otherwise.
+ * HASH_LBLOCK
+ *	assumed to be HASH_CBLOCK/4 if not stated otherwise.
+ * HASH_BLOCK_DATA_ORDER_ALIGNED
+ *	alternative "block" function capable of treating
+ *	aligned input message in original (data) order,
+ *	implemented externally.
+ *
+ * MD5 example:
+ *
+ *	#define DATA_ORDER_IS_LITTLE_ENDIAN
+ *
+ *	#define HASH_LONG		MD5_LONG
+ *	#define HASH_LONG_LOG2		MD5_LONG_LOG2
+ *	#define HASH_CTX		MD5_CTX
+ *	#define HASH_CBLOCK		MD5_CBLOCK
+ *	#define HASH_LBLOCK		MD5_LBLOCK
+ *	#define HASH_UPDATE		MD5_Update
+ *	#define HASH_TRANSFORM		MD5_Transform
+ *	#define HASH_FINAL		MD5_Final
+ *	#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
+ *	#define HASH_BLOCK_DATA_ORDER	md5_block_data_order
+ *
+ *					<appro@fy.chalmers.se>
+ */
+
+#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#error "DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_CBLOCK
+#error "HASH_CBLOCK must be defined!"
+#endif
+#ifndef HASH_LONG
+#error "HASH_LONG must be defined!"
+#endif
+#ifndef HASH_CTX
+#error "HASH_CTX must be defined!"
+#endif
+
+#ifndef HASH_UPDATE
+#error "HASH_UPDATE must be defined!"
+#endif
+#ifndef HASH_TRANSFORM
+#error "HASH_TRANSFORM must be defined!"
+#endif
+#ifndef HASH_FINAL
+#error "HASH_FINAL must be defined!"
+#endif
+
+#ifndef HASH_BLOCK_HOST_ORDER
+#error "HASH_BLOCK_HOST_ORDER must be defined!"
+#endif
+
+#if 0
+/*
+ * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED
+ * isn't defined.
+ */
+#ifndef HASH_BLOCK_DATA_ORDER
+#error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+#endif
+
+#ifndef HASH_LBLOCK
+#define HASH_LBLOCK	(HASH_CBLOCK/4)
+#endif
+
+#ifndef HASH_LONG_LOG2
+#define HASH_LONG_LOG2	2
+#endif
+
+/*
+ * Engage compiler specific rotate intrinsic function if available.
+ */
+#undef ROTATE
+#ifndef PEDANTIC
+# if 0 /* defined(_MSC_VER) */
+#  define ROTATE(a,n)	_lrotl(a,n)
+# elif defined(__MWERKS__)
+#  if defined(__POWERPC__)
+#   define ROTATE(a,n)	__rlwinm(a,n,0,31)
+#  elif defined(__MC68K__)
+    /* Motorola specific tweak. <appro@fy.chalmers.se> */
+#   define ROTATE(a,n)	( n<24 ? __rol(a,n) : __ror(a,32-n) )
+#  else
+#   define ROTATE(a,n)	__rol(a,n)
+#  endif
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+  /*
+   * Some GNU C inline assembler templates. Note that these are
+   * rotates by *constant* number of bits! But that's exactly
+   * what we need here...
+   *
+   * 					<appro@fy.chalmers.se>
+   */
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)	({ register unsigned int ret;	\
+				asm (			\
+				"roll %1,%0"		\
+				: "=r"(ret)		\
+				: "I"(n), "0"((unsigned int)a)	\
+				: "cc");		\
+			   ret;				\
+			})
+#  elif defined(__powerpc) || defined(__ppc)
+#   define ROTATE(a,n)	({ register unsigned int ret;	\
+				asm (			\
+				"rlwinm %0,%1,%2,0,31"	\
+				: "=r"(ret)		\
+				: "r"(a), "I"(n));	\
+			   ret;				\
+			})
+#  endif
+# endif
+
+/*
+ * Engage compiler specific "fetch in reverse byte order"
+ * intrinsic function if available.
+ */
+# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+  /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */
+#  if (defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)) && !defined(I386_ONLY)
+#   define BE_FETCH32(a)	({ register unsigned int l=(a);\
+				asm (			\
+				"bswapl %0"		\
+				: "=r"(l) : "0"(l));	\
+			  l;				\
+			})
+#  elif defined(__powerpc)
+#   define LE_FETCH32(a)	({ register unsigned int l;	\
+				asm (			\
+				"lwbrx %0,0,%1"		\
+				: "=r"(l)		\
+				: "r"(a));		\
+			   l;				\
+			})
+
+#  elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
+#  define LE_FETCH32(a)	({ register unsigned int l;		\
+				asm (				\
+				"lda [%1]#ASI_PRIMARY_LITTLE,%0"\
+				: "=r"(l)			\
+				: "r"(a));			\
+			   l;					\
+			})
+#  endif
+# endif
+#endif /* PEDANTIC */
+
+#if HASH_LONG_LOG2==2	/* Engage only if sizeof(HASH_LONG)== 4 */
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#ifdef ROTATE
+/* 5 instructions with rotate instruction, else 9 */
+#define REVERSE_FETCH32(a,l)	(					\
+		l=*(const HASH_LONG *)(a),				\
+		((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24)))	\
+				)
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define REVERSE_FETCH32(a,l)	(				\
+		l=*(const HASH_LONG *)(a),			\
+		l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)),	\
+		ROTATE(l,16)					\
+				)
+/*
+ * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|...
+ * It's rewritten as above for two reasons:
+ *	- RISCs aren't good at long constants and have to explicitely
+ *	  compose 'em with several (well, usually 2) instructions in a
+ *	  register before performing the actual operation and (as you
+ *	  already realized:-) having same constant should inspire the
+ *	  compiler to permanently allocate the only register for it;
+ *	- most modern CPUs have two ALUs, but usually only one has
+ *	  circuitry for shifts:-( this minor tweak inspires compiler
+ *	  to schedule shift instructions in a better way...
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#endif
+#endif
+
+#ifndef ROTATE
+#define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/*
+ * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED
+ * and HASH_BLOCK_HOST_ORDER ought to be the same if input data
+ * and host are of the same "endianess". It's possible to mask
+ * this with blank #define HASH_BLOCK_DATA_ORDER though...
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#if defined(B_ENDIAN)
+#  if defined(DATA_ORDER_IS_BIG_ENDIAN)
+#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
+#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
+#    endif
+#  elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#    ifndef HOST_FETCH32
+#      ifdef LE_FETCH32
+#        define HOST_FETCH32(p,l)	LE_FETCH32(p)
+#      elif defined(REVERSE_FETCH32)
+#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
+#      endif
+#    endif
+#  endif
+#elif defined(L_ENDIAN)
+#  if defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+#    if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2
+#      define HASH_BLOCK_DATA_ORDER_ALIGNED	HASH_BLOCK_HOST_ORDER
+#    endif
+#  elif defined(DATA_ORDER_IS_BIG_ENDIAN)
+#    ifndef HOST_FETCH32
+#      ifdef BE_FETCH32
+#        define HOST_FETCH32(p,l)	BE_FETCH32(p)
+#      elif defined(REVERSE_FETCH32)
+#        define HOST_FETCH32(p,l)	REVERSE_FETCH32(p,l)
+#      endif
+#    endif
+#  endif
+#endif
+
+#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+#ifndef HASH_BLOCK_DATA_ORDER
+#error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+#endif
+
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+
+#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))<<24),		\
+			 l|=(((unsigned long)(*((c)++)))<<16),		\
+			 l|=(((unsigned long)(*((c)++)))<< 8),		\
+			 l|=(((unsigned long)(*((c)++)))    ),		\
+			 l)
+#define HOST_p_c2l(c,l,n)	{					\
+			switch (n) {					\
+			case 0: l =((unsigned long)(*((c)++)))<<24;	\
+			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
+			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
+			case 3: l|=((unsigned long)(*((c)++)));		\
+				} }
+#define HOST_p_c2l_p(c,l,sc,len) {					\
+			switch (sc) {					\
+			case 0: l =((unsigned long)(*((c)++)))<<24;	\
+				if (--len == 0) break;			\
+			case 1: l|=((unsigned long)(*((c)++)))<<16;	\
+				if (--len == 0) break;			\
+			case 2: l|=((unsigned long)(*((c)++)))<< 8;	\
+				} }
+/* NOTE the pointer is not incremented at the end of this */
+#define HOST_c2l_p(c,l,n)	{					\
+			l=0; (c)+=n;					\
+			switch (n) {					\
+			case 3: l =((unsigned long)(*(--(c))))<< 8;	\
+			case 2: l|=((unsigned long)(*(--(c))))<<16;	\
+			case 1: l|=((unsigned long)(*(--(c))))<<24;	\
+				} }
+#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff),	\
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
+			 *((c)++)=(unsigned char)(((l)    )&0xff),	\
+			 l)
+
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+
+#define HOST_c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ),		\
+			 l|=(((unsigned long)(*((c)++)))<< 8),		\
+			 l|=(((unsigned long)(*((c)++)))<<16),		\
+			 l|=(((unsigned long)(*((c)++)))<<24),		\
+			 l)
+#define HOST_p_c2l(c,l,n)	{					\
+			switch (n) {					\
+			case 0: l =((unsigned long)(*((c)++)));		\
+			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
+			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
+			case 3: l|=((unsigned long)(*((c)++)))<<24;	\
+				} }
+#define HOST_p_c2l_p(c,l,sc,len) {					\
+			switch (sc) {					\
+			case 0: l =((unsigned long)(*((c)++)));		\
+				if (--len == 0) break;			\
+			case 1: l|=((unsigned long)(*((c)++)))<< 8;	\
+				if (--len == 0) break;			\
+			case 2: l|=((unsigned long)(*((c)++)))<<16;	\
+				} }
+/* NOTE the pointer is not incremented at the end of this */
+#define HOST_c2l_p(c,l,n)	{					\
+			l=0; (c)+=n;					\
+			switch (n) {					\
+			case 3: l =((unsigned long)(*(--(c))))<<16;	\
+			case 2: l|=((unsigned long)(*(--(c))))<< 8;	\
+			case 1: l|=((unsigned long)(*(--(c))));		\
+				} }
+#define HOST_l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff),	\
+			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
+			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
+			 *((c)++)=(unsigned char)(((l)>>24)&0xff),	\
+			 l)
+
+#endif
+
+/*
+ * Time for some action:-)
+ */
+
+int HASH_UPDATE (HASH_CTX *c, const void *data_, CC_LONG len)
+	{
+	const unsigned char *data=data_;
+	register HASH_LONG * p;
+	register unsigned long l;
+	int sw,sc,ew,ec;
+
+	if (len==0) return 1;
+
+	l=(c->Nl+(len<<3))&0xffffffffL;
+	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
+	if (l < c->Nl) /* overflow */
+		c->Nh++;
+	c->Nh+=(len>>29);
+	c->Nl=l;
+
+	if (c->num != 0)
+		{
+		p=c->data;
+		sw=c->num>>2;
+		sc=c->num&0x03;
+
+		if ((c->num+len) >= HASH_CBLOCK)
+			{
+			l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l;
+			for (; sw<HASH_LBLOCK; sw++)
+				{
+				HOST_c2l(data,l); p[sw]=l;
+				}
+			HASH_BLOCK_HOST_ORDER (c,p,1);
+			len-=(HASH_CBLOCK-c->num);
+			c->num=0;
+			/* drop through and do the rest */
+			}
+		else
+			{
+			c->num+=len;
+			if ((sc+len) < 4) /* ugly, add char's to a word */
+				{
+				l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l;
+				}
+			else
+				{
+				ew=(c->num>>2);
+				ec=(c->num&0x03);
+				if (sc)
+					l=p[sw];
+				HOST_p_c2l(data,l,sc);
+				p[sw++]=l;
+				for (; sw < ew; sw++)
+					{
+					HOST_c2l(data,l); p[sw]=l;
+					}
+				if (ec)
+					{
+					HOST_c2l_p(data,l,ec); p[sw]=l;
+					}
+				}
+			return 1;
+			}
+		}
+
+	sw=len/HASH_CBLOCK;
+	if (sw > 0)
+		{
+#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+		/*
+		 * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined
+		 * only if sizeof(HASH_LONG)==4.
+		 */
+		if ((((unsigned long)data)%4) == 0)
+			{
+			/* data is properly aligned so that we can cast it: */
+			HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw);
+			sw*=HASH_CBLOCK;
+			data+=sw;
+			len-=sw;
+			}
+		else
+#if !defined(HASH_BLOCK_DATA_ORDER)
+			while (sw--)
+				{
+				memcpy (p=c->data,data,HASH_CBLOCK);
+				HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1);
+				data+=HASH_CBLOCK;
+				len-=HASH_CBLOCK;
+				}
+#endif
+#endif
+#if defined(HASH_BLOCK_DATA_ORDER)
+			{
+			HASH_BLOCK_DATA_ORDER(c,data,sw);
+			sw*=HASH_CBLOCK;
+			data+=sw;
+			len-=sw;
+			}
+#endif
+		}
+
+	if (len!=0)
+		{
+		p = c->data;
+		c->num = len;
+		ew=len>>2;	/* words to copy */
+		ec=len&0x03;
+		for (; ew; ew--,p++)
+			{
+			HOST_c2l(data,l); *p=l;
+			}
+		HOST_c2l_p(data,l,ec);
+		*p=l;
+		}
+	return 1;
+	}
+
+void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data);
+
+void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
+	{
+#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED)
+	if ((((unsigned long)data)%4) == 0)
+		/* data is properly aligned so that we can cast it: */
+		HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1);
+	else
+#if !defined(HASH_BLOCK_DATA_ORDER)
+		{
+		memcpy (c->data,data,HASH_CBLOCK);
+		HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1);
+		}
+#endif
+#endif
+#if defined(HASH_BLOCK_DATA_ORDER)
+	HASH_BLOCK_DATA_ORDER (c,data,1);
+#endif
+	}
+
+
+int HASH_FINAL (unsigned char *md, HASH_CTX *c)
+	{
+	register HASH_LONG *p;
+	register unsigned long l;
+	register int i,j;
+	static const unsigned char end[4]={0x80,0x00,0x00,0x00};
+	const unsigned char *cp=end;
+
+	/* c->num should definitly have room for at least one more byte. */
+	p=c->data;
+	i=c->num>>2;
+	j=c->num&0x03;
+
+#if 0
+	/* purify often complains about the following line as an
+	 * Uninitialized Memory Read.  While this can be true, the
+	 * following p_c2l macro will reset l when that case is true.
+	 * This is because j&0x03 contains the number of 'valid' bytes
+	 * already in p[i].  If and only if j&0x03 == 0, the UMR will
+	 * occur but this is also the only time p_c2l will do
+	 * l= *(cp++) instead of l|= *(cp++)
+	 * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+	 * 'potential bug' */
+#ifdef PURIFY
+	if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */
+#endif
+	l=p[i];
+#else
+	l = (j==0) ? 0 : p[i];
+#endif
+	HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */
+
+	if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */
+		{
+		if (i<HASH_LBLOCK) p[i]=0;
+		HASH_BLOCK_HOST_ORDER (c,p,1);
+		i=0;
+		}
+	for (; i<(HASH_LBLOCK-2); i++)
+		p[i]=0;
+
+#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
+	p[HASH_LBLOCK-2]=c->Nh;
+	p[HASH_LBLOCK-1]=c->Nl;
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+	p[HASH_LBLOCK-2]=c->Nl;
+	p[HASH_LBLOCK-1]=c->Nh;
+#endif
+	HASH_BLOCK_HOST_ORDER (c,p,1);
+
+#ifndef HASH_MAKE_STRING
+#error "HASH_MAKE_STRING must be defined!"
+#else
+	HASH_MAKE_STRING(c,md);
+#endif
+
+	c->num=0;
+	/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
+	 * but I'm not worried :-)
+	OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
+	 */
+	return 1;
+	}
+
+#ifndef MD32_REG_T
+#define MD32_REG_T long
+/*
+ * This comment was originaly written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
+ * which is why it was moved to common header file.
+ *
+ * In case you wonder why A-D are declared as long and not
+ * as MD5_LONG. Doing so results in slight performance
+ * boost on LP64 architectures. The catch is we don't
+ * really care if 32 MSBs of a 64-bit register get polluted
+ * with eventual overflows as we *save* only 32 LSBs in
+ * *either* case. Now declaring 'em long excuses the compiler
+ * from keeping 32 MSBs zeroed resulting in 13% performance
+ * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
+ * Well, to be honest it should say that this *prevents* 
+ * performance degradation.
+ *				<appro@fy.chalmers.se>
+ * Apparently there're LP64 compilers that generate better
+ * code if A-D are declared int. Most notably GCC-x86_64
+ * generates better code.
+ *				<appro@fy.chalmers.se>
+ */
+#endif

ADDED   Source/Digest/md4_dgst.c
Index: Source/Digest/md4_dgst.c
==================================================================
--- /dev/null
+++ Source/Digest/md4_dgst.c
@@ -0,0 +1,268 @@
+/* crypto/md4/md4_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "CommonDigestPriv.h"
+#include "md4_locl.h"
+#ifndef		_APPLE_COMMON_CRYPTO_
+#include <openssl/opensslv.h>
+
+const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
+#endif		/* _APPLE_COMMON_CRYPTO_ */
+
+
+/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+int CC_MD4_Init(MD4_CTX *c)
+	{
+	c->A=INIT_DATA_A;
+	c->B=INIT_DATA_B;
+	c->C=INIT_DATA_C;
+	c->D=INIT_DATA_D;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	return 1;
+	}
+
+#ifndef md4_block_host_order
+__private_extern__ void md4_block_host_order (MD4_CTX *c, const void *data, int num)
+	{
+	const MD4_LONG *X=data;
+	register unsigned MD32_REG_T A,B,C,D;
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+
+	for (;num--;X+=HASH_LBLOCK)
+		{
+	/* Round 0 */
+	R0(A,B,C,D,X[ 0], 3,0);
+	R0(D,A,B,C,X[ 1], 7,0);
+	R0(C,D,A,B,X[ 2],11,0);
+	R0(B,C,D,A,X[ 3],19,0);
+	R0(A,B,C,D,X[ 4], 3,0);
+	R0(D,A,B,C,X[ 5], 7,0);
+	R0(C,D,A,B,X[ 6],11,0);
+	R0(B,C,D,A,X[ 7],19,0);
+	R0(A,B,C,D,X[ 8], 3,0);
+	R0(D,A,B,C,X[ 9], 7,0);
+	R0(C,D,A,B,X[10],11,0);
+	R0(B,C,D,A,X[11],19,0);
+	R0(A,B,C,D,X[12], 3,0);
+	R0(D,A,B,C,X[13], 7,0);
+	R0(C,D,A,B,X[14],11,0);
+	R0(B,C,D,A,X[15],19,0);
+	/* Round 1 */
+	R1(A,B,C,D,X[ 0], 3,0x5A827999L);
+	R1(D,A,B,C,X[ 4], 5,0x5A827999L);
+	R1(C,D,A,B,X[ 8], 9,0x5A827999L);
+	R1(B,C,D,A,X[12],13,0x5A827999L);
+	R1(A,B,C,D,X[ 1], 3,0x5A827999L);
+	R1(D,A,B,C,X[ 5], 5,0x5A827999L);
+	R1(C,D,A,B,X[ 9], 9,0x5A827999L);
+	R1(B,C,D,A,X[13],13,0x5A827999L);
+	R1(A,B,C,D,X[ 2], 3,0x5A827999L);
+	R1(D,A,B,C,X[ 6], 5,0x5A827999L);
+	R1(C,D,A,B,X[10], 9,0x5A827999L);
+	R1(B,C,D,A,X[14],13,0x5A827999L);
+	R1(A,B,C,D,X[ 3], 3,0x5A827999L);
+	R1(D,A,B,C,X[ 7], 5,0x5A827999L);
+	R1(C,D,A,B,X[11], 9,0x5A827999L);
+	R1(B,C,D,A,X[15],13,0x5A827999L);
+	/* Round 2 */
+	R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1);
+	R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1);
+	R2(C,D,A,B,X[ 4],11,0x6ED9EBA1);
+	R2(B,C,D,A,X[12],15,0x6ED9EBA1);
+	R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1);
+	R2(D,A,B,C,X[10], 9,0x6ED9EBA1);
+	R2(C,D,A,B,X[ 6],11,0x6ED9EBA1);
+	R2(B,C,D,A,X[14],15,0x6ED9EBA1);
+	R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1);
+	R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1);
+	R2(C,D,A,B,X[ 5],11,0x6ED9EBA1);
+	R2(B,C,D,A,X[13],15,0x6ED9EBA1);
+	R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1);
+	R2(D,A,B,C,X[11], 9,0x6ED9EBA1);
+	R2(C,D,A,B,X[ 7],11,0x6ED9EBA1);
+	R2(B,C,D,A,X[15],15,0x6ED9EBA1);
+
+	A = c->A += A;
+	B = c->B += B;
+	C = c->C += C;
+	D = c->D += D;
+		}
+	}
+#endif
+
+#ifndef md4_block_data_order
+#ifdef X
+#undef X
+#endif
+__private_extern__ void md4_block_data_order (MD4_CTX *c, const void *data_, int num)
+	{
+	const unsigned char *data=data_;
+	register unsigned MD32_REG_T A,B,C,D,l;
+#ifndef MD32_XARRAY
+	/* See comment in crypto/sha/sha_locl.h for details. */
+	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+# define X(i)	XX##i
+#else
+	MD4_LONG XX[MD4_LBLOCK];
+# define X(i)	XX[i]
+#endif
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+
+	for (;num--;)
+		{
+	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
+	/* Round 0 */
+	R0(A,B,C,D,X( 0), 3,0);	HOST_c2l(data,l); X( 2)=l;
+	R0(D,A,B,C,X( 1), 7,0);	HOST_c2l(data,l); X( 3)=l;
+	R0(C,D,A,B,X( 2),11,0);	HOST_c2l(data,l); X( 4)=l;
+	R0(B,C,D,A,X( 3),19,0);	HOST_c2l(data,l); X( 5)=l;
+	R0(A,B,C,D,X( 4), 3,0);	HOST_c2l(data,l); X( 6)=l;
+	R0(D,A,B,C,X( 5), 7,0);	HOST_c2l(data,l); X( 7)=l;
+	R0(C,D,A,B,X( 6),11,0);	HOST_c2l(data,l); X( 8)=l;
+	R0(B,C,D,A,X( 7),19,0);	HOST_c2l(data,l); X( 9)=l;
+	R0(A,B,C,D,X( 8), 3,0);	HOST_c2l(data,l); X(10)=l;
+	R0(D,A,B,C,X( 9), 7,0);	HOST_c2l(data,l); X(11)=l;
+	R0(C,D,A,B,X(10),11,0);	HOST_c2l(data,l); X(12)=l;
+	R0(B,C,D,A,X(11),19,0);	HOST_c2l(data,l); X(13)=l;
+	R0(A,B,C,D,X(12), 3,0);	HOST_c2l(data,l); X(14)=l;
+	R0(D,A,B,C,X(13), 7,0);	HOST_c2l(data,l); X(15)=l;
+	R0(C,D,A,B,X(14),11,0);
+	R0(B,C,D,A,X(15),19,0);
+	/* Round 1 */
+	R1(A,B,C,D,X( 0), 3,0x5A827999L);
+	R1(D,A,B,C,X( 4), 5,0x5A827999L);
+	R1(C,D,A,B,X( 8), 9,0x5A827999L);
+	R1(B,C,D,A,X(12),13,0x5A827999L);
+	R1(A,B,C,D,X( 1), 3,0x5A827999L);
+	R1(D,A,B,C,X( 5), 5,0x5A827999L);
+	R1(C,D,A,B,X( 9), 9,0x5A827999L);
+	R1(B,C,D,A,X(13),13,0x5A827999L);
+	R1(A,B,C,D,X( 2), 3,0x5A827999L);
+	R1(D,A,B,C,X( 6), 5,0x5A827999L);
+	R1(C,D,A,B,X(10), 9,0x5A827999L);
+	R1(B,C,D,A,X(14),13,0x5A827999L);
+	R1(A,B,C,D,X( 3), 3,0x5A827999L);
+	R1(D,A,B,C,X( 7), 5,0x5A827999L);
+	R1(C,D,A,B,X(11), 9,0x5A827999L);
+	R1(B,C,D,A,X(15),13,0x5A827999L);
+	/* Round 2 */
+	R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
+	R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
+	R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
+	R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
+	R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
+	R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
+	R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
+	R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
+	R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
+	R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
+	R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
+	R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
+	R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
+	R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
+	R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
+	R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
+
+	A = c->A += A;
+	B = c->B += B;
+	C = c->C += C;
+	D = c->D += D;
+		}
+	}
+#endif
+
+#ifdef undef
+int printit(unsigned long *l)
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+CC_DIGEST_ONE_SHOT(CC_MD4, CC_MD4_CTX, CC_MD4_Init, CC_MD4_Update, CC_MD4_Final)
+
+#endif

ADDED   Source/Digest/md4_locl.h
Index: Source/Digest/md4_locl.h
==================================================================
--- /dev/null
+++ Source/Digest/md4_locl.h
@@ -0,0 +1,165 @@
+/* crypto/md4/md4_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include "CommonDigestPriv.h"
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+#include <openssl/opensslconf.h>
+#include <openssl/md4.h>
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#ifndef MD4_LONG_LOG2
+#define MD4_LONG_LOG2 2 /* default to 32 bits */
+#endif
+
+__private_extern__ void md4_block_host_order (MD4_CTX *c, const void *p,int num);
+__private_extern__ void md4_block_data_order (MD4_CTX *c, const void *p,int num);
+
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
+/*
+ * *_block_host_order is expected to handle aligned data while
+ * *_block_data_order - unaligned. As algorithm and host (x86)
+ * are in this case of the same "endianness" these two are
+ * otherwise indistinguishable. But normally you don't want to
+ * call the same function because unaligned access in places
+ * where alignment is expected is usually a "Bad Thing". Indeed,
+ * on RISCs you get punished with BUS ERROR signal or *severe*
+ * performance degradation. Intel CPUs are in turn perfectly
+ * capable of loading unaligned data without such drastic side
+ * effect. Yes, they say it's slower than aligned load, but no
+ * exception is generated and therefore performance degradation
+ * is *incomparable* with RISCs. What we should weight here is
+ * costs of unaligned access against costs of aligning data.
+ * According to my measurements allowing unaligned access results
+ * in ~9% performance improvement on Pentium II operating at
+ * 266MHz. I won't be surprised if the difference will be higher
+ * on faster systems:-)
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#define md4_block_data_order md4_block_host_order
+#endif
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG		MD4_LONG
+#define HASH_LONG_LOG2	MD4_LONG_LOG2
+#define HASH_CTX		MD4_CTX
+#define HASH_CBLOCK		MD4_CBLOCK
+#define HASH_LBLOCK		MD4_LBLOCK
+#ifdef	_APPLE_COMMON_CRYPTO_
+#define HASH_UPDATE		CC_MD4_Update
+#define HASH_TRANSFORM	CC_MD4_Transform
+#define HASH_FINAL		CC_MD4_Final
+#else
+#define HASH_UPDATE		MD4_Update
+#define HASH_TRANSFORM	MD4_Transform
+#define HASH_FINAL		MD4_Final
+#endif
+
+#define	HASH_MAKE_STRING(c,s)	do {	\
+	unsigned long ll;		\
+	ll=(c)->A; HOST_l2c(ll,(s));	\
+	ll=(c)->B; HOST_l2c(ll,(s));	\
+	ll=(c)->C; HOST_l2c(ll,(s));	\
+	ll=(c)->D; HOST_l2c(ll,(s));	\
+	} while (0)
+#define HASH_BLOCK_HOST_ORDER	md4_block_host_order
+#if !defined(L_ENDIAN) || defined(md4_block_data_order)
+#define	HASH_BLOCK_DATA_ORDER	md4_block_data_order
+/*
+ * Little-endians (Intel and Alpha) feel better without this.
+ * It looks like memcpy does better job than generic
+ * md4_block_data_order on copying-n-aligning input data.
+ * But frankly speaking I didn't expect such result on Alpha.
+ * On the other hand I've got this with egcs-1.0.2 and if
+ * program is compiled with another (better?) compiler it
+ * might turn out other way around.
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#endif
+
+#include "md32_common.h"
+
+/*
+#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
+#define	G(x,y,z)	(((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d)	(((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define	H(b,c,d)	((b) ^ (c) ^ (d))
+
+#define R0(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+F((b),(c),(d))); \
+	a=ROTATE(a,s); };
+
+#define R1(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+G((b),(c),(d))); \
+	a=ROTATE(a,s); };\
+
+#define R2(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+H((b),(c),(d))); \
+	a=ROTATE(a,s); };

ADDED   Source/Digest/md5_dgst.c
Index: Source/Digest/md5_dgst.c
==================================================================
--- /dev/null
+++ Source/Digest/md5_dgst.c
@@ -0,0 +1,313 @@
+/* crypto/md5/md5_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "CommonDigestPriv.h"
+#include "md5_locl.h"
+
+#ifndef		_APPLE_COMMON_CRYPTO_
+#include <openssl/opensslv.h>
+const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
+#endif
+
+/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+int CC_MD5_Init(MD5_CTX *c)
+	{
+	c->A=INIT_DATA_A;
+	c->B=INIT_DATA_B;
+	c->C=INIT_DATA_C;
+	c->D=INIT_DATA_D;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	return 1;
+	}
+
+#ifndef md5_block_host_order
+__private_extern__ void md5_block_host_order (MD5_CTX *c, const void *data, int num)
+	{
+	const MD5_LONG *X=data;
+	register unsigned MD32_REG_T A,B,C,D;
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+
+	for (;num--;X+=HASH_LBLOCK)
+		{
+	/* Round 0 */
+	R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
+	R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
+	R0(C,D,A,B,X[ 2],17,0x242070dbL);
+	R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
+	R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
+	R0(D,A,B,C,X[ 5],12,0x4787c62aL);
+	R0(C,D,A,B,X[ 6],17,0xa8304613L);
+	R0(B,C,D,A,X[ 7],22,0xfd469501L);
+	R0(A,B,C,D,X[ 8], 7,0x698098d8L);
+	R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
+	R0(C,D,A,B,X[10],17,0xffff5bb1L);
+	R0(B,C,D,A,X[11],22,0x895cd7beL);
+	R0(A,B,C,D,X[12], 7,0x6b901122L);
+	R0(D,A,B,C,X[13],12,0xfd987193L);
+	R0(C,D,A,B,X[14],17,0xa679438eL);
+	R0(B,C,D,A,X[15],22,0x49b40821L);
+	/* Round 1 */
+	R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
+	R1(D,A,B,C,X[ 6], 9,0xc040b340L);
+	R1(C,D,A,B,X[11],14,0x265e5a51L);
+	R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
+	R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
+	R1(D,A,B,C,X[10], 9,0x02441453L);
+	R1(C,D,A,B,X[15],14,0xd8a1e681L);
+	R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
+	R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
+	R1(D,A,B,C,X[14], 9,0xc33707d6L);
+	R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
+	R1(B,C,D,A,X[ 8],20,0x455a14edL);
+	R1(A,B,C,D,X[13], 5,0xa9e3e905L);
+	R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
+	R1(C,D,A,B,X[ 7],14,0x676f02d9L);
+	R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
+	/* Round 2 */
+	R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
+	R2(D,A,B,C,X[ 8],11,0x8771f681L);
+	R2(C,D,A,B,X[11],16,0x6d9d6122L);
+	R2(B,C,D,A,X[14],23,0xfde5380cL);
+	R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
+	R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
+	R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
+	R2(B,C,D,A,X[10],23,0xbebfbc70L);
+	R2(A,B,C,D,X[13], 4,0x289b7ec6L);
+	R2(D,A,B,C,X[ 0],11,0xeaa127faL);
+	R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
+	R2(B,C,D,A,X[ 6],23,0x04881d05L);
+	R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
+	R2(D,A,B,C,X[12],11,0xe6db99e5L);
+	R2(C,D,A,B,X[15],16,0x1fa27cf8L);
+	R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
+	/* Round 3 */
+	R3(A,B,C,D,X[ 0], 6,0xf4292244L);
+	R3(D,A,B,C,X[ 7],10,0x432aff97L);
+	R3(C,D,A,B,X[14],15,0xab9423a7L);
+	R3(B,C,D,A,X[ 5],21,0xfc93a039L);
+	R3(A,B,C,D,X[12], 6,0x655b59c3L);
+	R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
+	R3(C,D,A,B,X[10],15,0xffeff47dL);
+	R3(B,C,D,A,X[ 1],21,0x85845dd1L);
+	R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
+	R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
+	R3(C,D,A,B,X[ 6],15,0xa3014314L);
+	R3(B,C,D,A,X[13],21,0x4e0811a1L);
+	R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
+	R3(D,A,B,C,X[11],10,0xbd3af235L);
+	R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
+	R3(B,C,D,A,X[ 9],21,0xeb86d391L);
+
+	A = c->A += A;
+	B = c->B += B;
+	C = c->C += C;
+	D = c->D += D;
+		}
+	}
+#endif
+
+#ifndef md5_block_data_order
+#ifdef X
+#undef X
+#endif
+__private_extern__ void md5_block_data_order (MD5_CTX *c, const void *data_, int num)
+	{
+	const unsigned char *data=data_;
+	register unsigned MD32_REG_T A,B,C,D,l;
+#ifndef MD32_XARRAY
+	/* See comment in crypto/sha/sha_locl.h for details. */
+	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+# define X(i)	XX##i
+#else
+	MD5_LONG XX[MD5_LBLOCK];
+# define X(i)	XX[i]
+#endif
+
+	A=c->A;
+	B=c->B;
+	C=c->C;
+	D=c->D;
+
+	for (;num--;)
+		{
+	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
+	/* Round 0 */
+	R0(A,B,C,D,X( 0), 7,0xd76aa478L);	HOST_c2l(data,l); X( 2)=l;
+	R0(D,A,B,C,X( 1),12,0xe8c7b756L);	HOST_c2l(data,l); X( 3)=l;
+	R0(C,D,A,B,X( 2),17,0x242070dbL);	HOST_c2l(data,l); X( 4)=l;
+	R0(B,C,D,A,X( 3),22,0xc1bdceeeL);	HOST_c2l(data,l); X( 5)=l;
+	R0(A,B,C,D,X( 4), 7,0xf57c0fafL);	HOST_c2l(data,l); X( 6)=l;
+	R0(D,A,B,C,X( 5),12,0x4787c62aL);	HOST_c2l(data,l); X( 7)=l;
+	R0(C,D,A,B,X( 6),17,0xa8304613L);	HOST_c2l(data,l); X( 8)=l;
+	R0(B,C,D,A,X( 7),22,0xfd469501L);	HOST_c2l(data,l); X( 9)=l;
+	R0(A,B,C,D,X( 8), 7,0x698098d8L);	HOST_c2l(data,l); X(10)=l;
+	R0(D,A,B,C,X( 9),12,0x8b44f7afL);	HOST_c2l(data,l); X(11)=l;
+	R0(C,D,A,B,X(10),17,0xffff5bb1L);	HOST_c2l(data,l); X(12)=l;
+	R0(B,C,D,A,X(11),22,0x895cd7beL);	HOST_c2l(data,l); X(13)=l;
+	R0(A,B,C,D,X(12), 7,0x6b901122L);	HOST_c2l(data,l); X(14)=l;
+	R0(D,A,B,C,X(13),12,0xfd987193L);	HOST_c2l(data,l); X(15)=l;
+	R0(C,D,A,B,X(14),17,0xa679438eL);
+	R0(B,C,D,A,X(15),22,0x49b40821L);
+	/* Round 1 */
+	R1(A,B,C,D,X( 1), 5,0xf61e2562L);
+	R1(D,A,B,C,X( 6), 9,0xc040b340L);
+	R1(C,D,A,B,X(11),14,0x265e5a51L);
+	R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
+	R1(A,B,C,D,X( 5), 5,0xd62f105dL);
+	R1(D,A,B,C,X(10), 9,0x02441453L);
+	R1(C,D,A,B,X(15),14,0xd8a1e681L);
+	R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
+	R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
+	R1(D,A,B,C,X(14), 9,0xc33707d6L);
+	R1(C,D,A,B,X( 3),14,0xf4d50d87L);
+	R1(B,C,D,A,X( 8),20,0x455a14edL);
+	R1(A,B,C,D,X(13), 5,0xa9e3e905L);
+	R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
+	R1(C,D,A,B,X( 7),14,0x676f02d9L);
+	R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
+	/* Round 2 */
+	R2(A,B,C,D,X( 5), 4,0xfffa3942L);
+	R2(D,A,B,C,X( 8),11,0x8771f681L);
+	R2(C,D,A,B,X(11),16,0x6d9d6122L);
+	R2(B,C,D,A,X(14),23,0xfde5380cL);
+	R2(A,B,C,D,X( 1), 4,0xa4beea44L);
+	R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
+	R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
+	R2(B,C,D,A,X(10),23,0xbebfbc70L);
+	R2(A,B,C,D,X(13), 4,0x289b7ec6L);
+	R2(D,A,B,C,X( 0),11,0xeaa127faL);
+	R2(C,D,A,B,X( 3),16,0xd4ef3085L);
+	R2(B,C,D,A,X( 6),23,0x04881d05L);
+	R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
+	R2(D,A,B,C,X(12),11,0xe6db99e5L);
+	R2(C,D,A,B,X(15),16,0x1fa27cf8L);
+	R2(B,C,D,A,X( 2),23,0xc4ac5665L);
+	/* Round 3 */
+	R3(A,B,C,D,X( 0), 6,0xf4292244L);
+	R3(D,A,B,C,X( 7),10,0x432aff97L);
+	R3(C,D,A,B,X(14),15,0xab9423a7L);
+	R3(B,C,D,A,X( 5),21,0xfc93a039L);
+	R3(A,B,C,D,X(12), 6,0x655b59c3L);
+	R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
+	R3(C,D,A,B,X(10),15,0xffeff47dL);
+	R3(B,C,D,A,X( 1),21,0x85845dd1L);
+	R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
+	R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
+	R3(C,D,A,B,X( 6),15,0xa3014314L);
+	R3(B,C,D,A,X(13),21,0x4e0811a1L);
+	R3(A,B,C,D,X( 4), 6,0xf7537e82L);
+	R3(D,A,B,C,X(11),10,0xbd3af235L);
+	R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
+	R3(B,C,D,A,X( 9),21,0xeb86d391L);
+
+	A = c->A += A;
+	B = c->B += B;
+	C = c->C += C;
+	D = c->D += D;
+		}
+	}
+#endif
+
+#ifdef undef
+int printit(unsigned long *l)
+	{
+	int i,ii;
+
+	for (i=0; i<2; i++)
+		{
+		for (ii=0; ii<8; ii++)
+			{
+			fprintf(stderr,"%08lx ",l[i*8+ii]);
+			}
+		fprintf(stderr,"\n");
+		}
+	}
+#endif
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+CC_DIGEST_ONE_SHOT(CC_MD5, CC_MD5_CTX, CC_MD5_Init, CC_MD5_Update, CC_MD5_Final)
+
+#endif
+
+/*
+	The following is needed because CC_MD5_Final takes an unsigned char*, not an unsigned char digest[16].
+	We previously handled this with a macro, but we take this approach because it allows a function pointer to
+	MD5Final to be created.
+*/
+void MD5Final (unsigned char digest[16], MD5_CTX *context);
+void MD5Final (unsigned char digest[16], MD5_CTX *context)
+{
+	CC_MD5_Final(digest, context);
+}
+

ADDED   Source/Digest/md5_locl.h
Index: Source/Digest/md5_locl.h
==================================================================
--- /dev/null
+++ Source/Digest/md5_locl.h
@@ -0,0 +1,183 @@
+/* crypto/md5/md5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+#error Compile order requires _APPLE_COMMON_CRYPTO_.
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/e_os2.h>
+#include <openssl/md5.h>
+#endif	_APPLE_COMMON_CRYPTO_
+
+#ifndef MD5_LONG_LOG2
+#define MD5_LONG_LOG2 2 /* default to 32 bits */
+#endif
+
+#ifdef MD5_ASM
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
+#  define md5_block_host_order md5_block_asm_host_order
+# elif defined(__sparc) && defined(OPENSSL_SYS_ULTRASPARC)
+   void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num);
+#  define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned
+# endif
+#endif
+
+__private_extern__ void md5_block_host_order (MD5_CTX *c, const void *p,int num);
+__private_extern__ void md5_block_data_order (MD5_CTX *c, const void *p,int num);
+
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || defined(__x86_64__)
+/*
+ * *_block_host_order is expected to handle aligned data while
+ * *_block_data_order - unaligned. As algorithm and host (x86)
+ * are in this case of the same "endianness" these two are
+ * otherwise indistinguishable. But normally you don't want to
+ * call the same function because unaligned access in places
+ * where alignment is expected is usually a "Bad Thing". Indeed,
+ * on RISCs you get punished with BUS ERROR signal or *severe*
+ * performance degradation. Intel CPUs are in turn perfectly
+ * capable of loading unaligned data without such drastic side
+ * effect. Yes, they say it's slower than aligned load, but no
+ * exception is generated and therefore performance degradation
+ * is *incomparable* with RISCs. What we should weight here is
+ * costs of unaligned access against costs of aligning data.
+ * According to my measurements allowing unaligned access results
+ * in ~9% performance improvement on Pentium II operating at
+ * 266MHz. I won't be surprised if the difference will be higher
+ * on faster systems:-)
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#define md5_block_data_order md5_block_host_order
+#endif
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG		MD5_LONG
+#define HASH_LONG_LOG2		MD5_LONG_LOG2
+#define HASH_CTX		MD5_CTX
+#define HASH_CBLOCK		MD5_CBLOCK
+#define HASH_LBLOCK		MD5_LBLOCK
+#ifdef	_APPLE_COMMON_CRYPTO_
+#define HASH_UPDATE		CC_MD5_Update
+#define HASH_TRANSFORM	CC_MD5_Transform
+#define HASH_FINAL		CC_MD5_Final
+#else
+#define HASH_UPDATE		MD5_Update
+#define HASH_TRANSFORM	MD5_Transform
+#define HASH_FINAL		MD5_Final
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#define	HASH_MAKE_STRING(c,s)	do {	\
+	unsigned long ll;		\
+	ll=(c)->A; HOST_l2c(ll,(s));	\
+	ll=(c)->B; HOST_l2c(ll,(s));	\
+	ll=(c)->C; HOST_l2c(ll,(s));	\
+	ll=(c)->D; HOST_l2c(ll,(s));	\
+	} while (0)
+#define HASH_BLOCK_HOST_ORDER	md5_block_host_order
+#if !defined(L_ENDIAN) || defined(md5_block_data_order)
+#define	HASH_BLOCK_DATA_ORDER	md5_block_data_order
+/*
+ * Little-endians (Intel and Alpha) feel better without this.
+ * It looks like memcpy does better job than generic
+ * md5_block_data_order on copying-n-aligning input data.
+ * But frankly speaking I didn't expect such result on Alpha.
+ * On the other hand I've got this with egcs-1.0.2 and if
+ * program is compiled with another (better?) compiler it
+ * might turn out other way around.
+ *
+ *				<appro@fy.chalmers.se>
+ */
+#endif
+
+#include "md32_common.h"
+
+/*
+#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
+#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below.  Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
+#define	G(b,c,d)	((((b) ^ (c)) & (d)) ^ (c))
+#define	H(b,c,d)	((b) ^ (c) ^ (d))
+#define	I(b,c,d)	(((~(d)) | (b)) ^ (c))
+
+#define R0(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+F((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+G((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+H((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+	a+=((k)+(t)+I((b),(c),(d))); \
+	a=ROTATE(a,s); \
+	a+=b; };

ADDED   Source/Digest/private_extern.s
Index: Source/Digest/private_extern.s
==================================================================
--- /dev/null
+++ Source/Digest/private_extern.s
@@ -0,0 +1,4 @@
+ .text
+ .private_extern mySymbol
+mySymbol:
+ ret

ADDED   Source/Digest/sha1.c
Index: Source/Digest/sha1.c
==================================================================
--- /dev/null
+++ Source/Digest/sha1.c
@@ -0,0 +1,232 @@
+/* crypto/sha/sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 
+ * In this odd implementation, the actual SHA1 code is in the sha_locl.h header.
+ * Compile it exactly once, here.
+ */
+#define SHA_1   	1
+
+#include <TargetConditionals.h>
+#include <CommonCrypto/CommonDigest.h>
+
+#if TARGET_OS_EMBEDDED && __arm__
+#define CC_SHA1_USE_HARDWARE			1
+#endif
+
+#if CC_SHA1_USE_HARDWARE
+#define CC_SHA1_USE_HARDWARE_THRESHOLD	4096
+extern int _CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len);
+#endif
+
+#include "sha_locl.h"
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+#if CC_SHA1_USE_HARDWARE
+//Need the IOKitLib.h only to keep IOSHA1Types.h happy.
+#include <IOKit/IOKitLib.h>
+#include <Kernel/IOKit/crypto/IOSHA1Types.h>
+#include <libkern/OSByteOrder.h>
+#include <sys/ioctl.h>
+#include <fcntl.h>
+#include <pthread.h>
+
+static int cc_sha1_device = -1;
+static pthread_once_t cc_sha1_connect_once = PTHREAD_ONCE_INIT;
+static CC_LONG cc_sha1_hardware_quantum = (256*4096); //.25 M default value.
+
+static void cc_sha1_connect(void) {
+    struct IOSHA1AcceleratorInfo shaInfo;
+	
+	cc_sha1_device = open("/dev/sha1_0", O_RDWR, 0);
+	if(cc_sha1_device < 0)
+		return;
+
+	if(ioctl(cc_sha1_device, IOSHA1_GET_INFO, &shaInfo) != -1) {
+        cc_sha1_hardware_quantum = shaInfo.maxBytesPerCall;
+	}
+}
+
+static CC_LONG sha1_hash_in_hardware(CC_SHA1_CTX *c, const UInt8 *data_buff, CC_LONG length, bool do_final)
+{
+	// Handle the hardware SHA1. 
+	struct IOSHA1AcceleratorRequest shaRequest;
+	CC_LONG quantum = cc_sha1_hardware_quantum;
+	const UInt8 *data = data_buff;
+	CC_LONG bytes_left = length;
+	CC_LONG bytes_hashed = 0;
+	
+	//Load the saved context 
+	shaRequest.hashBuffer.hashWords[0] = c->h0;
+	shaRequest.hashBuffer.hashWords[1] = c->h1;
+	shaRequest.hashBuffer.hashWords[2] = c->h2;
+	shaRequest.hashBuffer.hashWords[3] = c->h3;
+	shaRequest.hashBuffer.hashWords[4] = c->h4;
+    shaRequest.options = 0;
+
+	do {
+		if (bytes_left < cc_sha1_hardware_quantum) {
+            quantum = bytes_left;
+            if (do_final) {
+                shaRequest.options = kIOSHA1AcceleratorFinal;
+				shaRequest.totalLength = (UInt64)(length) << 3; //Totallength is in bits.
+            }
+        } else {
+            quantum = cc_sha1_hardware_quantum;
+        }
+
+		//Split the request in quantums if it is too large.
+		shaRequest.sourceText = (UInt8 *)data;
+		shaRequest.textLength = quantum;
+
+		if(ioctl(cc_sha1_device, IOSHA1_PERFORM_HASH, &shaRequest) == -1) {
+			break; //Failed to complete the whole request but fall back to the software only for the remaining bytes.
+		}
+		bytes_left -= quantum; 
+		data += quantum;
+	}while (bytes_left);
+
+	bytes_hashed = (length - bytes_left); 
+	if(bytes_hashed) {
+		//Save the result in the CC_SHA1_CTX.
+		c->h0 = shaRequest.hashBuffer.hashWords[0];
+		c->h1 = shaRequest.hashBuffer.hashWords[1];
+		c->h2 = shaRequest.hashBuffer.hashWords[2];
+		c->h3 = shaRequest.hashBuffer.hashWords[3];
+		c->h4 = shaRequest.hashBuffer.hashWords[4];
+
+		//Update Nl and Nh in the context. Required to finish the hash.
+		//Copied from the software SHA1 code. 
+		CC_LONG l=(c->Nl+(bytes_hashed<<3))&0xffffffffL;
+		if (l < c->Nl) /* overflow */
+				c->Nh++;
+		c->Nh+=(bytes_hashed>>29);
+		c->Nl=l;
+	}
+	return bytes_hashed;
+}
+
+int CC_SHA1_Update(CC_SHA1_CTX *c, const void *data, CC_LONG len)
+{
+	const UInt8 *data_buff = (const UInt8 *) data;
+	if (len > CC_SHA1_USE_HARDWARE_THRESHOLD &&
+        !(((intptr_t)data_buff + CC_SHA1_BLOCK_BYTES - c->num) & 3) &&
+        !pthread_once(&cc_sha1_connect_once, cc_sha1_connect) && cc_sha1_device >= 0) 
+    {
+		//USE SHA1 hardware.
+		if(c->num) {
+			//Do the first block or less in software
+			CC_LONG partial = CC_SHA1_BLOCK_BYTES - c->num;
+			_CC_SHA1_Update(c, data_buff, partial);
+			len -= partial;
+			data_buff += partial;
+		}
+		
+		CC_LONG bytes_4_hardware = len & ~(CC_SHA1_BLOCK_BYTES - 1); //Send only mulitple of 64 bytes to the hardware.
+		CC_LONG bytes_hashed = 0; 
+		bytes_hashed = sha1_hash_in_hardware(c, data_buff, bytes_4_hardware, false);
+        len -= bytes_hashed;
+        data_buff += bytes_hashed;
+	}
+
+    //USE SHA1 software. If len is zero then this immediately returns;
+    return _CC_SHA1_Update(c, data_buff, len);
+}
+
+UInt8* CC_SHA1(const void *data, CC_LONG len, UInt8 *md)
+{	
+	CC_LONG bytes_hashed = 0;
+	const UInt8 *data_buff = (const UInt8 *)data;
+	
+	if(md == NULL)
+		return NULL;									
+		
+	CC_SHA1_CTX ctx;
+	CC_SHA1_Init(&ctx);
+	
+	if (len > CC_SHA1_USE_HARDWARE_THRESHOLD &&
+        !((intptr_t)data_buff & 3) &&
+        !pthread_once(&cc_sha1_connect_once, cc_sha1_connect) && cc_sha1_device >= 0) 
+    {
+		bytes_hashed = sha1_hash_in_hardware(&ctx, data_buff, len, true);
+		if (bytes_hashed == len) {
+            OSWriteBigInt32(md, 0, ctx.h0);
+            OSWriteBigInt32(md, 4, ctx.h1);
+            OSWriteBigInt32(md, 8, ctx.h2);
+            OSWriteBigInt32(md, 12, ctx.h3);
+            OSWriteBigInt32(md, 16, ctx.h4); 
+			return md;
+        }
+
+		//Either we have failed partially or completely.
+		//Fall through to the software.
+		data_buff += bytes_hashed;
+		len -= bytes_hashed;
+	}
+	//Fall back to Software SHA1.
+	CC_SHA1_Update(&ctx, data_buff, len);
+	CC_SHA1_Final(md, &ctx);					
+	return md;												
+}
+#else //#if CC_SHA1_USE_HARDWARE
+CC_DIGEST_ONE_SHOT(CC_SHA1, CC_SHA1_CTX, CC_SHA1_Init, CC_SHA1_Update, CC_SHA1_Final)
+#endif
+
+#endif //#ifdef	_APPLE_COMMON_CRYPTO_
+

ADDED   Source/Digest/sha1edp.h
Index: Source/Digest/sha1edp.h
==================================================================
--- /dev/null
+++ Source/Digest/sha1edp.h
@@ -0,0 +1,51 @@
+#if !defined sha1edp_h
+#define	sha1edp_h
+
+
+/*	This file is included in sha1edpLittleEndian.s and sha1edpBigEndian.s to
+	define the symbols below for use in assembly code.
+
+	It is also included in sha1_locl.h and compiled in C to test that the
+	hard-coded values here match the values used in C.  CC_SHA1_BLOCK_BYTES
+	is defined in another header, so an error will be generated if its
+	definition here conflicts.  The other symbols are tested below, with
+	the CheckAssertion definition.
+*/
+
+
+// Number of bytes in a SHA-1 block.
+#define	CC_SHA1_BLOCK_BYTES	64
+
+// Offset of h0 to h4 members in SHA-1 context structure.
+#define	Contexth0	(0*4)
+#define	Contexth1	(1*4)
+#define	Contexth2	(2*4)
+#define	Contexth3	(3*4)
+#define	Contexth4	(4*4)
+
+
+#if !defined __ASSEMBLER__
+
+	#include <stddef.h>	// Get offsetof macro.
+
+	/*	Declare CheckAssertion so that if any of the declarations below
+		differ from it, the compiler will report an error.
+	*/
+	extern char CheckAssertion[1];
+
+	/*	Ensure that Contexth0 through Contexth4 are the byte offsets of the
+		h0 through h4 members of the SHA-1 context structure.
+	*/
+	extern char CheckAssertion[Contexth0 == offsetof(SHA_CTX, h0)];
+	extern char CheckAssertion[Contexth1 == offsetof(SHA_CTX, h1)];
+	extern char CheckAssertion[Contexth2 == offsetof(SHA_CTX, h2)];
+	extern char CheckAssertion[Contexth3 == offsetof(SHA_CTX, h3)];
+	extern char CheckAssertion[Contexth4 == offsetof(SHA_CTX, h4)];
+		/*	If these assertions fail, change the definitions of Contexth0 to
+			Contexth4 to match the offsets of the members.
+		*/
+
+#endif	// !defined __ASSEMBLER__
+
+
+#endif	// !defined sha1edp_h

ADDED   Source/Digest/sha1edpBigEndian.s
Index: Source/Digest/sha1edpBigEndian.s
==================================================================
--- /dev/null
+++ Source/Digest/sha1edpBigEndian.s
@@ -0,0 +1,511 @@
+/*	sha1edpBigEndian.s -- Core of SHA-1 algorithm, process blocks with
+	big-endian data.
+*/
+
+
+#if defined __i386__ || defined __x86_64__
+
+
+#if defined __x86_64__
+	#define	UseRedZone	// x86_64 may use the red zone.  i386 may not.
+#endif
+
+#include "sha1edp.h"
+#if CC_SHA1_BLOCK_BYTES != 64
+	#error "Expected CC_SHA1_BLOCK_BYTES to be 64."
+#endif
+
+
+// Provide a convenient way to conditionalize based on architecture.
+#if defined __i386__
+	#define	Arch(i386, x86_64)	i386
+#elif defined __x86_64__
+	#define	Arch(i386, x86_64)	x86_64
+#endif
+
+
+/*	Rename the general registers.  This makes it easier to keep track of them
+	and provides names for the "whole register" that are uniform between i386
+	and x86_64.
+*/
+#if defined __i386__
+	#define	r0	%eax	// Available for any use.
+	#define	r1	%ecx	// Available for any use, some special purposes (loop).
+	#define	r2	%edx	// Available for any use.
+	#define	r3	%ebx	// Must be preserved by called routine.
+	#define	r4	%esp	// Stack pointer.
+	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
+	#define	r6	%esi	// Must be preserved by called routine.
+	#define	r7	%edi	// Must be preserved by called routine.
+#elif defined __x86_64__
+	#define	r0	%rax	// Available for any use.
+	#define	r1	%rcx	// Available for any use.
+	#define	r2	%rdx	// Available for any use.
+	#define	r3	%rbx	// Must be preserved by called routine.
+	#define	r4	%rsp	// Stack pointer.
+	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
+	#define	r6	%rsi	// Available for any use.
+	#define	r7	%rdi	// Available for any use.
+	#define	r8	%r8		// Available for any use.
+	#define	r9	%r9		// Available for any use.
+	#define	r10	%r10	// Available for any use.
+	#define	r11	%r11	// Available for any use.
+	#define	r12	%r12	// Must be preserved by called routine.
+	#define	r13	%r13	// Must be preserved by called routine.
+	#define	r14	%r14	// Must be preserved by called routine.
+	#define	r15	%r15	// Must be preserved by called routine.
+#else
+	#error "Unknown architecture."
+#endif
+
+
+// Define names for fixed-size portions of registers.
+
+// 32 bits.
+#define	r0d		%eax
+#define	r1d		%ecx
+#define	r2d		%edx
+#define	r3d		%ebx
+#define	r4d		%esp
+#define	r5d		%ebp
+#define	r6d		%esi
+#define	r7d		%edi
+#define	r8d		%r8d
+#define	r9d		%r9d
+#define	r10d	%r10d
+#define	r11d	%r11d
+#define	r12d	%r12d
+#define	r13d	%r13d
+#define	r14d	%r14d
+#define	r15d	%r15d
+
+
+	.text
+
+
+/*	Routine:
+
+		_sha1_block_asm_host_order.
+
+	Function:
+
+		Update SHA-1 context from whole blocks provided in big-endian order.
+
+	Input:
+
+		SHA_CTX *Context	// SHA-1 context structure.
+		const void *Data	// Data, CC_SHA1_BLOCK_BYTES * Blocks bytes.
+		int Blocks			// Number of blocks to process.  Must be positive.
+
+	Output:
+
+		*Context is updated.
+*/
+	.globl _sha1_block_asm_host_order
+	.private_extern	_sha1_block_asm_host_order
+_sha1_block_asm_host_order:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	SaveSize	(5*4)
+	#elif defined __x86_64__
+		#define	SaveSize	(3*8)
+		// Add pushes of r12 to r15 if used.
+	#endif
+
+/*	SaveSize is the number of bytes of data pushed onto the stack so far,
+	including the caller's return address.
+*/
+
+#if defined UseRedZone
+	// No additional bytes are needed above stack for local data.
+	#define	LocalsSize	0
+
+	/*	Our local data contains an array named W of starting at offset WOffset
+		from the stack pointer.  There is plenty of space in the red zone below
+		the stack, so we will put the data there.  It is aligned to a multiple
+		of 16 bytes because the big-endian version of this routine may use
+		movaps to write to it.
+	*/
+	#define	WOffset	(- 16*4 - (-SaveSize & 15))
+#else
+	// Make space for W array in local data.
+	#define	LocalsSize	(16*4 + (-SaveSize & 15))
+
+	/*	Our local data contains an array named W of starting at offset WOffset
+		from the stack pointer.  It is aligned to a multiple of 16 bytes
+		because the big-endian version of this routine may use movaps to write
+		to it.
+	*/
+	#define	WOffset	0
+#endif
+
+// W(i) references word i%16 stored in the local data area.
+#define	W(i)	WOffset + ((i)%16)*4(r4)
+
+#define	StackFrame	(LocalsSize + SaveSize)
+	/*	StackFrame is the number of bytes in our stack frame, from the top of
+		stack after we push registers and make space for local data to the top
+		of stack immediately before the call to this routine.
+	*/
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+/*	t0 and t1 hold temporary values used in calculation or data motion and
+	overlap Context, Data, and Blocks on i386.  A, B, C, D, and E refer to
+	values used in the SHA-1 specification.  However, they are used in
+	rotation, so each of them successively holds the values the specification
+	refers to as the others at different times.
+
+	Note that t0, t1, and A to E are 32-bit registers.  They are used for
+	manipulating the 32-bit chunks of the SHA-1 algorithm.  Context, Data, and
+	Blocks are full registers, and the first two must be since they hold
+	addresses.
+*/
+#define	t0			r0d				// Overlaps Context.
+#define	t1			r1d				// Overlaps Data and Blocks.
+#define	A			Arch(r2d, r8d)
+#define	B			r3d
+#define	C			r5d
+#define	D			Arch(r6d, r9d)
+#define	E			Arch(r7d, r10d)
+
+#define	Context		Arch(r0, r7)	// Overlaps t0.
+#define	Data		Arch(r1, r6)	// Overlaps t1 and Blocks.
+#define	Blocks		Arch(r1, r2)	// Overlaps t1 and Data.
+
+#if defined __i386__
+
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+4*(i)(r4)
+
+	#define	ArgContext	Argument(0)
+	#define	ArgData		Argument(1)
+	#define	ArgBlocks	Argument(2)
+
+#endif
+
+
+// Constants of the SHA-1 algorithm.
+#define	Constant0	0x5a827999
+#define	Constant1	0x6ed9eba1
+#define	Constant2	0x8f1bbcdc
+#define	Constant3	0xca62c1d6
+
+
+// Define names for macro parameters, since assembler does not support them.
+#define	mF	$0
+#define	mB	$1
+#define	mC	$2
+#define	mD	$3
+
+	/*	Calculate the function used in steps 0 to 19 of SHA-1 and store the
+		result in F:
+
+			F = (C ^ D) & B ^ D.
+	*/
+	.macro	F0
+		mov		mC, t0
+		xor		mD, t0
+		and		mB, t0
+		xor		mD, t0
+		add		t0, mF
+	.endmacro
+
+
+	/*	Calculate the function used in steps 20 to 39 of SHA-1 and store the
+		result in F:
+
+			F = B ^ C ^ D.
+	*/
+	.macro	F1
+		mov		mB, t0
+		xor		mC, t0
+		xor		mD, t0
+		add		t0, mF
+	.endmacro
+
+
+	/*	Calculate the function used in steps 40 to 59 of SHA-1 and store the
+		result in F:
+
+			F = B & C | B & D | C & D.
+
+		(A bit in F is on iff corresponding bits are on in at least two of B,
+		C, and D.)
+	*/
+	.macro	F2
+		mov		mB, t0
+		and		mC, t0
+		mov		mB, t1
+		and		mD, t1
+		or		t1, t0
+		mov		mC, t1
+		and		mD, t1
+		or		t1, t0
+		add		t0, mF
+	.endmacro
+
+	// Steps 60 to 79 use the same function as 20 to 39.
+	#define	F3	F1
+
+// Undefine parameter names.
+#undef	mF
+#undef	mB
+#undef	mC
+#undef	mD
+
+
+// Define names for macro parameters, since assembler does not support them.
+#define	mA			$0
+#define	mB			$1
+#define	mC			$2
+#define	mD			$3
+#define	mE			$4
+#define	mFunction	$5
+#define	mWord		$6
+#define	mConstant	$7
+	/*	Step performs most of one step of the SHA-1 algorithm:
+
+			Add to E a word from the message schedule, a constant, A rotated
+			left 5 bits, and a function of B, C, and D.
+
+			Rotate B left 30 bits.
+
+			Rotate values (D to E, C to D, B to C, A to B, and the new E to A).
+			(This is effected by rotating the registers passed to this macro,
+			rather than by actually moving the data.)
+
+		mWord contains the word from the message schedule.  It may be in t0, so
+		we need to finish with it before using t0.
+
+		mConstant contains the constant to add.
+
+		mA, mB, mC, mD, and mE are registers with the current values of A, B,
+		C, D, and E.
+
+		mFunction is a macro that implements the function of B, C, and D.
+	*/
+	.macro	Step
+		add		$$mConstant, mE
+		add		mWord, mE
+		mov		mA, t0
+		roll	$$5, t0
+		add		t0, mE
+		mFunction	mE, mB, mC, mD
+		roll	$$30, mB
+	.endmacro
+// Undefine parameters names.
+#undef	mA
+#undef	mB
+#undef	mC
+#undef	mD
+#undef	mE
+#undef	mFunction
+#undef	mWord
+#undef	mConstant
+
+
+	/*	Prepare a new word from the message schedule.  Parameter $0 is the
+	 	index of the new word in our local table.
+	*/
+	.macro	PrepareWord
+		mov		W($0 +  0), t0
+		xor		W($0 +  2), t0
+		xor		W($0 +  8), t0
+		xor		W($0 + 13), t0
+		roll	$$1, t0
+		movl	t0, W($0 +  0)
+	.endmacro
+
+
+	#if defined __i386__
+		mov		ArgContext, Context
+	#endif
+
+	// Load current context.
+	mov		Contexth0(Context), A
+	mov		Contexth1(Context), B
+	mov		Contexth2(Context), C
+	mov		Contexth3(Context), D
+	mov		Contexth4(Context), E
+
+/*	This loop iterates through the blocks of data.  Each iteration updates the
+	SHA-1 context for one block.
+*/
+1:
+	#if defined __i386__
+		mov		ArgData, Data
+	#endif
+
+	/*	Preprocess user data and store in the local data area.  It is a shame
+		we cannot overlap this with later work, but we are out of registers and
+		do not want tie up a register with Data later on.
+
+		The bytes are in the desired order within the words, so we do not have
+		to reverse them as in the little-endian version of this routine, just
+		copy them.
+	*/
+	movups  0*4(Data), %xmm0;    movaps %xmm0, W( 0)
+	movups  4*4(Data), %xmm0;    movaps %xmm0, W( 4)
+	movups  8*4(Data), %xmm0;    movaps %xmm0, W( 8)
+	movups 12*4(Data), %xmm0;    movaps %xmm0, W(12)
+
+	// Advance pointer to next block.
+	add		$CC_SHA1_BLOCK_BYTES, Data
+	#if	defined __i386__
+		mov		Data, ArgData
+	#endif
+
+	// Steps 0 to 15.  Use words from already prepared message schedule.
+	movl W( 0), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W( 1), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W( 2), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W( 3), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W( 4), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W( 5), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W( 6), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W( 7), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W( 8), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W( 9), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W(10), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W(11), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W(12), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W(13), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W(14), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W(15), t0;     Step A, B, C, D, E, F0, t0, Constant0
+
+// Steps 16 to 19.  Update words in message schedule as we go.
+	PrepareWord  16;    Step E, A, B, C, D, F0, t0, Constant0
+	PrepareWord  17;    Step D, E, A, B, C, F0, t0, Constant0
+	PrepareWord  18;    Step C, D, E, A, B, F0, t0, Constant0
+	PrepareWord  19;    Step B, C, D, E, A, F0, t0, Constant0
+
+// Steps 20 to 39.
+	PrepareWord  20;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  21;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  22;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  23;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  24;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  25;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  26;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  27;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  28;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  29;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  30;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  31;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  32;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  33;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  34;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  35;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  36;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  37;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  38;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  39;    Step B, C, D, E, A, F1, t0, Constant1
+
+// Steps 40 to 59.
+	PrepareWord  40;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  41;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  42;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  43;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  44;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  45;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  46;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  47;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  48;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  49;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  50;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  51;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  52;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  53;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  54;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  55;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  56;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  57;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  58;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  59;    Step B, C, D, E, A, F2, t0, Constant2
+
+// Steps 60 to 79.
+	PrepareWord  60;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  61;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  62;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  63;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  64;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  65;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  66;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  67;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  68;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  69;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  70;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  71;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  72;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  73;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  74;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  75;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  76;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  77;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  78;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  79;    Step B, C, D, E, A, F3, t0, Constant3
+
+	#if defined __i386__
+		mov		ArgContext, Context
+	#endif
+
+	// Update SHA-1 context.
+	add		Contexth0(Context), A
+	add		Contexth1(Context), B
+	add		Contexth2(Context), C
+	add		Contexth3(Context), D
+	add		Contexth4(Context), E
+
+	mov		A, Contexth0(Context)
+	mov		B, Contexth1(Context)
+	mov		C, Contexth2(Context)
+	mov		D, Contexth3(Context)
+	mov		E, Contexth4(Context)
+
+	// Decrement and loop if not done.
+	#if defined __i386__
+		mov		ArgBlocks, Blocks
+		add		$-1, Blocks
+		mov		Blocks, ArgBlocks
+	#else
+		add		$-1, Blocks
+	#endif
+	jg		1b
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		pop		r7
+		pop		r6
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#endif	// defined __i386__ || defined __x86_64__

ADDED   Source/Digest/sha1edpLittleEndian.s
Index: Source/Digest/sha1edpLittleEndian.s
==================================================================
--- /dev/null
+++ Source/Digest/sha1edpLittleEndian.s
@@ -0,0 +1,523 @@
+/*	sha1edpLittleEndian.s -- Core of SHA-1 algorithm, process blocks with
+	little-endian data.
+*/
+
+
+#if defined __i386__ || defined __x86_64__
+
+
+#if defined __x86_64__
+	#define	UseRedZone	// x86_64 may use the red zone.  i386 may not.
+#endif
+
+#include "sha1edp.h"
+#if CC_SHA1_BLOCK_BYTES != 64
+	#error "Expected CC_SHA1_BLOCK_BYTES to be 64."
+#endif
+
+
+// Provide a convenient way to conditionalize based on architecture.
+#if defined __i386__
+	#define	Arch(i386, x86_64)	i386
+#elif defined __x86_64__
+	#define	Arch(i386, x86_64)	x86_64
+#endif
+
+
+/*	Rename the general registers.  This makes it easier to keep track of them
+	and provides names for the "whole register" that are uniform between i386
+	and x86_64.
+*/
+#if defined __i386__
+	#define	r0	%eax	// Available for any use.
+	#define	r1	%ecx	// Available for any use, some special purposes (loop).
+	#define	r2	%edx	// Available for any use.
+	#define	r3	%ebx	// Must be preserved by called routine.
+	#define	r4	%esp	// Stack pointer.
+	#define	r5	%ebp	// Frame pointer, must preserve, no bare indirect.
+	#define	r6	%esi	// Must be preserved by called routine.
+	#define	r7	%edi	// Must be preserved by called routine.
+#elif defined __x86_64__
+	#define	r0	%rax	// Available for any use.
+	#define	r1	%rcx	// Available for any use.
+	#define	r2	%rdx	// Available for any use.
+	#define	r3	%rbx	// Must be preserved by called routine.
+	#define	r4	%rsp	// Stack pointer.
+	#define	r5	%rbp	// Frame pointer.  Must be preserved by called routine.
+	#define	r6	%rsi	// Available for any use.
+	#define	r7	%rdi	// Available for any use.
+	#define	r8	%r8		// Available for any use.
+	#define	r9	%r9		// Available for any use.
+	#define	r10	%r10	// Available for any use.
+	#define	r11	%r11	// Available for any use.
+	#define	r12	%r12	// Must be preserved by called routine.
+	#define	r13	%r13	// Must be preserved by called routine.
+	#define	r14	%r14	// Must be preserved by called routine.
+	#define	r15	%r15	// Must be preserved by called routine.
+#else
+	#error "Unknown architecture."
+#endif
+
+
+// Define names for fixed-size portions of registers.
+
+// 32 bits.
+#define	r0d		%eax
+#define	r1d		%ecx
+#define	r2d		%edx
+#define	r3d		%ebx
+#define	r4d		%esp
+#define	r5d		%ebp
+#define	r6d		%esi
+#define	r7d		%edi
+#define	r8d		%r8d
+#define	r9d		%r9d
+#define	r10d	%r10d
+#define	r11d	%r11d
+#define	r12d	%r12d
+#define	r13d	%r13d
+#define	r14d	%r14d
+#define	r15d	%r15d
+
+
+	.text
+
+
+/*	Routine:
+
+		_sha1_block_asm_data_order.
+
+	Function:
+
+		Update SHA-1 context from whole blocks provided in little-endian order.
+
+	Input:
+
+		SHA_CTX *Context	// SHA-1 context structure.
+		const void *Data	// Data, CC_SHA1_BLOCK_BYTES * Blocks bytes.
+		int Blocks			// Number of blocks to process.  Must be positive.
+
+	Output:
+
+		*Context is updated.
+*/
+	.globl _sha1_block_asm_data_order
+	.private_extern	_sha1_block_asm_data_order
+_sha1_block_asm_data_order:
+
+	// Push new stack frame.
+	push	r5
+
+	// Save registers.
+	push	r3
+	#if defined __i386__
+		push	r6
+		push	r7
+		#define	SaveSize	(5*4)
+	#elif defined __x86_64__
+		#define	SaveSize	(3*8)
+		// Add pushes of r12 to r15 if used.
+	#endif
+
+/*	SaveSize is the number of bytes of data pushed onto the stack so far,
+	including the caller's return address.
+*/
+
+#if defined UseRedZone
+	// No additional bytes are needed above stack for local data.
+	#define	LocalsSize	0
+
+	/*	Our local data contains an array named W of starting at offset WOffset
+		from the stack pointer.  There is plenty of space in the red zone below
+		the stack, so we will put the data there.  It is aligned to a multiple
+		of 16 bytes because the big-endian version of this routine may use
+		movaps to write to it.
+	*/
+	#define	WOffset	(- 16*4 - (-SaveSize & 15))
+#else
+	// Make space for W array in local data.
+	#define	LocalsSize	(16*4 + (-SaveSize & 15))
+
+	/*	Our local data contains an array named W of starting at offset WOffset
+		from the stack pointer.  It is aligned to a multiple of 16 bytes
+		because the big-endian version of this routine may use movaps to write
+		to it.
+	*/
+	#define	WOffset	0
+#endif
+
+// W(i) references word i%16 stored in the local data area.
+#define	W(i)	WOffset + ((i)%16)*4(r4)
+
+#define	StackFrame	(LocalsSize + SaveSize)
+	/*	StackFrame is the number of bytes in our stack frame, from the top of
+		stack after we push registers and make space for local data to the top
+		of stack immediately before the call to this routine.
+	*/
+
+	#if 0 < LocalsSize
+		sub		$LocalsSize, r4	// Allocate space on stack.
+	#endif
+
+/*	t0 and t1 hold temporary values used in calculation or data motion and
+	overlap Context, Data, and Blocks on i386.  A, B, C, D, and E refer to
+	values used in the SHA-1 specification.  However, they are used in
+	rotation, so each of them successively holds the values the specification
+	refers to as the others at different times.
+
+	Note that t0, t1, and A to E are 32-bit registers.  They are used for
+	manipulating the 32-bit chunks of the SHA-1 algorithm.  Context, Data, and
+	Blocks are full registers, and the first two must be since they hold
+	addresses.
+*/
+#define	t0			r0d				// Overlaps Context.
+#define	t1			r1d				// Overlaps Data and Blocks.
+#define	A			Arch(r2d, r8d)
+#define	B			r3d
+#define	C			r5d
+#define	D			Arch(r6d, r9d)
+#define	E			Arch(r7d, r10d)
+
+#define	Context		Arch(r0, r7)	// Overlaps t0.
+#define	Data		Arch(r1, r6)	// Overlaps t1 and Blocks.
+#define	Blocks		Arch(r1, r2)	// Overlaps t1 and Data.
+
+#if defined __i386__
+
+	// Define location of argument i.
+	#define	Argument(i)	StackFrame+4*(i)(r4)
+
+	#define	ArgContext	Argument(0)
+	#define	ArgData		Argument(1)
+	#define	ArgBlocks	Argument(2)
+
+#endif
+
+
+// Constants of the SHA-1 algorithm.
+#define	Constant0	0x5a827999
+#define	Constant1	0x6ed9eba1
+#define	Constant2	0x8f1bbcdc
+#define	Constant3	0xca62c1d6
+
+
+// Define names for macro parameters, since assembler does not support them.
+#define	mF	$0
+#define	mB	$1
+#define	mC	$2
+#define	mD	$3
+
+	/*	Calculate the function used in steps 0 to 19 of SHA-1 and store the
+		result in F:
+
+			F = (C ^ D) & B ^ D.
+	*/
+	.macro	F0
+		mov		mC, t0
+		xor		mD, t0
+		and		mB, t0
+		xor		mD, t0
+		add		t0, mF
+	.endmacro
+
+
+	/*	Calculate the function used in steps 20 to 39 of SHA-1 and store the
+		result in F:
+
+			F = B ^ C ^ D.
+	*/
+	.macro	F1
+		mov		mB, t0
+		xor		mC, t0
+		xor		mD, t0
+		add		t0, mF
+	.endmacro
+
+
+	/*	Calculate the function used in steps 40 to 59 of SHA-1 and store the
+		result in F:
+
+			F = B & C | B & D | C & D.
+
+		(A bit in F is on iff corresponding bits are on in at least two of B,
+		C, and D.)
+	*/
+	.macro	F2
+		mov		mB, t0
+		and		mC, t0
+		mov		mB, t1
+		and		mD, t1
+		or		t1, t0
+		mov		mC, t1
+		and		mD, t1
+		or		t1, t0
+		add		t0, mF
+	.endmacro
+
+	// Steps 60 to 79 use the same function as 20 to 39.
+	#define	F3	F1
+
+// Undefine parameter names.
+#undef	mF
+#undef	mB
+#undef	mC
+#undef	mD
+
+
+// Define names for macro parameters, since assembler does not support them.
+#define	mA			$0
+#define	mB			$1
+#define	mC			$2
+#define	mD			$3
+#define	mE			$4
+#define	mFunction	$5
+#define	mWord		$6
+#define	mConstant	$7
+	/*	Step performs most of one step of the SHA-1 algorithm:
+
+			Add to E a word from the message schedule, a constant, A rotated
+			left 5 bits, and a function of B, C, and D.
+
+			Rotate B left 30 bits.
+
+			Rotate values (D to E, C to D, B to C, A to B, and the new E to A).
+			(This is effected by rotating the registers passed to this macro,
+			rather than by actually moving the data.)
+
+		mWord contains the word from the message schedule.  It may be in t0, so
+		we need to finish with it before using t0.
+
+		mConstant contains the constant to add.
+
+		mA, mB, mC, mD, and mE are registers with the current values of A, B,
+		C, D, and E.
+
+		mFunction is a macro that implements the function of B, C, and D.
+	*/
+	.macro	Step
+		add		$$mConstant, mE
+		add		mWord, mE
+		mov		mA, t0
+		roll	$$5, t0
+		add		t0, mE
+		mFunction	mE, mB, mC, mD
+		roll	$$30, mB
+	.endmacro
+// Undefine parameters names.
+#undef	mA
+#undef	mB
+#undef	mC
+#undef	mD
+#undef	mE
+#undef	mFunction
+#undef	mWord
+#undef	mConstant
+
+
+	/*	Prepare a new word from the message schedule.  Parameter $0 is the
+	 	index of the new word in our local table.
+	*/
+	.macro	PrepareWord
+		mov		W($0 +  0), t0
+		xor		W($0 +  2), t0
+		xor		W($0 +  8), t0
+		xor		W($0 + 13), t0
+		roll	$$1, t0
+		movl	t0, W($0 +  0)
+	.endmacro
+
+
+	#if defined __i386__
+		mov		ArgContext, Context
+	#endif
+
+	// Load current context.
+	mov		Contexth0(Context), A
+	mov		Contexth1(Context), B
+	mov		Contexth2(Context), C
+	mov		Contexth3(Context), D
+	mov		Contexth4(Context), E
+
+/*	This loop iterates through the blocks of data.  Each iteration updates the
+	SHA-1 context for one block.
+*/
+1:
+	#if defined __i386__
+		mov		ArgData, Data
+	#endif
+
+	/*	Preprocess user data and store in the local data area.  It is a shame
+		we cannot overlap this with later work, but we are out of registers and
+		do not want tie up a register with Data later on.
+
+		The little-endian version of this routine preprocesses data by
+		reversing the order of the bytes, so the SHA-1 arithmetic will work
+		correctly.  The big-endian version only copies the data.
+	*/
+	movl  0*4(Data), t0;    bswapl t0;    movl t0, W( 0)
+	movl  1*4(Data), t0;    bswapl t0;    movl t0, W( 1)
+	movl  2*4(Data), t0;    bswapl t0;    movl t0, W( 2)
+	movl  3*4(Data), t0;    bswapl t0;    movl t0, W( 3)
+	movl  4*4(Data), t0;    bswapl t0;    movl t0, W( 4)
+	movl  5*4(Data), t0;    bswapl t0;    movl t0, W( 5)
+	movl  6*4(Data), t0;    bswapl t0;    movl t0, W( 6)
+	movl  7*4(Data), t0;    bswapl t0;    movl t0, W( 7)
+	movl  8*4(Data), t0;    bswapl t0;    movl t0, W( 8)
+	movl  9*4(Data), t0;    bswapl t0;    movl t0, W( 9)
+	movl 10*4(Data), t0;    bswapl t0;    movl t0, W(10)
+	movl 11*4(Data), t0;    bswapl t0;    movl t0, W(11)
+	movl 12*4(Data), t0;    bswapl t0;    movl t0, W(12)
+	movl 13*4(Data), t0;    bswapl t0;    movl t0, W(13)
+	movl 14*4(Data), t0;    bswapl t0;    movl t0, W(14)
+	movl 15*4(Data), t0;    bswapl t0;    movl t0, W(15)
+
+	// Advance pointer to next block.
+	add		$CC_SHA1_BLOCK_BYTES, Data
+	#if	defined __i386__
+		mov		Data, ArgData
+	#endif
+
+	// Steps 0 to 15.  Use words from already prepared message schedule.
+	movl W( 0), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W( 1), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W( 2), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W( 3), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W( 4), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W( 5), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W( 6), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W( 7), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W( 8), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W( 9), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W(10), t0;     Step A, B, C, D, E, F0, t0, Constant0
+	movl W(11), t0;     Step E, A, B, C, D, F0, t0, Constant0
+	movl W(12), t0;     Step D, E, A, B, C, F0, t0, Constant0
+	movl W(13), t0;     Step C, D, E, A, B, F0, t0, Constant0
+	movl W(14), t0;     Step B, C, D, E, A, F0, t0, Constant0
+
+	movl W(15), t0;     Step A, B, C, D, E, F0, t0, Constant0
+
+// Steps 16 to 19.  Update words in message schedule as we go.
+	PrepareWord  16;    Step E, A, B, C, D, F0, t0, Constant0
+	PrepareWord  17;    Step D, E, A, B, C, F0, t0, Constant0
+	PrepareWord  18;    Step C, D, E, A, B, F0, t0, Constant0
+	PrepareWord  19;    Step B, C, D, E, A, F0, t0, Constant0
+
+// Steps 20 to 39.
+	PrepareWord  20;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  21;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  22;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  23;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  24;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  25;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  26;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  27;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  28;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  29;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  30;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  31;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  32;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  33;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  34;    Step B, C, D, E, A, F1, t0, Constant1
+
+	PrepareWord  35;    Step A, B, C, D, E, F1, t0, Constant1
+	PrepareWord  36;    Step E, A, B, C, D, F1, t0, Constant1
+	PrepareWord  37;    Step D, E, A, B, C, F1, t0, Constant1
+	PrepareWord  38;    Step C, D, E, A, B, F1, t0, Constant1
+	PrepareWord  39;    Step B, C, D, E, A, F1, t0, Constant1
+
+// Steps 40 to 59.
+	PrepareWord  40;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  41;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  42;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  43;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  44;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  45;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  46;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  47;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  48;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  49;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  50;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  51;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  52;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  53;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  54;    Step B, C, D, E, A, F2, t0, Constant2
+
+	PrepareWord  55;    Step A, B, C, D, E, F2, t0, Constant2
+	PrepareWord  56;    Step E, A, B, C, D, F2, t0, Constant2
+	PrepareWord  57;    Step D, E, A, B, C, F2, t0, Constant2
+	PrepareWord  58;    Step C, D, E, A, B, F2, t0, Constant2
+	PrepareWord  59;    Step B, C, D, E, A, F2, t0, Constant2
+
+// Steps 60 to 79.
+	PrepareWord  60;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  61;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  62;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  63;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  64;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  65;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  66;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  67;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  68;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  69;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  70;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  71;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  72;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  73;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  74;    Step B, C, D, E, A, F3, t0, Constant3
+
+	PrepareWord  75;    Step A, B, C, D, E, F3, t0, Constant3
+	PrepareWord  76;    Step E, A, B, C, D, F3, t0, Constant3
+	PrepareWord  77;    Step D, E, A, B, C, F3, t0, Constant3
+	PrepareWord  78;    Step C, D, E, A, B, F3, t0, Constant3
+	PrepareWord  79;    Step B, C, D, E, A, F3, t0, Constant3
+
+	#if defined __i386__
+		mov		ArgContext, Context
+	#endif
+
+	// Update SHA-1 context.
+	add		Contexth0(Context), A
+	add		Contexth1(Context), B
+	add		Contexth2(Context), C
+	add		Contexth3(Context), D
+	add		Contexth4(Context), E
+
+	mov		A, Contexth0(Context)
+	mov		B, Contexth1(Context)
+	mov		C, Contexth2(Context)
+	mov		D, Contexth3(Context)
+	mov		E, Contexth4(Context)
+
+	// Decrement and loop if not done.
+	#if defined __i386__
+		mov		ArgBlocks, Blocks
+		add		$-1, Blocks
+		mov		Blocks, ArgBlocks
+	#else
+		add		$-1, Blocks
+	#endif
+	jg		1b
+
+	// Pop stack and restore registers.
+	#if 0 < LocalsSize
+		add		$LocalsSize, r4
+	#endif
+	#if defined __i386__
+		pop		r7
+		pop		r6
+	#endif
+	pop		r3
+	pop		r5
+
+	ret
+
+
+#endif	// defined __i386__ || defined __x86_64__

ADDED   Source/Digest/sha2.c
Index: Source/Digest/sha2.c
==================================================================
--- /dev/null
+++ Source/Digest/sha2.c
@@ -0,0 +1,995 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2002, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue Date: 26/08/2003
+
+ This is a byte oriented version of SHA2 that operates on arrays of bytes
+ stored in memory. This code implements sha256, sha384 and sha512 but the
+ latter two functions rely on efficient 64-bit integer operations that
+ may not be very efficient on 32-bit machines
+
+ The sha256 functions use a type 'sha256_ctx' to hold details of the
+ current hash state and uses the following three calls:
+
+       void sha256_begin(sha256_ctx ctx[1])
+       void sha256_hash(const unsigned char data[],
+                            unsigned long len, sha256_ctx ctx[1])
+       void sha_end1(unsigned char hval[], sha256_ctx ctx[1])
+
+ The first subroutine initialises a hash computation by setting up the
+ context in the sha256_ctx context. The second subroutine hashes 8-bit
+ bytes from array data[] into the hash state withinh sha256_ctx context,
+ the number of bytes to be hashed being given by the the unsigned long
+ integer len.  The third subroutine completes the hash calculation and
+ places the resulting digest value in the array of 8-bit bytes hval[].
+
+ The sha384 and sha512 functions are similar and use the interfaces:
+
+       void sha384_begin(sha384_ctx ctx[1]);
+       void sha384_hash(const unsigned char data[],
+                            unsigned long len, sha384_ctx ctx[1]);
+       void sha384_end(unsigned char hval[], sha384_ctx ctx[1]);
+
+       void sha512_begin(sha512_ctx ctx[1]);
+       void sha512_hash(const unsigned char data[],
+                            unsigned long len, sha512_ctx ctx[1]);
+       void sha512_end(unsigned char hval[], sha512_ctx ctx[1]);
+
+ In addition there is a function sha2 that can be used to call all these
+ functions using a call with a hash length parameter as follows:
+
+       int sha2_begin(unsigned long len, sha2_ctx ctx[1]);
+       void sha2_hash(const unsigned char data[],
+                            unsigned long len, sha2_ctx ctx[1]);
+       void sha2_end(unsigned char hval[], sha2_ctx ctx[1]);
+
+ My thanks to Erik Andersen <andersen@codepoet.org> for testing this code
+ on big-endian systems and for his assistance with corrections
+*/
+
+/*
+ * Apple: Measurements indicate that we get both smaller code size and faster
+ * performance when compiling this file with -O1 than with either -O3 or -Os.
+ *
+ * -O1
+ * sha2.o 18652 bytes of text
+ * 7.509 seconds to digest 100000000 bytes with SHA512
+ *
+ * -Os
+ * sha2.o 19552 bytes of text
+ * 8.693 seconds to process 100000000 bytes
+ * 
+ * -O3
+ * sha2.o 20452 bytes of text
+ * 8.535 seconds to process 100000000 bytes
+ *
+ * #defining UNROOL_SHA2 leads to no noticable improvement. 
+ */
+#include "sha2Priv.h"   /* Apple Common Digest version */
+
+/* define the hash functions that you need          */
+
+#ifndef _APPLE_COMMON_CRYPTO_
+#define SHA_2           /* for dynamic hash length  */
+#endif  /* _APPLE_COMMON_CRYPTO_ */
+#define SHA_224
+#define SHA_256
+#define SHA_384
+#define SHA_512
+
+#if 0
+#define UNROLL_SHA2     /* for SHA2 loop unroll     */
+#endif
+
+#include <string.h>     /* for memcpy() etc.        */
+#include <stdlib.h>     /* for _lrotr with VC++     */
+
+/* #include "sha2.h" */
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+/*  PLATFORM SPECIFIC INCLUDES AND BYTE ORDER IN 32-BIT WORDS
+
+    To obtain the highest speed on processors with 32-bit words, this code
+    needs to determine the byte order of the target machine. The following
+    block of code is an attempt to capture the most obvious ways in which
+    various environemnts define byte order. It may well fail, in which case
+    the definitions will need to be set by editing at the points marked
+    **** EDIT HERE IF NECESSARY **** below.  My thanks go to Peter Gutmann
+    for his assistance with this endian detection nightmare.
+*/
+
+#define BRG_LITTLE_ENDIAN   1234 /* byte 0 is least significant (i386) */
+#define BRG_BIG_ENDIAN      4321 /* byte 0 is most significant (mc68k) */
+
+#if defined(__GNUC__) || defined(__GNU_LIBRARY__)
+#  if defined(__FreeBSD__) || defined(__OpenBSD__)
+#    include <sys/endian.h>
+#  elif defined( BSD ) && ( BSD >= 199103 )
+#      include <machine/endian.h>
+#  elif defined(__APPLE__)
+#    if defined(__BIG_ENDIAN__) && !defined( BIG_ENDIAN )
+#      define BIG_ENDIAN
+#    elif defined(__LITTLE_ENDIAN__) && !defined( LITTLE_ENDIAN )
+#      define LITTLE_ENDIAN
+#    endif
+#  else
+#    include <endian.h>
+#    if !defined(__BEOS__)
+#      include <byteswap.h>
+#    endif
+#  endif
+#endif
+
+#if !defined(PLATFORM_BYTE_ORDER)
+#  if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
+#    if    defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(LITTLE_ENDIAN) &&  defined(BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(BYTE_ORDER) && (BYTE_ORDER == LITTLE_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(BYTE_ORDER) && (BYTE_ORDER == BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    endif
+#  elif defined(_LITTLE_ENDIAN) || defined(_BIG_ENDIAN)
+#    if    defined(_LITTLE_ENDIAN) && !defined(_BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(_LITTLE_ENDIAN) &&  defined(_BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _LITTLE_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(_BYTE_ORDER) && (_BYTE_ORDER == _BIG_ENDIAN)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#   endif
+#  elif defined(__LITTLE_ENDIAN__) || defined(__BIG_ENDIAN__)
+#    if    defined(__LITTLE_ENDIAN__) && !defined(__BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif !defined(__LITTLE_ENDIAN__) &&  defined(__BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __LITTLE_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#    elif defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __BIG_ENDIAN__)
+#      define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#    endif
+#  endif
+#endif
+
+/*  if the platform is still unknown, try to find its byte order    */
+/*  from commonly used machine defines                              */
+
+#if !defined(PLATFORM_BYTE_ORDER)
+
+#if   defined( __alpha__ ) || defined( __alpha ) || defined( i386 )       || \
+      defined( __i386__ )  || defined( _M_I86 )  || defined( _M_IX86 )    || \
+      defined( __OS2__ )   || defined( sun386 )  || defined( __TURBOC__ ) || \
+      defined( vax )       || defined( vms )     || defined( VMS )        || \
+      defined( __VMS )     || defined(__x86_64__)
+#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+
+#elif defined( AMIGA )    || defined( applec )  || defined( __AS400__ )  || \
+      defined( _CRAY )    || defined( __hppa )  || defined( __hp9000 )   || \
+      defined( ibm370 )   || defined( mc68000 ) || defined( m68k )       || \
+      defined( __MRC__ )  || defined( __MVS__ ) || defined( __MWERKS__ ) || \
+      defined( sparc )    || defined( __sparc)  || defined( SYMANTEC_C ) || \
+      defined( __TANDEM ) || defined( THINK_C ) || defined( __VMCMS__ )
+#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+
+#elif 0     /* **** EDIT HERE IF NECESSARY **** */
+#  define PLATFORM_BYTE_ORDER BRG_LITTLE_ENDIAN
+#elif 0     /* **** EDIT HERE IF NECESSARY **** */
+#  define PLATFORM_BYTE_ORDER BRG_BIG_ENDIAN
+#else
+#  error Please edit sha2.c (line 184 or 186) to set the platform byte order
+#endif
+
+#endif
+
+#ifdef _MSC_VER
+#pragma intrinsic(memcpy)
+#endif
+
+#if 0 && defined(_MSC_VER)
+#define rotl32 _lrotl
+#define rotr32 _lrotr
+#else
+#define rotl32(x,n)   (((x) << n) | ((x) >> (32 - n)))
+#define rotr32(x,n)   (((x) >> n) | ((x) << (32 - n)))
+#endif
+
+#if !defined(bswap_32)
+#define bswap_32(x) ((rotr32((x), 24) & 0x00ff00ff) | (rotr32((x), 8) & 0xff00ff00))
+#endif
+
+#if (PLATFORM_BYTE_ORDER == BRG_LITTLE_ENDIAN)
+#define SWAP_BYTES
+#else
+#undef  SWAP_BYTES
+#endif
+
+#if 0
+
+#define ch(x,y,z)       (((x) & (y)) ^ (~(x) & (z)))
+#define maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#else   /* Thanks to Rich Schroeppel and Colin Plumb for the following      */
+
+#define ch(x,y,z)       ((z) ^ ((x) & ((y) ^ (z))))
+#define maj(x,y,z)      (((x) & (y)) | ((z) & ((x) ^ (y))))
+
+#endif
+
+/* round transforms for SHA256 and SHA512 compression functions */
+
+#define vf(n,i) v[(n - i) & 7]
+
+#define hf(i) (p[i & 15] += \
+    g_1(p[(i + 14) & 15]) + p[(i + 9) & 15] + g_0(p[(i + 1) & 15]))
+
+#define v_cycle(i,j)                                \
+    vf(7,i) += (j ? hf(i) : p[i]) + k_0[i+j]        \
+    + s_1(vf(4,i)) + ch(vf(4,i),vf(5,i),vf(6,i));   \
+    vf(3,i) += vf(7,i);                             \
+    vf(7,i) += s_0(vf(0,i))+ maj(vf(0,i),vf(1,i),vf(2,i))
+
+#if defined(SHA_224) || defined(SHA_256)
+
+#define SHA256_MASK (SHA256_BLOCK_SIZE - 1)
+
+#if defined(SWAP_BYTES)
+#define bsw_32(p,n) \
+    { int _i = (n); while(_i--) ((sha2_32t*)p)[_i] = bswap_32(((sha2_32t*)p)[_i]); }
+#else
+#define bsw_32(p,n)
+#endif
+
+#define s_0(x)  (rotr32((x),  2) ^ rotr32((x), 13) ^ rotr32((x), 22))
+#define s_1(x)  (rotr32((x),  6) ^ rotr32((x), 11) ^ rotr32((x), 25))
+#define g_0(x)  (rotr32((x),  7) ^ rotr32((x), 18) ^ ((x) >>  3))
+#define g_1(x)  (rotr32((x), 17) ^ rotr32((x), 19) ^ ((x) >> 10))
+#define k_0     k256
+
+/* rotated SHA256 round definition. Rather than swapping variables as in    */
+/* FIPS-180, different variables are 'rotated' on each round, returning     */
+/* to their starting positions every eight rounds                           */
+
+#define q(n)  v##n
+
+#define one_cycle(a,b,c,d,e,f,g,h,k,w)  \
+    q(h) += s_1(q(e)) + ch(q(e), q(f), q(g)) + k + w; \
+    q(d) += q(h); q(h) += s_0(q(a)) + maj(q(a), q(b), q(c))
+
+/* SHA256 mixing data   */
+
+static const sha2_32t k256[64] =
+{   0x428a2f98ul, 0x71374491ul, 0xb5c0fbcful, 0xe9b5dba5ul,
+    0x3956c25bul, 0x59f111f1ul, 0x923f82a4ul, 0xab1c5ed5ul,
+    0xd807aa98ul, 0x12835b01ul, 0x243185beul, 0x550c7dc3ul,
+    0x72be5d74ul, 0x80deb1feul, 0x9bdc06a7ul, 0xc19bf174ul,
+    0xe49b69c1ul, 0xefbe4786ul, 0x0fc19dc6ul, 0x240ca1ccul,
+    0x2de92c6ful, 0x4a7484aaul, 0x5cb0a9dcul, 0x76f988daul,
+    0x983e5152ul, 0xa831c66dul, 0xb00327c8ul, 0xbf597fc7ul,
+    0xc6e00bf3ul, 0xd5a79147ul, 0x06ca6351ul, 0x14292967ul,
+    0x27b70a85ul, 0x2e1b2138ul, 0x4d2c6dfcul, 0x53380d13ul,
+    0x650a7354ul, 0x766a0abbul, 0x81c2c92eul, 0x92722c85ul,
+    0xa2bfe8a1ul, 0xa81a664bul, 0xc24b8b70ul, 0xc76c51a3ul,
+    0xd192e819ul, 0xd6990624ul, 0xf40e3585ul, 0x106aa070ul,
+    0x19a4c116ul, 0x1e376c08ul, 0x2748774cul, 0x34b0bcb5ul,
+    0x391c0cb3ul, 0x4ed8aa4aul, 0x5b9cca4ful, 0x682e6ff3ul,
+    0x748f82eeul, 0x78a5636ful, 0x84c87814ul, 0x8cc70208ul,
+    0x90befffaul, 0xa4506cebul, 0xbef9a3f7ul, 0xc67178f2ul,
+};
+
+/* Compile 64 bytes of hash data into SHA256 digest value   */
+/* NOTE: this routine assumes that the byte order in the    */
+/* ctx->wbuf[] at this point is such that low address bytes */
+/* in the ORIGINAL byte stream will go into the high end of */
+/* words on BOTH big and little endian systems              */
+
+static sha2_void sha256_compile(sha256_ctx ctx[1])
+{
+#if !defined(UNROLL_SHA2)
+
+    sha2_32t j, *p = ctx->wbuf, v[8];
+
+    memcpy(v, ctx->hash, 8 * sizeof(sha2_32t));
+
+    for(j = 0; j < 64; j += 16)
+    {
+        v_cycle( 0, j); v_cycle( 1, j);
+        v_cycle( 2, j); v_cycle( 3, j);
+        v_cycle( 4, j); v_cycle( 5, j);
+        v_cycle( 6, j); v_cycle( 7, j);
+        v_cycle( 8, j); v_cycle( 9, j);
+        v_cycle(10, j); v_cycle(11, j);
+        v_cycle(12, j); v_cycle(13, j);
+        v_cycle(14, j); v_cycle(15, j);
+    }
+
+    ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
+    ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
+    ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
+    ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
+
+#else
+
+    sha2_32t *p = ctx->wbuf,v0,v1,v2,v3,v4,v5,v6,v7;
+
+    v0 = ctx->hash[0]; v1 = ctx->hash[1];
+    v2 = ctx->hash[2]; v3 = ctx->hash[3];
+    v4 = ctx->hash[4]; v5 = ctx->hash[5];
+    v6 = ctx->hash[6]; v7 = ctx->hash[7];
+
+    one_cycle(0,1,2,3,4,5,6,7,k256[ 0],p[ 0]);
+    one_cycle(7,0,1,2,3,4,5,6,k256[ 1],p[ 1]);
+    one_cycle(6,7,0,1,2,3,4,5,k256[ 2],p[ 2]);
+    one_cycle(5,6,7,0,1,2,3,4,k256[ 3],p[ 3]);
+    one_cycle(4,5,6,7,0,1,2,3,k256[ 4],p[ 4]);
+    one_cycle(3,4,5,6,7,0,1,2,k256[ 5],p[ 5]);
+    one_cycle(2,3,4,5,6,7,0,1,k256[ 6],p[ 6]);
+    one_cycle(1,2,3,4,5,6,7,0,k256[ 7],p[ 7]);
+    one_cycle(0,1,2,3,4,5,6,7,k256[ 8],p[ 8]);
+    one_cycle(7,0,1,2,3,4,5,6,k256[ 9],p[ 9]);
+    one_cycle(6,7,0,1,2,3,4,5,k256[10],p[10]);
+    one_cycle(5,6,7,0,1,2,3,4,k256[11],p[11]);
+    one_cycle(4,5,6,7,0,1,2,3,k256[12],p[12]);
+    one_cycle(3,4,5,6,7,0,1,2,k256[13],p[13]);
+    one_cycle(2,3,4,5,6,7,0,1,k256[14],p[14]);
+    one_cycle(1,2,3,4,5,6,7,0,k256[15],p[15]);
+
+    one_cycle(0,1,2,3,4,5,6,7,k256[16],hf( 0));
+    one_cycle(7,0,1,2,3,4,5,6,k256[17],hf( 1));
+    one_cycle(6,7,0,1,2,3,4,5,k256[18],hf( 2));
+    one_cycle(5,6,7,0,1,2,3,4,k256[19],hf( 3));
+    one_cycle(4,5,6,7,0,1,2,3,k256[20],hf( 4));
+    one_cycle(3,4,5,6,7,0,1,2,k256[21],hf( 5));
+    one_cycle(2,3,4,5,6,7,0,1,k256[22],hf( 6));
+    one_cycle(1,2,3,4,5,6,7,0,k256[23],hf( 7));
+    one_cycle(0,1,2,3,4,5,6,7,k256[24],hf( 8));
+    one_cycle(7,0,1,2,3,4,5,6,k256[25],hf( 9));
+    one_cycle(6,7,0,1,2,3,4,5,k256[26],hf(10));
+    one_cycle(5,6,7,0,1,2,3,4,k256[27],hf(11));
+    one_cycle(4,5,6,7,0,1,2,3,k256[28],hf(12));
+    one_cycle(3,4,5,6,7,0,1,2,k256[29],hf(13));
+    one_cycle(2,3,4,5,6,7,0,1,k256[30],hf(14));
+    one_cycle(1,2,3,4,5,6,7,0,k256[31],hf(15));
+
+    one_cycle(0,1,2,3,4,5,6,7,k256[32],hf( 0));
+    one_cycle(7,0,1,2,3,4,5,6,k256[33],hf( 1));
+    one_cycle(6,7,0,1,2,3,4,5,k256[34],hf( 2));
+    one_cycle(5,6,7,0,1,2,3,4,k256[35],hf( 3));
+    one_cycle(4,5,6,7,0,1,2,3,k256[36],hf( 4));
+    one_cycle(3,4,5,6,7,0,1,2,k256[37],hf( 5));
+    one_cycle(2,3,4,5,6,7,0,1,k256[38],hf( 6));
+    one_cycle(1,2,3,4,5,6,7,0,k256[39],hf( 7));
+    one_cycle(0,1,2,3,4,5,6,7,k256[40],hf( 8));
+    one_cycle(7,0,1,2,3,4,5,6,k256[41],hf( 9));
+    one_cycle(6,7,0,1,2,3,4,5,k256[42],hf(10));
+    one_cycle(5,6,7,0,1,2,3,4,k256[43],hf(11));
+    one_cycle(4,5,6,7,0,1,2,3,k256[44],hf(12));
+    one_cycle(3,4,5,6,7,0,1,2,k256[45],hf(13));
+    one_cycle(2,3,4,5,6,7,0,1,k256[46],hf(14));
+    one_cycle(1,2,3,4,5,6,7,0,k256[47],hf(15));
+
+    one_cycle(0,1,2,3,4,5,6,7,k256[48],hf( 0));
+    one_cycle(7,0,1,2,3,4,5,6,k256[49],hf( 1));
+    one_cycle(6,7,0,1,2,3,4,5,k256[50],hf( 2));
+    one_cycle(5,6,7,0,1,2,3,4,k256[51],hf( 3));
+    one_cycle(4,5,6,7,0,1,2,3,k256[52],hf( 4));
+    one_cycle(3,4,5,6,7,0,1,2,k256[53],hf( 5));
+    one_cycle(2,3,4,5,6,7,0,1,k256[54],hf( 6));
+    one_cycle(1,2,3,4,5,6,7,0,k256[55],hf( 7));
+    one_cycle(0,1,2,3,4,5,6,7,k256[56],hf( 8));
+    one_cycle(7,0,1,2,3,4,5,6,k256[57],hf( 9));
+    one_cycle(6,7,0,1,2,3,4,5,k256[58],hf(10));
+    one_cycle(5,6,7,0,1,2,3,4,k256[59],hf(11));
+    one_cycle(4,5,6,7,0,1,2,3,k256[60],hf(12));
+    one_cycle(3,4,5,6,7,0,1,2,k256[61],hf(13));
+    one_cycle(2,3,4,5,6,7,0,1,k256[62],hf(14));
+    one_cycle(1,2,3,4,5,6,7,0,k256[63],hf(15));
+
+    ctx->hash[0] += v0; ctx->hash[1] += v1;
+    ctx->hash[2] += v2; ctx->hash[3] += v3;
+    ctx->hash[4] += v4; ctx->hash[5] += v5;
+    ctx->hash[6] += v6; ctx->hash[7] += v7;
+#endif
+}
+
+/* SHA256 hash data in an array of bytes into hash buffer   */
+/* and call the hash_compile function as required.          */
+#ifdef		_APPLE_COMMON_CRYPTO_
+int CC_SHA256_Update(CC_SHA256_CTX *ctx, const void *data, CC_LONG len)
+#else
+sha2_void sha256_hash(const unsigned char data[], unsigned long len, sha256_ctx ctx[1])
+#endif  /* _APPLE_COMMON_CRYPTO_ */
+{   sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA256_MASK),
+             space = SHA256_BLOCK_SIZE - pos;
+    const unsigned char *sp = data;
+
+    if((ctx->count[0] += len) < len)
+        ++(ctx->count[1]);
+
+    while(len >= space)     /* tranfer whole blocks while possible  */
+    {
+        memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
+        sp += space; len -= space; space = SHA256_BLOCK_SIZE; pos = 0;
+        bsw_32(ctx->wbuf, SHA256_BLOCK_SIZE >> 2)
+        sha256_compile(ctx);
+    }
+
+    memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
+	return 1;
+}
+
+/* SHA256 Final padding and digest calculation  */
+
+static sha2_void sha_end1(unsigned char hval[], sha256_ctx ctx[1], const unsigned int hlen)
+{   sha2_32t    i = (sha2_32t)(ctx->count[0] & SHA256_MASK);
+
+    /* put bytes in the buffer in an order in which references to   */
+    /* 32-bit words will put bytes with lower addresses into the    */
+    /* top of 32 bit words on BOTH big and little endian machines   */
+    bsw_32(ctx->wbuf, (i + 3) >> 2)
+
+    /* we now need to mask valid bytes and add the padding which is */
+    /* a single 1 bit and as many zero bits as necessary. Note that */
+    /* we can always add the first padding byte here because the    */
+    /* buffer always has at least one empty slot                    */
+    ctx->wbuf[i >> 2] &= 0xffffff80 << 8 * (~i & 3);
+    ctx->wbuf[i >> 2] |= 0x00000080 << 8 * (~i & 3);
+
+    /* we need 9 or more empty positions, one for the padding byte  */
+    /* (above) and eight for the length count.  If there is not     */
+    /* enough space pad and empty the buffer                        */
+    if(i > SHA256_BLOCK_SIZE - 9)
+    {
+        if(i < 60) ctx->wbuf[15] = 0;
+        sha256_compile(ctx);
+        i = 0;
+    }
+    else    /* compute a word index for the empty buffer positions  */
+        i = (i >> 2) + 1;
+
+    while(i < 14) /* and zero pad all but last two positions        */
+        ctx->wbuf[i++] = 0;
+
+    /* the following 32-bit length fields are assembled in the      */
+    /* wrong byte order on little endian machines but this is       */
+    /* corrected later since they are only ever used as 32-bit      */
+    /* word values.                                                 */
+    ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 29);
+    ctx->wbuf[15] = ctx->count[0] << 3;
+    sha256_compile(ctx);
+
+    /* extract the hash value as bytes in case the hash buffer is   */
+    /* mislaigned for 32-bit words                                  */
+    for(i = 0; i < hlen; ++i)
+        hval[i] = (unsigned char)(ctx->hash[i >> 2] >> (8 * (~i & 3)));
+}
+
+#endif
+
+#if defined(SHA_224)
+
+const sha2_32t i224[8] =
+{
+    0xc1059ed8ul, 0x367cd507ul, 0x3070dd17ul, 0xf70e5939ul,
+    0xffc00b31ul, 0x68581511ul, 0x64f98fa7ul, 0xbefa4fa4ul
+};
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha224_begin(sha256_ctx ctx[1])
+#else
+sha2_void sha224_begin(sha256_ctx ctx[1])
+#endif
+{
+    ctx->count[0] = ctx->count[1] = 0;
+    memcpy(ctx->hash, i224, 8 * sizeof(sha2_32t));
+	return 1;
+}
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha224_end(unsigned char hval[], sha256_ctx ctx[1])
+#else
+sha2_void sha224_end(unsigned char hval[], sha256_ctx ctx[1])
+#endif
+{
+    sha_end1(hval, ctx, SHA224_DIGEST_SIZE);
+	return 1;
+}
+
+#ifndef _APPLE_COMMON_CRYPTO_
+sha2_void sha224(unsigned char hval[], const unsigned char data[], unsigned long len)
+{   sha224_ctx  cx[1];
+
+    sha224_begin(cx);
+    sha224_hash(data, len, cx);
+    sha_end1(hval, cx, SHA224_DIGEST_SIZE);
+}
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+/* provide an actual entry for this instead of #defining it */
+extern int CC_SHA224_Update(CC_SHA256_CTX *c, const void *data, CC_LONG len)
+{
+	return CC_SHA256_Update(c, data, len);
+}
+
+#endif	/* SHA_224 */
+
+#if defined(SHA_256)
+
+static const sha2_32t i256[8] =
+{
+    0x6a09e667ul, 0xbb67ae85ul, 0x3c6ef372ul, 0xa54ff53aul,
+    0x510e527ful, 0x9b05688cul, 0x1f83d9abul, 0x5be0cd19ul
+};
+
+int sha256_begin(sha256_ctx ctx[1])
+{
+    ctx->count[0] = ctx->count[1] = 0;
+    memcpy(ctx->hash, i256, 8 * sizeof(sha2_32t));
+	return 1;
+}
+
+int sha256_end(unsigned char hval[], sha256_ctx ctx[1])
+{
+    sha_end1(hval, ctx, SHA256_DIGEST_SIZE);
+	return 1;
+}
+
+#ifndef _APPLE_COMMON_CRYPTO_
+sha2_void sha256(unsigned char hval[], const unsigned char data[], unsigned long len)
+{   sha256_ctx  cx[1];
+
+    sha256_begin(cx);
+    sha256_hash(data, len, cx);
+    sha_end1(hval, cx, SHA256_DIGEST_SIZE);
+}
+#endif  /* _APPLE_COMMON_CRYPTO_ */
+
+#endif
+
+#if defined(SHA_384) || defined(SHA_512)
+
+#define SHA512_MASK (SHA512_BLOCK_SIZE - 1)
+
+#define rotr64(x,n)   (((x) >> n) | ((x) << (64 - n)))
+
+#if !defined(bswap_64)
+#define bswap_64(x) (((sha2_64t)(bswap_32((sha2_32t)(x)))) << 32 | bswap_32((sha2_32t)((x) >> 32)))
+#endif
+
+#if defined(SWAP_BYTES)
+#define bsw_64(p,n) \
+    { int _i = (n); while(_i--) ((sha2_64t*)p)[_i] = bswap_64(((sha2_64t*)p)[_i]); }
+#else
+#define bsw_64(p,n)
+#endif
+
+/* SHA512 mixing function definitions   */
+
+#ifdef   s_0
+# undef  s_0
+# undef  s_1
+# undef  g_0
+# undef  g_1
+# undef  k_0
+#endif
+
+#define s_0(x)  (rotr64((x), 28) ^ rotr64((x), 34) ^ rotr64((x), 39))
+#define s_1(x)  (rotr64((x), 14) ^ rotr64((x), 18) ^ rotr64((x), 41))
+#define g_0(x)  (rotr64((x),  1) ^ rotr64((x),  8) ^ ((x) >>  7))
+#define g_1(x)  (rotr64((x), 19) ^ rotr64((x), 61) ^ ((x) >>  6))
+#define k_0     k512
+
+/* SHA384/SHA512 mixing data    */
+
+static const sha2_64t  k512[80] =
+{
+    0x428a2f98d728ae22ull, 0x7137449123ef65cdull,
+    0xb5c0fbcfec4d3b2full, 0xe9b5dba58189dbbcull,
+    0x3956c25bf348b538ull, 0x59f111f1b605d019ull,
+    0x923f82a4af194f9bull, 0xab1c5ed5da6d8118ull,
+    0xd807aa98a3030242ull, 0x12835b0145706fbeull,
+    0x243185be4ee4b28cull, 0x550c7dc3d5ffb4e2ull,
+    0x72be5d74f27b896full, 0x80deb1fe3b1696b1ull,
+    0x9bdc06a725c71235ull, 0xc19bf174cf692694ull,
+    0xe49b69c19ef14ad2ull, 0xefbe4786384f25e3ull,
+    0x0fc19dc68b8cd5b5ull, 0x240ca1cc77ac9c65ull,
+    0x2de92c6f592b0275ull, 0x4a7484aa6ea6e483ull,
+    0x5cb0a9dcbd41fbd4ull, 0x76f988da831153b5ull,
+    0x983e5152ee66dfabull, 0xa831c66d2db43210ull,
+    0xb00327c898fb213full, 0xbf597fc7beef0ee4ull,
+    0xc6e00bf33da88fc2ull, 0xd5a79147930aa725ull,
+    0x06ca6351e003826full, 0x142929670a0e6e70ull,
+    0x27b70a8546d22ffcull, 0x2e1b21385c26c926ull,
+    0x4d2c6dfc5ac42aedull, 0x53380d139d95b3dfull,
+    0x650a73548baf63deull, 0x766a0abb3c77b2a8ull,
+    0x81c2c92e47edaee6ull, 0x92722c851482353bull,
+    0xa2bfe8a14cf10364ull, 0xa81a664bbc423001ull,
+    0xc24b8b70d0f89791ull, 0xc76c51a30654be30ull,
+    0xd192e819d6ef5218ull, 0xd69906245565a910ull,
+    0xf40e35855771202aull, 0x106aa07032bbd1b8ull,
+    0x19a4c116b8d2d0c8ull, 0x1e376c085141ab53ull,
+    0x2748774cdf8eeb99ull, 0x34b0bcb5e19b48a8ull,
+    0x391c0cb3c5c95a63ull, 0x4ed8aa4ae3418acbull,
+    0x5b9cca4f7763e373ull, 0x682e6ff3d6b2b8a3ull,
+    0x748f82ee5defb2fcull, 0x78a5636f43172f60ull,
+    0x84c87814a1f0ab72ull, 0x8cc702081a6439ecull,
+    0x90befffa23631e28ull, 0xa4506cebde82bde9ull,
+    0xbef9a3f7b2c67915ull, 0xc67178f2e372532bull,
+    0xca273eceea26619cull, 0xd186b8c721c0c207ull,
+    0xeada7dd6cde0eb1eull, 0xf57d4f7fee6ed178ull,
+    0x06f067aa72176fbaull, 0x0a637dc5a2c898a6ull,
+    0x113f9804bef90daeull, 0x1b710b35131c471bull,
+    0x28db77f523047d84ull, 0x32caab7b40c72493ull,
+    0x3c9ebe0a15c9bebcull, 0x431d67c49c100d4cull,
+    0x4cc5d4becb3e42b6ull, 0x597f299cfc657e2aull,
+    0x5fcb6fab3ad6faecull, 0x6c44198c4a475817ull
+};
+
+/* Compile 128 bytes of hash data into SHA384/512 digest    */
+/* NOTE: this routine assumes that the byte order in the    */
+/* ctx->wbuf[] at this point is such that low address bytes */
+/* in the ORIGINAL byte stream will go into the high end of */
+/* words on BOTH big and little endian systems              */
+
+static sha2_void sha512_compile(sha512_ctx ctx[1])
+{   sha2_64t    v[8], *p = ctx->wbuf;
+    sha2_32t    j;
+
+    memcpy(v, ctx->hash, 8 * sizeof(sha2_64t));
+
+    for(j = 0; j < 80; j += 16)
+    {
+        v_cycle( 0, j); v_cycle( 1, j);
+        v_cycle( 2, j); v_cycle( 3, j);
+        v_cycle( 4, j); v_cycle( 5, j);
+        v_cycle( 6, j); v_cycle( 7, j);
+        v_cycle( 8, j); v_cycle( 9, j);
+        v_cycle(10, j); v_cycle(11, j);
+        v_cycle(12, j); v_cycle(13, j);
+        v_cycle(14, j); v_cycle(15, j);
+    }
+
+    ctx->hash[0] += v[0]; ctx->hash[1] += v[1];
+    ctx->hash[2] += v[2]; ctx->hash[3] += v[3];
+    ctx->hash[4] += v[4]; ctx->hash[5] += v[5];
+    ctx->hash[6] += v[6]; ctx->hash[7] += v[7];
+}
+
+/* Compile 128 bytes of hash data into SHA256 digest value  */
+/* NOTE: this routine assumes that the byte order in the    */
+/* ctx->wbuf[] at this point is in such an order that low   */
+/* address bytes in the ORIGINAL byte stream placed in this */
+/* buffer will now go to the high end of words on BOTH big  */
+/* and little endian systems                                */
+
+#ifdef  _APPLE_COMMON_CRYPTO_
+int CC_SHA512_Update(CC_SHA512_CTX *ctx, const void *data, CC_LONG len)
+#else
+sha2_void sha512_hash(const unsigned char data[], unsigned long len, sha512_ctx ctx[1])
+#endif
+{   sha2_32t pos = (sha2_32t)(ctx->count[0] & SHA512_MASK),
+             space = SHA512_BLOCK_SIZE - pos;
+    const unsigned char *sp = data;
+
+    if((ctx->count[0] += len) < len)
+        ++(ctx->count[1]);
+
+    while(len >= space)     /* tranfer whole blocks while possible  */
+    {
+        memcpy(((unsigned char*)ctx->wbuf) + pos, sp, space);
+        sp += space; len -= space; space = SHA512_BLOCK_SIZE; pos = 0;
+        bsw_64(ctx->wbuf, SHA512_BLOCK_SIZE >> 3);
+        sha512_compile(ctx);
+    }
+
+    memcpy(((unsigned char*)ctx->wbuf) + pos, sp, len);
+	return 1;
+}
+
+/* SHA384/512 Final padding and digest calculation  */
+
+static void sha_end2(unsigned char hval[], sha512_ctx ctx[1], const unsigned int hlen)
+{   sha2_32t    i = (sha2_32t)(ctx->count[0] & SHA512_MASK);
+
+    /* put bytes in the buffer in an order in which references to   */
+    /* 32-bit words will put bytes with lower addresses into the    */
+    /* top of 32 bit words on BOTH big and little endian machines   */
+    bsw_64(ctx->wbuf, (i + 7) >> 3);
+
+    /* we now need to mask valid bytes and add the padding which is */
+    /* a single 1 bit and as many zero bits as necessary. Note that */
+    /* we can always add the first padding byte here because the    */
+    /* buffer always has at least one empty slot                    */
+    ctx->wbuf[i >> 3] &= 0xffffffffffffff00ull << 8 * (~i & 7);
+    ctx->wbuf[i >> 3] |= 0x0000000000000080ull << 8 * (~i & 7);
+
+    /* we need 17 or more empty byte positions, one for the padding */
+    /* byte (above) and sixteen for the length count.  If there is  */
+    /* not enough space pad and empty the buffer                    */
+    if(i > SHA512_BLOCK_SIZE - 17)
+    {
+        if(i < 120) ctx->wbuf[15] = 0;
+        sha512_compile(ctx);
+        i = 0;
+    }
+    else
+        i = (i >> 3) + 1;
+
+    while(i < 14)
+        ctx->wbuf[i++] = 0;
+
+    /* the following 64-bit length fields are assembled in the      */
+    /* wrong byte order on little endian machines but this is       */
+    /* corrected later since they are only ever used as 64-bit      */
+    /* word values.                                                 */
+    ctx->wbuf[14] = (ctx->count[1] << 3) | (ctx->count[0] >> 61);
+    ctx->wbuf[15] = ctx->count[0] << 3;
+    sha512_compile(ctx);
+
+    /* extract the hash value as bytes in case the hash buffer is   */
+    /* misaligned for 32-bit words                                  */
+    for(i = 0; i < hlen; ++i)
+        hval[i] = (unsigned char)(ctx->hash[i >> 3] >> (8 * (~i & 7)));
+}
+
+#endif
+
+#if defined(SHA_384)
+
+/* SHA384 initialisation data   */
+
+static const sha2_64t  i384[80] =
+{
+    0xcbbb9d5dc1059ed8ull, 0x629a292a367cd507ull,
+    0x9159015a3070dd17ull, 0x152fecd8f70e5939ull,
+    0x67332667ffc00b31ull, 0x8eb44a8768581511ull,
+    0xdb0c2e0d64f98fa7ull, 0x47b5481dbefa4fa4ull
+};
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha384_begin(sha384_ctx *ctx)
+#else
+sha2_void sha384_begin(sha384_ctx ctx[1])
+#endif
+{
+    ctx->count[0] = ctx->count[1] = 0;
+    memcpy(ctx->hash, i384, 8 * sizeof(sha2_64t));
+	return 1;
+}
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha384_end(unsigned char *hval, sha384_ctx *ctx)
+#else
+sha2_void sha384_end(unsigned char hval[], sha384_ctx ctx[1])
+#endif
+{
+    sha_end2(hval, ctx, SHA384_DIGEST_SIZE);
+	return 1;
+}
+
+/* provide an actual entry for this instead of #defining it */
+extern int CC_SHA384_Update(CC_SHA512_CTX *c, const void *data, CC_LONG len)
+{
+	return CC_SHA512_Update(c, data, len);
+}
+
+
+#ifndef _APPLE_COMMON_CRYPTO_
+sha2_void sha384(unsigned char hval[], const unsigned char data[], unsigned long len)
+{   sha384_ctx  cx[1];
+
+    sha384_begin(cx);
+    sha384_hash(data, len, cx);
+    sha_end2(hval, cx, SHA384_DIGEST_SIZE);
+}
+#endif  /* _APPLE_COMMON_CRYPTO_ */
+#endif
+
+#if defined(SHA_512)
+
+/* SHA512 initialisation data   */
+
+static const sha2_64t  i512[80] =
+{
+    0x6a09e667f3bcc908ull, 0xbb67ae8584caa73bull,
+    0x3c6ef372fe94f82bull, 0xa54ff53a5f1d36f1ull,
+    0x510e527fade682d1ull, 0x9b05688c2b3e6c1full,
+    0x1f83d9abfb41bd6bull, 0x5be0cd19137e2179ull
+};
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha512_begin(sha512_ctx *ctx)
+#else
+sha2_void sha512_begin(sha512_ctx ctx[1])
+#endif
+{
+    ctx->count[0] = ctx->count[1] = 0;
+    memcpy(ctx->hash, i512, 8 * sizeof(sha2_64t));
+	return 1;
+}
+
+#ifdef _APPLE_COMMON_CRYPTO_
+int sha512_end(unsigned char *hval, sha512_ctx *ctx)
+#else
+sha2_void sha512_end(unsigned char hval[], sha512_ctx ctx[1])
+#endif
+{
+    sha_end2(hval, ctx, SHA512_DIGEST_SIZE);
+	return 1;
+}
+
+#ifndef _APPLE_COMMON_CRYPTO_
+sha2_void sha512(unsigned char hval[], const unsigned char data[], unsigned long len)
+{   sha512_ctx  cx[1];
+
+    sha512_begin(cx);
+    sha512_hash(data, len, cx);
+    sha_end2(hval, cx, SHA512_DIGEST_SIZE);
+}
+#endif  /* _APPLE_COMMON_CRYPTO_ */
+
+#endif
+
+#if defined(SHA_2)
+
+#define CTX_224(x)  ((x)->uu->ctx256)
+#define CTX_256(x)  ((x)->uu->ctx256)
+#define CTX_384(x)  ((x)->uu->ctx512)
+#define CTX_512(x)  ((x)->uu->ctx512)
+
+/* SHA2 initialisation */
+
+sha2_int sha2_begin(unsigned long len, sha2_ctx ctx[1])
+{   unsigned long   l = len;
+    switch(len)
+    {
+#if defined(SHA224)
+        case 224:
+        case  28:   CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
+                    memcpy(CTX_256(ctx)->hash, i224, 32);
+                    ctx->sha2_len = 28; return SHA2_GOOD;
+#endif
+#if defined(SHA256)
+        case 256:
+        case  32:   CTX_256(ctx)->count[0] = CTX_256(ctx)->count[1] = 0;
+                    memcpy(CTX_256(ctx)->hash, i256, 32);
+                    ctx->sha2_len = 32; return SHA2_GOOD;
+#endif
+#if defined(SHA384)
+        case 384:
+        case  48:   CTX_384(ctx)->count[0] = CTX_384(ctx)->count[1] = 0;
+                    memcpy(CTX_384(ctx)->hash, i384, 64);
+                    ctx->sha2_len = 48; return SHA2_GOOD;
+#endif
+#if defined(SHA512)
+        case 512:
+        case  64:   CTX_512(ctx)->count[0] = CTX_512(ctx)->count[1] = 0;
+                    memcpy(CTX_512(ctx)->hash, i512, 64);
+                    ctx->sha2_len = 64; return SHA2_GOOD;
+#endif
+        default:    return SHA2_BAD;
+    }
+}
+
+sha2_void sha2_hash(const unsigned char data[], unsigned long len, sha2_ctx ctx[1])
+{
+    switch(ctx->sha2_len)
+    {
+#if defined(SHA224)
+        case 28: sha224_hash(data, len, CTX_224(ctx)); return;
+#endif
+#if defined(SHA256)
+        case 32: sha256_hash(data, len, CTX_256(ctx)); return;
+#endif
+#if defined(SHA384)
+        case 48: sha384_hash(data, len, CTX_384(ctx)); return;
+#endif
+#if defined(SHA512)
+        case 64: sha512_hash(data, len, CTX_512(ctx)); return;
+#endif
+    }
+}
+
+sha2_void sha2_end(unsigned char hval[], sha2_ctx ctx[1])
+{
+    switch(ctx->sha2_len)
+    {
+#if defined(SHA224)
+        case 28: sha_end1(hval, CTX_224(ctx), SHA224_DIGEST_SIZE); return;
+#endif
+#if defined(SHA256)
+        case 32: sha_end1(hval, CTX_256(ctx), SHA256_DIGEST_SIZE); return;
+#endif
+#if defined(SHA384)
+        case 48: sha_end2(hval, CTX_384(ctx), SHA384_DIGEST_SIZE); return;
+#endif
+#if defined(SHA512)
+        case 64: sha_end2(hval, CTX_512(ctx), SHA512_DIGEST_SIZE); return;
+#endif
+    }
+}
+
+sha2_int sha2(unsigned char hval[], unsigned long size,
+                                const unsigned char data[], unsigned long len)
+{   sha2_ctx    cx[1];
+
+    if(sha2_begin(size, cx) == SHA2_GOOD)
+    {
+        sha2_hash(data, len, cx); sha2_end(hval, cx); return SHA2_GOOD;
+    }
+    else
+        return SHA2_BAD;
+}
+
+#endif  /* SHA2 */
+
+#if defined(__cplusplus)
+}
+#endif
+
+CC_DIGEST_ONE_SHOT(CC_SHA224, CC_SHA256_CTX, CC_SHA224_Init, 
+	CC_SHA224_Update, CC_SHA224_Final)
+
+CC_DIGEST_ONE_SHOT(CC_SHA256, CC_SHA256_CTX, CC_SHA256_Init, 
+	CC_SHA256_Update, CC_SHA256_Final)
+
+CC_DIGEST_ONE_SHOT(CC_SHA384, CC_SHA512_CTX, CC_SHA384_Init, 
+	CC_SHA384_Update, CC_SHA384_Final)
+
+CC_DIGEST_ONE_SHOT(CC_SHA512, CC_SHA512_CTX, CC_SHA512_Init, 
+	CC_SHA512_Update, CC_SHA512_Final)

ADDED   Source/Digest/sha2Priv.h
Index: Source/Digest/sha2Priv.h
==================================================================
--- /dev/null
+++ Source/Digest/sha2Priv.h
@@ -0,0 +1,72 @@
+/* 
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+ 
+#ifndef _CC_SHA2_PRIV_H_
+#define _CC_SHA2_PRIV_H_
+
+
+/* 
+ * This is a replacement for sha2.h; all types, consts, and prototypes are defined
+ * in CommonDigest.h. We redefine them here so the original Gladman source is 
+ * unmodified except for the include of sha2.h. 
+ */
+#include "CommonDigestPriv.h"
+#include <CommonCrypto/CommonDigest.h>
+
+#define SHA224_DIGEST_SIZE  CC_SHA224_DIGEST_LENGTH
+#define SHA256_DIGEST_SIZE  CC_SHA256_DIGEST_LENGTH
+#define SHA384_DIGEST_SIZE  CC_SHA384_DIGEST_LENGTH
+#define SHA512_DIGEST_SIZE  CC_SHA512_DIGEST_LENGTH
+
+#define SHA224_BLOCK_SIZE   CC_SHA224_BLOCK_BYTES
+#define SHA256_BLOCK_SIZE   CC_SHA256_BLOCK_BYTES
+#define SHA384_BLOCK_SIZE   CC_SHA384_BLOCK_BYTES
+#define SHA512_BLOCK_SIZE   CC_SHA512_BLOCK_BYTES
+
+#define SHA2_GOOD   0
+#define SHA2_BAD    1
+
+typedef void sha2_void;
+
+typedef CC_LONG sha2_32t;
+typedef CC_LONG64 sha2_64t;
+
+typedef CC_SHA256_CTX sha224_ctx;	
+typedef CC_SHA256_CTX sha256_ctx;
+typedef CC_SHA512_CTX sha384_ctx;
+typedef CC_SHA512_CTX sha512_ctx;
+
+#define sha224_begin(c)			CC_SHA224_Init(c)
+#define sha224_end(md, c)		CC_SHA224_Final(md, c)
+
+#define sha256_begin(c)			CC_SHA256_Init(c)
+#define sha256_end(md, c)		CC_SHA256_Final(md, c)
+
+#define sha384_begin(c)			CC_SHA384_Init(c)
+#define sha384_end(md, c)		CC_SHA384_Final(md, c)
+
+#define sha512_begin(c)			CC_SHA512_Init(c)
+#define sha512_end(md, c)		CC_SHA512_Final(md, c)
+
+#endif  /* _CC_SHA2_PRIV_H_ */
+

ADDED   Source/Digest/sha_locl.h
Index: Source/Digest/sha_locl.h
==================================================================
--- /dev/null
+++ Source/Digest/sha_locl.h
@@ -0,0 +1,490 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "CommonDigestPriv.h"
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+#include <openssl/opensslconf.h>
+#include <openssl/sha.h>
+#endif
+
+#ifndef SHA_LONG_LOG2
+#define SHA_LONG_LOG2	2	/* default to 32 bits */
+#endif
+
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG               SHA_LONG
+#define HASH_LONG_LOG2          SHA_LONG_LOG2
+#define HASH_CTX                SHA_CTX
+#define HASH_CBLOCK             SHA_CBLOCK
+#define HASH_LBLOCK             SHA_LBLOCK
+#define HASH_MAKE_STRING(c,s)   do {	\
+	unsigned long ll;		\
+	ll=(c)->h0; HOST_l2c(ll,(s));	\
+	ll=(c)->h1; HOST_l2c(ll,(s));	\
+	ll=(c)->h2; HOST_l2c(ll,(s));	\
+	ll=(c)->h3; HOST_l2c(ll,(s));	\
+	ll=(c)->h4; HOST_l2c(ll,(s));	\
+	} while (0)
+
+#if defined(SHA_0)
+
+# define HASH_UPDATE             	SHA_Update
+# define HASH_TRANSFORM          	SHA_Transform
+# define HASH_FINAL              	SHA_Final
+# define HASH_INIT			SHA_Init
+# define HASH_BLOCK_HOST_ORDER   	sha_block_host_order
+# define HASH_BLOCK_DATA_ORDER   	sha_block_data_order
+# define Xupdate(a,ix,ia,ib,ic,id)	(ix=(a)=(ia^ib^ic^id))
+
+  void sha_block_host_order (SHA_CTX *c, const void *p,int num);
+  void sha_block_data_order (SHA_CTX *c, const void *p,int num);
+
+#elif defined(SHA_1)
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+#if CC_SHA1_USE_HARDWARE
+# define HASH_UPDATE             	_CC_SHA1_Update
+#else
+# define HASH_UPDATE             	CC_SHA1_Update
+#endif
+# define HASH_TRANSFORM          	CC_SHA1_Transform
+# define HASH_FINAL              	CC_SHA1_Final
+# define HASH_INIT					CC_SHA1_Init
+#else
+# define HASH_UPDATE             	SHA1_Update
+# define HASH_TRANSFORM          	SHA1_Transform
+# define HASH_FINAL              	SHA1_Final
+# define HASH_INIT			SHA1_Init
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+# define HASH_BLOCK_HOST_ORDER   	sha1_block_host_order
+# define HASH_BLOCK_DATA_ORDER   	sha1_block_data_order
+# if defined(__MWERKS__) && defined(__MC68K__)
+   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
+#  define Xupdate(a,ix,ia,ib,ic,id)	do { (a)=(ia^ib^ic^id);		\
+					     ix=(a)=ROTATE((a),1);	\
+					} while (0)
+# else
+#  define Xupdate(a,ix,ia,ib,ic,id)	( (a)=(ia^ib^ic^id),	\
+					  ix=(a)=ROTATE((a),1)	\
+					)
+# endif
+
+#define SHA1_ASM
+#ifdef SHA1_ASM
+	#if defined __i386__ || defined __x86_64__
+		#define sha1_block_host_order		sha1_block_asm_host_order
+		#define DONT_IMPLEMENT_BLOCK_HOST_ORDER
+		#define sha1_block_data_order		sha1_block_asm_data_order
+		#define DONT_IMPLEMENT_BLOCK_DATA_ORDER
+		#define HASH_BLOCK_DATA_ORDER_ALIGNED	sha1_block_asm_data_order
+  		#include "sha1edp.h"
+	#endif
+#endif
+__private_extern__ void sha1_block_host_order (SHA_CTX *c, const void *p,int num);
+__private_extern__ void sha1_block_data_order (SHA_CTX *c, const void *p,int num);
+
+#else
+# error "Either SHA_0 or SHA_1 must be defined."
+#endif
+
+#include "md32_common.h"
+
+#define INIT_DATA_h0 0x67452301UL
+#define INIT_DATA_h1 0xefcdab89UL
+#define INIT_DATA_h2 0x98badcfeUL
+#define INIT_DATA_h3 0x10325476UL
+#define INIT_DATA_h4 0xc3d2e1f0UL
+
+int HASH_INIT (SHA_CTX *c)
+	{
+	c->h0=INIT_DATA_h0;
+	c->h1=INIT_DATA_h1;
+	c->h2=INIT_DATA_h2;
+	c->h3=INIT_DATA_h3;
+	c->h4=INIT_DATA_h4;
+	c->Nl=0;
+	c->Nh=0;
+	c->num=0;
+	return 1;
+	}
+
+#define K_00_19	0x5a827999UL
+#define K_20_39 0x6ed9eba1UL
+#define K_40_59 0x8f1bbcdcUL
+#define K_60_79 0xca62c1d6UL
+
+/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19.  Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
+#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
+#define	F_60_79(b,c,d)	F_20_39(b,c,d)
+
+#define BODY_00_15(i,a,b,c,d,e,f,xi) \
+	(f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+	Xupdate(f,xi,xa,xb,xc,xd); \
+	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+	Xupdate(f,xi,xa,xb,xc,xd); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,xa,xa,xb,xc,xd); \
+	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,xa,xa,xb,xc,xd); \
+	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+	Xupdate(f,xa,xa,xb,xc,xd); \
+	(f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+	(b)=ROTATE((b),30);
+
+#ifdef X
+#undef X
+#endif
+#ifndef MD32_XARRAY
+  /*
+   * Originally X was an array. As it's automatic it's natural
+   * to expect RISC compiler to accomodate at least part of it in
+   * the register bank, isn't it? Unfortunately not all compilers
+   * "find" this expectation reasonable:-( On order to make such
+   * compilers generate better code I replace X[] with a bunch of
+   * X0, X1, etc. See the function body below...
+   *					<appro@fy.chalmers.se>
+   */
+# define X(i)	XX##i
+#else
+  /*
+   * However! Some compilers (most notably HP C) get overwhelmed by
+   * that many local variables so that we have to have the way to
+   * fall down to the original behavior.
+   */
+# define X(i)	XX[i]
+#endif
+
+#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER
+__private_extern__ void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num)
+	{
+	const SHA_LONG *W=d;
+	register unsigned MD32_REG_T A,B,C,D,E,T;
+#ifndef MD32_XARRAY
+	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+#else
+	SHA_LONG	XX[16];
+#endif
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	for (;;)
+		{
+	BODY_00_15( 0,A,B,C,D,E,T,W[ 0]);
+	BODY_00_15( 1,T,A,B,C,D,E,W[ 1]);
+	BODY_00_15( 2,E,T,A,B,C,D,W[ 2]);
+	BODY_00_15( 3,D,E,T,A,B,C,W[ 3]);
+	BODY_00_15( 4,C,D,E,T,A,B,W[ 4]);
+	BODY_00_15( 5,B,C,D,E,T,A,W[ 5]);
+	BODY_00_15( 6,A,B,C,D,E,T,W[ 6]);
+	BODY_00_15( 7,T,A,B,C,D,E,W[ 7]);
+	BODY_00_15( 8,E,T,A,B,C,D,W[ 8]);
+	BODY_00_15( 9,D,E,T,A,B,C,W[ 9]);
+	BODY_00_15(10,C,D,E,T,A,B,W[10]);
+	BODY_00_15(11,B,C,D,E,T,A,W[11]);
+	BODY_00_15(12,A,B,C,D,E,T,W[12]);
+	BODY_00_15(13,T,A,B,C,D,E,W[13]);
+	BODY_00_15(14,E,T,A,B,C,D,W[14]);
+	BODY_00_15(15,D,E,T,A,B,C,W[15]);
+
+	BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]);
+	BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]);
+	BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]);
+	BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0));
+
+	BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1));
+	BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2));
+	BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3));
+	BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4));
+	BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5));
+	BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6));
+	BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7));
+	BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8));
+	BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9));
+	BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10));
+	BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11));
+	BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12));
+
+	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
+	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
+	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
+	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
+	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
+	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
+	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
+	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
+
+	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
+	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
+	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
+	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
+	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
+	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
+	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
+	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
+	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
+	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
+	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
+	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
+	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
+	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
+	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
+	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
+	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
+	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
+	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
+	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
+
+	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
+	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
+	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
+	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
+	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
+	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
+	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
+	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
+	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
+	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
+	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
+	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
+	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
+	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
+	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
+	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
+	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
+	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
+	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
+	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
+	
+	c->h0=(c->h0+E)&0xffffffffL; 
+	c->h1=(c->h1+T)&0xffffffffL;
+	c->h2=(c->h2+A)&0xffffffffL;
+	c->h3=(c->h3+B)&0xffffffffL;
+	c->h4=(c->h4+C)&0xffffffffL;
+
+	if (--num <= 0) break;
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	W+=SHA_LBLOCK;
+		}
+	}
+#endif
+
+#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER
+__private_extern__ void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num)
+	{
+	const unsigned char *data=p;
+	register unsigned MD32_REG_T A,B,C,D,E,T,l;
+#ifndef MD32_XARRAY
+	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+#else
+	SHA_LONG	XX[16];
+#endif
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+	for (;;)
+		{
+
+	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
+	BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
+	BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
+	BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
+	BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
+	BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
+	BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
+	BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
+	BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
+	BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
+	BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
+	BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
+	BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
+	BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
+	BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
+	BODY_00_15(14,E,T,A,B,C,D,X(14));
+	BODY_00_15(15,D,E,T,A,B,C,X(15));
+
+	BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
+	BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
+	BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
+	BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
+
+	BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
+	BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
+	BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
+	BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
+	BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
+	BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
+	BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
+	BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
+	BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
+	BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
+	BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
+	BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
+
+	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
+	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
+	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
+	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
+	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
+	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
+	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
+	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
+
+	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
+	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
+	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
+	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
+	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
+	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
+	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
+	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
+	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
+	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
+	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
+	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
+	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
+	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
+	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
+	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
+	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
+	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
+	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
+	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
+
+	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
+	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
+	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
+	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
+	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
+	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
+	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
+	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
+	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
+	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
+	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
+	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
+	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
+	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
+	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
+	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
+	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
+	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
+	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
+	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
+	
+	c->h0=(c->h0+E)&0xffffffffL; 
+	c->h1=(c->h1+T)&0xffffffffL;
+	c->h2=(c->h2+A)&0xffffffffL;
+	c->h3=(c->h3+B)&0xffffffffL;
+	c->h4=(c->h4+C)&0xffffffffL;
+
+	if (--num <= 0) break;
+
+	A=c->h0;
+	B=c->h1;
+	C=c->h2;
+	D=c->h3;
+	E=c->h4;
+
+		}
+	}
+#endif

ADDED   Source/GladmanAES/README
Index: Source/GladmanAES/README
==================================================================
--- /dev/null
+++ Source/GladmanAES/README
@@ -0,0 +1,6 @@
+This AES implementation is based on the Gladman implementation in xnu-863. 
+
+The C files in this directory have been modified to produce no object code
+unless the preprocessor symbol UseGladmanAES is defined (in aesopt.h).  If the
+symbol is not defined, there some other AES implementation (such as AESedp)
+must be supplied elsewhere in the build.

ADDED   Source/GladmanAES/aescrypt.c
Index: Source/GladmanAES/aescrypt.c
==================================================================
--- /dev/null
+++ Source/GladmanAES/aescrypt.c
@@ -0,0 +1,496 @@
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue 28/01/2004
+
+ This file contains the code for implementing encryption and decryption
+ for AES (Rijndael) for block and key sizes of 16, 24 and 32 bytes. It
+ can optionally be replaced by code written in assembler using NASM. For
+ further details see the file aesopt.h
+*/
+
+#include <CommonCrypto/aesopt.h>
+#include "aestab.h"
+#include <strings.h>
+
+/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
+	use of this module, because some other AES implementation is being used.
+*/
+#if defined UseGladmanAES
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+#define ki(y,x,k,c) (s(y,c) = s(x, c) ^ (k)[c])
+#define xo(y,x,c) (s(y,c) ^= s(x, c))
+#define si(y,x,c)   (s(y,c) = word_in(x, c))
+#define so(y,x,c)   word_out(y, c, s(x,c))
+
+#if defined(ARRAYS)
+#define locals(y,x)     x[4],y[4]
+#else
+#define locals(y,x)     x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
+#endif
+
+#define dtables(tab)     const aes_32t *tab##0, *tab##1, *tab##2, *tab##3
+#define itables(tab)     tab##0 = tab[0]; tab##1 = tab[1]; tab##2 = tab[2]; tab##3 = tab[3]
+
+#define l_copy(y, x)    s(y,0) = s(x,0); s(y,1) = s(x,1); \
+                        s(y,2) = s(x,2); s(y,3) = s(x,3);
+
+#define key_in(y,x,k)   ki(y,x,k,0); ki(y,x,k,1); ki(y,x,k,2); ki(y,x,k,3)
+#define cbc(y,x)        xo(y,x,0); xo(y,x,1); xo(y,x,2); xo(y,x,3)
+#define state_in(y,x)   si(y,x,0); si(y,x,1); si(y,x,2); si(y,x,3)
+#define state_out(y,x)  so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
+
+#if defined(ENCRYPTION) && !defined(AES_ASM)
+
+/* Visual C++ .Net v7.1 provides the fastest encryption code when using
+   Pentium optimiation with small code but this is poor for decryption
+   so we need to control this with the following VC++ pragmas
+*/
+
+#if defined(_MSC_VER)
+#pragma optimize( "s", on )
+#endif
+
+/* Given the column (c) of the output state variable, the following
+   macros give the input state variables which are needed in its
+   computation for each row (r) of the state. All the alternative
+   macros give the same end values but expand into different ways
+   of calculating these values.  In particular the complex macro
+   used for dynamically variable block sizes is designed to expand
+   to a compile time constant whenever possible but will expand to
+   conditional clauses on some branches (I am grateful to Frank
+   Yellin for this construction)
+*/
+
+#define fwd_var(x,r,c)\
+ ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\
+ : r == 1 ? ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0))\
+ : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\
+ :          ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2)))
+
+#if defined(FT4_SET)
+#undef  dec_fmvars
+#  if defined(ENC_ROUND_CACHE_TABLES)
+#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_cached_tables(x,t_fn,fwd_var,rf1,c))
+#  else
+#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_tables(x,t_fn,fwd_var,rf1,c))
+#  endif
+#elif defined(FT1_SET)
+#undef  dec_fmvars
+#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ one_table(x,upr,t_fn,fwd_var,rf1,c))
+#else
+#define fwd_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ fwd_mcol(no_table(x,t_sbox,fwd_var,rf1,c)))
+#endif
+
+#if defined(FL4_SET)
+#  if defined(LAST_ENC_ROUND_CACHE_TABLES)
+#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_cached_tables(x,t_fl,fwd_var,rf1,c))
+#  else
+#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_tables(x,t_fl,fwd_var,rf1,c))
+#  endif
+#elif defined(FL1_SET)
+#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ one_table(x,ups,t_fl,fwd_var,rf1,c))
+#else
+#define fwd_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ no_table(x,t_sbox,fwd_var,rf1,c))
+#endif
+
+aes_rval aes_encrypt_cbc(const unsigned char *in, const unsigned char *in_iv, unsigned int num_blk,
+					 unsigned char *out, aes_encrypt_ctx cx[1])
+{   aes_32t         locals(b0, b1);
+    const aes_32t   *kp;
+    const aes_32t   *kptr = cx->ks;
+	#ifdef _APPLE_COMMON_CRYPTO_
+	int				cbcEnable = (cx->cbcEnable || in_iv) ? 1 : 0;
+	#endif
+	
+#if defined(ENC_ROUND_CACHE_TABLES)
+	dtables(t_fn);
+#endif
+#if defined(LAST_ENC_ROUND_CACHE_TABLES)
+	dtables(t_fl);
+#endif
+
+#if defined( dec_fmvars )
+    dec_fmvars; /* declare variables for fwd_mcol() if needed */
+#endif
+
+#if defined( AES_ERR_CHK )
+    if( cx->rn != 10 && cx->rn != 12 && cx->rn != 14 )
+        return aes_error;
+#endif
+
+	// Load IV into b0.
+	#ifdef		_APPLE_COMMON_CRYPTO_
+	if(in_iv) {
+		state_in(b0, in_iv);
+	}
+	else {
+		state_in(b0, cx->chainBuf);
+	}
+	#else
+	state_in(b0, in_iv);
+	#endif	/* _APPLE_COMMON_CRYPTO_ */
+	
+	for (;num_blk; in += AES_BLOCK_SIZE, out += AES_BLOCK_SIZE, --num_blk)
+	{
+		kp = kptr;
+#if 0
+		// Read the plaintext into b1
+		state_in(b1, in);
+		#ifdef _APPLE_COMMON_CRYPTO_
+		if(cbcEnable) {
+		#endif
+			// Do the CBC with b0 which is either the iv or the ciphertext of the 
+			// previous block.
+			cbc(b1, b0);
+		#ifdef _APPLE_COMMON_CRYPTO_
+		}
+		#endif
+
+		// Xor b1 with the key schedule to get things started.
+		key_in(b0, b1, kp);
+#else
+		#ifdef _APPLE_COMMON_CRYPTO_
+		if(cbcEnable) {
+		#endif
+			// Since xor is associative we mess with the ordering here to get 
+			// the loads started early
+			key_in(b1, b0, kp);  // Xor b0(IV) with the key schedule and assign to b1
+			state_in(b0, in);    // Load block into b0
+			cbc(b0, b1);         // Xor b0 with b1 and store in b0
+		#ifdef _APPLE_COMMON_CRYPTO_
+		}
+		else {
+			// Read the plaintext into b1
+			state_in(b1, in);
+			key_in(b0, b1, kp);
+		}
+		#endif	/* _APPLE_COMMON_CRYPTO_ */
+#endif	/* 0 */
+
+#if defined(ENC_ROUND_CACHE_TABLES)
+		itables(t_fn);
+#endif
+
+#if (ENC_UNROLL == FULL)
+
+		switch(cx->rn)
+		{
+		case 14:
+			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
+			kp += 2 * N_COLS;
+		case 12:
+			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
+			kp += 2 * N_COLS;
+		case 10:
+		default:
+			round(fwd_rnd,  b1, b0, kp + 1 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 2 * N_COLS);
+			round(fwd_rnd,  b1, b0, kp + 3 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 4 * N_COLS);
+			round(fwd_rnd,  b1, b0, kp + 5 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 6 * N_COLS);
+			round(fwd_rnd,  b1, b0, kp + 7 * N_COLS);
+			round(fwd_rnd,  b0, b1, kp + 8 * N_COLS);
+			round(fwd_rnd,  b1, b0, kp + 9 * N_COLS);
+#if defined(LAST_ENC_ROUND_CACHE_TABLES)
+			itables(t_fl);
+#endif
+			round(fwd_lrnd, b0, b1, kp +10 * N_COLS);
+		}
+
+#else
+
+		{   aes_32t    rnd;
+#if (ENC_UNROLL == PARTIAL)
+			for(rnd = 0; rnd < (cx->rn >> 1) - 1; ++rnd)
+			{
+				kp += N_COLS;
+				round(fwd_rnd, b1, b0, kp);
+				kp += N_COLS;
+				round(fwd_rnd, b0, b1, kp);
+			}
+			kp += N_COLS;
+			round(fwd_rnd,  b1, b0, kp);
+#else
+			for(rnd = 0; rnd < cx->rn - 1; ++rnd)
+			{
+				kp += N_COLS;
+				round(fwd_rnd, b1, b0, kp);
+				l_copy(b0, b1);
+			}
+#endif
+#if defined(LAST_ENC_ROUND_CACHE_TABLES)
+			itables(t_fl);
+#endif
+			kp += N_COLS;
+			round(fwd_lrnd, b0, b1, kp);
+		}
+#endif
+	
+		state_out(out, b0);
+	}
+	
+	#ifdef _APPLE_COMMON_CRYPTO_
+	if(cbcEnable) {
+		state_out(cx->chainBuf, b0);
+	}
+	#endif
+
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(DECRYPTION) && !defined(AES_ASM)
+
+/* Visual C++ .Net v7.1 provides the fastest encryption code when using
+   Pentium optimiation with small code but this is poor for decryption
+   so we need to control this with the following VC++ pragmas
+*/
+
+#if defined(_MSC_VER)
+#pragma optimize( "t", on )
+#endif
+
+/* Given the column (c) of the output state variable, the following
+   macros give the input state variables which are needed in its
+   computation for each row (r) of the state. All the alternative
+   macros give the same end values but expand into different ways
+   of calculating these values.  In particular the complex macro
+   used for dynamically variable block sizes is designed to expand
+   to a compile time constant whenever possible but will expand to
+   conditional clauses on some branches (I am grateful to Frank
+   Yellin for this construction)
+*/
+
+#define inv_var(x,r,c)\
+ ( r == 0 ? ( c == 0 ? s(x,0) : c == 1 ? s(x,1) : c == 2 ? s(x,2) : s(x,3))\
+ : r == 1 ? ( c == 0 ? s(x,3) : c == 1 ? s(x,0) : c == 2 ? s(x,1) : s(x,2))\
+ : r == 2 ? ( c == 0 ? s(x,2) : c == 1 ? s(x,3) : c == 2 ? s(x,0) : s(x,1))\
+ :          ( c == 0 ? s(x,1) : c == 1 ? s(x,2) : c == 2 ? s(x,3) : s(x,0)))
+
+#if defined(IT4_SET)
+#undef  dec_imvars
+#  if defined(DEC_ROUND_CACHE_TABLES)
+#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_cached_tables(x,t_in,inv_var,rf1,c))
+#  else
+#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ four_tables(x,t_in,inv_var,rf1,c))
+#  endif
+#elif defined(IT1_SET)
+#undef  dec_imvars
+#define inv_rnd(y,x,k,c)    (s(y,c) = (k)[c] ^ one_table(x,upr,t_in,inv_var,rf1,c))
+#else
+#define inv_rnd(y,x,k,c)    (s(y,c) = inv_mcol((k)[c] ^ no_table(x,t_ibox,inv_var,rf1,c)))
+#endif
+
+#if defined(IL4_SET)
+#  if defined(LAST_DEC_ROUND_CACHE_TABLES)
+#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_cached_tables(x,t_il,inv_var,rf1,c))
+#  else
+#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ four_tables(x,t_il,inv_var,rf1,c))
+#  endif
+#elif defined(IL1_SET)
+#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ one_table(x,ups,t_il,inv_var,rf1,c))
+#else
+#define inv_lrnd(y,x,k,c)   (s(y,c) = (k)[c] ^ no_table(x,t_ibox,inv_var,rf1,c))
+#endif
+
+
+aes_rval aes_decrypt_cbc(const unsigned char *in, const unsigned char *in_iv, unsigned int num_blk,
+					 unsigned char *out, aes_decrypt_ctx cx[1])
+{   aes_32t        locals(b0, b1);
+    const aes_32t *kptr = cx->ks + cx->rn * N_COLS;
+	const aes_32t *kp;
+#if defined(DEC_ROUND_CACHE_TABLES)
+	dtables(t_in);
+#endif
+#if defined(LAST_DEC_ROUND_CACHE_TABLES)
+	dtables(t_il);
+#endif
+	#ifdef		_APPLE_COMMON_CRYPTO_
+	int cbcEnable = (cx->cbcEnable || in_iv) ? 1 : 0;
+	unsigned char lastIv[AES_BLOCK_SIZE];
+	
+	/* fix a compiler warning... */
+	b00 = 0; b01 = 0; b02=0; b03 = 0;
+	#endif
+	
+#if defined( dec_imvars )
+    dec_imvars; /* declare variables for inv_mcol() if needed */
+#endif
+	
+#if defined( AES_ERR_CHK )
+    if( cx->rn != 10 && cx->rn != 12 && cx->rn != 14 )
+        return aes_error;
+#endif
+
+#if defined(DEC_ROUND_CACHE_TABLES)
+	itables(t_in);
+#endif	
+	
+	in += AES_BLOCK_SIZE * (num_blk - 1);
+	out += AES_BLOCK_SIZE * (num_blk - 1);
+	// Load the last block's ciphertext into b1
+	state_in(b1, in);
+
+	#ifdef	_APPLE_COMMON_CRYPTO_
+	/* save that last ciphertext block for next op's chain */
+	if(cbcEnable & (num_blk != 0)) {
+		memmove(lastIv, in, AES_BLOCK_SIZE);
+	}
+	#endif
+	
+	for (;num_blk; out -= AES_BLOCK_SIZE, --num_blk)
+	{
+		kp = kptr;
+		// Do the xor part of state_in, where b1 is the previous block's ciphertext.
+		key_in(b0, b1, kp);
+
+#if (DEC_UNROLL == FULL)
+	
+		switch(cx->rn)
+		{
+		case 14:
+			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
+			kp -= 2 * N_COLS;
+		case 12:
+			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
+			kp -= 2 * N_COLS;
+		case 10:
+		default:
+			round(inv_rnd,  b1, b0, kp -  1 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  2 * N_COLS);
+			round(inv_rnd,  b1, b0, kp -  3 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  4 * N_COLS);
+			round(inv_rnd,  b1, b0, kp -  5 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  6 * N_COLS);
+			round(inv_rnd,  b1, b0, kp -  7 * N_COLS);
+			round(inv_rnd,  b0, b1, kp -  8 * N_COLS);
+			round(inv_rnd,  b1, b0, kp -  9 * N_COLS);
+#if defined(LAST_DEC_ROUND_CACHE_TABLES)
+			itables(t_il);
+#endif	
+			round(inv_lrnd, b0, b1, kp - 10 * N_COLS);
+		}
+
+#else
+	
+		{   aes_32t    rnd;
+#if (DEC_UNROLL == PARTIAL)
+			for(rnd = 0; rnd < (cx->rn >> 1) - 1; ++rnd)
+			{
+				kp -= N_COLS;
+				round(inv_rnd, b1, b0, kp);
+				kp -= N_COLS;
+				round(inv_rnd, b0, b1, kp);
+			}
+			kp -= N_COLS;
+			round(inv_rnd, b1, b0, kp);
+#else
+			for(rnd = 0; rnd < cx->rn - 1; ++rnd)
+			{
+				kp -= N_COLS;
+				round(inv_rnd, b1, b0, kp);
+				l_copy(b0, b1);
+			}
+#endif
+#if defined(LAST_DEC_ROUND_CACHE_TABLES)
+			itables(t_il);
+#endif	
+			kp -= N_COLS;
+			round(inv_lrnd, b0, b1, kp);
+		}
+#endif
+
+		#ifdef	_APPLE_COMMON_CRYPTO_
+		if(cbcEnable) {
+			if (num_blk == 1)
+			{
+				// We are doing the first block so we need the IV rather than the previous
+				// block for CBC (there is no previous block)
+				if(in_iv) {
+					state_in(b1, in_iv);
+				}
+				else {
+					state_in(b1, cx->chainBuf);
+				}
+			}
+			else
+			{
+				in -= AES_BLOCK_SIZE;
+				state_in(b1, in);
+			}
+
+			// Do the CBC with b1 which is either the IV or the ciphertext of 
+			// the previous block.
+			cbc(b0, b1);
+		}
+		else {
+			if (num_blk != 1) {
+				/* skip this the last time through */
+				in -= AES_BLOCK_SIZE;
+				state_in(b1, in);
+			}
+		}
+		#endif	/* _APPLE_COMMON_CRYPTO_ */
+		state_out(out, b0);
+	}
+
+	#ifdef	_APPLE_COMMON_CRYPTO_
+	/* save last ciphertext block for next op's chain */
+	if(cbcEnable) {
+		memmove(cx->chainBuf, lastIv, AES_BLOCK_SIZE);
+	}
+	#endif
+	
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif	// defined UseGladmanAES

ADDED   Source/GladmanAES/aeskey.c
Index: Source/GladmanAES/aeskey.c
==================================================================
--- /dev/null
+++ Source/GladmanAES/aeskey.c
@@ -0,0 +1,488 @@
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue Date: 26/08/2003
+
+ This file contains the code for implementing the key schedule for AES
+ (Rijndael) for block and key sizes of 16, 24, and 32 bytes. See aesopt.h
+ for further details including optimisation.
+*/
+
+#include <CommonCrypto/aesopt.h>
+#include "aestab.h"
+#include <string.h>
+
+/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
+	use of this module, because some other AES implementation is being used.
+*/
+#if defined UseGladmanAES
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+/* Initialise the key schedule from the user supplied key. The key
+   length can be specified in bytes, with legal values of 16, 24
+   and 32, or in bits, with legal values of 128, 192 and 256. These
+   values correspond with Nk values of 4, 6 and 8 respectively.
+
+   The following macros implement a single cycle in the key
+   schedule generation process. The number of cycles needed
+   for each cx->n_col and nk value is:
+
+    nk =             4  5  6  7  8
+    ------------------------------
+    cx->n_col = 4   10  9  8  7  7
+    cx->n_col = 5   14 11 10  9  9
+    cx->n_col = 6   19 15 12 11 11
+    cx->n_col = 7   21 19 16 13 14
+    cx->n_col = 8   29 23 19 17 14
+*/
+
+#define ke4(k,i) \
+{   k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \
+    k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \
+}
+#define kel4(k,i) \
+{   k[4*(i)+4] = ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+5] = ss[1] ^= ss[0]; \
+    k[4*(i)+6] = ss[2] ^= ss[1]; k[4*(i)+7] = ss[3] ^= ss[2]; \
+}
+
+#define ke6(k,i) \
+{   k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \
+    k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \
+    k[6*(i)+10] = ss[4] ^= ss[3]; k[6*(i)+11] = ss[5] ^= ss[4]; \
+}
+#define kel6(k,i) \
+{   k[6*(i)+ 6] = ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 7] = ss[1] ^= ss[0]; \
+    k[6*(i)+ 8] = ss[2] ^= ss[1]; k[6*(i)+ 9] = ss[3] ^= ss[2]; \
+}
+
+#define ke8(k,i) \
+{   k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \
+    k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \
+    k[8*(i)+12] = ss[4] ^= ls_box(ss[3],0); k[8*(i)+13] = ss[5] ^= ss[4]; \
+    k[8*(i)+14] = ss[6] ^= ss[5]; k[8*(i)+15] = ss[7] ^= ss[6]; \
+}
+#define kel8(k,i) \
+{   k[8*(i)+ 8] = ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 9] = ss[1] ^= ss[0]; \
+    k[8*(i)+10] = ss[2] ^= ss[1]; k[8*(i)+11] = ss[3] ^= ss[2]; \
+}
+
+#if defined(ENCRYPTION_KEY_SCHEDULE)
+
+#if defined(AES_128) || defined(AES_VAR)
+
+aes_rval aes_encrypt_key128(const unsigned char *key, aes_encrypt_ctx cx[1])
+{   aes_32t    ss[4];
+
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+
+#if ENC_UNROLL == NONE
+    {   aes_32t i;
+
+        for(i = 0; i < ((11 * N_COLS - 5) / 4); ++i)
+            ke4(cx->ks, i);
+    }
+#else
+    ke4(cx->ks, 0);  ke4(cx->ks, 1);
+    ke4(cx->ks, 2);  ke4(cx->ks, 3);
+    ke4(cx->ks, 4);  ke4(cx->ks, 5);
+    ke4(cx->ks, 6);  ke4(cx->ks, 7);
+    ke4(cx->ks, 8);
+#endif
+    kel4(cx->ks, 9);
+    cx->rn = 10;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 16);
+	cx->keyLength = 16;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_192) || defined(AES_VAR)
+
+aes_rval aes_encrypt_key192(const unsigned char *key, aes_encrypt_ctx cx[1])
+{   aes_32t    ss[6];
+
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+    cx->ks[4] = ss[4] = word_in(key, 4);
+    cx->ks[5] = ss[5] = word_in(key, 5);
+
+#if ENC_UNROLL == NONE
+    {   aes_32t i;
+
+        for(i = 0; i < (13 * N_COLS - 7) / 6; ++i)
+            ke6(cx->ks, i);
+    }
+#else
+    ke6(cx->ks, 0);  ke6(cx->ks, 1);
+    ke6(cx->ks, 2);  ke6(cx->ks, 3);
+    ke6(cx->ks, 4);  ke6(cx->ks, 5);
+    ke6(cx->ks, 6);
+#endif
+    kel6(cx->ks, 7);
+    cx->rn = 12;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 24);
+	cx->keyLength = 24;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_256) || defined(AES_VAR)
+
+aes_rval aes_encrypt_key256(const unsigned char *key, aes_encrypt_ctx cx[1])
+{   aes_32t    ss[8];
+
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+    cx->ks[4] = ss[4] = word_in(key, 4);
+    cx->ks[5] = ss[5] = word_in(key, 5);
+    cx->ks[6] = ss[6] = word_in(key, 6);
+    cx->ks[7] = ss[7] = word_in(key, 7);
+
+#if ENC_UNROLL == NONE
+    {   aes_32t i;
+
+        for(i = 0; i < (15 * N_COLS - 9) / 8; ++i)
+            ke8(cx->ks,  i);
+    }
+#else
+    ke8(cx->ks, 0); ke8(cx->ks, 1);
+    ke8(cx->ks, 2); ke8(cx->ks, 3);
+    ke8(cx->ks, 4); ke8(cx->ks, 5);
+#endif
+    kel8(cx->ks, 6);
+    cx->rn = 14;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 32);
+	cx->keyLength = 32;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_VAR)
+
+aes_rval aes_encrypt_key(const unsigned char *key, int key_len, aes_encrypt_ctx cx[1])
+{
+    switch(key_len)
+    {
+#if defined( AES_ERR_CHK )
+    case 16: case 128: return aes_encrypt_key128(key, cx);
+    case 24: case 192: return aes_encrypt_key192(key, cx);
+    case 32: case 256: return aes_encrypt_key256(key, cx);
+    default: return aes_error;
+#else
+    case 16: case 128: aes_encrypt_key128(key, cx); return;
+    case 24: case 192: aes_encrypt_key192(key, cx); return;
+    case 32: case 256: aes_encrypt_key256(key, cx); return;
+#endif
+    }
+}
+
+#endif
+
+#endif
+
+#if defined(DECRYPTION_KEY_SCHEDULE)
+
+#if DEC_ROUND == NO_TABLES
+#define ff(x)   (x)
+#else
+#define ff(x)   inv_mcol(x)
+#if defined( dec_imvars )
+#define d_vars  dec_imvars
+#endif
+#endif
+
+#if 1
+#define kdf4(k,i) \
+{   ss[0] = ss[0] ^ ss[2] ^ ss[1] ^ ss[3]; ss[1] = ss[1] ^ ss[3]; ss[2] = ss[2] ^ ss[3]; ss[3] = ss[3]; \
+    ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \
+    ss[4] ^= k[4*(i)];   k[4*(i)+4] = ff(ss[4]); ss[4] ^= k[4*(i)+1]; k[4*(i)+5] = ff(ss[4]); \
+    ss[4] ^= k[4*(i)+2]; k[4*(i)+6] = ff(ss[4]); ss[4] ^= k[4*(i)+3]; k[4*(i)+7] = ff(ss[4]); \
+}
+#define kd4(k,i) \
+{   ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; ss[4] = ff(ss[4]); \
+    k[4*(i)+4] = ss[4] ^= k[4*(i)]; k[4*(i)+5] = ss[4] ^= k[4*(i)+1]; \
+    k[4*(i)+6] = ss[4] ^= k[4*(i)+2]; k[4*(i)+7] = ss[4] ^= k[4*(i)+3]; \
+}
+#define kdl4(k,i) \
+{   ss[4] = ls_box(ss[(i+3) % 4], 3) ^ t_use(r,c)[i]; ss[i % 4] ^= ss[4]; \
+    k[4*(i)+4] = (ss[0] ^= ss[1]) ^ ss[2] ^ ss[3]; k[4*(i)+5] = ss[1] ^ ss[3]; \
+    k[4*(i)+6] = ss[0]; k[4*(i)+7] = ss[1]; \
+}
+#else
+#define kdf4(k,i) \
+{   ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ff(ss[0]); ss[1] ^= ss[0]; k[4*(i)+ 5] = ff(ss[1]); \
+    ss[2] ^= ss[1]; k[4*(i)+ 6] = ff(ss[2]); ss[3] ^= ss[2]; k[4*(i)+ 7] = ff(ss[3]); \
+}
+#define kd4(k,i) \
+{   ss[4] = ls_box(ss[3],3) ^ t_use(r,c)[i]; \
+    ss[0] ^= ss[4]; ss[4] = ff(ss[4]); k[4*(i)+ 4] = ss[4] ^= k[4*(i)]; \
+    ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[4] ^= k[4*(i)+ 1]; \
+    ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[4] ^= k[4*(i)+ 2]; \
+    ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[4] ^= k[4*(i)+ 3]; \
+}
+#define kdl4(k,i) \
+{   ss[0] ^= ls_box(ss[3],3) ^ t_use(r,c)[i]; k[4*(i)+ 4] = ss[0]; ss[1] ^= ss[0]; k[4*(i)+ 5] = ss[1]; \
+    ss[2] ^= ss[1]; k[4*(i)+ 6] = ss[2]; ss[3] ^= ss[2]; k[4*(i)+ 7] = ss[3]; \
+}
+#endif
+
+#define kdf6(k,i) \
+{   ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ff(ss[0]); ss[1] ^= ss[0]; k[6*(i)+ 7] = ff(ss[1]); \
+    ss[2] ^= ss[1]; k[6*(i)+ 8] = ff(ss[2]); ss[3] ^= ss[2]; k[6*(i)+ 9] = ff(ss[3]); \
+    ss[4] ^= ss[3]; k[6*(i)+10] = ff(ss[4]); ss[5] ^= ss[4]; k[6*(i)+11] = ff(ss[5]); \
+}
+#define kd6(k,i) \
+{   ss[6] = ls_box(ss[5],3) ^ t_use(r,c)[i]; \
+    ss[0] ^= ss[6]; ss[6] = ff(ss[6]); k[6*(i)+ 6] = ss[6] ^= k[6*(i)]; \
+    ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[6] ^= k[6*(i)+ 1]; \
+    ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[6] ^= k[6*(i)+ 2]; \
+    ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[6] ^= k[6*(i)+ 3]; \
+    ss[4] ^= ss[3]; k[6*(i)+10] = ss[6] ^= k[6*(i)+ 4]; \
+    ss[5] ^= ss[4]; k[6*(i)+11] = ss[6] ^= k[6*(i)+ 5]; \
+}
+#define kdl6(k,i) \
+{   ss[0] ^= ls_box(ss[5],3) ^ t_use(r,c)[i]; k[6*(i)+ 6] = ss[0]; ss[1] ^= ss[0]; k[6*(i)+ 7] = ss[1]; \
+    ss[2] ^= ss[1]; k[6*(i)+ 8] = ss[2]; ss[3] ^= ss[2]; k[6*(i)+ 9] = ss[3]; \
+}
+
+#define kdf8(k,i) \
+{   ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ff(ss[0]); ss[1] ^= ss[0]; k[8*(i)+ 9] = ff(ss[1]); \
+    ss[2] ^= ss[1]; k[8*(i)+10] = ff(ss[2]); ss[3] ^= ss[2]; k[8*(i)+11] = ff(ss[3]); \
+    ss[4] ^= ls_box(ss[3],0); k[8*(i)+12] = ff(ss[4]); ss[5] ^= ss[4]; k[8*(i)+13] = ff(ss[5]); \
+    ss[6] ^= ss[5]; k[8*(i)+14] = ff(ss[6]); ss[7] ^= ss[6]; k[8*(i)+15] = ff(ss[7]); \
+}
+#define kd8(k,i) \
+{   aes_32t g = ls_box(ss[7],3) ^ t_use(r,c)[i]; \
+    ss[0] ^= g; g = ff(g); k[8*(i)+ 8] = g ^= k[8*(i)]; \
+    ss[1] ^= ss[0]; k[8*(i)+ 9] = g ^= k[8*(i)+ 1]; \
+    ss[2] ^= ss[1]; k[8*(i)+10] = g ^= k[8*(i)+ 2]; \
+    ss[3] ^= ss[2]; k[8*(i)+11] = g ^= k[8*(i)+ 3]; \
+    g = ls_box(ss[3],0); \
+    ss[4] ^= g; g = ff(g); k[8*(i)+12] = g ^= k[8*(i)+ 4]; \
+    ss[5] ^= ss[4]; k[8*(i)+13] = g ^= k[8*(i)+ 5]; \
+    ss[6] ^= ss[5]; k[8*(i)+14] = g ^= k[8*(i)+ 6]; \
+    ss[7] ^= ss[6]; k[8*(i)+15] = g ^= k[8*(i)+ 7]; \
+}
+#define kdl8(k,i) \
+{   ss[0] ^= ls_box(ss[7],3) ^ t_use(r,c)[i]; k[8*(i)+ 8] = ss[0]; ss[1] ^= ss[0]; k[8*(i)+ 9] = ss[1]; \
+    ss[2] ^= ss[1]; k[8*(i)+10] = ss[2]; ss[3] ^= ss[2]; k[8*(i)+11] = ss[3]; \
+}
+
+#if defined(AES_128) || defined(AES_VAR)
+
+aes_rval aes_decrypt_key128(const unsigned char *key, aes_decrypt_ctx cx[1])
+{   aes_32t    ss[5];
+#if defined( d_vars )
+        d_vars;
+#endif
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+
+#if DEC_UNROLL == NONE
+    {   aes_32t i;
+
+        for(i = 0; i < (11 * N_COLS - 5) / 4; ++i)
+            ke4(cx->ks, i);
+        kel4(cx->ks, 9);
+#if !(DEC_ROUND == NO_TABLES)
+        for(i = N_COLS; i < 10 * N_COLS; ++i)
+            cx->ks[i] = inv_mcol(cx->ks[i]);
+#endif
+    }
+#else
+    kdf4(cx->ks, 0);  kd4(cx->ks, 1);
+     kd4(cx->ks, 2);  kd4(cx->ks, 3);
+     kd4(cx->ks, 4);  kd4(cx->ks, 5);
+     kd4(cx->ks, 6);  kd4(cx->ks, 7);
+     kd4(cx->ks, 8); kdl4(cx->ks, 9);
+#endif
+    cx->rn = 10;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 16);
+	cx->keyLength = 16;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_192) || defined(AES_VAR)
+
+aes_rval aes_decrypt_key192(const unsigned char *key, aes_decrypt_ctx cx[1])
+{   aes_32t    ss[7];
+#if defined( d_vars )
+        d_vars;
+#endif
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+
+#if DEC_UNROLL == NONE
+    cx->ks[4] = ss[4] = word_in(key, 4);
+    cx->ks[5] = ss[5] = word_in(key, 5);
+    {   aes_32t i;
+
+        for(i = 0; i < (13 * N_COLS - 7) / 6; ++i)
+            ke6(cx->ks, i);
+        kel6(cx->ks, 7);
+#if !(DEC_ROUND == NO_TABLES)
+        for(i = N_COLS; i < 12 * N_COLS; ++i)
+            cx->ks[i] = inv_mcol(cx->ks[i]);
+#endif
+    }
+#else
+    cx->ks[4] = ff(ss[4] = word_in(key, 4));
+    cx->ks[5] = ff(ss[5] = word_in(key, 5));
+    kdf6(cx->ks, 0); kd6(cx->ks, 1);
+    kd6(cx->ks, 2);  kd6(cx->ks, 3);
+    kd6(cx->ks, 4);  kd6(cx->ks, 5);
+    kd6(cx->ks, 6); kdl6(cx->ks, 7);
+#endif
+    cx->rn = 12;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 24);
+	cx->keyLength = 24;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_256) || defined(AES_VAR)
+
+aes_rval aes_decrypt_key256(const unsigned char *key, aes_decrypt_ctx cx[1])
+{   aes_32t    ss[8];
+#if defined( d_vars )
+        d_vars;
+#endif
+    cx->ks[0] = ss[0] = word_in(key, 0);
+    cx->ks[1] = ss[1] = word_in(key, 1);
+    cx->ks[2] = ss[2] = word_in(key, 2);
+    cx->ks[3] = ss[3] = word_in(key, 3);
+
+#if DEC_UNROLL == NONE
+    cx->ks[4] = ss[4] = word_in(key, 4);
+    cx->ks[5] = ss[5] = word_in(key, 5);
+    cx->ks[6] = ss[6] = word_in(key, 6);
+    cx->ks[7] = ss[7] = word_in(key, 7);
+    {   aes_32t i;
+
+        for(i = 0; i < (15 * N_COLS - 9) / 8; ++i)
+            ke8(cx->ks,  i);
+        kel8(cx->ks,  i);
+#if !(DEC_ROUND == NO_TABLES)
+        for(i = N_COLS; i < 14 * N_COLS; ++i)
+            cx->ks[i] = inv_mcol(cx->ks[i]);
+
+#endif
+    }
+#else
+    cx->ks[4] = ff(ss[4] = word_in(key, 4));
+    cx->ks[5] = ff(ss[5] = word_in(key, 5));
+    cx->ks[6] = ff(ss[6] = word_in(key, 6));
+    cx->ks[7] = ff(ss[7] = word_in(key, 7));
+    kdf8(cx->ks, 0); kd8(cx->ks, 1);
+    kd8(cx->ks, 2);  kd8(cx->ks, 3);
+    kd8(cx->ks, 4);  kd8(cx->ks, 5);
+    kdl8(cx->ks, 6);
+#endif
+    cx->rn = 14;
+	#if CC_AES_USE_HARDWARE
+	bcopy(key, cx->keyBytes, 32);
+	cx->keyLength = 32;
+	#endif
+#if defined( AES_ERR_CHK )
+    return aes_good;
+#endif
+}
+
+#endif
+
+#if defined(AES_VAR)
+
+aes_rval aes_decrypt_key(const unsigned char *key, int key_len, aes_decrypt_ctx cx[1])
+{
+    switch(key_len)
+    {
+#if defined( AES_ERR_CHK )
+    case 16: case 128: return aes_decrypt_key128(key, cx);
+    case 24: case 192: return aes_decrypt_key192(key, cx);
+    case 32: case 256: return aes_decrypt_key256(key, cx);
+    default: return aes_error;
+#else
+    case 16: case 128: aes_decrypt_key128(key, cx); return;
+    case 24: case 192: aes_decrypt_key192(key, cx); return;
+    case 32: case 256: aes_decrypt_key256(key, cx); return;
+#endif
+    }
+}
+
+#endif
+
+#endif
+
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif	// defined UseGladmanAES

ADDED   Source/GladmanAES/aestab.c
Index: Source/GladmanAES/aestab.c
==================================================================
--- /dev/null
+++ Source/GladmanAES/aestab.c
@@ -0,0 +1,390 @@
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue 28/01/2004
+
+*/
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+#define DO_TABLES
+
+#include <CommonCrypto/aesopt.h>
+
+/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
+	use of this module, because some other AES implementation is being used.
+*/
+#if defined UseGladmanAES
+
+#if defined(FIXED_TABLES)
+
+#define sb_data(w) {\
+    w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
+    w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
+    w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
+    w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
+    w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
+    w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
+    w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
+    w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
+    w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
+    w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
+    w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
+    w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
+    w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
+    w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
+    w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
+    w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
+    w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
+    w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
+    w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
+    w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
+    w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
+    w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
+    w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
+    w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
+    w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
+    w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
+    w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
+    w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
+    w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
+    w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
+    w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
+    w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) }
+
+#define isb_data(w) {\
+    w(0x52), w(0x09), w(0x6a), w(0xd5), w(0x30), w(0x36), w(0xa5), w(0x38),\
+    w(0xbf), w(0x40), w(0xa3), w(0x9e), w(0x81), w(0xf3), w(0xd7), w(0xfb),\
+    w(0x7c), w(0xe3), w(0x39), w(0x82), w(0x9b), w(0x2f), w(0xff), w(0x87),\
+    w(0x34), w(0x8e), w(0x43), w(0x44), w(0xc4), w(0xde), w(0xe9), w(0xcb),\
+    w(0x54), w(0x7b), w(0x94), w(0x32), w(0xa6), w(0xc2), w(0x23), w(0x3d),\
+    w(0xee), w(0x4c), w(0x95), w(0x0b), w(0x42), w(0xfa), w(0xc3), w(0x4e),\
+    w(0x08), w(0x2e), w(0xa1), w(0x66), w(0x28), w(0xd9), w(0x24), w(0xb2),\
+    w(0x76), w(0x5b), w(0xa2), w(0x49), w(0x6d), w(0x8b), w(0xd1), w(0x25),\
+    w(0x72), w(0xf8), w(0xf6), w(0x64), w(0x86), w(0x68), w(0x98), w(0x16),\
+    w(0xd4), w(0xa4), w(0x5c), w(0xcc), w(0x5d), w(0x65), w(0xb6), w(0x92),\
+    w(0x6c), w(0x70), w(0x48), w(0x50), w(0xfd), w(0xed), w(0xb9), w(0xda),\
+    w(0x5e), w(0x15), w(0x46), w(0x57), w(0xa7), w(0x8d), w(0x9d), w(0x84),\
+    w(0x90), w(0xd8), w(0xab), w(0x00), w(0x8c), w(0xbc), w(0xd3), w(0x0a),\
+    w(0xf7), w(0xe4), w(0x58), w(0x05), w(0xb8), w(0xb3), w(0x45), w(0x06),\
+    w(0xd0), w(0x2c), w(0x1e), w(0x8f), w(0xca), w(0x3f), w(0x0f), w(0x02),\
+    w(0xc1), w(0xaf), w(0xbd), w(0x03), w(0x01), w(0x13), w(0x8a), w(0x6b),\
+    w(0x3a), w(0x91), w(0x11), w(0x41), w(0x4f), w(0x67), w(0xdc), w(0xea),\
+    w(0x97), w(0xf2), w(0xcf), w(0xce), w(0xf0), w(0xb4), w(0xe6), w(0x73),\
+    w(0x96), w(0xac), w(0x74), w(0x22), w(0xe7), w(0xad), w(0x35), w(0x85),\
+    w(0xe2), w(0xf9), w(0x37), w(0xe8), w(0x1c), w(0x75), w(0xdf), w(0x6e),\
+    w(0x47), w(0xf1), w(0x1a), w(0x71), w(0x1d), w(0x29), w(0xc5), w(0x89),\
+    w(0x6f), w(0xb7), w(0x62), w(0x0e), w(0xaa), w(0x18), w(0xbe), w(0x1b),\
+    w(0xfc), w(0x56), w(0x3e), w(0x4b), w(0xc6), w(0xd2), w(0x79), w(0x20),\
+    w(0x9a), w(0xdb), w(0xc0), w(0xfe), w(0x78), w(0xcd), w(0x5a), w(0xf4),\
+    w(0x1f), w(0xdd), w(0xa8), w(0x33), w(0x88), w(0x07), w(0xc7), w(0x31),\
+    w(0xb1), w(0x12), w(0x10), w(0x59), w(0x27), w(0x80), w(0xec), w(0x5f),\
+    w(0x60), w(0x51), w(0x7f), w(0xa9), w(0x19), w(0xb5), w(0x4a), w(0x0d),\
+    w(0x2d), w(0xe5), w(0x7a), w(0x9f), w(0x93), w(0xc9), w(0x9c), w(0xef),\
+    w(0xa0), w(0xe0), w(0x3b), w(0x4d), w(0xae), w(0x2a), w(0xf5), w(0xb0),\
+    w(0xc8), w(0xeb), w(0xbb), w(0x3c), w(0x83), w(0x53), w(0x99), w(0x61),\
+    w(0x17), w(0x2b), w(0x04), w(0x7e), w(0xba), w(0x77), w(0xd6), w(0x26),\
+    w(0xe1), w(0x69), w(0x14), w(0x63), w(0x55), w(0x21), w(0x0c), w(0x7d) }
+
+#define mm_data(w) {\
+    w(0x00), w(0x01), w(0x02), w(0x03), w(0x04), w(0x05), w(0x06), w(0x07),\
+    w(0x08), w(0x09), w(0x0a), w(0x0b), w(0x0c), w(0x0d), w(0x0e), w(0x0f),\
+    w(0x10), w(0x11), w(0x12), w(0x13), w(0x14), w(0x15), w(0x16), w(0x17),\
+    w(0x18), w(0x19), w(0x1a), w(0x1b), w(0x1c), w(0x1d), w(0x1e), w(0x1f),\
+    w(0x20), w(0x21), w(0x22), w(0x23), w(0x24), w(0x25), w(0x26), w(0x27),\
+    w(0x28), w(0x29), w(0x2a), w(0x2b), w(0x2c), w(0x2d), w(0x2e), w(0x2f),\
+    w(0x30), w(0x31), w(0x32), w(0x33), w(0x34), w(0x35), w(0x36), w(0x37),\
+    w(0x38), w(0x39), w(0x3a), w(0x3b), w(0x3c), w(0x3d), w(0x3e), w(0x3f),\
+    w(0x40), w(0x41), w(0x42), w(0x43), w(0x44), w(0x45), w(0x46), w(0x47),\
+    w(0x48), w(0x49), w(0x4a), w(0x4b), w(0x4c), w(0x4d), w(0x4e), w(0x4f),\
+    w(0x50), w(0x51), w(0x52), w(0x53), w(0x54), w(0x55), w(0x56), w(0x57),\
+    w(0x58), w(0x59), w(0x5a), w(0x5b), w(0x5c), w(0x5d), w(0x5e), w(0x5f),\
+    w(0x60), w(0x61), w(0x62), w(0x63), w(0x64), w(0x65), w(0x66), w(0x67),\
+    w(0x68), w(0x69), w(0x6a), w(0x6b), w(0x6c), w(0x6d), w(0x6e), w(0x6f),\
+    w(0x70), w(0x71), w(0x72), w(0x73), w(0x74), w(0x75), w(0x76), w(0x77),\
+    w(0x78), w(0x79), w(0x7a), w(0x7b), w(0x7c), w(0x7d), w(0x7e), w(0x7f),\
+    w(0x80), w(0x81), w(0x82), w(0x83), w(0x84), w(0x85), w(0x86), w(0x87),\
+    w(0x88), w(0x89), w(0x8a), w(0x8b), w(0x8c), w(0x8d), w(0x8e), w(0x8f),\
+    w(0x90), w(0x91), w(0x92), w(0x93), w(0x94), w(0x95), w(0x96), w(0x97),\
+    w(0x98), w(0x99), w(0x9a), w(0x9b), w(0x9c), w(0x9d), w(0x9e), w(0x9f),\
+    w(0xa0), w(0xa1), w(0xa2), w(0xa3), w(0xa4), w(0xa5), w(0xa6), w(0xa7),\
+    w(0xa8), w(0xa9), w(0xaa), w(0xab), w(0xac), w(0xad), w(0xae), w(0xaf),\
+    w(0xb0), w(0xb1), w(0xb2), w(0xb3), w(0xb4), w(0xb5), w(0xb6), w(0xb7),\
+    w(0xb8), w(0xb9), w(0xba), w(0xbb), w(0xbc), w(0xbd), w(0xbe), w(0xbf),\
+    w(0xc0), w(0xc1), w(0xc2), w(0xc3), w(0xc4), w(0xc5), w(0xc6), w(0xc7),\
+    w(0xc8), w(0xc9), w(0xca), w(0xcb), w(0xcc), w(0xcd), w(0xce), w(0xcf),\
+    w(0xd0), w(0xd1), w(0xd2), w(0xd3), w(0xd4), w(0xd5), w(0xd6), w(0xd7),\
+    w(0xd8), w(0xd9), w(0xda), w(0xdb), w(0xdc), w(0xdd), w(0xde), w(0xdf),\
+    w(0xe0), w(0xe1), w(0xe2), w(0xe3), w(0xe4), w(0xe5), w(0xe6), w(0xe7),\
+    w(0xe8), w(0xe9), w(0xea), w(0xeb), w(0xec), w(0xed), w(0xee), w(0xef),\
+    w(0xf0), w(0xf1), w(0xf2), w(0xf3), w(0xf4), w(0xf5), w(0xf6), w(0xf7),\
+    w(0xf8), w(0xf9), w(0xfa), w(0xfb), w(0xfc), w(0xfd), w(0xfe), w(0xff) }
+
+#define rc_data(w) {\
+    w(0x01), w(0x02), w(0x04), w(0x08), w(0x10),w(0x20), w(0x40), w(0x80),\
+    w(0x1b), w(0x36) }
+
+#define h0(x)   (x)
+
+#define w0(p)   bytes2word(p, 0, 0, 0)
+#define w1(p)   bytes2word(0, p, 0, 0)
+#define w2(p)   bytes2word(0, 0, p, 0)
+#define w3(p)   bytes2word(0, 0, 0, p)
+
+#define u0(p)   bytes2word(f2(p), p, p, f3(p))
+#define u1(p)   bytes2word(f3(p), f2(p), p, p)
+#define u2(p)   bytes2word(p, f3(p), f2(p), p)
+#define u3(p)   bytes2word(p, p, f3(p), f2(p))
+
+#define v0(p)   bytes2word(fe(p), f9(p), fd(p), fb(p))
+#define v1(p)   bytes2word(fb(p), fe(p), f9(p), fd(p))
+#define v2(p)   bytes2word(fd(p), fb(p), fe(p), f9(p))
+#define v3(p)   bytes2word(f9(p), fd(p), fb(p), fe(p))
+
+#endif
+
+#if defined(FIXED_TABLES) || !defined(FF_TABLES)
+
+#define f2(x)   ((x<<1) ^ (((x>>7) & 1) * WPOLY))
+#define f4(x)   ((x<<2) ^ (((x>>6) & 1) * WPOLY) ^ (((x>>6) & 2) * WPOLY))
+#define f8(x)   ((x<<3) ^ (((x>>5) & 1) * WPOLY) ^ (((x>>5) & 2) * WPOLY) \
+                        ^ (((x>>5) & 4) * WPOLY))
+#define f3(x)   (f2(x) ^ x)
+#define f9(x)   (f8(x) ^ x)
+#define fb(x)   (f8(x) ^ f2(x) ^ x)
+#define fd(x)   (f8(x) ^ f4(x) ^ x)
+#define fe(x)   (f8(x) ^ f4(x) ^ f2(x))
+
+#else
+
+#define f2(x) ((x) ? pow[log[x] + 0x19] : 0)
+#define f3(x) ((x) ? pow[log[x] + 0x01] : 0)
+#define f9(x) ((x) ? pow[log[x] + 0xc7] : 0)
+#define fb(x) ((x) ? pow[log[x] + 0x68] : 0)
+#define fd(x) ((x) ? pow[log[x] + 0xee] : 0)
+#define fe(x) ((x) ? pow[log[x] + 0xdf] : 0)
+#define fi(x) ((x) ? pow[ 255 - log[x]] : 0)
+
+#endif
+
+#include "aestab.h"
+
+#if defined(FIXED_TABLES)
+
+/* implemented in case of wrong call for fixed tables */
+
+void gen_tabs(void)
+{
+}
+
+#else   /* dynamic table generation */
+
+#if !defined(FF_TABLES)
+
+/*  Generate the tables for the dynamic table option
+
+    It will generally be sensible to use tables to compute finite
+    field multiplies and inverses but where memory is scarse this
+    code might sometimes be better. But it only has effect during
+    initialisation so its pretty unimportant in overall terms.
+*/
+
+/*  return 2 ^ (n - 1) where n is the bit number of the highest bit
+    set in x with x in the range 1 < x < 0x00000200.   This form is
+    used so that locals within fi can be bytes rather than words
+*/
+
+static aes_08t hibit(const aes_32t x)
+{   aes_08t r = (aes_08t)((x >> 1) | (x >> 2));
+
+    r |= (r >> 2);
+    r |= (r >> 4);
+    return (r + 1) >> 1;
+}
+
+/* return the inverse of the finite field element x */
+
+static aes_08t fi(const aes_08t x)
+{   aes_08t p1 = x, p2 = BPOLY, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
+
+    if(x < 2) return x;
+
+    for(;;)
+    {
+        if(!n1) return v1;
+
+        while(n2 >= n1)
+        {
+            n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
+        }
+
+        if(!n2) return v2;
+
+        while(n1 >= n2)
+        {
+            n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
+        }
+    }
+}
+
+#endif
+
+/* The forward and inverse affine transformations used in the S-box */
+
+#define fwd_affine(x) \
+    (w = (aes_32t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(aes_08t)(w^(w>>8)))
+
+#define inv_affine(x) \
+    (w = (aes_32t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(aes_08t)(w^(w>>8)))
+
+static int init = 0;
+
+void gen_tabs(void)
+{   aes_32t  i, w;
+
+#if defined(FF_TABLES)
+
+    aes_08t  pow[512], log[256];
+
+    if(init) return;
+    /*  log and power tables for GF(2^8) finite field with
+        WPOLY as modular polynomial - the simplest primitive
+        root is 0x03, used here to generate the tables
+    */
+
+    i = 0; w = 1;
+    do
+    {
+        pow[i] = (aes_08t)w;
+        pow[i + 255] = (aes_08t)w;
+        log[w] = (aes_08t)i++;
+        w ^=  (w << 1) ^ (w & 0x80 ? WPOLY : 0);
+    }
+    while (w != 1);
+
+#else
+    if(init) return;
+#endif
+
+    for(i = 0, w = 1; i < RC_LENGTH; ++i)
+    {
+        t_set(r,c)[i] = bytes2word(w, 0, 0, 0);
+        w = f2(w);
+    }
+
+    for(i = 0; i < 256; ++i)
+    {   aes_08t    b;
+
+        b = fwd_affine(fi((aes_08t)i));
+        w = bytes2word(f2(b), b, b, f3(b));
+
+#if defined( SBX_SET )
+        t_set(s,box)[i] = b;
+#endif
+
+#if defined( FT1_SET )                 /* tables for a normal encryption round */
+        t_set(f,n)[i] = w;
+#endif
+#if defined( FT4_SET )
+        t_set(f,n)[0][i] = w;
+        t_set(f,n)[1][i] = upr(w,1);
+        t_set(f,n)[2][i] = upr(w,2);
+        t_set(f,n)[3][i] = upr(w,3);
+#endif
+        w = bytes2word(b, 0, 0, 0);
+
+#if defined( FL1_SET )                 /* tables for last encryption round (may also   */
+        t_set(f,l)[i] = w;        /* be used in the key schedule)                 */
+#endif
+#if defined( FL4_SET )
+        t_set(f,l)[0][i] = w;
+        t_set(f,l)[1][i] = upr(w,1);
+        t_set(f,l)[2][i] = upr(w,2);
+        t_set(f,l)[3][i] = upr(w,3);
+#endif
+
+#if defined( LS1_SET )                 /* table for key schedule if t_set(f,l) above is    */
+        t_set(l,s)[i] = w;      /* not of the required form                     */
+#endif
+#if defined( LS4_SET )
+        t_set(l,s)[0][i] = w;
+        t_set(l,s)[1][i] = upr(w,1);
+        t_set(l,s)[2][i] = upr(w,2);
+        t_set(l,s)[3][i] = upr(w,3);
+#endif
+
+        b = fi(inv_affine((aes_08t)i));
+        w = bytes2word(fe(b), f9(b), fd(b), fb(b));
+
+#if defined( IM1_SET )                 /* tables for the inverse mix column operation  */
+        t_set(i,m)[b] = w;
+#endif
+#if defined( IM4_SET )
+        t_set(i,m)[0][b] = w;
+        t_set(i,m)[1][b] = upr(w,1);
+        t_set(i,m)[2][b] = upr(w,2);
+        t_set(i,m)[3][b] = upr(w,3);
+#endif
+
+#if defined( ISB_SET )
+        t_set(i,box)[i] = b;
+#endif
+#if defined( IT1_SET )                 /* tables for a normal decryption round */
+        t_set(i,n)[i] = w;
+#endif
+#if defined( IT4_SET )
+        t_set(i,n)[0][i] = w;
+        t_set(i,n)[1][i] = upr(w,1);
+        t_set(i,n)[2][i] = upr(w,2);
+        t_set(i,n)[3][i] = upr(w,3);
+#endif
+        w = bytes2word(b, 0, 0, 0);
+#if defined( IL1_SET )                 /* tables for last decryption round */
+        t_set(i,l)[i] = w;
+#endif
+#if defined( IL4_SET )
+        t_set(i,l)[0][i] = w;
+        t_set(i,l)[1][i] = upr(w,1);
+        t_set(i,l)[2][i] = upr(w,2);
+        t_set(i,l)[3][i] = upr(w,3);
+#endif
+    }
+    init = 1;
+}
+
+#endif
+
+#endif	// defined UseGladmanAES
+
+#if defined(__cplusplus)
+}
+#endif

ADDED   Source/GladmanAES/aestab.h
Index: Source/GladmanAES/aestab.h
==================================================================
--- /dev/null
+++ Source/GladmanAES/aestab.h
@@ -0,0 +1,175 @@
+/*
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+ ---------------------------------------------------------------------------
+ Issue 28/01/2004
+
+ This file contains the code for declaring the tables needed to implement
+ AES. The file aesopt.h is assumed to be included before this header file.
+ If there are no global variables, the definitions here can be used to put
+ the AES tables in a structure so that a pointer can then be added to the
+ AES context to pass them to the AES routines that need them.   If this
+ facility is used, the calling program has to ensure that this pointer is
+ managed appropriately.  In particular, the value of the t_dec(in,it) item
+ in the table structure must be set to zero in order to ensure that the
+ tables are initialised. In practice the three code sequences in aeskey.c
+ that control the calls to gen_tabs() and the gen_tabs() routine itself will
+ have to be changed for a specific implementation. If global variables are
+ available it will generally be preferable to use them with the precomputed
+ FIXED_TABLES option that uses static global tables.
+
+ The following defines can be used to control the way the tables
+ are defined, initialised and used in embedded environments that
+ require special features for these purposes
+
+    the 't_dec' construction is used to declare fixed table arrays
+    the 't_set' construction is used to set fixed table values
+    the 't_use' construction is used to access fixed table values
+
+    256 byte tables:
+
+        t_xxx(s,box)    => forward S box
+        t_xxx(i,box)    => inverse S box
+
+    256 32-bit word OR 4 x 256 32-bit word tables:
+
+        t_xxx(f,n)      => forward normal round
+        t_xxx(f,l)      => forward last round
+        t_xxx(i,n)      => inverse normal round
+        t_xxx(i,l)      => inverse last round
+        t_xxx(l,s)      => key schedule table
+        t_xxx(i,m)      => key schedule table
+
+    Other variables and tables:
+
+        t_xxx(r,c)      => the rcon table
+*/
+
+#if !defined( _CC_AESTAB_H )
+#define _CC_AESTAB_H
+
+#define t_dec(m,n) t_##m##n
+#define t_set(m,n) t_##m##n
+#define t_use(m,n) t_##m##n
+
+#if defined(FIXED_TABLES)
+#define Const const
+#else
+#define Const
+#endif
+
+#if defined(DO_TABLES)
+#define Extern
+#else
+#define Extern extern
+#endif
+
+#if defined(_MSC_VER) && defined(TABLE_ALIGN)
+#define Align __declspec(align(TABLE_ALIGN))
+#else
+#define Align
+#endif
+
+#if defined(__cplusplus)
+extern "C"
+{
+#endif
+
+#if defined(DO_TABLES) && defined(FIXED_TABLES)
+#define d_1(t,n,b,e)       Align Const t n[256]    =   b(e)
+#define d_4(t,n,b,e,f,g,h) Align Const t n[4][256] = { b(e), b(f), b(g), b(h) }
+Extern Align Const aes_32t t_dec(r,c)[RC_LENGTH] = rc_data(w0);
+#else
+#define d_1(t,n,b,e)       Extern Align Const t n[256]
+#define d_4(t,n,b,e,f,g,h) Extern Align Const t n[4][256]
+Extern Align Const aes_32t t_dec(r,c)[RC_LENGTH];
+#endif
+
+#if defined( SBX_SET )
+    d_1(aes_08t, t_dec(s,box), sb_data, h0);
+#endif
+#if defined( ISB_SET )
+    d_1(aes_08t, t_dec(i,box), isb_data, h0);
+#endif
+
+#if defined( FT1_SET )
+    d_1(aes_32t, t_dec(f,n), sb_data, u0);
+#endif
+#if defined( FT4_SET )
+    d_4(aes_32t, t_dec(f,n), sb_data, u0, u1, u2, u3);
+#endif
+
+#if defined( FL1_SET )
+    d_1(aes_32t, t_dec(f,l), sb_data, w0);
+#endif
+#if defined( FL4_SET )
+    d_4(aes_32t, t_dec(f,l), sb_data, w0, w1, w2, w3);
+#endif
+
+#if defined( IT1_SET )
+    d_1(aes_32t, t_dec(i,n), isb_data, v0);
+#endif
+#if defined( IT4_SET )
+    d_4(aes_32t, t_dec(i,n), isb_data, v0, v1, v2, v3);
+#endif
+
+#if defined( IL1_SET )
+    d_1(aes_32t, t_dec(i,l), isb_data, w0);
+#endif
+#if defined( IL4_SET )
+    d_4(aes_32t, t_dec(i,l), isb_data, w0, w1, w2, w3);
+#endif
+
+#if defined( LS1_SET )
+#if defined( FL1_SET )
+#undef  LS1_SET
+#else
+    d_1(aes_32t, t_dec(l,s), sb_data, w0);
+#endif
+#endif
+
+#if defined( LS4_SET )
+#if defined( FL4_SET )
+#undef  LS4_SET
+#else
+    d_4(aes_32t, t_dec(l,s), sb_data, w0, w1, w2, w3);
+#endif
+#endif
+
+#if defined( IM1_SET )
+    d_1(aes_32t, t_dec(i,m), mm_data, v0);
+#endif
+#if defined( IM4_SET )
+    d_4(aes_32t, t_dec(i,m), mm_data, v0, v1, v2, v3);
+#endif
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif	/* _CC_AESTAB_H */

ADDED   Source/GladmanAES/ccNewGladman.c
Index: Source/GladmanAES/ccNewGladman.c
==================================================================
--- /dev/null
+++ Source/GladmanAES/ccNewGladman.c
@@ -0,0 +1,218 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ccNewGladman.c - shim between Gladman AES and CommonEncryption.
+ *
+ * Created 3/30/06 by Doug Mitchell. 
+ */
+
+#include <CommonCrypto/aesopt.h>
+
+#if CC_AES_USE_HARDWARE
+//Need IOKitLib.h only for IOAESTypes.h
+#include <IOKit/IOKitLib.h>
+#include <Kernel/IOKit/crypto/IOAESTypes.h>
+#include <sys/ioctl.h>
+#include <fcntl.h>
+#include <pthread.h>
+#endif
+
+/*	Produce object code iff UseGladmanAES is defined.  Otherwise, suppress
+	use of this module, because some other AES implementation is being used.
+*/
+#if defined UseGladmanAES
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+
+#include <strings.h>
+
+int aes_cc_set_key(
+	aes_cc_ctx *cx, 
+	const void *rawKey, 
+	aes_32t keyLength,
+	int forEncrypt)
+{
+	if(forEncrypt) {
+		switch(keyLength) {
+			case 16: 
+				aes_encrypt_key128((const unsigned char *)rawKey, &cx->encrypt);
+				break;
+			case 24: 
+				aes_encrypt_key192((const unsigned char *)rawKey, &cx->encrypt);
+				break;
+			case 32: 
+				aes_encrypt_key256((const unsigned char *)rawKey, &cx->encrypt);
+				break;
+			default:
+				return -1;
+		}
+		cx->encrypt.cbcEnable = 0;
+	}
+	else {
+		switch(keyLength) {
+			case 16: 
+				aes_decrypt_key128((const unsigned char *)rawKey, &cx->decrypt);
+				break;
+			case 24: 
+				aes_decrypt_key192((const unsigned char *)rawKey, &cx->decrypt);
+				break;
+			case 32: 
+				aes_decrypt_key256((const unsigned char *)rawKey, &cx->decrypt);
+				break;
+			default:
+				return -1;
+		}
+		cx->decrypt.cbcEnable = 0;
+	}
+	return 0;
+}
+
+void aes_cc_set_iv(aes_cc_ctx *cx, int forEncrypt, const void *iv)
+{
+	if(forEncrypt) {
+		if(iv == NULL) {
+			cx->encrypt.cbcEnable = 0;
+		}
+		else {
+			memmove(cx->encrypt.chainBuf, iv, AES_BLOCK_SIZE);
+			cx->encrypt.cbcEnable = 1;
+		}
+	}
+	else {
+		if(iv == NULL) {
+			cx->decrypt.cbcEnable = 0;
+		}
+		else {
+			memmove(cx->decrypt.chainBuf, iv, AES_BLOCK_SIZE);
+			cx->decrypt.cbcEnable = 1;
+		}
+	}
+}
+
+#ifndef	NULL
+#define NULL ((void *)0)
+#endif
+
+#if CC_AES_USE_HARDWARE
+#define CC_AES_USE_HARDWARE_THRESHOLD	(1024 / AES_BLOCK_SIZE) //In Blocks.
+static int cc_aes_device = -1;
+static pthread_once_t cc_aes_connect_once = PTHREAD_ONCE_INIT;
+static aes_32t cc_aes_hardware_quantum = ((256*4096) / AES_BLOCK_SIZE); //In Blocks. Will be set to what hardware returns;
+
+static void cc_aes_connect(void) 
+{
+	struct IOAESAcceleratorInfo aesInfo;
+	
+	cc_aes_device = open("/dev/aes_0", O_RDWR, 0);
+	if(cc_aes_device < 0)
+		return;
+	if(ioctl(cc_aes_device, IOAES_GET_INFO, &aesInfo) != -1) {
+		cc_aes_hardware_quantum = aesInfo.maxBytesPerCall / AES_BLOCK_SIZE;
+	}
+}
+
+static aes_32t aes_cc_use_hardware(IOAESOperation operation, int keyLength, UInt8 *key, UInt8 *iv, UInt8* plainText, UInt8 *cipherText, aes_32t numBlocks)
+{
+	struct IOAESAcceleratorRequest aesRequest;
+	aes_32t quantum = cc_aes_hardware_quantum;
+	UInt8 *pt = plainText;
+	UInt8 *ct = cipherText;
+	aes_32t blocks = numBlocks;
+	
+	aesRequest.operation = operation;
+	bcopy(iv, aesRequest.iv.ivBytes, AES_BLOCK_SIZE);
+	aesRequest.keyData.key.keyLength = (keyLength << 3); //Hardware needs it in bits.
+	bcopy(key, aesRequest.keyData.key.keyBytes, keyLength);
+
+	while (blocks) {
+		quantum = ((blocks < cc_aes_hardware_quantum) ? blocks : cc_aes_hardware_quantum);
+		aesRequest.plainText = pt;
+		aesRequest.cipherText = ct;
+		aesRequest.textLength = quantum * AES_BLOCK_SIZE; //The hardware needs textLength in bytes.
+		
+		if(ioctl(cc_aes_device, IOAES_ENCRYPT_DECRYPT, &aesRequest) == -1) {
+			break;
+		}
+		blocks -= quantum;
+		pt += (quantum*AES_BLOCK_SIZE);
+		ct += (quantum*AES_BLOCK_SIZE);
+	}
+	return (numBlocks - blocks);	
+} 
+#endif
+
+void aes_cc_encrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks, void *blocksOut)
+{
+	#if CC_AES_USE_HARDWARE
+	if(numBlocks > CC_AES_USE_HARDWARE_THRESHOLD && !pthread_once(&cc_aes_connect_once, cc_aes_connect) && cc_aes_device >= 0) {
+		aes_encrypt_ctx *cx_encrypt = &cx->encrypt;
+		UInt8 *key = cx_encrypt->keyBytes;
+		int keyLength = cx_encrypt->keyLength;
+		UInt8 *iv = cx_encrypt->chainBuf;
+		aes_32t blocks_encrypted = 0;
+
+		blocks_encrypted = aes_cc_use_hardware(IOAESOperationEncrypt, keyLength, key, iv, (UInt8 *)blocksIn, (UInt8 *)blocksOut, numBlocks);
+		if(blocks_encrypted == numBlocks) {	// Successfully completed using hardware.
+			return;
+		}
+		//Something went wrong trying to use hardware.. fall through and use the software to do the job.
+		blocksIn = (UInt8 *)blocksIn + (blocks_encrypted * AES_BLOCK_SIZE);
+		blocksOut = (UInt8 *)blocksOut + (blocks_encrypted * AES_BLOCK_SIZE);
+		numBlocks -= blocks_encrypted;
+	}
+	#endif
+	aes_encrypt_cbc((const unsigned char *)blocksIn, 
+		NULL,	/* IV - we set via aes_cc_set_iv */
+		(unsigned)numBlocks, (unsigned char *)blocksOut, &cx->encrypt);
+}
+
+void aes_cc_decrypt(aes_cc_ctx *cx, const void *blocksIn, aes_32t numBlocks,
+	void *blocksOut)
+{
+	#if CC_AES_USE_HARDWARE
+	if(numBlocks > CC_AES_USE_HARDWARE_THRESHOLD && !pthread_once(&cc_aes_connect_once, cc_aes_connect) && cc_aes_device >= 0) {
+		aes_decrypt_ctx *cx_decrypt = &cx->decrypt;
+		UInt8 *key = cx_decrypt->keyBytes;
+		int keyLength = cx_decrypt->keyLength;
+		UInt8 *iv = cx_decrypt->chainBuf;
+		aes_32t blocks_decrypted = 0;
+
+		blocks_decrypted = aes_cc_use_hardware(IOAESOperationDecrypt, keyLength, key, iv, (UInt8 *)blocksOut, (UInt8 *)blocksIn, numBlocks);
+		if(blocks_decrypted == numBlocks) {	// Successfully completed using hardware.
+			return 1;
+		}
+		//Something went wrong trying to use hardware.. fall through and use the software to do the job.
+		blocksIn = (UInt8 *)blocksIn + (blocks_decrypted * AES_BLOCK_SIZE);
+		blocksOut = (UInt8 *)blocksOut + (blocks_decrypted * AES_BLOCK_SIZE);
+		numBlocks -= blocks_decrypted;
+	}
+	#endif
+	aes_decrypt_cbc((const unsigned char *)blocksIn,
+		NULL,	/* IV - we set via aes_cc_set_iv */
+		(unsigned)numBlocks, (unsigned char *)blocksOut, &cx->decrypt);
+}
+
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#endif	// defined UseGladmanAES

ADDED   Source/RC2/ccRC2.c
Index: Source/RC2/ccRC2.c
==================================================================
--- /dev/null
+++ Source/RC2/ccRC2.c
@@ -0,0 +1,46 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include <CommonCrypto/rc2.h>
+#include <CommonCrypto/ccRC2.h>
+#include <sys/types.h>
+
+int rc2_cc_set_key(
+	RC2_Schedule *cx, 
+	const void *rawKey, 
+	size_t keyLength)
+{
+	rc2_keyschedule(cx, rawKey, keyLength, keyLength*8);
+	return 0;
+}
+
+void rc2_cc_encrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut)
+{
+	rc2_encrypt(cx, (const unsigned char *)blockIn, (unsigned char *)blockOut);
+}
+
+void rc2_cc_decrypt(RC2_Schedule *cx, const void *blockIn, void *blockOut)
+{
+	rc2_decrypt(cx, (unsigned char *)blockOut, (const unsigned char *)blockIn);
+}
+

ADDED   Source/RC2/rc2.c
Index: Source/RC2/rc2.c
==================================================================
--- /dev/null
+++ Source/RC2/rc2.c
@@ -0,0 +1,158 @@
+/**********************************************************************\ 
+* To commemorate the 1996 RSA Data Security Conference, the following  * 
+* code is released into the public domain by its author.  Prost!       * 
+*                                                                      * 
+* This cipher uses 16-bit words and little-endian byte ordering.       * 
+* I wonder which processor it was optimized for?                       * 
+*                                                                      * 
+* Thanks to CodeView, SoftIce, and D86 for helping bring this code to  * 
+* the public.                                                          * 
+\**********************************************************************/ 
+#include <string.h> 
+#include <assert.h> 
+
+#include <CommonCrypto/rc2.h>
+
+/**********************************************************************\ 
+* Expand a variable-length user key (between 1 and 128 bytes) to a     * 
+* 64-short working rc2 key, of at most "bits" effective key bits.      * 
+* The effective key bits parameter looks like an export control hack.  * 
+* For normal use, it should always be set to 1024.  For convenience,   * 
+* zero is accepted as an alias for 1024.                               * 
+\**********************************************************************/ 
+void rc2_keyschedule( RC2_Schedule *key_schedule, 
+                      const unsigned char *key, 
+                      unsigned len, 
+                      unsigned bits ) 
+        { 
+        unsigned char x; 
+        unsigned i; 
+        /* 256-entry permutation table, probably derived somehow from pi */ 
+        static const unsigned char permute[256] = { 
+            217,120,249,196, 25,221,181,237, 40,233,253,121, 74,160,216,157, 
+            198,126, 55,131, 43,118, 83,142, 98, 76,100,136, 68,139,251,162, 
+             23,154, 89,245,135,179, 79, 19, 97, 69,109,141,  9,129,125, 50, 
+            189,143, 64,235,134,183,123, 11,240,149, 33, 34, 92,107, 78,130, 
+             84,214,101,147,206, 96,178, 28,115, 86,192, 20,167,140,241,220, 
+             18,117,202, 31, 59,190,228,209, 66, 61,212, 48,163, 60,182, 38, 
+            111,191, 14,218, 70,105,  7, 87, 39,242, 29,155,188,148, 67,  3, 
+            248, 17,199,246,144,239, 62,231,  6,195,213, 47,200,102, 30,215, 
+              8,232,234,222,128, 82,238,247,132,170,114,172, 53, 77,106, 42, 
+            150, 26,210,113, 90, 21, 73,116, 75,159,208, 94,  4, 24,164,236, 
+            194,224, 65,110, 15, 81,203,204, 36,145,175, 80,161,244,112, 57, 
+            153,124, 58,133, 35,184,180,122,252,  2, 54, 91, 37, 85,151, 49, 
+             45, 93,250,152,227,138,146,174,  5,223, 41, 16,103,108,186,201, 
+            211,  0,230,207,225,158,168, 44, 99, 22,  1, 63, 88,226,137,169, 
+             13, 56, 52, 27,171, 51,255,176,187, 72, 12, 95,185,177,205, 46, 
+            197,243,219, 71,229,165,156,119, 10,166, 32,104,254,127,193,173 
+        }; 
+        assert(len > 0 && len <= 128); 
+        assert(bits <= 1024); 
+        if (!bits) 
+                bits = 1024; 
+        memcpy(&key_schedule->xkey, key, len); 
+        /* Phase 1: Expand input key to 128 bytes */ 
+        if (len < 128) { 
+                i = 0; 
+                x = ((unsigned char *)key_schedule->xkey)[len-1]; 
+                do { 
+                        x = permute[(x + ((unsigned char *)key_schedule->xkey)[i++]) & 255]; 
+                        ((unsigned char *)key_schedule->xkey)[len++] = x; 
+                } while (len < 128); 
+        } 
+        /* Phase 2 - reduce effective key size to "bits" */ 
+        len = (bits+7) >> 3; 
+        i = 128-len; 
+        x = permute[((unsigned char *)key_schedule->xkey)[i] & (255 >> (7 & -bits))]; 
+        ((unsigned char *)key_schedule->xkey)[i] = x; 
+        while (i--) { 
+                x = permute[ x ^ ((unsigned char *)key_schedule->xkey)[i+len] ]; 
+                ((unsigned char *)key_schedule->xkey)[i] = x; 
+        } 
+        /* Phase 3 - copy to xkey in little-endian order */ 
+        i = 63; 
+        do { 
+                key_schedule->xkey[i] =  ((unsigned char *)key_schedule->xkey)[2*i] + 
+                          (((unsigned char *)key_schedule->xkey)[2*i+1] << 8); 
+        } while (i--); 
+        } 
+/**********************************************************************\ 
+* Encrypt an 8-byte block of plaintext using the given key.            * 
+\**********************************************************************/ 
+void rc2_encrypt( const RC2_Schedule *key_schedule, 
+                  const unsigned char *plain, 
+                  unsigned char *cipher ) 
+        { 
+        unsigned x76, x54, x32, x10, i; 
+        x76 = (plain[7] << 8) + plain[6]; 
+        x54 = (plain[5] << 8) + plain[4]; 
+        x32 = (plain[3] << 8) + plain[2]; 
+        x10 = (plain[1] << 8) + plain[0]; 
+        for (i = 0; i < 16; i++) { 
+                x10 += (x32 & ~x76) + (x54 & x76) + key_schedule->xkey[4*i+0]; 
+                x10 = (x10 << 1) + (x10 >> 15 & 1); 
+                x32 += (x54 & ~x10) + (x76 & x10) + key_schedule->xkey[4*i+1]; 
+                x32 = (x32 << 2) + (x32 >> 14 & 3); 
+                x54 += (x76 & ~x32) + (x10 & x32) + key_schedule->xkey[4*i+2]; 
+                x54 = (x54 << 3) + (x54 >> 13 & 7); 
+                x76 += (x10 & ~x54) + (x32 & x54) + key_schedule->xkey[4*i+3]; 
+                x76 = (x76 << 5) + (x76 >> 11 & 31); 
+                if (i == 4 || i == 10) { 
+                        x10 += key_schedule->xkey[x76 & 63]; 
+                        x32 += key_schedule->xkey[x10 & 63]; 
+                        x54 += key_schedule->xkey[x32 & 63]; 
+                        x76 += key_schedule->xkey[x54 & 63]; 
+                } 
+        } 
+        cipher[0] = (unsigned char)x10; 
+        cipher[1] = (unsigned char)(x10 >> 8); 
+        cipher[2] = (unsigned char)x32; 
+        cipher[3] = (unsigned char)(x32 >> 8); 
+        cipher[4] = (unsigned char)x54; 
+        cipher[5] = (unsigned char)(x54 >> 8); 
+        cipher[6] = (unsigned char)x76; 
+        cipher[7] = (unsigned char)(x76 >> 8); 
+        } 
+/**********************************************************************\ 
+* Decrypt an 8-byte block of ciphertext using the given key.           * 
+\**********************************************************************/ 
+void rc2_decrypt( const RC2_Schedule *key_schedule, 
+                  unsigned char *plain, 
+                  const unsigned char *cipher ) 
+        { 
+        unsigned x76, x54, x32, x10, i; 
+        x76 = (cipher[7] << 8) + cipher[6]; 
+        x54 = (cipher[5] << 8) + cipher[4]; 
+        x32 = (cipher[3] << 8) + cipher[2]; 
+        x10 = (cipher[1] << 8) + cipher[0]; 
+        i = 15; 
+        do { 
+                x76 &= 65535; 
+                x76 = (x76 << 11) + (x76 >> 5); 
+                x76 -= (x10 & ~x54) + (x32 & x54) + key_schedule->xkey[4*i+3]; 
+                x54 &= 65535; 
+                x54 = (x54 << 13) + (x54 >> 3); 
+                x54 -= (x76 & ~x32) + (x10 & x32) + key_schedule->xkey[4*i+2]; 
+                x32 &= 65535; 
+                x32 = (x32 << 14) + (x32 >> 2); 
+                x32 -= (x54 & ~x10) + (x76 & x10) + key_schedule->xkey[4*i+1]; 
+                x10 &= 65535; 
+                x10 = (x10 << 15) + (x10 >> 1); 
+                x10 -= (x32 & ~x76) + (x54 & x76) + key_schedule->xkey[4*i+0]; 
+                if (i == 5 || i == 11) { 
+                        x76 -= key_schedule->xkey[x54 & 63]; 
+                        x54 -= key_schedule->xkey[x32 & 63]; 
+                        x32 -= key_schedule->xkey[x10 & 63]; 
+                        x10 -= key_schedule->xkey[x76 & 63]; 
+                } 
+        } while (i--); 
+        plain[0] = (unsigned char)x10; 
+        plain[1] = (unsigned char)(x10 >> 8); 
+        plain[2] = (unsigned char)x32; 
+        plain[3] = (unsigned char)(x32 >> 8); 
+        plain[4] = (unsigned char)x54; 
+        plain[5] = (unsigned char)(x54 >> 8); 
+        plain[6] = (unsigned char)x76; 
+        plain[7] = (unsigned char)(x76 >> 8); 
+        } 
+

ADDED   Source/RC4/rc4_enc.c
Index: Source/RC4/rc4_enc.c
==================================================================
--- /dev/null
+++ Source/RC4/rc4_enc.c
@@ -0,0 +1,332 @@
+/*
+ * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please obtain
+ * a copy of the License at http://www.apple.com/publicsource and read it before
+ * using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
+ * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
+ * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
+ * specific language governing rights and limitations under the License.
+ */
+
+
+/* crypto/rc4/rc4_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/rc4.h>
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+	     unsigned char *outdata)
+	{
+        register RC4_INT *d;
+        register RC4_INT x,y,tx,ty;
+	int i;
+        
+        x=key->x;     
+        y=key->y;     
+        d=key->data; 
+
+#if defined(RC4_CHUNK)
+	/*
+	 * The original reason for implementing this(*) was the fact that
+	 * pre-21164a Alpha CPUs don't have byte load/store instructions
+	 * and e.g. a byte store has to be done with 64-bit load, shift,
+	 * and, or and finally 64-bit store. Peaking data and operating
+	 * at natural word size made it possible to reduce amount of
+	 * instructions as well as to perform early read-ahead without
+	 * suffering from RAW (read-after-write) hazard. This resulted
+	 * in ~40%(**) performance improvement on 21064 box with gcc.
+	 * But it's not only Alpha users who win here:-) Thanks to the
+	 * early-n-wide read-ahead this implementation also exhibits
+	 * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
+	 * on sizeof(RC4_INT)).
+	 *
+	 * (*)	"this" means code which recognizes the case when input
+	 *	and output pointers appear to be aligned at natural CPU
+	 *	word boundary
+	 * (**)	i.e. according to 'apps/openssl speed rc4' benchmark,
+	 *	crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
+	 *
+	 * Cavets.
+	 *
+	 * - RC4_CHUNK="unsigned long long" should be a #1 choice for
+	 *   UltraSPARC. Unfortunately gcc generates very slow code
+	 *   (2.5-3 times slower than one generated by Sun's WorkShop
+	 *   C) and therefore gcc (at least 2.95 and earlier) should
+	 *   always be told that RC4_CHUNK="unsigned long".
+	 *
+	 *					<appro@fy.chalmers.se>
+	 */
+
+# define RC4_STEP	( \
+			x=(x+1) &0xff,	\
+			tx=d[x],	\
+			y=(tx+y)&0xff,	\
+			ty=d[y],	\
+			d[y]=tx,	\
+			d[x]=ty,	\
+			(RC4_CHUNK)d[(tx+ty)&0xff]\
+			)
+
+	if ( ( ((unsigned long)indata  & (sizeof(RC4_CHUNK)-1)) | 
+	       ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 )
+		{
+		RC4_CHUNK ichunk,otp;
+		const union { long one; char little; } is_endian = {1};
+
+		/*
+		 * I reckon we can afford to implement both endian
+		 * cases and to decide which way to take at run-time
+		 * because the machine code appears to be very compact
+		 * and redundant 1-2KB is perfectly tolerable (i.e.
+		 * in case the compiler fails to eliminate it:-). By
+		 * suggestion from Terrel Larson <terr@terralogic.net>
+		 * who also stands for the is_endian union:-)
+		 *
+		 * Special notes.
+		 *
+		 * - is_endian is declared automatic as doing otherwise
+		 *   (declaring static) prevents gcc from eliminating
+		 *   the redundant code;
+		 * - compilers (those I've tried) don't seem to have
+		 *   problems eliminating either the operators guarded
+		 *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
+		 *   expressions themselves so I've got 'em to replace
+		 *   corresponding #ifdefs from the previous version;
+		 * - I chose to let the redundant switch cases when
+		 *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
+		 *   before);
+		 * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
+		 *   [LB]ESHFT guards against "shift is out of range"
+		 *   warnings when sizeof(RC4_CHUNK)!=8 
+		 *
+		 *			<appro@fy.chalmers.se>
+		 */
+		if (!is_endian.little)
+			{	/* BIG-ENDIAN CASE */
+# define BESHFT(c)	(((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
+			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
+				{
+				ichunk  = *(RC4_CHUNK *)indata;
+				otp  = RC4_STEP<<BESHFT(0);
+				otp |= RC4_STEP<<BESHFT(1);
+				otp |= RC4_STEP<<BESHFT(2);
+				otp |= RC4_STEP<<BESHFT(3);
+				if (sizeof(RC4_CHUNK)==8)
+					{
+					otp |= RC4_STEP<<BESHFT(4);
+					otp |= RC4_STEP<<BESHFT(5);
+					otp |= RC4_STEP<<BESHFT(6);
+					otp |= RC4_STEP<<BESHFT(7);
+					}
+				*(RC4_CHUNK *)outdata = otp^ichunk;
+				indata  += sizeof(RC4_CHUNK);
+				outdata += sizeof(RC4_CHUNK);
+				}
+			if (len)
+				{
+				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
+
+				ichunk = *(RC4_CHUNK *)indata;
+				ochunk = *(RC4_CHUNK *)outdata;
+				otp = 0;
+				i = BESHFT(0);
+				mask <<= (sizeof(RC4_CHUNK)-len)<<3;
+				switch (len&(sizeof(RC4_CHUNK)-1))
+					{
+					case 7:	otp  = RC4_STEP<<i, i-=8;
+					case 6:	otp |= RC4_STEP<<i, i-=8;
+					case 5:	otp |= RC4_STEP<<i, i-=8;
+					case 4:	otp |= RC4_STEP<<i, i-=8;
+					case 3:	otp |= RC4_STEP<<i, i-=8;
+					case 2:	otp |= RC4_STEP<<i, i-=8;
+					case 1:	otp |= RC4_STEP<<i, i-=8;
+					case 0: ; /*
+						   * it's never the case,
+						   * but it has to be here
+						   * for ultrix?
+						   */
+					}
+				ochunk &= ~mask;
+				ochunk |= (otp^ichunk) & mask;
+				*(RC4_CHUNK *)outdata = ochunk;
+				}
+			key->x=x;     
+			key->y=y;
+			return;
+			}	/* big-endian */
+		else
+			{	/* LITTLE-ENDIAN CASE */
+# define LESHFT(c)	(((c)*8)&(sizeof(RC4_CHUNK)*8-1))
+			for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK))
+				{
+				ichunk  = *(RC4_CHUNK *)indata;
+				otp  = RC4_STEP;
+				otp |= RC4_STEP<<8;
+				otp |= RC4_STEP<<16;
+				otp |= RC4_STEP<<24;
+				if (sizeof(RC4_CHUNK)==8)
+					{
+					otp |= RC4_STEP<<LESHFT(4);
+					otp |= RC4_STEP<<LESHFT(5);
+					otp |= RC4_STEP<<LESHFT(6);
+					otp |= RC4_STEP<<LESHFT(7);
+					}
+				*(RC4_CHUNK *)outdata = otp^ichunk;
+				indata  += sizeof(RC4_CHUNK);
+				outdata += sizeof(RC4_CHUNK);
+				}
+			if (len)
+				{
+				RC4_CHUNK mask=(RC4_CHUNK)-1, ochunk;
+
+				ichunk = *(RC4_CHUNK *)indata;
+				ochunk = *(RC4_CHUNK *)outdata;
+				otp = 0;
+				i   = 0;
+				mask >>= (sizeof(RC4_CHUNK)-len)<<3;
+				switch (len&(sizeof(RC4_CHUNK)-1))
+					{
+					case 7:	otp  = RC4_STEP,    i+=8;
+					case 6:	otp |= RC4_STEP<<i, i+=8;
+					case 5:	otp |= RC4_STEP<<i, i+=8;
+					case 4:	otp |= RC4_STEP<<i, i+=8;
+					case 3:	otp |= RC4_STEP<<i, i+=8;
+					case 2:	otp |= RC4_STEP<<i, i+=8;
+					case 1:	otp |= RC4_STEP<<i, i+=8;
+					case 0: ; /*
+						   * it's never the case,
+						   * but it has to be here
+						   * for ultrix?
+						   */
+					}
+				ochunk &= ~mask;
+				ochunk |= (otp^ichunk) & mask;
+				*(RC4_CHUNK *)outdata = ochunk;
+				}
+			key->x=x;     
+			key->y=y;
+			return;
+			} /* little-endian */
+		}
+#endif
+#define LOOP(in,out) \
+		x=((x+1)&0xff); \
+		tx=d[x]; \
+		y=(tx+y)&0xff; \
+		d[x]=ty=d[y]; \
+		d[y]=tx; \
+		(out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
+#endif
+
+	i=(int)(len>>3L);
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0);
+			RC4_LOOP(indata,outdata,1);
+			RC4_LOOP(indata,outdata,2);
+			RC4_LOOP(indata,outdata,3);
+			RC4_LOOP(indata,outdata,4);
+			RC4_LOOP(indata,outdata,5);
+			RC4_LOOP(indata,outdata,6);
+			RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+			indata+=8;
+			outdata+=8;
+#endif
+			if (--i == 0) break;
+			}
+		}
+	i=(int)len&0x07;
+	if (i)
+		{
+		for (;;)
+			{
+			RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+			RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+			}
+		}               
+	key->x=x;     
+	key->y=y;
+	}

ADDED   Source/RC4/rc4_skey.c
Index: Source/RC4/rc4_skey.c
==================================================================
--- /dev/null
+++ Source/RC4/rc4_skey.c
@@ -0,0 +1,140 @@
+/*
+ * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please obtain
+ * a copy of the License at http://www.apple.com/publicsource and read it before
+ * using this file.
+ * 
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
+ * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
+ * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
+ * specific language governing rights and limitations under the License.
+ */
+
+
+/* crypto/rc4/rc4_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/rc4.h>
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+
+#include "rc4_locl.h"
+#include <openssl/opensslv.h>
+
+const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT;
+
+const char *RC4_options(void)
+	{
+#ifdef RC4_INDEX
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(idx,char)");
+	else
+		return("rc4(idx,int)");
+#else
+	if (sizeof(RC4_INT) == 1)
+		return("rc4(ptr,char)");
+	else
+		return("rc4(ptr,int)");
+#endif
+	}
+
+#endif	/* _APPLE_COMMON_CRYPTO_*/
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+	{
+        register RC4_INT tmp;
+        register int id1,id2;
+        register RC4_INT *d;
+        unsigned int i;
+        
+        d= &(key->data[0]);
+	for (i=0; i<256; i++)
+		d[i]=i;
+        key->x = 0;     
+        key->y = 0;     
+        id1=id2=0;     
+
+#define SK_LOOP(n) { \
+		tmp=d[(n)]; \
+		id2 = (data[id1] + tmp + id2) & 0xff; \
+		if (++id1 == len) id1=0; \
+		d[(n)]=d[id2]; \
+		d[id2]=tmp; }
+
+	for (i=0; i < 256; i+=4)
+		{
+		SK_LOOP(i+0);
+		SK_LOOP(i+1);
+		SK_LOOP(i+2);
+		SK_LOOP(i+3);
+		}
+	}
+    

ADDED   Source/StreamCipher.c
Index: Source/StreamCipher.c
==================================================================
--- /dev/null
+++ Source/StreamCipher.c
@@ -0,0 +1,128 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "CommonCryptorPriv.h"
+#include "StreamCipher.h"
+#include <CommonCrypto/rc4.h>
+
+/* 
+ * RC4 stream cipher.
+ * SPI-specific context is just a RC4_KEY.
+ */
+static CCCryptorStatus CCRC4ContextSize(
+	CCOperation op, 
+	CCAlgorithm alg, 
+	size_t *ctxSize)
+{
+	*ctxSize = sizeof(RC4_KEY);
+	return kCCSuccess;
+}
+
+static CCCryptorStatus CCRC4Init(
+	void *ctx,
+	CCOperation op,			/* kCCEncrypt, kCCDecrypt */
+	CCAlgorithm alg,		/* kCCAlgDES, etc. */
+	CCOptions options,		/* kCCOptionPKCS7Padding, etc. */
+	const void *key,		/* raw key material */
+	size_t keyLength,	
+	const void *iv)			/* optional initialization vector */
+{
+	RC4_KEY *rc4Key = (RC4_KEY *)ctx;
+	
+	if(key == NULL) {
+		return kCCParamError;
+	}
+	RC4_set_key(rc4Key, keyLength, key);
+	return kCCSuccess;
+}
+
+/* no release - just zero our memory */
+
+static CCCryptorStatus CCRC4Update(
+   void *ctx,
+   const void *dataIn,
+   size_t dataInLen,
+   void *dataOut,           /* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)		/* number of bytes written */
+{
+	RC4_KEY *rc4Key = (RC4_KEY *)ctx;
+	
+	if((dataIn == NULL) || (dataOut == NULL) || (dataOutMoved == NULL)) {
+		return kCCParamError;
+	}
+	if(dataOutAvailable < dataInLen) {
+		return kCCBufferTooSmall;
+	}
+	RC4(rc4Key, dataInLen, dataIn, dataOut);
+	*dataOutMoved = dataInLen;
+	return kCCSuccess;
+}
+
+static CCCryptorStatus CCRC4Final(
+   void *ctx,
+   void *dataOut,           /* data RETURNED here */
+	size_t dataOutAvailable,
+	size_t *dataOutMoved)	/* number of bytes written */
+{
+	if(dataOutMoved) {
+		*dataOutMoved = 0;
+	}
+	return kCCSuccess;
+}
+
+/* no reset - not supported */
+
+/* normal OutputSize */
+static size_t CCRC4OutputSize(
+	void *ctx, size_t inputLength, bool final)
+{
+	return inputLength;
+}
+
+/* one-shot size */
+static CCCryptorStatus CCRC4OneShotSize(
+	CCOperation op,
+	CCAlgorithm alg,
+	CCOptions options,
+	size_t inputLen,
+	size_t *outputLen)
+{
+	*outputLen = inputLen;
+	return kCCSuccess;
+}
+
+/* 
+ * Callouts used by CommonCryptor.
+ */
+const CCCryptSpiCallouts ccRC4Callouts = 
+{
+	CCRC4ContextSize,
+	CCRC4Init,
+	NULL,			/* release */
+	CCRC4Update,
+	CCRC4Final,
+	NULL,			/* reset */
+	CCRC4OutputSize,
+	CCRC4OneShotSize,
+};

ADDED   Source/StreamCipher.h
Index: Source/StreamCipher.h
==================================================================
--- /dev/null
+++ Source/StreamCipher.h
@@ -0,0 +1,47 @@
+/* 
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/* 
+ * StreamCipher.h - CommonCryptor SPI interfaces for stream ciphers.
+ */
+
+#ifndef	_CC_STREAM_CIPHER_
+#define	_CC_STREAM_CIPHER_
+
+#include "CommonCryptorPriv.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * CommonCryptor access all of our functionality through these callouts. 
+ */
+extern const CCCryptSpiCallouts ccRC4Callouts;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _CC_STREAM_CIPHER_ */
+

ADDED   Source/ccDES.c
Index: Source/ccDES.c
==================================================================
--- /dev/null
+++ Source/ccDES.c
@@ -0,0 +1,570 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/* set to 1 for statically allocated lookup tables */
+#define STATIC_PERMS	0
+
+#include "ccDES.h"
+#include <pthread.h>
+
+#if	!STATIC_PERMS
+#include <stdlib.h>
+#endif
+
+#ifndef	NULL
+#define NULL	((void *)0)
+#endif	/* NULL */
+
+#define DES_DEBUG	0	/* enables some printfs */
+
+/* Sofware DES functions
+ * written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
+ * the 1977 public-domain program by Jim Gillogly
+ */
+
+#ifdef	__LITTLE_ENDIAN__
+/* Byte swap a long */
+static unsigned int byteswap(unsigned int x) {
+        register char *cp,tmp;
+
+        cp = (char *)&x;
+        tmp = cp[3];
+        cp[3] = cp[0];
+        cp[0] = tmp;
+
+        tmp = cp[2];
+        cp[2] = cp[1];
+        cp[1] = tmp;
+
+        return x;
+}
+#endif
+
+/* Tables defined in the Data Encryption Standard documents */
+
+/* initial permutation IP */
+static const char ip[] = {
+	58, 50, 42, 34, 26, 18, 10,  2,
+	60, 52, 44, 36, 28, 20, 12,  4,
+	62, 54, 46, 38, 30, 22, 14,  6,
+	64, 56, 48, 40, 32, 24, 16,  8,
+	57, 49, 41, 33, 25, 17,  9,  1,
+	59, 51, 43, 35, 27, 19, 11,  3,
+	61, 53, 45, 37, 29, 21, 13,  5,
+	63, 55, 47, 39, 31, 23, 15,  7
+};
+
+/* final permutation IP^-1 */
+static const char fp[] = {
+	40,  8, 48, 16, 56, 24, 64, 32,
+	39,  7, 47, 15, 55, 23, 63, 31,
+	38,  6, 46, 14, 54, 22, 62, 30,
+	37,  5, 45, 13, 53, 21, 61, 29,
+	36,  4, 44, 12, 52, 20, 60, 28,
+	35,  3, 43, 11, 51, 19, 59, 27,
+	34,  2, 42, 10, 50, 18, 58, 26,
+	33,  1, 41,  9, 49, 17, 57, 25
+};
+
+/* expansion operation matrix
+ * This is for reference only; it is unused in the code
+ * as the f() function performs it implicitly for speed
+ */
+#ifdef notdef
+static char ei[] = {
+	32,  1,  2,  3,  4,  5,
+	 4,  5,  6,  7,  8,  9,
+	 8,  9, 10, 11, 12, 13,
+	12, 13, 14, 15, 16, 17,
+	16, 17, 18, 19, 20, 21,
+	20, 21, 22, 23, 24, 25,
+	24, 25, 26, 27, 28, 29,
+	28, 29, 30, 31, 32,  1
+};
+#endif
+
+/* permuted choice table (key) */
+static const char pc1[] = {
+	57, 49, 41, 33, 25, 17,  9,
+	 1, 58, 50, 42, 34, 26, 18,
+	10,  2, 59, 51, 43, 35, 27,
+	19, 11,  3, 60, 52, 44, 36,
+
+	63, 55, 47, 39, 31, 23, 15,
+	 7, 62, 54, 46, 38, 30, 22,
+	14,  6, 61, 53, 45, 37, 29,
+	21, 13,  5, 28, 20, 12,  4
+};
+
+/* number left rotations of pc1 */
+static const char totrot[] = {
+	1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
+};
+
+/* permuted choice key (table) */
+static const char pc2[] = {
+	14, 17, 11, 24,  1,  5,
+	 3, 28, 15,  6, 21, 10,
+	23, 19, 12,  4, 26,  8,
+	16,  7, 27, 20, 13,  2,
+	41, 52, 31, 37, 47, 55,
+	30, 40, 51, 45, 33, 48,
+	44, 49, 39, 56, 34, 53,
+	46, 42, 50, 36, 29, 32
+};
+
+/* The (in)famous S-boxes */
+static const char si[8][64] = {
+    {
+	/* S1 */
+	14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7,
+	 0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8,
+	 4,  1, 14,  8, 13,  6,  2, 11, 15, 12,  9,  7,  3, 10,  5,  0,
+	15, 12,  8,  2,  4,  9,  1,  7,  5, 11,  3, 14, 10,  0,  6, 13
+    },
+    {
+	/* S2 */
+	15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2, 13, 12,  0,  5, 10,
+	 3, 13,  4,  7, 15,  2,  8, 14, 12,  0,  1, 10,  6,  9, 11,  5,
+	 0, 14,  7, 11, 10,  4, 13,  1,  5,  8, 12,  6,  9,  3,  2, 15,
+	13,  8, 10,  1,  3, 15,  4,  2, 11,  6,  7, 12,  0,  5, 14,  9
+    },
+    {
+	/* S3 */
+	10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,  7, 11,  4,  2,  8,
+	13,  7,  0,  9,  3,  4,  6, 10,  2,  8,  5, 14, 12, 11, 15,  1,
+	13,  6,  4,  9,  8, 15,  3,  0, 11,  1,  2, 12,  5, 10, 14,  7,
+	 1, 10, 13,  0,  6,  9,  8,  7,  4, 15, 14,  3, 11,  5,  2, 12
+    },
+    {
+	/* S4 */
+	 7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,  5, 11, 12,  4, 15,
+	13,  8, 11,  5,  6, 15,  0,  3,  4,  7,  2, 12,  1, 10, 14,  9,
+	10,  6,  9,  0, 12, 11,  7, 13, 15,  1,  3, 14,  5,  2,  8,  4,
+	 3, 15,  0,  6, 10,  1, 13,  8,  9,  4,  5, 11, 12,  7,  2, 14
+    },
+    {
+	/* S5 */
+	 2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3, 15, 13,  0, 14,  9,
+	14, 11,  2, 12,  4,  7, 13,  1,  5,  0, 15, 10,  3,  9,  8,  6,
+	 4,  2,  1, 11, 10, 13,  7,  8, 15,  9, 12,  5,  6,  3,  0, 14,
+	11,  8, 12,  7,  1, 14,  2, 13,  6, 15,  0,  9, 10,  4,  5,  3
+    },
+    {
+	/* S6 */
+	12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,  4, 14,  7,  5, 11,
+	10, 15,  4,  2,  7, 12,  9,  5,  6,  1, 13, 14,  0, 11,  3,  8,
+	 9, 14, 15,  5,  2,  8, 12,  3,  7,  0,  4, 10,  1, 13, 11,  6,
+	 4,  3,  2, 12,  9,  5, 15, 10, 11, 14,  1,  7,  6,  0,  8, 13
+    },
+    {
+	/* S7 */
+	 4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,  7,  5, 10,  6,  1,
+	13,  0, 11,  7,  4,  9,  1, 10, 14,  3,  5, 12,  2, 15,  8,  6,
+	 1,  4, 11, 13, 12,  3,  7, 14, 10, 15,  6,  8,  0,  5,  9,  2,
+	 6, 11, 13,  8,  1,  4, 10,  7,  9,  5,  0, 15, 14,  2,  3, 12
+    },
+    {
+	/* S8 */
+	13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3, 14,  5,  0, 12,  7,
+	 1, 15, 13,  8, 10,  3,  7,  4, 12,  5,  6, 11,  0, 14,  9,  2,
+	 7, 11,  4,  1,  9, 12, 14,  2,  0,  6, 10, 13, 15,  3,  5,  8,
+	 2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11
+    }
+};
+
+/* 32-bit permutation function P used on the output of the S-boxes */
+static const char p32i[] = {
+	16,  7, 20, 21,
+	29, 12, 28, 17,
+	 1, 15, 23, 26,
+	 5, 18, 31, 10,
+	 2,  8, 24, 14,
+	32, 27,  3,  9,
+	19, 13, 30,  6,
+	22, 11,  4, 25
+};
+/* End of DES-defined tables */
+
+/* Lookup tables initialized once only at startup by desinit() */
+#if STATIC_PERMS
+static int sp[8][64];			/* Combined S and P boxes */
+static char iperm[16][16][8];	/* Initial and final permutations */
+static char fperm[16][16][8];
+static char perms_init = 0;
+#else
+static int (*sp)[64];		/* Combined S and P boxes */
+static char (*iperm)[16][8];	/* Initial and final permutations */
+static char (*fperm)[16][8];
+#endif
+
+/* bit 0 is left-most in byte */
+static const int bytebit[] = {
+	0200,0100,040,020,010,04,02,01
+};
+
+static const int nibblebit[] = {
+	 010,04,02,01
+};
+
+/* Allocate space and initialize DES lookup arrays
+ * mode == 0: standard Data Encryption Algorithm
+ * mode == 1: DEA without initial and final permutations for speed
+ * mode == 2: DEA without permutations and with 128-byte key (completely
+ *            independent subkeys for each round)
+ */
+/* Initialize the lookup table for the combined S and P boxes */
+static void spinit() {
+    char pbox[32];
+    int p,i,s,j,rowcol;
+    int val;
+
+    /* Compute pbox, the inverse of p32i.
+       * This is easier to work with
+       */
+    for(p=0;p<32;p++){
+        for(i=0;i<32;i++){
+            if(p32i[i]-1 == p){
+                pbox[p] = i;
+                break;
+            }
+        }
+    }
+    for(s = 0; s < 8; s++){			/* For each S-box */
+        for(i=0; i<64; i++){		/* For each possible input */
+            val = 0;
+            /* The row number is formed from the first and last
+               * bits; the column number is from the middle 4
+               */
+            rowcol = (i & 32) | ((i & 1) ? 16 : 0) | ((i >> 1) & 0xf);
+            for(j=0;j<4;j++){	/* For each output bit */
+                if(si[s][rowcol] & (8 >> j)){
+                    val |= 1L << (31 - pbox[4*s + j]);
+                }
+            }
+            sp[s][i] = val;
+
+#if	DES_DEBUG
+            printf("sp[%d][%2d] = %08lx\n",s,i,sp[s][i]);
+#endif
+        }
+    }
+}
+
+/* initialize a perm array */
+static void perminit(char perm[16][16][8], const char p[64]) {
+        register int l, j, k;
+        int i,m;
+
+        /* Clear the permutation array */
+        for (i=0; i<16; i++)
+                for (j=0; j<16; j++)
+                        for (k=0; k<8; k++)
+                                perm[i][j][k]=0;
+
+        for (i=0; i<16; i++)		/* each input nibble position */
+                for (j = 0; j < 16; j++)/* each possible input nibble */
+                for (k = 0; k < 64; k++)/* each output bit position */
+                {   l = p[k] - 1;	/* where does this bit come from*/
+                        if ((l >> 2) != i)  /* does it come from input posn?*/
+                        continue;	/* if not, bit k is 0	 */
+                        if (!(j & nibblebit[l & 3]))
+                        continue;	/* any such bit in input? */
+                        m = k & 07;	/* which bit is this in the byte*/
+                        perm[i][j][k>>3] |= bytebit[m];
+                }
+}
+
+/*
+ * This is NOT thread-safe. Caller must ensure single-threaded access. */
+static int ccDesinit(void) {
+
+	/*
+	 * Remainder only has to be done once.
+	 */
+	#if		STATIC_PERMS
+	/* statically allocated */
+	if(perms_init) {
+		return 0;
+	}
+	#else
+	/* malloc the perm tables */
+	if(sp != NULL){
+		/* Already initialized */
+		return 0;
+	}
+	if((sp = (int (*)[64])malloc(sizeof(int) * 8 * 64)) == NULL){
+		return -1;
+	}
+	iperm = (char (*)[16][8])malloc(sizeof(char) * 16 * 16 * 8);
+	if(iperm == NULL){
+		free((char *)sp);
+		return -1;
+	}
+	fperm = (char (*)[16][8])malloc(sizeof(char) * 16 * 16 * 8);
+	if(fperm == NULL){
+		free((char *)sp);
+		free((char *)iperm);
+		return -1;
+	}
+	#endif	/* STATIC_PERMS */
+	
+	/* common code to init the perm tables */
+	spinit();
+	perminit(iperm,ip);
+	perminit(fperm,fp);
+	#if		STATIC_PERMS
+	perms_init = 1;
+	#endif
+	return 0;
+}
+
+/* protect ccDesinit() like so */
+static pthread_mutex_t ccDesMutex = PTHREAD_MUTEX_INITIALIZER;
+static int ccDesInitFlag = 0;
+
+/* Set key (initialize key schedule array) */
+int ccDessetkey(desInst dinst, char *key, size_t keyLength) {
+	char pc1m[56];		/* place to modify pc1 into */
+	char pcr[56];		/* place to rotate pc1 into */
+	register int i,j,l;
+	int m;
+
+	if(!ccDesInitFlag) {
+		int ourRtn = 0;
+		pthread_mutex_lock(&ccDesMutex);
+		if(!ccDesInitFlag) {
+			ourRtn = ccDesinit();
+			if(!ourRtn) {
+				ccDesInitFlag = 1;
+			}
+		}
+		pthread_mutex_unlock(&ccDesMutex);
+		if(ourRtn) {
+			return ourRtn;
+		}
+	}	
+	
+	/* Clear key schedule */
+	for (i=0; i<16; i++)
+		for (j=0; j<8; j++)
+			dinst->kn[i][j]=0;
+
+	for (j=0; j<56; j++) {		/* convert pc1 to bits of key */
+		l=pc1[j]-1;		/* integer bit location	 */
+		m = l & 07;		/* find bit		 */
+		pc1m[j]=(key[l>>3] &	/* find which key byte l is in */
+			bytebit[m])	/* and which bit of that byte */
+			? 1 : 0;	/* and store 1-bit result */
+	}
+	for (i=0; i<16; i++) {		/* key chunk for each iteration */
+		for (j=0; j<56; j++)	/* rotate pc1 the right amount */
+			pcr[j] = pc1m[(l=j+totrot[i])<(j<28? 28 : 56) ? l: l-28];
+			/* rotate left and right halves independently */
+		for (j=0; j<48; j++){	/* select bits individually */
+			/* check bit that goes to dinst->kn[j] */
+			if (pcr[pc2[j]-1]){
+				/* mask it in if it's there */
+				l= j % 6;
+				dinst->kn[i][j/6] |= bytebit[l] >> 2;
+			}
+		}
+	}
+#if	DES_DEBUG
+	for(i=0;i<16;i++) {
+		printf("dinst->kn[%d] = ", i);
+		for(j=0;j<8;j++) {
+			printf("%x ", dinst->kn[i][j]);
+		}
+		printf("\n");
+	}
+
+#endif	/* DES_DEBUG */
+	return 0;
+}
+
+/* The nonlinear function f(r,k), the heart of DES */
+static int f(unsigned r, unsigned char subkey[8]) {
+		/* 32 bits */
+	/* 48-bit key for this round */
+	register unsigned rval,rt;
+#if	DES_DEBUG
+	printf("f(%08lx, %02x %02x %02x %02x %02x %02x %02x %02x) = ",
+		r,
+		subkey[0], subkey[1], subkey[2],
+		subkey[3], subkey[4], subkey[5],
+		subkey[6], subkey[7]);
+#endif
+	/* Run E(R) ^ K through the combined S & P boxes
+	 * This code takes advantage of a convenient regularity in
+	 * E, namely that each group of 6 bits in E(R) feeding
+	 * a single S-box is a contiguous segment of R.
+	 */
+	rt = (r >> 1) | ((r & 1) ? 0x80000000 : 0);
+	rval = 0;
+	rval |= sp[0][((rt >> 26) ^ *subkey++) & 0x3f];
+	rval |= sp[1][((rt >> 22) ^ *subkey++) & 0x3f];
+	rval |= sp[2][((rt >> 18) ^ *subkey++) & 0x3f];
+	rval |= sp[3][((rt >> 14) ^ *subkey++) & 0x3f];
+	rval |= sp[4][((rt >> 10) ^ *subkey++) & 0x3f];
+	rval |= sp[5][((rt >> 6) ^ *subkey++) & 0x3f];
+	rval |= sp[6][((rt >> 2) ^ *subkey++) & 0x3f];
+	rt = (r << 1) | ((r & 0x80000000) ? 1 : 0);
+	rval |= sp[7][(rt ^ *subkey) & 0x3f];
+#if	DES_DEBUG
+	printf(" %08lx\n",rval);
+#endif
+	return rval;
+}
+
+/* Do one DES cipher round */
+static void ccRound(desInst dinst, int num, unsigned *block) {
+				/* i.e. the num-th one	 */
+
+    /* The rounds are numbered from 0 to 15. On even rounds
+       * the right half is fed to f() and the result exclusive-ORs
+       * the left half; on odd rounds the reverse is done.
+       */
+    if(num & 1){
+        block[1] ^= f(block[0],dinst->kn[num]);
+    } else {
+        block[0] ^= f(block[1],dinst->kn[num]);
+    }
+}
+
+/* Permute inblock with perm */
+static void permute(char *inblock, char perm[16][16][8], char *outblock) {
+    /* result into outblock,64 bits */
+    /* 2K bytes defining perm. */
+    register int i,j;
+    register char *ib, *ob;		/* ptr to input or output block */
+    register char *p, *q;
+
+    if(perm == NULL){
+        /* No permutation, just copy */
+        for(i=8; i!=0; i--)
+            *outblock++ = *inblock++;
+        return;
+    }
+    /* Clear output block	 */
+    for (i=8, ob = outblock; i != 0; i--)
+        *ob++ = 0;
+
+    ib = inblock;
+    for (j = 0; j < 16; j += 2, ib++) { /* for each input nibble */
+        ob = outblock;
+        p = perm[j][(*ib >> 4) & 017];
+        q = perm[j + 1][*ib & 017];
+        for (i = 8; i != 0; i--){   /* and each output byte */
+            *ob++ |= *p++ | *q++;	/* OR the masks together*/
+        }
+    }
+}
+/* In-place encryption of 64-bit block */
+void ccEndes(desInst dinst, char *blockIn, char *blockOut) {
+	register int i;
+	unsigned work[2]; 		/* Working data storage */
+	unsigned tmp;
+
+	permute(blockIn, iperm, (char *)work);	/* Initial Permutation */
+#ifdef __LITTLE_ENDIAN__
+	work[0] = byteswap(work[0]);
+	work[1] = byteswap(work[1]);
+#endif
+
+	/* Do the 16 rounds */
+	for (i=0; i<16; i++)
+		ccRound(dinst,i,work);
+
+	/* Left/right half swap */
+	tmp = work[0];
+	work[0] = work[1];
+	work[1] = tmp;
+
+#ifdef __LITTLE_ENDIAN__
+	work[0] = byteswap(work[0]);
+	work[1] = byteswap(work[1]);
+#endif
+	permute((char *)work, fperm, blockOut);	/* Inverse initial permutation */
+}
+
+/* In-place decryption of 64-bit block */
+void ccDedes(desInst dinst, char *blockIn, char *blockOut) {
+	register int i;
+	unsigned work[2];	/* Working data storage */
+	unsigned tmp;
+
+	permute(blockIn, iperm, (char *)work);	/* Initial permutation */
+
+#ifdef __LITTLE_ENDIAN__
+	work[0] = byteswap(work[0]);
+	work[1] = byteswap(work[1]);
+#endif
+
+	/* Left/right half swap */
+	tmp = work[0];
+	work[0] = work[1];
+	work[1] = tmp;
+
+	/* Do the 16 rounds in reverse order */
+	for (i=15; i >= 0; i--)
+		ccRound(dinst,i,work);
+
+#ifdef __LITTLE_ENDIAN__
+	work[0] = byteswap(work[0]);
+	work[1] = byteswap(work[1]);
+#endif
+
+	permute((char *)work, fperm, blockOut);	/* Inverse initial permutation */
+}
+
+/* triple DES */
+int ccDes3setkey(des3Inst dinst, char *key, size_t keyLength)
+{
+	int ourRtn;
+	unsigned dex;
+	
+	for(dex=0; dex<3; dex++) {
+		ourRtn = ccDessetkey(&dinst->desInst[dex], key, DES_KEY_SIZE_BYTES_EXTERNAL);
+		if(ourRtn) {
+			return ourRtn;
+		}
+		key += DES_KEY_SIZE_BYTES_EXTERNAL;
+	}
+	return 0;
+}
+
+void ccEndes3(des3Inst dinst, char *blockIn, char *blockOut)
+{
+	ccEndes(&dinst->desInst[0], blockIn, blockOut);
+	ccDedes(&dinst->desInst[1], blockOut, blockOut);	/* don't touch plaintext */
+	ccEndes(&dinst->desInst[2], blockOut, blockOut);
+}
+
+void ccDedes3(des3Inst dinst, char *blockIn, char *blockOut)
+{
+	ccDedes(&dinst->desInst[2], blockIn, blockOut);
+	ccEndes(&dinst->desInst[1], blockOut, blockOut);	/* don't touch ciphertext */
+	ccDedes(&dinst->desInst[0], blockOut, blockOut);
+}
+

ADDED   Source/ccDES.h
Index: Source/ccDES.h
==================================================================
--- /dev/null
+++ Source/ccDES.h
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef	_CC_DES_H_
+#define _CC_DES_H_
+
+#include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define DES_BLOCK_SIZE_BYTES		8	/* in bytes */
+#define DES_KEY_SIZE_BITS			56	/* effective key size in bits */
+#define DES_KEY_SIZE_BITS_EXTERNAL	64	/* clients actually pass in this much */
+#define DES_KEY_SIZE_BYTES_EXTERNAL	(DES_KEY_SIZE_BITS_EXTERNAL / 8)
+
+/*
+ * Per-instance data.
+ */
+struct _desInst {
+    	/* 8 16-bit subkeys for each of 16 rounds, initialized by setkey()
+    	 */
+	unsigned char kn[16][8];
+};
+
+typedef struct _desInst *desInst;
+
+int ccDessetkey(desInst dinst, char *key, size_t keyLength);
+void ccEndes(desInst dinst, char *blockIn, char *blockOut);
+void ccDedes(desInst dinst, char *blockIn, char *blockOut);
+
+/* triple DES */
+struct _des3Inst {
+	struct _desInst		desInst[3];
+};
+typedef struct _des3Inst *des3Inst;
+
+int ccDes3setkey(des3Inst dinst, char *key, size_t keyLength);
+void ccEndes3(des3Inst dinst, char *blockIn, char *blockOut);
+void ccDedes3(des3Inst dinst, char *blockIn, char *blockOut);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/*_CK_DES_H_*/

ADDED   Source/ccOpenssl/des.h
Index: Source/ccOpenssl/des.h
==================================================================
--- /dev/null
+++ Source/ccOpenssl/des.h
@@ -0,0 +1,240 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_NEW_DES_H
+#define HEADER_NEW_DES_H
+
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
+#endif
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <CommonCrypto/opensslDES.h>
+#include <ccOpenssl/opensslconf.h> 
+#include <ccOpenssl/e_os2.h>	/* OPENSSL_EXTERN */
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+/* avoid symbol collision with libSystem & libcrypto */
+#define DES_encrypt1			CC_DES_encrypt1
+#define DES_set_key_unchecked	CC_DES_set_key_unchecked
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
+# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
+#  define OPENSSL_ENABLE_OLD_DES_SUPPORT
+# endif
+#endif
+
+#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
+# include <openssl/des_old.h>
+#endif
+
+#define DES_KEY_SZ 	(sizeof(DES_cblock))
+#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+
+#define DES_ENCRYPT	1
+#define DES_DECRYPT	0
+
+#define DES_CBC_MODE	0
+#define DES_PCBC_MODE	1
+
+#define DES_ecb2_encrypt(i,o,k1,k2,e) \
+	DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+	DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+	DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+	DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+OPENSSL_DECLARE_GLOBAL(int,DES_check_key);	/* defaults to false */
+#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode);	/* defaults to DES_PCBC_MODE */
+#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+const char *DES_options(void);
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+		      DES_key_schedule *ks1,DES_key_schedule *ks2,
+		      DES_key_schedule *ks3, int enc);
+DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
+		       long length,DES_key_schedule *schedule,
+		       const_DES_cblock *ivec);
+/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
+void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
+		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
+		     int enc);
+void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
+		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+		      int enc);
+void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
+		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+		      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
+void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
+		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
+		     int enc);
+void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
+		     DES_key_schedule *ks,int enc);
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+/* 	This is the DES encryption function that gets called by just about
+	every other DES routine in the library.  You should not use this
+	function except to implement 'modes' of DES.  I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.  The characters are loaded 'little endian'.
+	Data is a pointer to 2 unsigned long's and ks is the
+	DES_key_schedule to use.  enc, is non zero specifies encryption,
+	zero if decryption. */
+void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+/* 	This functions is the same as DES_encrypt1() except that the DES
+	initial permutation (IP) and final permutation (FP) have been left
+	out.  As for DES_encrypt1(), you should not use this function.
+	It is used by the routines in the library that implement triple DES.
+	IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
+	as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
+void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+		  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+		  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
+			  long length,
+			  DES_key_schedule *ks1,DES_key_schedule *ks2,
+			  DES_key_schedule *ks3,DES_cblock *ivec,int enc);
+void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
+			   long length,
+			   DES_key_schedule *ks1,DES_key_schedule *ks2,
+			   DES_key_schedule *ks3,
+			   DES_cblock *ivec1,DES_cblock *ivec2,
+			   int enc);
+void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
+			    long length,DES_key_schedule *ks1,
+			    DES_key_schedule *ks2,DES_key_schedule *ks3,
+			    DES_cblock *ivec,int *num,int enc);
+void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
+			    long length,DES_key_schedule *ks1,
+			    DES_key_schedule *ks2,DES_key_schedule *ks3,
+			    DES_cblock *ivec,int *num);
+
+void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
+		       DES_cblock *out_white);
+
+int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
+		 DES_cblock *iv);
+int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
+		  DES_cblock *iv);
+char *DES_fcrypt(const char *buf,const char *salt, char *ret);
+char *DES_crypt(const char *buf,const char *salt);
+void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
+		     long length,DES_key_schedule *schedule,DES_cblock *ivec);
+void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
+		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
+		      int enc);
+DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
+			long length,int out_count,DES_cblock *seed);
+int DES_random_key(DES_cblock *ret);
+void DES_set_odd_parity(DES_cblock *key);
+int DES_check_key_parity(const_DES_cblock *key);
+int DES_is_weak_key(const_DES_cblock *key);
+/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
+ * DES_set_key_checked if global variable DES_check_key is set,
+ * DES_set_key_unchecked otherwise. */
+int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
+int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
+int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+void DES_string_to_key(const char *str,DES_cblock *key);
+void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
+void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
+		       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
+		       int enc);
+void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
+		       DES_key_schedule *schedule,DES_cblock *ivec,int *num);
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify);
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
+	int verify);
+
+#define DES_fixup_key_parity DES_set_odd_parity
+
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+#ifdef  __cplusplus
+}
+#endif
+
+#endif

ADDED   Source/ccOpenssl/des_enc.c
Index: Source/ccOpenssl/des_enc.c
==================================================================
--- /dev/null
+++ Source/ccOpenssl/des_enc.c
@@ -0,0 +1,411 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <ccOpenssl/des_locl.h>
+
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+	register int i;
+#endif
+	register DES_LONG *s;
+
+	r=data[0];
+	l=data[1];
+
+	IP(r,l);
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	/* clear the top bits on machines with 8byte longs */
+	/* shift left by 2 */
+	r=ROTATE(r,29)&0xffffffffL;
+	l=ROTATE(l,29)&0xffffffffL;
+
+	s=ks->ks->deslong;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop */
+	if (enc)
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r, 0); /*  1 */
+		D_ENCRYPT(r,l, 2); /*  2 */
+		D_ENCRYPT(l,r, 4); /*  3 */
+		D_ENCRYPT(r,l, 6); /*  4 */
+		D_ENCRYPT(l,r, 8); /*  5 */
+		D_ENCRYPT(r,l,10); /*  6 */
+		D_ENCRYPT(l,r,12); /*  7 */
+		D_ENCRYPT(r,l,14); /*  8 */
+		D_ENCRYPT(l,r,16); /*  9 */
+		D_ENCRYPT(r,l,18); /*  10 */
+		D_ENCRYPT(l,r,20); /*  11 */
+		D_ENCRYPT(r,l,22); /*  12 */
+		D_ENCRYPT(l,r,24); /*  13 */
+		D_ENCRYPT(r,l,26); /*  14 */
+		D_ENCRYPT(l,r,28); /*  15 */
+		D_ENCRYPT(r,l,30); /*  16 */
+#else
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+#endif
+		}
+	else
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r,30); /* 16 */
+		D_ENCRYPT(r,l,28); /* 15 */
+		D_ENCRYPT(l,r,26); /* 14 */
+		D_ENCRYPT(r,l,24); /* 13 */
+		D_ENCRYPT(l,r,22); /* 12 */
+		D_ENCRYPT(r,l,20); /* 11 */
+		D_ENCRYPT(l,r,18); /* 10 */
+		D_ENCRYPT(r,l,16); /*  9 */
+		D_ENCRYPT(l,r,14); /*  8 */
+		D_ENCRYPT(r,l,12); /*  7 */
+		D_ENCRYPT(l,r,10); /*  6 */
+		D_ENCRYPT(r,l, 8); /*  5 */
+		D_ENCRYPT(l,r, 6); /*  4 */
+		D_ENCRYPT(r,l, 4); /*  3 */
+		D_ENCRYPT(l,r, 2); /*  2 */
+		D_ENCRYPT(r,l, 0); /*  1 */
+#else
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+#endif
+		}
+
+	/* rotate and clear the top bits on machines with 8byte longs */
+	l=ROTATE(l,3)&0xffffffffL;
+	r=ROTATE(r,3)&0xffffffffL;
+
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	l=r=t=u=0;
+	}
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+	register int i;
+#endif
+	register DES_LONG *s;
+
+	r=data[0];
+	l=data[1];
+
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	/* clear the top bits on machines with 8byte longs */
+	r=ROTATE(r,29)&0xffffffffL;
+	l=ROTATE(l,29)&0xffffffffL;
+
+	s=ks->ks->deslong;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop */
+	if (enc)
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r, 0); /*  1 */
+		D_ENCRYPT(r,l, 2); /*  2 */
+		D_ENCRYPT(l,r, 4); /*  3 */
+		D_ENCRYPT(r,l, 6); /*  4 */
+		D_ENCRYPT(l,r, 8); /*  5 */
+		D_ENCRYPT(r,l,10); /*  6 */
+		D_ENCRYPT(l,r,12); /*  7 */
+		D_ENCRYPT(r,l,14); /*  8 */
+		D_ENCRYPT(l,r,16); /*  9 */
+		D_ENCRYPT(r,l,18); /*  10 */
+		D_ENCRYPT(l,r,20); /*  11 */
+		D_ENCRYPT(r,l,22); /*  12 */
+		D_ENCRYPT(l,r,24); /*  13 */
+		D_ENCRYPT(r,l,26); /*  14 */
+		D_ENCRYPT(l,r,28); /*  15 */
+		D_ENCRYPT(r,l,30); /*  16 */
+#else
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+#endif
+		}
+	else
+		{
+#ifdef DES_UNROLL
+		D_ENCRYPT(l,r,30); /* 16 */
+		D_ENCRYPT(r,l,28); /* 15 */
+		D_ENCRYPT(l,r,26); /* 14 */
+		D_ENCRYPT(r,l,24); /* 13 */
+		D_ENCRYPT(l,r,22); /* 12 */
+		D_ENCRYPT(r,l,20); /* 11 */
+		D_ENCRYPT(l,r,18); /* 10 */
+		D_ENCRYPT(r,l,16); /*  9 */
+		D_ENCRYPT(l,r,14); /*  8 */
+		D_ENCRYPT(r,l,12); /*  7 */
+		D_ENCRYPT(l,r,10); /*  6 */
+		D_ENCRYPT(r,l, 8); /*  5 */
+		D_ENCRYPT(l,r, 6); /*  4 */
+		D_ENCRYPT(r,l, 4); /*  3 */
+		D_ENCRYPT(l,r, 2); /*  2 */
+		D_ENCRYPT(r,l, 0); /*  1 */
+#else
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+#endif
+		}
+	/* rotate and clear the top bits on machines with 8byte longs */
+	data[0]=ROTATE(l,3)&0xffffffffL;
+	data[1]=ROTATE(r,3)&0xffffffffL;
+	l=r=t=u=0;
+	}
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+		  DES_key_schedule *ks2, DES_key_schedule *ks3)
+	{
+	register DES_LONG l,r;
+
+	l=data[0];
+	r=data[1];
+	IP(l,r);
+	data[0]=l;
+	data[1]=r;
+	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+	l=data[0];
+	r=data[1];
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	}
+
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+		  DES_key_schedule *ks2, DES_key_schedule *ks3)
+	{
+	register DES_LONG l,r;
+
+	l=data[0];
+	r=data[1];
+	IP(l,r);
+	data[0]=l;
+	data[1]=r;
+	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+	l=data[0];
+	r=data[1];
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	}
+
+#ifndef DES_DEFAULT_OPTIONS
+
+#undef CBC_ENC_C__DONT_UPDATE_IV
+#include "ncbc_enc.c" /* DES_ncbc_encrypt */
+
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+			  long length, DES_key_schedule *ks1,
+			  DES_key_schedule *ks2, DES_key_schedule *ks3,
+			  DES_cblock *ivec, int enc)
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register const unsigned char *in;
+	unsigned char *out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=input;
+	out=output;
+	iv = &(*ivec)[0];
+
+	if (enc)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		if (l != -8)
+			{
+			c2ln(in,tin0,tin1,l+8);
+			tin0^=tout0;
+			tin1^=tout1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			l2c(tout0,out);
+			l2c(tout1,out);
+			}
+		iv = &(*ivec)[0];
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		register DES_LONG t0,t1;
+
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (l-=8; l>=0; l-=8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+
+			tout0^=xor0;
+			tout1^=xor1;
+			l2c(tout0,out);
+			l2c(tout1,out);
+			xor0=t0;
+			xor1=t1;
+			}
+		if (l != -8)
+			{
+			c2l(in,tin0);
+			c2l(in,tin1);
+			
+			t0=tin0;
+			t1=tin1;
+
+			tin[0]=tin0;
+			tin[1]=tin1;
+			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+			tout0=tin[0];
+			tout1=tin[1];
+		
+			tout0^=xor0;
+			tout1^=xor1;
+			l2cn(tout0,tout1,out,l+8);
+			xor0=t0;
+			xor1=t1;
+			}
+
+		iv = &(*ivec)[0];
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	tin[0]=tin[1]=0;
+	}
+
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+#endif /* DES_DEFAULT_OPTIONS */
+

ADDED   Source/ccOpenssl/des_locl.h
Index: Source/ccOpenssl/des_locl.h
==================================================================
--- /dev/null
+++ Source/ccOpenssl/des_locl.h
@@ -0,0 +1,438 @@
+/* crypto/des/des_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <ccOpenssl/e_os2.h>
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+#ifndef OPENSSL_SYS_MSDOS
+#define OPENSSL_SYS_MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+
+/* building in CommonCrypto */
+#define DES_DEFAULT_OPTIONS
+
+#ifndef OPENSSL_SYS_MSDOS
+#if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+#include <math.h>
+#endif
+#endif
+
+#include <ccOpenssl/des.h>
+
+#ifdef OPENSSL_SYS_MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#endif
+
+#if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
+#include <string.h>
+#endif
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE	(1024*16)
+#define BSIZE		(MAXWRITE+4)
+
+#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 5: l2|=((DES_LONG)(*(--(c))));     \
+			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 1: l1|=((DES_LONG)(*(--(c))));     \
+				} \
+			}
+
+#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
+#define	ROTATE(a,n)	(_lrotr(a,n))
+#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#  define ROTATE(a,n)	({ register unsigned int ret;	\
+				asm ("rorl %1,%0"	\
+					: "=r"(ret)	\
+					: "I"(n),"0"((unsigned int)a)	\
+					: "cc");	\
+			   ret;				\
+			})
+# endif
+#endif
+#ifndef ROTATE
+#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	t=R^(R>>16L); \
+	u=t&E0; t&=E1; \
+	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+	u=R^s[S  ]; \
+	t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the architecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together.  This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	u>>=16L; \
+	LL^= *(const DES_LONG *)(des_SP      +u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+	u3=(int)(u>>8L); \
+	u1=(int)u&0xfc; \
+	u3&=0xfc; \
+	LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	t>>=16L; \
+	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+	u3=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u3&=0xfc; \
+	LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0xfc; \
+	u2&=0xfc; \
+	t=ROTATE(t,4); \
+	LL^= *(const DES_LONG *)(des_SP      +u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+	s1=(int)(u>>16L); \
+	s2=(int)(u>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
+	LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
+	u2=(int)t>>8L; \
+	u1=(int)t&0xfc; \
+	u2&=0xfc; \
+	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+	s1=(int)(t>>16L); \
+	s2=(int)(t>>24L); \
+	s1&=0xfc; \
+	s2&=0xfc; \
+	LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
+	LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^= \
+	*(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
+	*(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,u3; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	u>>=16L; \
+	LL^=DES_SPtrans[0][u1]; \
+	LL^=DES_SPtrans[2][u2]; \
+	u3=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u3&=0x3f; \
+	LL^=DES_SPtrans[4][u1]; \
+	LL^=DES_SPtrans[6][u3]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	t>>=16L; \
+	LL^=DES_SPtrans[1][u1]; \
+	LL^=DES_SPtrans[3][u2]; \
+	u3=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u3&=0x3f; \
+	LL^=DES_SPtrans[5][u1]; \
+	LL^=DES_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+	unsigned int u1,u2,s1,s2; \
+	LOAD_DATA(R,S,u,t,E0,E1,u1); \
+	u>>=2L; \
+	t=ROTATE(t,6); \
+	u2=(int)u>>8L; \
+	u1=(int)u&0x3f; \
+	u2&=0x3f; \
+	LL^=DES_SPtrans[0][u1]; \
+	LL^=DES_SPtrans[2][u2]; \
+	s1=(int)u>>16L; \
+	s2=(int)u>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=DES_SPtrans[4][s1]; \
+	LL^=DES_SPtrans[6][s2]; \
+	u2=(int)t>>8L; \
+	u1=(int)t&0x3f; \
+	u2&=0x3f; \
+	LL^=DES_SPtrans[1][u1]; \
+	LL^=DES_SPtrans[3][u2]; \
+	s1=(int)t>>16; \
+	s2=(int)t>>24L; \
+	s1&=0x3f; \
+	s2&=0x3f; \
+	LL^=DES_SPtrans[5][s1]; \
+	LL^=DES_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+	t=ROTATE(t,4); \
+	LL^=\
+		DES_SPtrans[0][(u>> 2L)&0x3f]^ \
+		DES_SPtrans[2][(u>>10L)&0x3f]^ \
+		DES_SPtrans[4][(u>>18L)&0x3f]^ \
+		DES_SPtrans[6][(u>>26L)&0x3f]^ \
+		DES_SPtrans[1][(t>> 2L)&0x3f]^ \
+		DES_SPtrans[3][(t>>10L)&0x3f]^ \
+		DES_SPtrans[5][(t>>18L)&0x3f]^ \
+		DES_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+	/* IP and FP
+	 * The problem is more of a geometric problem that random bit fiddling.
+	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+	The output has been subject to swaps of the form
+	0 1 -> 3 1 but the odd and even bits have been put into
+	2 3    2 0
+	different words.  The main trick is to remember that
+	t=((l>>size)^r)&(mask);
+	r^=t;
+	l^=(t<<size);
+	can be used to swap and move bits between words.
+
+	So l =  0  1  2  3  r = 16 17 18 19
+	        4  5  6  7      20 21 22 23
+	        8  9 10 11      24 25 26 27
+	       12 13 14 15      28 29 30 31
+	becomes (for size == 2 and mask == 0x3333)
+	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+		10^24 11^25 -- --        8  9 24 25      10 11 24 25
+		14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+	Thanks for hints from Richard Outerbridge - he told me IP&FP
+	could be done in 15 xor, 10 shifts and 5 ands.
+	When I finally started to think of the problem in 2D
+	I first got ~42 operations without xors.  When I remembered
+	how to use xors :-) I got it to its final state.
+	*/
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+	(b)^=(t),\
+	(a)^=((t)<<(n)))
+
+#define IP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+	PERM_OP(l,r,tt,16,0x0000ffffL); \
+	PERM_OP(r,l,tt, 2,0x33333333L); \
+	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+	PERM_OP(r,l,tt, 1,0x55555555L); \
+	}
+
+#define FP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(l,r,tt, 1,0x55555555L); \
+	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+	PERM_OP(l,r,tt, 2,0x33333333L); \
+	PERM_OP(r,l,tt,16,0x0000ffffL); \
+	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+	}
+
+#ifdef	_APPLE_COMMON_CRYPTO_
+/* avoid symbol collision with libSystem & libcrypto */
+#define DES_SPtrans CC_DES_SPtrans
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+OPENSSL_EXTERN const DES_LONG DES_SPtrans[8][64];
+
+void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
+		 DES_LONG Eswap0, DES_LONG Eswap1);
+#endif

ADDED   Source/ccOpenssl/e_os2.h
Index: Source/ccOpenssl/e_os2.h
==================================================================
--- /dev/null
+++ Source/ccOpenssl/e_os2.h
@@ -0,0 +1,272 @@
+/* e_os2.h */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#ifndef HEADER_E_OS2_H
+#define HEADER_E_OS2_H
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#include <ccOpenssl/opensslconf.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/******************************************************************************
+ * Detect operating systems.  This probably needs completing.
+ * The result is that at least one OPENSSL_SYS_os macro should be defined.
+ * However, if none is defined, Unix is assumed.
+ **/
+
+#define OPENSSL_SYS_UNIX
+
+/* ----------------------- Macintosh, before MacOS X ----------------------- */
+#if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_MACINTOSH_CLASSIC
+#endif
+
+/* ---------------------- Microsoft operating systems ---------------------- */
+
+/* The 16 bit environments are pretty straightforward */
+#if defined(OPENSSL_SYSNAME_WIN16) || defined(OPENSSL_SYSNAME_MSDOS)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_MSDOS
+#endif
+#if defined(OPENSSL_SYSNAME_WIN16)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN16
+#endif
+
+/* For 32 bit environment, there seems to be the CygWin environment and then
+   all the others that try to do the same thing Microsoft does... */
+#if defined(OPENSSL_SYSNAME_UWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_UWIN
+#else
+# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_WIN32_CYGWIN
+# else
+#  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
+#   undef OPENSSL_SYS_UNIX
+#   define OPENSSL_SYS_WIN32
+#  endif
+#  if defined(OPENSSL_SYSNAME_WINNT)
+#   undef OPENSSL_SYS_UNIX
+#   define OPENSSL_SYS_WINNT
+#  endif
+#  if defined(OPENSSL_SYSNAME_WINCE)
+#   undef OPENSSL_SYS_UNIX
+#   define OPENSSL_SYS_WINCE
+#  endif
+# endif
+#endif
+
+/* Anything that tries to look like Microsoft is "Windows" */
+#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_SYS_MSDOS
+#  define OPENSSL_SYS_MSDOS
+# endif
+#endif
+
+/* DLL settings.  This part is a bit tough, because it's up to the application
+   implementor how he or she will link the application, so it requires some
+   macro to be used. */
+#ifdef OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_OPT_WINDLL
+#  if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
+                          DLL linkage should be used */
+#   define OPENSSL_OPT_WINDLL
+#  endif
+# endif
+#endif
+
+/* -------------------------------- OpenVMS -------------------------------- */
+#if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_VMS
+# if defined(__DECC)
+#  define OPENSSL_SYS_VMS_DECC
+# elif defined(__DECCXX)
+#  define OPENSSL_SYS_VMS_DECC
+#  define OPENSSL_SYS_VMS_DECCXX
+# else
+#  define OPENSSL_SYS_VMS_NODECC
+# endif
+#endif
+
+/* --------------------------------- OS/2 ---------------------------------- */
+#if defined(__EMX__) || defined(__OS2__)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_OS2
+#endif
+
+/* --------------------------------- Unix ---------------------------------- */
+#ifdef OPENSSL_SYS_UNIX
+# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
+#  define OPENSSL_SYS_LINUX
+# endif
+# ifdef OPENSSL_SYSNAME_MPE
+#  define OPENSSL_SYS_MPE
+# endif
+# ifdef OPENSSL_SYSNAME_SNI
+#  define OPENSSL_SYS_SNI
+# endif
+# ifdef OPENSSL_SYSNAME_ULTRASPARC
+#  define OPENSSL_SYS_ULTRASPARC
+# endif
+# ifdef OPENSSL_SYSNAME_NEWS4
+#  define OPENSSL_SYS_NEWS4
+# endif
+# ifdef OPENSSL_SYSNAME_MACOSX
+#  define OPENSSL_SYS_MACOSX
+# endif
+# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
+#  define OPENSSL_SYS_MACOSX_RHAPSODY
+#  define OPENSSL_SYS_MACOSX
+# endif
+# ifdef OPENSSL_SYSNAME_SUNOS
+#  define OPENSSL_SYS_SUNOS
+#endif
+# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
+#  define OPENSSL_SYS_CRAY
+# endif
+# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
+#  define OPENSSL_SYS_AIX
+# endif
+#endif
+
+/* ------------------------------- VxWorks --------------------------------- */
+#ifdef OPENSSL_SYSNAME_VXWORKS
+# define OPENSSL_SYS_VXWORKS
+#endif
+
+/**
+ * That's it for OS-specific stuff
+ *****************************************************************************/
+
+
+/* Specials for I/O an exit */
+#ifdef OPENSSL_SYS_MSDOS
+# define OPENSSL_UNISTD_IO <io.h>
+# define OPENSSL_DECLARE_EXIT extern void exit(int);
+#else
+# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
+# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
+#endif
+
+/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
+   certain global symbols that, with some compilers under VMS, have to be
+   defined and declared explicitely with globaldef and globalref.
+   Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
+   DLL exports and imports for compilers under Win32.  These are a little
+   more complicated to use.  Basically, for any library that exports some
+   global variables, the following code must be present in the header file
+   that declares them, before OPENSSL_EXTERN is used:
+
+   #ifdef SOME_BUILD_FLAG_MACRO
+   # undef OPENSSL_EXTERN
+   # define OPENSSL_EXTERN OPENSSL_EXPORT
+   #endif
+
+   The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
+   have some generally sensible values, and for OPENSSL_EXTERN to have the
+   value OPENSSL_IMPORT.
+*/
+
+#if defined(OPENSSL_SYS_VMS_NODECC)
+# define OPENSSL_EXPORT globalref
+# define OPENSSL_IMPORT globalref
+# define OPENSSL_GLOBAL globaldef
+#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
+# define OPENSSL_EXPORT extern _declspec(dllexport)
+# define OPENSSL_IMPORT extern _declspec(dllimport)
+# define OPENSSL_GLOBAL
+#else
+# define OPENSSL_EXPORT extern
+# define OPENSSL_IMPORT extern
+# define OPENSSL_GLOBAL
+#endif
+#define OPENSSL_EXTERN OPENSSL_IMPORT
+
+/* Macros to allow global variables to be reached through function calls when
+   required (if a shared library version requvres it, for example.
+   The way it's done allows definitions like this:
+
+	// in foobar.c
+	OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
+	// in foobar.h
+	OPENSSL_DECLARE_GLOBAL(int,foobar);
+	#define foobar OPENSSL_GLOBAL_REF(foobar)
+*/
+#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name) static type _hide_##name; \
+        type *_shadow_##name(void) { return &_hide_##name; } \
+        static type _hide_##name
+# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
+# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
+#else
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
+# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
+# define OPENSSL_GLOBAL_REF(name) _shadow_##name
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+#endif

ADDED   Source/ccOpenssl/opensslDES.c
Index: Source/ccOpenssl/opensslDES.c
==================================================================
--- /dev/null
+++ Source/ccOpenssl/opensslDES.c
@@ -0,0 +1,168 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 
+ * This is pared-down version of openssl's des_enc.c, shorn of 
+ * everything except the bare-bones single-block encrypt/decrypt
+ * routine DES_encrypt1(). Plus it has the shim code needed to
+ * use this function in CommonEncryption. 
+ */
+ 
+#include <CommonCrypto/opensslDES.h>
+#include <ccOpenssl/des_locl.h>
+#include <strings.h>
+#include "spr.h"
+
+/* CommonCrypto shim */
+
+int osDesSetkey(DES_key_schedule *dinst, char *key, size_t keyLength,
+	int forEencrypt)
+{
+	DES_cblock cblock;
+	memmove(&cblock, key, 8);
+	DES_set_key_unchecked(&cblock, dinst);
+	return 0;
+}
+
+void osDesEncrypt(DES_key_schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output)
+{
+	/* copied from openssl's DES_ecb_encrypt() */
+	register DES_LONG l;
+	DES_LONG ll[2];
+	const unsigned char *in = &(*input)[0];
+	unsigned char *out = &(*output)[0];
+
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	DES_encrypt1(ll,ks,1);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+}
+
+void osDesDecrypt(DES_key_schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output)
+{
+	/* copied from openssl's DES_ecb_encrypt() */
+	register DES_LONG l;
+	DES_LONG ll[2];
+	const unsigned char *in = &(*input)[0];
+	unsigned char *out = &(*output)[0];
+
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	DES_encrypt1(ll,ks,0);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+}
+
+int osDes3Setkey(DES3_Schedule *dinst, char *key, size_t keyLength,
+	int forEencrypt)
+{
+	DES_cblock cblock;
+	memmove(&cblock, key, 8);
+	DES_set_key_unchecked(&cblock, &dinst->ks[0]);
+	memmove(&cblock, key+8, 8);
+	DES_set_key_unchecked(&cblock, &dinst->ks[1]);
+	memmove(&cblock, key+16, 8);
+	DES_set_key_unchecked(&cblock, &dinst->ks[2]);
+	return 0;
+
+}
+
+void osDes3Encrypt(DES3_Schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output)
+{
+	register DES_LONG l;
+	DES_LONG ll[2];
+	const unsigned char *in = &(*input)[0];
+	unsigned char *out = &(*output)[0];
+
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	DES_encrypt1(ll,&ks->ks[0],1);
+	DES_encrypt1(ll,&ks->ks[1],0);
+	DES_encrypt1(ll,&ks->ks[2],1);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+}
+
+void osDes3Decrypt(DES3_Schedule *ks, 
+	const_DES_cblock *input, 
+	DES_cblock *output)
+{
+	register DES_LONG l;
+	DES_LONG ll[2];
+	const unsigned char *in = &(*input)[0];
+	unsigned char *out = &(*output)[0];
+
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	DES_encrypt1(ll,&ks->ks[2],0);
+	DES_encrypt1(ll,&ks->ks[1],1);
+	DES_encrypt1(ll,&ks->ks[0],0);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+}

ADDED   Source/ccOpenssl/opensslconf.h
Index: Source/ccOpenssl/opensslconf.h
==================================================================
--- /dev/null
+++ Source/ccOpenssl/opensslconf.h
@@ -0,0 +1,118 @@
+/* MacOS/opensslconf.h */
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define OPENSSLDIR "/usr/local/ssl"
+#endif
+#endif
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned char
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#define RC4_CHUNK unsigned long
+#endif
+#endif
+
+#if defined(HEADER_DES_H) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#if __option(longlong)
+#  define BN_LLONG
+#else
+#  undef BN_LLONG
+#endif
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#define BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#define DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+#endif /* HEADER_DES_LOCL_H */
+
+#ifndef __POWERPC__
+#define MD32_XARRAY
+#endif

ADDED   Source/ccOpenssl/set_key.c
Index: Source/ccOpenssl/set_key.c
==================================================================
--- /dev/null
+++ Source/ccOpenssl/set_key.c
@@ -0,0 +1,417 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include <ccOpenssl/des_locl.h>
+
+// OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key) = 0;	/* defaults to false */
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+
+static const unsigned char odd_parity[256]={
+  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
+
+void DES_set_odd_parity(DES_cblock *key)
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		(*key)[i]=odd_parity[(*key)[i]];
+	}
+
+int DES_check_key_parity(const_DES_cblock *key)
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		{
+		if ((*key)[i] != odd_parity[(*key)[i]])
+			return(0);
+		}
+	return(1);
+	}
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY	16
+static DES_cblock weak_keys[NUM_WEAK_KEY]={
+	/* weak keys */
+	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+	{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
+	/* semi-weak keys */
+	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int DES_is_weak_key(const_DES_cblock *key)
+	{
+	int i;
+
+	for (i=0; i<NUM_WEAK_KEY; i++)
+		/* Added == 0 to comparison, I obviously don't run
+		 * this section very often :-(, thanks to
+		 * engineering@MorningStar.Com for the fix
+		 * eay 93/06/29
+		 * Another problem, I was comparing only the first 4
+		 * bytes, 97/03/18 */
+		if (memcmp(weak_keys[i],key,sizeof(DES_cblock)) == 0) return(1);
+	return(0);
+	}
+
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros. 
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * 	(b)^=(t),\
+ * 	(a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+	(a)=(a)^(t)^(t>>(16-(n))))
+
+static const DES_LONG des_skb[8][64]={
+	{
+	/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+	0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+	0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+	0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+	0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+	0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+	0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+	0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+	0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+	0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+	0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+	0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+	0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+	0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+	0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+	0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+	0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+	},{
+	/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+	0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+	0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+	0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+	0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+	0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+	0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+	0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+	0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+	0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+	0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+	0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+	0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+	0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+	0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+	0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+	0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+	},{
+	/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+	0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+	0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+	0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+	0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+	0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+	0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+	0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+	0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+	0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+	0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+	0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+	0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+	0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+	0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+	0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+	0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+	},{
+	/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+	0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+	0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+	0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+	0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+	0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+	0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+	0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+	0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+	0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+	0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+	0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+	0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+	0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+	0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+	0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+	0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+	},{
+	/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+	0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+	0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+	0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+	0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+	0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+	0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+	0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+	0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+	0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+	0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+	0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+	0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+	0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+	0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+	0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+	0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+	},{
+	/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+	0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+	0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+	0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+	0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+	0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+	0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+	0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+	0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+	0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+	0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+	0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+	0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+	0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+	0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+	0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+	0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+	},{
+	/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+	0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+	0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+	0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+	0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+	0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+	0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+	0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+	0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+	0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+	0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+	0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+	0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+	0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+	0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+	0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+	0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+	},{
+	/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+	0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+	0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+	0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+	0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+	0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+	0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+	0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+	0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+	0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+	0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+	0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+	0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+	0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+	0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+	0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+	0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+	}};
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
+	{
+	if (DES_check_key)
+		{
+		return DES_set_key_checked(key, schedule);
+		}
+	else
+		{
+		DES_set_key_unchecked(key, schedule);
+		return 0;
+		}
+	}
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
+	{
+	if (!DES_check_key_parity(key))
+		return(-1);
+	if (DES_is_weak_key(key))
+		return(-2);
+	DES_set_key_unchecked(key, schedule);
+	return 0;
+	}
+
+#endif	/* APPLE_COMMON_CRYPTO */
+
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+	{
+	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+	register DES_LONG c,d,t,s,t2;
+	register const unsigned char *in;
+	register DES_LONG *k;
+	register int i;
+
+#ifdef OPENBSD_DEV_CRYPTO
+	memcpy(schedule->key,key,sizeof schedule->key);
+	schedule->session=NULL;
+#endif
+	k = &schedule->ks->deslong[0];
+	in = &(*key)[0];
+
+	c2l(in,c);
+	c2l(in,d);
+
+	/* do PC1 in 47 simple operations :-)
+	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+	 * for the inspiration. :-) */
+	PERM_OP (d,c,t,4,0x0f0f0f0fL);
+	HPERM_OP(c,t,-2,0xcccc0000L);
+	HPERM_OP(d,t,-2,0xcccc0000L);
+	PERM_OP (d,c,t,1,0x55555555L);
+	PERM_OP (c,d,t,8,0x00ff00ffL);
+	PERM_OP (d,c,t,1,0x55555555L);
+	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
+		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+	c&=0x0fffffffL;
+
+	for (i=0; i<ITERATIONS; i++)
+		{
+		if (shifts2[i])
+			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+		else
+			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+		c&=0x0fffffffL;
+		d&=0x0fffffffL;
+		/* could be a few less shifts but I am to lazy at this
+		 * point in time to investigate */
+		s=	des_skb[0][ (c    )&0x3f                ]|
+			des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
+			des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
+			des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
+						  ((c>>22L)&0x38)];
+		t=	des_skb[4][ (d    )&0x3f                ]|
+			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+			des_skb[6][ (d>>15L)&0x3f                ]|
+			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+		/* table contained 0213 4657 */
+		t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+		*(k++)=ROTATE(t2,30)&0xffffffffL;
+
+		t2=((s>>16L)|(t&0xffff0000L));
+		*(k++)=ROTATE(t2,26)&0xffffffffL;
+		}
+	}
+
+#ifndef	_APPLE_COMMON_CRYPTO_
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
+	{
+	return(DES_set_key(key,schedule));
+	}
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+/*
+#undef des_fixup_key_parity
+void des_fixup_key_parity(des_cblock *key)
+	{
+	des_set_odd_parity(key);
+	}
+*/

ADDED   Source/ccOpenssl/spr.h
Index: Source/ccOpenssl/spr.h
==================================================================
--- /dev/null
+++ Source/ccOpenssl/spr.h
@@ -0,0 +1,210 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <CommonCrypto/CommonCryptoPriv.h>
+#ifdef	_APPLE_COMMON_CRYPTO_
+/* avoid symbol collision with libSystem & libcrypto */
+#define DES_SPtrans CC_DES_SPtrans
+#endif	/* _APPLE_COMMON_CRYPTO_ */
+
+const DES_LONG DES_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+},{
+/* nibble 1 */
+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+},{
+/* nibble 2 */
+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+},{
+/* nibble 3 */
+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+},{
+/* nibble 4 */
+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+},{
+/* nibble 5 */
+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+},{
+/* nibble 6 */
+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+},{
+/* nibble 7 */
+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+}};

ADDED   doc/CCCrypt.3cc
Index: doc/CCCrypt.3cc
==================================================================
--- /dev/null
+++ doc/CCCrypt.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptor.3cc
Index: doc/CCCryptor.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptor.3cc
@@ -0,0 +1,228 @@
+.Dd March 22, 2007
+.Dt CCCryptor 3cc
+.Os
+.Sh NAME
+.Nm CCCryptorCreate ,
+.Nm CCryptorCreateFromData ,
+.Nm CCCryptorRelease ,
+.Nm CCCryptorUpdate ,
+.Nm CCCryptorFinal ,
+.Nm CCCryptorGetOutputLength ,
+.Nm CCCryptorReset ,
+.Nm CCCrypt
+.Nd Common Cryptographic Algorithm Interfaces
+.Sh LIBRARY
+These functions are found in libSystem.
+.Sh SYNOPSIS
+.In CommonCrypto/CommonCryptor.h
+.Ft CCCryptorStatus
+.Fn CCCryptorCreate "CCOperation op" "CCAlgorithm alg" "CCOptions options" \
+"const void *key" "size_t keyLength" "const void *iv" "CCCryptorRef *cryptorRef"
+.Ft CCCryptorStatus
+.Fn CCCryptorCreateFromData "CCOperation op" "CCAlgorithm alg" "CCOptions options" \
+"const void *key" "size_t keyLength" "const void *iv" "const void *data" \
+"size_t dataLength" "CCCryptorRef *cryptorRef" "size_t *dataUsed"
+.Ft CCCryptorStatus
+.Fn CCCryptorRelease "CCCryptorRef cryptorRef"
+.Ft CCCryptorStatus
+.Fn CCCryptorUpdate "CCCryptorRef cryptorRef" "const void *dataIn" \
+"size_t dataInLength" "void *dataOut" "size_t dataOutAvailable" "size_t *dataOutMoved"
+.Ft CCCryptorStatus
+.Fn CCCryptorFinal "CCCryptorRef cryptorRef" "void *dataOut" \
+"size_t dataOutAvailable" "size_t *dataOutMoved"
+.Ft size_t
+.Fn CCCryptorGetOutputLength "CCCryptorRef cryptorRef" "size_t inputLength" "bool final"
+.Ft CCCryptorStatus
+.Fn CCCryptorReset "CCCryptorRef cryptorRef" "const void *iv"
+.Ft CCCryptorStatus
+.Fn CCCrypt "CCOperation op" "CCAlgorithm alg" "CCOptions options" "const void *key" \
+"size_t keyLength" "const void *iv" "const void *dataIn" "size_t dataInLength" \
+"void *dataOut" "size_t dataOutAvailable" "size_t *dataOutMoved"
+.Sh DESCRIPTION
+This interface provides access to a number of symmetric encryption
+algorithms. Symmetric encryption algorithms come in two "flavors" -
+block ciphers, and stream ciphers. Block ciphers process data
+(while both encrypting and decrypting) in discrete chunks of
+data called blocks; stream ciphers operate on arbitrary sized
+data.
+.Pp
+The object declared in this interface, CCCryptor, provides
+access to both block ciphers and stream ciphers with the same
+API; however some options are available for block ciphers that
+do not apply to stream ciphers.
+.Pp
+The general operation of a CCCryptor is: initialize it
+with raw key data and other optional fields with CCCryptorCreate();
+process input data via one or more calls to CCCryptorUpdate(),
+each of which may result in output data being written to
+caller-supplied memory; and obtain possible remaining output data
+with CCCryptorFinal(). The CCCryptor is disposed of via
+CCCryptorRelease(), or it can be reused (with the same key data
+as provided to CCCryptorCreate()) by calling CCCryptorReset().
+.Pp
+CCCryptors can be dynamically allocated by this module, or
+their memory can be allocated by the caller.
+.Pp
+One option for block ciphers is padding, as defined in PKCS7;
+when padding is enabled, the total amount of data encrypted
+does not have to be an even multiple of the block size, and
+the actual length of plaintext is calculated during decryption.
+.Pp
+Another option for block ciphers is Cipher Block Chaining, known
+as CBC mode. When using CBC mode, an Initialization Vector (IV)
+is provided along with the key when starting an encrypt
+or decrypt operation. If CBC mode is selected and no IV is
+provided, an IV of all zeroes will be used.
+.Pp
+CCCryptor also implements block bufferring, so that individual
+calls to CCCryptorUpdate() do not have to provide data whose length
+is aligned to the block size. (If padding is disabled, encrypting
+with block ciphers does require that the *total* length of data
+input to CCCryptorUpdate() call(s) be aligned to the block size.)
+.Pp
+A given CCCryptor can only be used by one thread at a time;
+multiple threads can use safely different CCCryptors at the
+same time. 
+.Pp
+.Ft CCCryptorRef
+objects created with
+.Fn CCCryptorCreate
+or
+.Fn CCCryptorCreateFromData
+*may* be disposed of
+via
+.Fn CCCRyptorRelease
+; that call is not strictly necessary, but
+if it's not performed, good security practice dictates that the
+caller should zero the memory provided to create the
+.Ft CCCryptorRef
+when the caller is finished using the
+.Ft CCCryptorRef.
+.Pp
+.Fn CCCryptorUpdate
+is used to encrypt or decrypt data.  This routine can be called multiple times. The caller does
+not need to align input data lengths to block sizes; input is
+bufferred as necessary for block ciphers.
+.Pp
+When performing symmetric encryption with block ciphers,
+and padding is enabled via
+.Ft kCCOptionPKCS7Padding,
+the total
+number of bytes provided by all the calls to this function
+when encrypting can be arbitrary (i.e., the total number
+of bytes does not have to be block aligned). However if
+padding is disabled, or when decrypting, the total number
+of bytes does have to be aligned to the block size; otherwise
+.Fn CCCryptFinal
+will return
+.Ft kCCAlignmentError.
+.Pp
+A general rule for the size of the output buffer which must be
+provided by the caller is that for block ciphers, the output
+length is never larger than the input length plus the block size.
+For stream ciphers, the output length is always exactly the same
+as the input length. See the discussion for
+.Fn CCCryptorGetOutputLength
+for more information on this topic.
+.Pp
+.Fn CCCryptFinal
+finishes encryption and decryption operations and obtains the final data output.
+Except when
+.Ft kCCBufferTooSmall
+is returned, the
+.Ft CCCryptorRef
+can no longer be used for subsequent operations unless
+.Fn CCCryptorReset
+is called on it.
+.Pp
+It is not necessary to call
+.Fn CCCryptorFinal
+when performing
+symmetric encryption or decryption if padding is disabled, or
+when using a stream cipher.
+.Pp
+It is not necessary to call
+.Fn CCCryptorFinal
+prior to
+.Fn CCCryptorRelease
+when aborting an operation.
+.Pp
+Use
+.Fn CCCryptorGetOutputLength
+to determine output buffer size required to process a given input size.
+Some general rules apply that allow clients of this module to
+know a priori how much output buffer space will be required
+in a given situation. For stream ciphers, the output size is
+always equal to the input size, and
+.Fn CCCryptorFinal
+never
+produces any data. For block ciphers, the output size will
+always be less than or equal to the input size plus the size
+of one block. For block ciphers, if the input size provided
+to each call to
+.Fn CCCryptorUpdate
+is is an integral multiple
+of the block size, then the output size for each call to
+.Fn CCCryptorUpdate
+is less than or equal to the input size
+for that call to
+.Fn CCCryptorUpdate .
+.Fn CCCryptorFinal
+only produces output when using a block cipher with padding enabled.
+.Pp
+.Fn CCCryptorReset
+reinitializes an existing
+.Ft CCCryptorRef
+with a (possibly) new initialization vector. The key contained in the
+.Ft CCCryptorRef
+is unchanged. This function is not implemented for stream ciphers.  This can be called on a CCCryptorRef with data pending (i.e.
+in a padded mode operation before 
+.Fn CCCryptFinal
+is called); however any pending data will be lost in that case.
+.Pp
+.Fn CCCrypt
+is a stateless, one-shot encrypt or decrypt operation.
+This basically performs a sequence of
+.Fn CCCrytorCreate ,
+.Fn CCCryptorUpdate ,
+.Fn CCCryptorFinal ,
+and
+.Fn CCCryptorRelease .
+.Sh RETURN VALUES
+The following values may be returned as a status of type
+.Ft CCCryptorStatus .
+.Pp
+.Er kCCSuccess
+- Operation completed normally.
+.Pp
+.Er kCCParamError
+- Illegal parameter value.
+.Pp
+.Er kCCBufferTooSmall
+- Insufficent buffer provided for specified operation.
+.Pp
+.Er kCCMemoryFailure
+- Memory allocation failure.
+.Pp
+.Er kCCAlignmentError
+- Input size was not aligned properly.
+.Pp
+.Er kCCDecodeError
+- Input data did not decode or decrypt properly.
+.Pp
+.Er kCCUnimplemented
+- Function not implemented for the current algorithm.
+.Sh SEE ALSO
+.Xr CCHmac 3cc ,
+.Xr CC_MD5 3cc ,
+.Xr CC_SHA 3cc ,
+.Xr CC_crypto 3cc
+.Sh STANDARDS
+.Bl -tag
+.It AES:
+Federal Information Processing Standard \s-1FIPS\s0 \s-1PUB\s0 197 (Advanced Encryption Standard),
+.It DES:
+Federal Information Processing Standard \s-1FIPS\s0 \s-1PUB\s0 46\-3 (Data Encryption Standard)
+.It 3DES:
+NIST Special Publication\s-1PUB\s0 800\-67 (Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher)
+.El

ADDED   doc/CCCryptorCreate.3cc
Index: doc/CCCryptorCreate.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorCreate.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptorFinal.3cc
Index: doc/CCCryptorFinal.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorFinal.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptorGetOutputLength.3cc
Index: doc/CCCryptorGetOutputLength.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorGetOutputLength.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptorRelease.3cc
Index: doc/CCCryptorRelease.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorRelease.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptorReset.3cc
Index: doc/CCCryptorReset.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorReset.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCCryptorUpdate.3cc
Index: doc/CCCryptorUpdate.3cc
==================================================================
--- /dev/null
+++ doc/CCCryptorUpdate.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/CCHmac.3cc
Index: doc/CCHmac.3cc
==================================================================
--- /dev/null
+++ doc/CCHmac.3cc
@@ -0,0 +1,53 @@
+.Dd March 22, 2007
+.Dt CCHMAC 3
+.Os
+.Sh NAME
+.Nm CCHmacInit ,
+.Nm CCHmacUpdate ,
+.Nm CCHmacFinal ,
+.Nm CCHmac
+.Nd Common HMAC Algorithm Interfaces
+.Sh LIBRARY
+These functions are found in libSystem.
+.Sh SYNOPSIS
+.In CommonCrypto/CommonHMAC.h
+.Ft void
+.Fn CCHmacInit "CCHmacContext *ctx" "CCHmacAlgorithm algorithm" "const void *key" "size_t keyLength"
+.Ft void
+.Fn CCHmacUpdate "CCHmacContext *ctx" "const void *data" "size_t dataLength"
+.Ft void
+.Fn CCHmacFinal "CCHmacContext *ctx" "void *macOut"
+.Ft void
+.Fn CCHmac "CCHmacAlgorithm algorithm" "const void *key" "size_t keyLength" "const void *data" "size_t dataLength" "void *macOut"
+.Sh DESCRIPTION
+This interface provides access to a number of HMAC
+algorithms. The following algorithms are available:
+.Bl -tag -width "kCCHmacAlgSHA224"
+.It kCCHmacAlgSHA1
+- HMAC with SHA1 digest
+.It kCCHmacAlgMD5
+- HMAC with MD5 digest
+.It kCCHmacAlgSHA256
+- HMAC with SHA256 digest
+.It kCCHmacAlgSHA384
+- HMAC with SHA384 digest
+.It kCCHmacAlgSHA224
+- HMAC with SHA224 digest
+.It kCCHmacAlgSHA512
+- HMAC with SHA512 digest
+.El
+.Pp
+The object declared in this interface, CCHmacContext, provides
+a handle for use with the
+.Fn CCHmacInit
+.Fn CCHmacUpdate
+and
+.Fn CCHmacFinal
+calls to complete the HMAC operation.  In addition there is a one shot function,
+.Fn CCHmac
+that performs a complete HMAC on a single piece of data.
+.Sh SEE ALSO
+.Xr CC_MD5 3cc ,
+.Xr CC_SHA 3cc ,
+.Xr CC_crypto 3cc ,
+.Xr CCCrypto 3cc

ADDED   doc/CCHmacFinal.3cc
Index: doc/CCHmacFinal.3cc
==================================================================
--- /dev/null
+++ doc/CCHmacFinal.3cc
@@ -0,0 +1,1 @@
+.so man3/CCHmac.3cc

ADDED   doc/CCHmacInit.3cc
Index: doc/CCHmacInit.3cc
==================================================================
--- /dev/null
+++ doc/CCHmacInit.3cc
@@ -0,0 +1,1 @@
+.so man3/CCHmac.3cc

ADDED   doc/CCHmacUpdate.3cc
Index: doc/CCHmacUpdate.3cc
==================================================================
--- /dev/null
+++ doc/CCHmacUpdate.3cc
@@ -0,0 +1,1 @@
+.so man3/CCHmac.3cc

ADDED   doc/CC_MD2.3cc
Index: doc/CC_MD2.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD2.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD2_Final.3cc
Index: doc/CC_MD2_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD2_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD2_Init.3cc
Index: doc/CC_MD2_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD2_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD2_Update.3cc
Index: doc/CC_MD2_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD2_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD4.3cc
Index: doc/CC_MD4.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD4.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD4_Final.3cc
Index: doc/CC_MD4_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD4_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD4_Init.3cc
Index: doc/CC_MD4_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD4_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD4_Update.3cc
Index: doc/CC_MD4_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD4_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD5.3cc
Index: doc/CC_MD5.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD5.3cc
@@ -0,0 +1,107 @@
+.Dd April 5, 2007
+.Dt CC_MD5 3cc
+.Os
+.Sh NAME
+.Nm CC_MD2_Init
+.Nm CC_MD2_Update
+.Nm CC_MD2_Final
+.Nm CC_MD2
+.Pp
+.Nm CC_MD4_Init
+.Nm CC_MD4_Update
+.Nm CC_MD4_Final
+.Nm CC_MD4
+.Pp
+.Nm CC_MD5_Init
+.Nm CC_MD5_Update
+.Nm CC_MD5_Final
+.Nm CC_MD5
+.Pp
+.Nd MD2, MD4, and MD5 hash functions
+.Sh SYNOPSIS
+.In CommonCrypto/CommonDigest.h
+.Ft extern int
+.Fn CC_MD2_Init "CC_MD2_CTX *c"
+.Ft extern int
+.Fn CC_MD2_Update "CC_MD2_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_MD2_Final "unsigned char *md" "CC_MD2_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_MD2 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_MD4_Init "CC_MD4_CTX *c"
+.Ft extern int
+.Fn CC_MD4_Update "CC_MD4_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_MD4_Final "unsigned char *md" "CC_MD4_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_MD4 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_MD5_Init "CC_MD5_CTX *c"
+.Ft extern int
+.Fn CC_MD5_Update "CC_MD5_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_MD5_Final "unsigned char *md" "CC_MD5_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_MD5 "const void *data" "CC_LONG len" "unsigned char *md"
+.Sh DESCRIPTION
+The following functions are used to produce an hash from data:
+.Pp
+.Fn CC_MD2_Init
+initializes a 
+.Ft CC_MD2_CTX
+structure.
+.Pp
+.Fn CC_MD2_Update
+can be called repeatedly with chunks of the message to
+be hashed (len bytes at data).
+.Pp
+.Fn CC_MD2_Final
+places the MD2 message digest in md, which must have space
+for 
+.Ft CC_MD2_DIGEST_LENGTH
+== 16 bytes of output, and erases the 
+.Ft CC_MD2_CTX .
+.Pp
+.Fn CC_MD2
+computes the MD2 message digest of the len
+bytes at data and places it in md (which must have space for
+.Ft CC_MD2_DIGEST_LENGTH
+== 16 bytes of output). It returns the md pointer.
+.Pp
+.Fn CC_MD4_Init , 
+.Fn CC_MD4_Update , 
+.Fn CC_MD4_Final , 
+.Fn CC_MD4 , 
+.Fn CC_MD5_Init , 
+.Fn CC_MD5_Update , 
+.Fn CC_MD5_Final ,
+and 
+.Fn CC_MD5
+are analogous using an 
+.Ft CC_MD4_CTX
+and 
+.Ft CC_MD5_CTX
+structure.
+.Sh NOTE
+MD2, MD4, and MD5 are recommended only for compatibility with existing
+applications. In new applications, SHA\-256(or greater) should be
+preferred.
+.Sh RETURN VALUES
+All routines return 1 except for the one-shot routines (
+.Fn CC_MD2
+, etc.), which return the pointer passed in via the md parameter.
+.Sh CONFORMING TO
+RFC 1319, RFC 1320, RFC 1321
+.Sh SEE ALSO
+.Xr CC_crypto 3cc ,
+.Xr CC_SHA 3cc ,
+.Xr CCHmac 3cc ,
+.Xr CCCryptor 3cc
+.Sh HISTORY
+These functions are available in OS X 10.4 and later.
+.Pp
+These functions provide similar functionality to the routines found
+in OpenSSL 0.9.6 and may use the same implementation.

ADDED   doc/CC_MD5_Final.3cc
Index: doc/CC_MD5_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD5_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD5_Init.3cc
Index: doc/CC_MD5_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD5_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_MD5_Update.3cc
Index: doc/CC_MD5_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_MD5_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_MD5.3cc

ADDED   doc/CC_SHA.3cc
Index: doc/CC_SHA.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA.3cc
@@ -0,0 +1,148 @@
+.Dd April 5, 2007
+.Dt CC_SHA 3cc
+.Os
+.Sh NAME
+.Nm CC_SHA1_Init
+.Nm CC_SHA1_Update
+.Nm CC_SHA1_Final
+.Nm CC_SHA1
+.Pp
+.Nm CC_SHA224_Init
+.Nm CC_SHA224_Update
+.Nm CC_SHA224_Final
+.Nm CC_SHA224
+.Pp
+.Nm CC_SHA256_Init
+.Nm CC_SHA256_Update
+.Nm CC_SHA256_Final
+.Nm CC_SHA256
+.Pp
+.Nm CC_SHA384_Init
+.Nm CC_SHA384_Update
+.Nm CC_SHA384_Final
+.Nm CC_SHA384
+.Pp
+.Nm CC_SHA512_Init
+.Nm CC_SHA512_Update
+.Nm CC_SHA512_Final
+.Nm CC_SHA512
+.Pp
+.Nd Secure Hash Algorithms
+.Sh SYNOPSIS
+.In CommonCrypto/CommonDigest.h
+.Pp
+.Ft extern int
+.Fn CC_SHA1_Init "CC_SHA1_CTX *c"
+.Ft extern int
+.Fn CC_SHA1_Update "CC_SHA1_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_SHA1_Final "unsigned char *md" "CC_SHA1_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_SHA1 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_SHA224_Init "CC_SHA224_CTX *c"
+.Ft extern int
+.Fn CC_SHA224_Update "CC_SHA224_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_SHA224_Final "unsigned char *md" "CC_SHA224_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_SHA224 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_SHA256_Init "CC_SHA256_CTX *c"
+.Ft extern int
+.Fn CC_SHA256_Update "CC_SHA256_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_SHA256_Final "unsigned char *md" "CC_SHA256_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_SHA256 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_SHA384_Init "CC_SHA384_CTX *c"
+.Ft extern int
+.Fn CC_SHA384_Update "CC_SHA384_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_SHA384_Final "unsigned char *md" "CC_SHA384_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_SHA384 "const void *data" "CC_LONG len" "unsigned char *md"
+.Pp
+.Ft extern int
+.Fn CC_SHA512_Init "CC_SHA512_CTX *c"
+.Ft extern int
+.Fn CC_SHA512_Update "CC_SHA512_CTX *c" "const void *data" "CC_LONG len"
+.Ft extern int
+.Fn CC_SHA512_Final "unsigned char *md" "CC_SHA512_CTX *c"
+.Ft extern unsigned char *
+.Fn CC_SHA512 "const void *data" "CC_LONG len" "unsigned char *md"
+.Sh DESCRIPTION
+SHA\-1 (Secure Hash Algorithm) is a cryptographic hash function with a
+160 bit output.
+.Pp
+.Fn CC_SHA1
+computes the SHA\-1 message digest of the len
+bytes at data and places it in md (which must have space for
+.Ft CC_SHA1_DIGEST_LENGTH
+== 20 bytes of output). It returns the md pointer.
+.Pp
+.Fn CC_SHA1_Init
+initializes a
+.Ft CC_SHA1_CTX
+structure.
+.Pp
+.Fn CC_SHA1_Update
+can be called repeatedly with chunks of the message to
+be hashed (len bytes at data).
+.Pp
+.Fn CC_SHA1_Final
+places the message digest in md, which must have space
+for
+.Ft CC_SHA1_DIGEST_LENGTH
+== 20 bytes of output, and erases the
+.Ft CC_SHA1_CTX .
+.Pp
+The successor versions of SHA\-1, SHA-2, are also implemented for hash
+bit lengths of 224, 256, 384, and 512.  The functions to call to invoke the larger hash-size
+versions of the algorithms include the hash size as part of the function names:
+.Pp
+.Fn CC_SHA224_Init ,
+.Fn CC_SHA224_Update ,
+.Fn CC_SHA224_Final ,
+.Fn CC_SHA224
+.Pp
+.Fn CC_SHA256_Init ,
+.Fn CC_SHA256_Update ,
+.Fn CC_SHA256_Final ,
+.Fn CC_SHA256
+.Pp
+.Fn CC_SHA384_Init ,
+.Fn CC_SHA384_Update ,
+.Fn CC_SHA384_Final ,
+.Fn CC_SHA384
+.Pp
+.Fn CC_SHA512_Init ,
+.Fn CC_SHA512_Update ,
+.Fn CC_SHA512_Final ,
+.Fn CC_SHA512
+.Sh RETURN VALUES
+All routines return 1 except for the one-shot routines (
+.Fn CC_SHA1 ,
+etc.), which
+return the pointer passed in via the md parameter.
+.Sh CONFORMING TO
+SHA\-1: US Federal Information Processing Standard FIPS PUB 180\-1 (Secure Hash
+Standard),
+ANSI X9.30
+.Pp
+SHA\-2: US Federal Information Processing Standard FIPS PUB 180\-2 (Secure Hash
+Standard)
+.Sh HISTORY
+These functions are available in OS X 10.4 and later.
+.Pp
+These functions provide similar functionality to the routines found in OpenSSL 0.9.6
+and may use the same implementation.
+.Sh SEE ALSO
+.Xr CC_MD5 3cc ,
+.Xr CCCryptor 3cc ,
+.Xr CCHmac 3cc ,
+.Xr CC_crypto 3cc

ADDED   doc/CC_SHA1.3cc
Index: doc/CC_SHA1.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA1.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA1_Final.3cc
Index: doc/CC_SHA1_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA1_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA1_Init.3cc
Index: doc/CC_SHA1_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA1_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA1_Update.3cc
Index: doc/CC_SHA1_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA1_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA224.3cc
Index: doc/CC_SHA224.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA224.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA224_Final.3cc
Index: doc/CC_SHA224_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA224_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA224_Init.3cc
Index: doc/CC_SHA224_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA224_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA224_Update.3cc
Index: doc/CC_SHA224_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA224_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA256.3cc
Index: doc/CC_SHA256.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA256.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA256_Final.3cc
Index: doc/CC_SHA256_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA256_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA256_Init.3cc
Index: doc/CC_SHA256_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA256_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA256_Update.3cc
Index: doc/CC_SHA256_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA256_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA384.3cc
Index: doc/CC_SHA384.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA384.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA384_Final.3cc
Index: doc/CC_SHA384_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA384_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA384_Init.3cc
Index: doc/CC_SHA384_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA384_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA384_Update.3cc
Index: doc/CC_SHA384_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA384_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA512.3cc
Index: doc/CC_SHA512.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA512.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA512_Final.3cc
Index: doc/CC_SHA512_Final.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA512_Final.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA512_Init.3cc
Index: doc/CC_SHA512_Init.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA512_Init.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_SHA512_Update.3cc
Index: doc/CC_SHA512_Update.3cc
==================================================================
--- /dev/null
+++ doc/CC_SHA512_Update.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_SHA.3cc

ADDED   doc/CC_crypto.3cc
Index: doc/CC_crypto.3cc
==================================================================
--- /dev/null
+++ doc/CC_crypto.3cc
@@ -0,0 +1,41 @@
+.Dd April 5, 2007
+.Dt CC_crypto 3cc
+.Os
+.Sh NAME
+.Nm Common Crypto
+.Nd libSystem digest library
+.Sh DESCRIPTION
+The libSystem \fBCommon Crypto\fR library implements a wide range of cryptographic
+algorithms used in various Internet standards. The services provided
+by this library are used by the CDSA implementations of \s-1SSL\s0, \s-1TLS\s0
+and S/MIME.
+.Sh OVERVIEW
+\&\fBlibSystem\fR contains the Common Crypto collection of algorithms. Digest
+and encryption algorithms contained in this library are optimized for speed.
+The algorithms have been collected from various sources and chosen for their
+performance characteristics.  Since libSystem is linked into all executables
+it is preferable for applications to use these functions rather than
+implementing their own versions.
+.Sh NOTES
+To use the digest functions with existing code which uses
+the corresponding openssl functions, #define the symbol 
+COMMON_DIGEST_FOR_OPENSSL in your client code (BEFORE including
+.In CommonCrypto/CommonDigest.h
+).
+.Pp
+You can *NOT* mix and match functions operating on a given data
+type from the two implementations; i.e., if you do a 
+.Fn CC_MD5_Init
+on a 
+.Ft CC_MD5_CTX
+object, do not assume that you can do an openssl-style
+.Fn MD5_Update
+on that same context.
+.Pp
+The interfaces to the encryption and HMAC algorithms have a calling interface
+that is different from that provided by OpenSSL.
+.Sh SEE ALSO
+.Xr CC_MD5 3cc ,
+.Xr CC_SHA 3cc ,
+.Xr CCHmac 3cc ,
+.Xr CCCryptor 3cc

ADDED   doc/CCryptorCreateFromData.3cc
Index: doc/CCryptorCreateFromData.3cc
==================================================================
--- /dev/null
+++ doc/CCryptorCreateFromData.3cc
@@ -0,0 +1,1 @@
+.so man3/CCCryptor.3cc

ADDED   doc/Common Crypto.3cc
Index: doc/Common Crypto.3cc
==================================================================
--- /dev/null
+++ doc/Common Crypto.3cc
@@ -0,0 +1,1 @@
+.so man3/CC_crypto.3cc

ADDED   doc/CommonCrypto.plist
Index: doc/CommonCrypto.plist
==================================================================
--- /dev/null
+++ doc/CommonCrypto.plist
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+	<dict>
+		<key>OpenSourceLicense</key>
+		<string>Eric Young</string>
+		<key>OpenSourceLicenseFile</key>
+		<string>CommonCrypto.txt</string>
+		<key>OpenSourceModifications</key>
+		<string>Extensive customization for OS X</string>
+		<key>OpenSourceProject</key>
+		<string>openssl</string>
+		<key>OpenSourceURL</key>
+		<string>http://www.openssl.org/source/openssl-0.9.6.tar.gz</string>
+		<key>OpenSourceVersion</key>
+		<string>openssl-0.9.6</string>
+		<key>OpenSourceWebsiteURL</key>
+		<string>http://www.openssl.org/</string>
+	</dict>
+	<dict>
+		<key>OpenSourceImportDate</key>
+		<string>2004-04-07</string>
+		<key>OpenSourceLicense</key>
+		<string>Brian Gladman</string>
+		<key>OpenSourceLicenseFile</key>
+		<string>CommonCrypto.txt</string>
+		<key>OpenSourceModifications</key>
+		<string>Customization for OS X</string>
+		<key>OpenSourceProject</key>
+		<string>Gladman AES</string>
+		<key>OpenSourceURL</key>
+		<string>http://fp.gladman.plus.com/AES/aesfull.zip</string>
+		<key>OpenSourceVersion</key>
+		<string>aes-src-26-08-05</string>
+		<key>OpenSourceWebsiteURL</key>
+		<string>http://fp.gladman.plus.com/AES/index.htm</string>
+	</dict>
+	<dict>
+		<key>OpenSourceImportDate</key>
+		<string>2005-09-02</string>
+		<key>OpenSourceLicense</key>
+		<string>Brian Gladman</string>
+		<key>OpenSourceLicenseFile</key>
+		<string>CommonCrypto.txt</string>
+		<key>OpenSourceModifications</key>
+		<string>Customization for OS X</string>
+		<key>OpenSourceProject</key>
+		<string>Gladman SHA2</string>
+		<key>OpenSourceURL</key>
+		<string>http://fp.gladman.plus.com/cryptography_technology/sha/sha-26-08-05.zip</string>
+		<key>OpenSourceVersion</key>
+		<string>sha-26-08-05</string>
+		<key>OpenSourceWebsiteURL</key>
+		<string>http://fp.gladman.plus.com/cryptography_technology/sha/index.htm</string>
+	</dict>
+</array>
+</plist>

ADDED   doc/CommonCrypto.txt
Index: doc/CommonCrypto.txt
==================================================================
--- /dev/null
+++ doc/CommonCrypto.txt
@@ -0,0 +1,120 @@
+ Original SSLeay License
+ -----------------------
+
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+ ---------------------------------------------------------------------------
+ License for Dr. Brian Gladman's SHA2 implementation
+ ---------------------------------------------------------------------------
+
+ Copyright (c) 2002, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.
+
+ ---------------------------------------------------------------------------
+ License for Dr. Brian Gladman's AES implementation
+ ---------------------------------------------------------------------------
+ Copyright (c) 2003, Dr Brian Gladman, Worcester, UK.   All rights reserved.
+
+ LICENSE TERMS
+
+ The free distribution and use of this software in both source and binary
+ form is allowed (with or without changes) provided that:
+
+   1. distributions of this source code include the above copyright
+      notice, this list of conditions and the following disclaimer;
+
+   2. distributions in binary form include the above copyright
+      notice, this list of conditions and the following disclaimer
+      in the documentation and/or other associated materials;
+
+   3. the copyright holder's name is not used to endorse products
+      built using this software without specific written permission.
+
+ ALTERNATIVELY, provided that this notice is retained in full, this product
+ may be distributed under the terms of the GNU General Public License (GPL),
+ in which case the provisions of the GPL apply INSTEAD OF those given above.
+
+ DISCLAIMER
+
+ This software is provided 'as is' with no explicit or implied warranties
+ in respect of its properties, including, but not limited to, correctness
+ and/or fitness for purpose.