Merge pilot.blaudden:/home/msvensson/mysql/yassl_import/my50-yassl_import

into pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint

Merge pilot.blaudden:/home/msvensson/mysql/yassl_import/my50-yassl_import
into pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint
df82efbd · unknown · 81a701cb · 45f2f764 · df82efbd · df82efbd
Commit df82efbd authored Mar 23, 2007 by unknown
31 changed files
--- a/extra/yassl/README
+++ b/extra/yassl/README
+*****************yaSSL Release notes, version 1.6.0 (2/22/07)
+    This release of yaSSL contains bug fixes, portability enhancements, and
+    better X509 support.
+See normal  build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 *****************yaSSL Release notes, version 1.5.8 (1/10/07)
    This release of yaSSL contains bug fixes, portability enhancements, and

--- a/extra/yassl/include/buffer.hpp
+++ b/extra/yassl/include/buffer.hpp
@@ -49,13 +49,11 @@ const uint AUTO = 0xFEEDBEEF;
 // Checking Policy should implement a check function that tests whether the
 // index is within the size limit of the array
 struct Check {
-    Check() {}
    void check(uint i, uint limit);
 };
 struct NoCheck {
-    NoCheck() {}
    void check(uint, uint);
 };
@@ -193,7 +191,6 @@ inline void checked_delete(T* p)
 // sets pointer to zero so safe for std conatiners
 struct del_ptr_zero
 {
-    del_ptr_zero() {}
    template <typename T>
    void operator()(T*& p) const
    {

--- a/extra/yassl/include/crypto_wrapper.hpp
+++ b/extra/yassl/include/crypto_wrapper.hpp
@@ -42,7 +42,6 @@ namespace yaSSL {
 // Digest policy should implement a get_digest, update, and get sizes for pad
 // and  digest
 struct Digest : public virtual_base {
-    Digest() {}
    virtual void   get_digest(byte*) = 0;
    virtual void   get_digest(byte*, const byte*, unsigned int) = 0;
    virtual void   update(const byte*, unsigned int) = 0;
@@ -54,7 +53,6 @@ struct Digest : public virtual_base {
 // For use with NULL Digests
 struct NO_MAC : public Digest {
-    NO_MAC() {}
    void   get_digest(byte*);
    void   get_digest(byte*, const byte*, unsigned int);
    void   update(const byte*, unsigned int);
@@ -179,7 +177,6 @@ private:
 // BulkCipher policy should implement encrypt, decrypt, get block size, 
 // and set keys for encrypt and decrypt
 struct BulkCipher : public virtual_base {
-    BulkCipher() {}
    virtual void   encrypt(byte*, const byte*, unsigned int) = 0;
    virtual void   decrypt(byte*, const byte*, unsigned int) = 0;
    virtual void   set_encryptKey(const byte*, const byte* = 0) = 0;
@@ -193,7 +190,6 @@ struct BulkCipher : public virtual_base {
 // For use with NULL Ciphers
 struct NO_Cipher : public BulkCipher {
-    NO_Cipher() {}
    void   encrypt(byte*, const byte*, unsigned int) {}
    void   decrypt(byte*, const byte*, unsigned int) {}
    void   set_encryptKey(const byte*, const byte*)  {}
@@ -315,14 +311,12 @@ struct Auth : public virtual_base {
    virtual bool verify(const byte*, unsigned int, const byte*,
                        unsigned int) = 0;
    virtual uint get_signatureLength() const = 0;
-    Auth() {}
    virtual ~Auth() {}
 };
 // For use with NULL Authentication schemes
 struct NO_Auth : public Auth {
-    NO_Auth() {}
    void   sign(byte*, const byte*, unsigned int, const RandomPool&) {}
    bool   verify(const byte*, unsigned int, const byte*, unsigned int) 
                    { return true; }

--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -33,7 +33,8 @@
 #include "opensslv.h" /* for version number */
 #include "rsa.h"
-#define YASSL_VERSION "1.5.8"
+#define YASSL_VERSION "1.6.5"
 #if defined(__cplusplus)
@@ -189,16 +190,11 @@ enum {  /* ERR Constants */
    EVP_R_BAD_DECRYPT = 2
 };
-#ifdef WIN
-    typedef SOCKET socket_t;
-#else
-    typedef int socket_t;
-#endif
 SSL_CTX* SSL_CTX_new(SSL_METHOD*);
 SSL* SSL_new(SSL_CTX*);
-int  SSL_set_fd (SSL*, socket_t);
+int  SSL_set_fd (SSL*, int);
 int  SSL_connect(SSL*);
 int  SSL_write(SSL*, const void*, int);
 int  SSL_read(SSL*, void*, int);

--- a/extra/yassl/include/socket_wrapper.hpp
+++ b/extra/yassl/include/socket_wrapper.hpp
@@ -38,14 +38,16 @@
    #include <netinet/in.h>
    #include <arpa/inet.h>
 #endif
-#include "openssl/ssl.h"                        /* for socket_t */
 namespace yaSSL {
 typedef unsigned int uint;
-#ifndef _WIN32
+#ifdef _WIN32
+    typedef SOCKET socket_t;
+#else
+    typedef int socket_t;
    const socket_t INVALID_SOCKET = -1;
    const int SD_RECEIVE   = 0;
    const int SD_SEND      = 1;

--- a/extra/yassl/include/yassl_imp.hpp
+++ b/extra/yassl/include/yassl_imp.hpp
@@ -64,7 +64,6 @@ struct RecordLayerHeader {
 // base for all messages
 struct Message : public virtual_base {
-    Message() {}
    virtual input_buffer& set(input_buffer&) =0;   
    virtual output_buffer& get(output_buffer&) const =0;
@@ -178,7 +177,6 @@ private:
 class HandShakeBase : public virtual_base {
    int     length_;
 public:
-    HandShakeBase() {}
    int     get_length() const;
    void    set_length(int);
@@ -196,7 +194,6 @@ public:
 struct HelloRequest : public HandShakeBase {
-    HelloRequest() {}
    input_buffer&  set(input_buffer& in);
    output_buffer& get(output_buffer& out) const;
@@ -330,7 +327,6 @@ private:
 struct ServerKeyBase : public virtual_base {
-    ServerKeyBase() {}
    virtual ~ServerKeyBase() {}
    virtual void build(SSL&) {}
    virtual void read(SSL&, input_buffer&) {}
@@ -341,21 +337,15 @@ struct ServerKeyBase : public virtual_base {
 // Server random number for FORTEZZA KEA
 struct Fortezza_Server : public ServerKeyBase {
-    Fortezza_Server() {}
    opaque r_s_[FORTEZZA_MAX];
 };
 struct SignatureBase : public virtual_base {
-  SignatureBase() {}
    virtual ~SignatureBase() {}
 };
-struct anonymous_sa : public SignatureBase
+struct anonymous_sa : public SignatureBase {};
-{
-public:
-  anonymous_sa() {}
-};
 struct Hashes {
@@ -365,13 +355,11 @@ struct Hashes {
 struct rsa_sa : public SignatureBase {
-    rsa_sa() {}
    Hashes hashes_;
 };
 struct dsa_sa : public SignatureBase {
-    dsa_sa() {}
    uint8 sha_[SHA_LEN];
 };
@@ -399,7 +387,6 @@ private:
 // Server's RSA exchange
 struct RSA_Server : public ServerKeyBase {
-    RSA_Server() {}
    ServerRSAParams params_;
    opaque*         signature_;   // signed rsa_sa hashes
 };
@@ -474,7 +461,6 @@ struct PreMasterSecret {
 struct ClientKeyBase : public virtual_base {
-  ClientKeyBase() {}
    virtual ~ClientKeyBase() {}
    virtual void build(SSL&) {}
    virtual void read(SSL&, input_buffer&) {}
@@ -505,7 +491,6 @@ private:
 // Fortezza Key Parameters from page 29
 // hard code lengths cause only used here
 struct FortezzaKeys : public ClientKeyBase {
-    FortezzaKeys() {}
    opaque  y_c_                      [128];    // client's Yc, public value
    opaque  r_c_                      [128];    // client's Rc
    opaque  y_signature_              [40];     // DSS signed public key

--- a/extra/yassl/include/yassl_int.hpp
+++ b/extra/yassl/include/yassl_int.hpp
@@ -228,7 +228,6 @@ struct BIGNUM {
      TaoCrypt::Integer), we need to explicitly state the namespace
      here to let gcc 2.96 deduce the correct type.
    */
-    BIGNUM() {}
    yaSSL::Integer int_;
    void assign(const byte* b, uint s) { int_.assign(b,s); }
 };

--- a/extra/yassl/src/crypto_wrapper.cpp
+++ b/extra/yassl/src/crypto_wrapper.cpp
@@ -550,7 +550,6 @@ void RandomPool::Fill(opaque* dst, uint sz) const
 // Implementation of DSS Authentication
 struct DSS::DSSImpl {
-    DSSImpl() {}
    void SetPublic (const byte*, unsigned int);
    void SetPrivate(const byte*, unsigned int);
    TaoCrypt::DSA_PublicKey publicKey_;
@@ -623,7 +622,6 @@ bool DSS::verify(const byte* sha_digest, unsigned int /* shaSz */,
 // Implementation of RSA key interface
 struct RSA::RSAImpl {
-    RSAImpl() {}
    void SetPublic (const byte*, unsigned int);
    void SetPrivate(const byte*, unsigned int);
    TaoCrypt::RSA_PublicKey publicKey_;

--- a/extra/yassl/src/ssl.cpp
+++ b/extra/yassl/src/ssl.cpp
@@ -229,7 +229,7 @@ void SSL_free(SSL* ssl)
 }
-int SSL_set_fd(SSL* ssl, socket_t fd)
+int SSL_set_fd(SSL* ssl, int fd)
 {
    ssl->useSocket().set_fd(fd);
    return SSL_SUCCESS;
@@ -950,7 +950,7 @@ void ERR_print_errors_fp(FILE* /*fp*/)
 char* ERR_error_string(unsigned long errNumber, char* buffer)
 {
-  static char* msg = (char*) "Please supply a buffer for error string";
+    static char* msg = "Please supply a buffer for error string";
    if (buffer) {
        SetErrorString(YasslError(errNumber), buffer);

--- a/extra/yassl/taocrypt/README
+++ b/extra/yassl/taocrypt/README
-TaoCrypt release 0.9.0   09/18/2006
+TaoCrypt release 0.9.2   02/5/2007
+This release includes bug fixes, portability enhancements, and some 
+optimiations.
+See 0.9.0 for build instructions.
+******************TaoCrypt release 0.9.0   09/18/2006
 This is the first release of TaoCrypt, it was previously only included with
 yaSSL. TaoCrypt is highly portable and fast, its features include:

--- a/extra/yassl/taocrypt/benchmark/benchmark.cpp
+++ b/extra/yassl/taocrypt/benchmark/benchmark.cpp
@@ -65,7 +65,7 @@ int main(int argc, char** argv)
 const int megs = 5;  // how much to test
-const byte global_key[] = 
+const byte key[] = 
 {
    0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
    0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
@@ -81,19 +81,19 @@ const byte iv[] =
 };
-byte global_plain [1024*1024];
+byte plain [1024*1024];
-byte global_cipher[1024*1024];
+byte cipher[1024*1024];
 void bench_des()
 {
    DES_EDE3_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -107,12 +107,12 @@ void bench_des()
 void bench_aes(bool show)
 {
    AES_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -127,12 +127,12 @@ void bench_aes(bool show)
 void bench_twofish()
 {
    Twofish_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -147,12 +147,12 @@ void bench_twofish()
 void bench_blowfish()
 {
    Blowfish_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -166,12 +166,12 @@ void bench_blowfish()
 void bench_arc4()
 {
    ARC4 enc;
-    enc.SetKey(global_key, 16);
+    enc.SetKey(key, 16);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_cipher, global_plain, sizeof(global_plain));
+        enc.Process(cipher, plain, sizeof(plain));
    double total = current_time() - start;
@@ -191,7 +191,7 @@ void bench_md5()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);
@@ -213,7 +213,7 @@ void bench_sha()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);
@@ -241,7 +241,7 @@ void bench_ripemd()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);

--- a/extra/yassl/taocrypt/include/algebra.hpp
+++ b/extra/yassl/taocrypt/include/algebra.hpp
@@ -40,7 +40,6 @@ class TAOCRYPT_NO_VTABLE AbstractGroup : public virtual_base
 public:
    typedef Integer Element;
-    AbstractGroup() {}
    virtual ~AbstractGroup() {}
    virtual bool Equal(const Element &a, const Element &b) const =0;
@@ -95,7 +94,6 @@ private:
    class MultiplicativeGroupT : public AbstractGroup
    {
    public:
-        MultiplicativeGroupT() {}
        const AbstractRing& GetRing() const
            {return *m_pRing;}
@@ -147,7 +145,6 @@ class TAOCRYPT_NO_VTABLE AbstractEuclideanDomain
    : public AbstractRing
 {
 public:
-    AbstractEuclideanDomain() {}
    typedef Integer Element;
    virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a,

--- a/extra/yassl/taocrypt/include/des.hpp
+++ b/extra/yassl/taocrypt/include/des.hpp
@@ -41,7 +41,6 @@ enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 };
 class BasicDES {
 public:
-    BasicDES() {}
    void SetKey(const byte*, word32, CipherDir dir);
    void RawProcessBlock(word32&, word32&) const;
 protected:

--- a/extra/yassl/taocrypt/include/hash.hpp
+++ b/extra/yassl/taocrypt/include/hash.hpp
@@ -31,7 +31,6 @@ namespace TaoCrypt {
 // HASH
 class HASH : public virtual_base {
 public:
-    HASH() {}
    virtual ~HASH() {}
    virtual void Update(const byte*, word32) = 0;
@@ -58,8 +57,7 @@ public:
    word32  GetBitCountLo() const { return  loLen_ << 3; }
    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
                                           (hiLen_ << 3); } 
+    enum { MaxDigestSz = 8, MaxBufferSz = 64 };
-    enum { MaxDigestSz = 5, MaxBufferSz = 64 };
 protected:
    typedef word32 HashLengthType;
    word32          buffLen_;   // in bytes
@@ -74,6 +72,38 @@ protected:
 };
+#ifdef WORD64_AVAILABLE
+// 64-bit HASH with Transform
+class HASH64withTransform : public HASH {
+public:
+    HASH64withTransform(word32 digSz, word32 buffSz);
+    virtual ~HASH64withTransform() {}
+    virtual ByteOrder getByteOrder()  const = 0;
+    virtual word32    getPadSize()    const = 0;
+    virtual void Update(const byte*, word32);
+    virtual void Final(byte*);
+    word32  GetBitCountLo() const { return  loLen_ << 3; }
+    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
+                                           (hiLen_ << 3); } 
+    enum { MaxDigestSz = 8, MaxBufferSz = 128 };
+protected:
+    typedef word32 HashLengthType;
+    word32          buffLen_;   // in bytes
+    HashLengthType  loLen_;     // length in bytes
+    HashLengthType  hiLen_;     // length in bytes
+    word64          digest_[MaxDigestSz];
+    word64          buffer_[MaxBufferSz / sizeof(word64)];
+    virtual void Transform() = 0;
+    void AddLength(word32);
+};
+#endif // WORD64_AVAILABLE
 } // namespace

--- a/extra/yassl/taocrypt/include/hmac.hpp
+++ b/extra/yassl/taocrypt/include/hmac.hpp
@@ -109,11 +109,11 @@ void HMAC<T>::KeyInnerHash()
 // Update
 template <class T>
-void HMAC<T>::Update(const byte* msg_arg, word32 length)
+void HMAC<T>::Update(const byte* msg, word32 length)
 {
    if (!innerHashKeyed_)
        KeyInnerHash();
-    mac_.Update(msg_arg, length);
+    mac_.Update(msg, length);
 }

--- a/extra/yassl/taocrypt/include/misc.hpp
+++ b/extra/yassl/taocrypt/include/misc.hpp
@@ -464,6 +464,25 @@ inline word32 ByteReverse(word32 value)
 }
+#ifdef WORD64_AVAILABLE
+inline word64 ByteReverse(word64 value)
+{
+#ifdef TAOCRYPT_SLOW_WORD64
+	return (word64(ByteReverse(word32(value))) << 32) | 
+                   ByteReverse(word32(value>>32));
+#else
+	value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) |
+            ((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
+	value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) |
+            ((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
+	return rotlFixed(value, 32U);
+#endif
+}
+#endif // WORD64_AVAILABLE
 template <typename T>
 inline void ByteReverse(T* out, const T* in, word32 byteCount)
 {

--- a/extra/yassl/taocrypt/include/modarith.hpp
+++ b/extra/yassl/taocrypt/include/modarith.hpp
@@ -37,8 +37,8 @@ public:
    typedef int RandomizationParameter;
    typedef Integer Element;
-    ModularArithmetic(const Integer &modulus_arg = Integer::One())
+    ModularArithmetic(const Integer &modulus = Integer::One())
-        : modulus(modulus_arg), result((word)0, modulus_arg.reg_.size()) {}
+        : modulus(modulus), result((word)0, modulus.reg_.size()) {}
    ModularArithmetic(const ModularArithmetic &ma)
        : AbstractRing(),

--- a/extra/yassl/taocrypt/include/modes.hpp
+++ b/extra/yassl/taocrypt/include/modes.hpp
@@ -42,8 +42,8 @@ public:
            { cipher_.Process(c, p, sz); }
    void SetKey(const byte* k, word32 sz)   
            { cipher_.SetKey(k, sz, DIR); }
-    void SetKey(const byte* k, word32 sz, const byte* iv_arg)   
+    void SetKey(const byte* k, word32 sz, const byte* iv)   
-            { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv_arg); }
+            { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv); }
 private:
    T cipher_;

--- a/extra/yassl/taocrypt/include/rsa.hpp
+++ b/extra/yassl/taocrypt/include/rsa.hpp
@@ -131,7 +131,6 @@ private:
 // block type 2 padding
 class RSA_BlockType2  {
 public:
-    RSA_BlockType2() {}
    void   Pad(const byte*, word32, byte*, word32,
               RandomNumberGenerator&) const;
    word32 UnPad(const byte*, word32, byte*) const;
@@ -141,7 +140,6 @@ public:
 // block type 1 padding
 class RSA_BlockType1  {
 public:
-    RSA_BlockType1() {}
    void   Pad(const byte*, word32, byte*, word32, 
               RandomNumberGenerator&) const;
    word32 UnPad(const byte*, word32, byte*) const;
@@ -176,27 +174,25 @@ public:
 // Public Encrypt
 template<class Pad>
-void RSA_Encryptor<Pad>::Encrypt(const byte* plain_arg, word32 sz,
+void RSA_Encryptor<Pad>::Encrypt(const byte* plain, word32 sz, byte* cipher,
-                                 byte* cipher_arg,
+                                 RandomNumberGenerator& rng)
-                                 RandomNumberGenerator& rng_arg)
 {
    PK_Lengths lengths(key_.GetModulus());
    assert(sz <= lengths.FixedMaxPlaintextLength());
    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    padding_.Pad(plain_arg, sz, paddedBlock.get_buffer(),
+    padding_.Pad(plain, sz, paddedBlock.get_buffer(),
-                 lengths.PaddedBlockBitLength(), rng_arg);
+                 lengths.PaddedBlockBitLength(), rng);
    key_.ApplyFunction(Integer(paddedBlock.get_buffer(), paddedBlock.size())).
-        Encode(cipher_arg, lengths.FixedCiphertextLength());
+        Encode(cipher, lengths.FixedCiphertextLength());
 }
 // Private Decrypt
 template<class Pad>
-word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher_arg, word32 sz,
+word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher, word32 sz, byte* plain,
-                                   byte* plain_arg,
+                                   RandomNumberGenerator& rng)
-                                   RandomNumberGenerator& rng_arg)
 {
    PK_Lengths lengths(key_.GetModulus());
    assert(sz == lengths.FixedCiphertextLength());
@@ -205,29 +201,29 @@ word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher_arg, word32 sz,
        return 0;
    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    Integer x = key_.CalculateInverse(rng_arg, Integer(cipher_arg,
+    Integer x = key_.CalculateInverse(rng, Integer(cipher,
                                      lengths.FixedCiphertextLength()).Ref());
    if (x.ByteCount() > paddedBlock.size())
        x = Integer::Zero();	// don't return false, prevents timing attack
    x.Encode(paddedBlock.get_buffer(), paddedBlock.size());
    return padding_.UnPad(paddedBlock.get_buffer(),
-                          lengths.PaddedBlockBitLength(), plain_arg);
+                          lengths.PaddedBlockBitLength(), plain);
 }
 // Private SSL type (block 1) Encrypt
 template<class Pad>
 void RSA_Decryptor<Pad>::SSL_Sign(const byte* message, word32 sz, byte* sig,
-                                  RandomNumberGenerator& rng_arg)
+                                  RandomNumberGenerator& rng)
 {
    RSA_PublicKey inverse;
    inverse.Initialize(key_.GetModulus(), key_.GetPrivateExponent());
    RSA_Encryptor<RSA_BlockType1> enc(inverse); // SSL Type
-    enc.Encrypt(message, sz, sig, rng_arg);
+    enc.Encrypt(message, sz, sig, rng);
 }
-word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain_arg);
+word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain);
 // Public SSL type (block 1) Decrypt
@@ -235,11 +231,11 @@ template<class Pad>
 bool RSA_Encryptor<Pad>::SSL_Verify(const byte* message, word32 sz,
                                    const byte* sig)
 {
-    ByteBlock local_plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength());
+    ByteBlock plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength());
-    if (SSL_Decrypt(key_, sig, local_plain.get_buffer()) != sz)
+    if (SSL_Decrypt(key_, sig, plain.get_buffer()) != sz)
        return false;   // not right justified or bad padding
-    if ( (memcmp(local_plain.get_buffer(), message, sz)) == 0)
+    if ( (memcmp(plain.get_buffer(), message, sz)) == 0)
        return true;
    return false;
 }

--- a/extra/yassl/taocrypt/include/sha.hpp
+++ b/extra/yassl/taocrypt/include/sha.hpp
@@ -64,6 +64,103 @@ inline void swap(SHA& a, SHA& b)
    a.Swap(b);
 }
+// SHA-256 digest
+class SHA256 : public HASHwithTransform {
+public:
+    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 32, PAD_SIZE = 56,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA256() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA256(const SHA256&);
+    SHA256& operator= (const SHA256&);
+    void Swap(SHA256&);
+private:
+    void Transform();
+};
+// SHA-224 digest
+class SHA224 : public HASHwithTransform {
+public:
+    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 28, PAD_SIZE = 56,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA224() : HASHwithTransform(SHA256::DIGEST_SIZE /sizeof(word32),BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA224(const SHA224&);
+    SHA224& operator= (const SHA224&);
+    void Swap(SHA224&);
+private:
+    void Transform();
+};
+#ifdef WORD64_AVAILABLE
+// SHA-512 digest
+class SHA512 : public HASH64withTransform {
+public:
+    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 64, PAD_SIZE = 112,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA512() : HASH64withTransform(DIGEST_SIZE / sizeof(word64), BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA512(const SHA512&);
+    SHA512& operator= (const SHA512&);
+    void Swap(SHA512&);
+private:
+    void Transform();
+};
+// SHA-384 digest
+class SHA384 : public HASH64withTransform {
+public:
+    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 48, PAD_SIZE = 112,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA384() : HASH64withTransform(SHA512::DIGEST_SIZE/ sizeof(word64),
+                                   BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA384(const SHA384&);
+    SHA384& operator= (const SHA384&);
+    void Swap(SHA384&);
+private:
+    void Transform();
+};
+#endif // WORD64_AVAILABLE
 } // namespace

--- a/extra/yassl/taocrypt/include/type_traits.hpp
+++ b/extra/yassl/taocrypt/include/type_traits.hpp
@@ -62,11 +62,7 @@ MK_FUNDAMENTAL_TYPE(unsigned long)
 MK_FUNDAMENTAL_TYPE(float)
 MK_FUNDAMENTAL_TYPE(     double)
+MK_FUNDAMENTAL_TYPE(long double)
-#ifdef LONG_DOUBLE_IS_DISTINCT_TYPE
-// Don't define by default as this gives warnings on power mac
-    MK_FUNDAMENTAL_TYPE(long double)
-#endif
 #if defined(WORD64_AVAILABLE) && defined(WORD64_IS_DISTINCT_TYPE)
    MK_FUNDAMENTAL_TYPE(word64)

--- a/extra/yassl/taocrypt/include/types.hpp
+++ b/extra/yassl/taocrypt/include/types.hpp
@@ -46,13 +46,16 @@ typedef unsigned int   word32;
    #define WORD64_AVAILABLE
    #define WORD64_IS_DISTINCT_TYPE
    typedef unsigned __int64 word64;
+    #define W64LIT(x) x##ui64
 #elif SIZEOF_LONG == 8
    #define WORD64_AVAILABLE
    typedef unsigned long word64;
+    #define W64LIT(x) x##LL
 #elif SIZEOF_LONG_LONG == 8 
    #define WORD64_AVAILABLE
    #define WORD64_IS_DISTINCT_TYPE
    typedef unsigned long long word64;
+    #define W64LIT(x) x##LL
 #endif

--- a/extra/yassl/taocrypt/mySTL/list.hpp
+++ b/extra/yassl/taocrypt/mySTL/list.hpp
@@ -231,7 +231,7 @@ void list<T>::push_front(T t)
 template<typename T> 
 void list<T>::pop_front()
 {
-    node* local_front = head_;
+    node* front = head_;
    if (head_ == 0)
        return;
@@ -241,8 +241,8 @@ void list<T>::pop_front()
        head_ = head_->next_;
        head_->prev_ = 0;
    }
-    destroy(local_front);
+    destroy(front);
-    FreeMemory(local_front);
+    FreeMemory(front);
    --sz_;
 }
@@ -303,13 +303,13 @@ T list<T>::back() const
 template<typename T>
 typename list<T>::node* list<T>::look_up(T t)
 {
-    node* local_list = head_;
+    node* list = head_;
-    if (local_list == 0) return 0;
+    if (list == 0) return 0;
-    for (; local_list; local_list = local_list->next_)
+    for (; list; list = list->next_)
-        if (local_list->value_ == t)
+        if (list->value_ == t)
-            return local_list;
+            return list;
    return 0;
 }

--- a/extra/yassl/taocrypt/src/aes.cpp
+++ b/extra/yassl/taocrypt/src/aes.cpp
@@ -90,14 +90,13 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
    rounds_ = keylen/4 + 6;
    word32 temp, *rk = key_;
+    unsigned int i=0;
    GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen);
    switch(keylen)
    {
    case 16:
-    {
-        unsigned int i=0;
        while (true)
        {
            temp  = rk[3];
@@ -115,10 +114,8 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
            rk += 4;
        }
        break;
-    }
    case 24:
-    {
-        unsigned int i=0;
        while (true)    // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack
        {
            temp = rk[ 5];
@@ -139,10 +136,7 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
        }
        break;
-    }
    case 32:
-    {
-        unsigned int i=0;
        while (true)
        {
            temp = rk[ 7];
@@ -171,7 +165,6 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
        }
        break;
    }
-    }
    if (dir_ == DECRYPTION)
    {

--- a/extra/yassl/taocrypt/src/algebra.cpp
+++ b/extra/yassl/taocrypt/src/algebra.cpp
@@ -186,10 +186,10 @@ Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
 struct WindowSlider
 {
-    WindowSlider(const Integer &exp_arg, bool fastNegate_arg,
+    WindowSlider(const Integer &exp, bool fastNegate,
                 unsigned int windowSizeIn=0)
-        : exp(exp_arg), windowModulus(Integer::One()), windowSize(windowSizeIn),
+        : exp(exp), windowModulus(Integer::One()), windowSize(windowSizeIn),
-          windowBegin(0), fastNegate(fastNegate_arg), firstTime(true),
+          windowBegin(0), fastNegate(fastNegate), firstTime(true),
          finished(false)
    {
        if (windowSize == 0)

--- a/extra/yassl/taocrypt/src/asn.cpp
+++ b/extra/yassl/taocrypt/src/asn.cpp
@@ -737,17 +737,17 @@ void CertDecoder::GetName(NameType nt)
                email = true;
            source_.advance(oidSz + 1);
-            word32 length2 = GetLength(source_);
+            word32 length = GetLength(source_);
            if (email) {
                memcpy(&ptr[idx], "/emailAddress=", 14);
                idx += 14;
-                memcpy(&ptr[idx], source_.get_current(), length2);
+                memcpy(&ptr[idx], source_.get_current(), length);
-                idx += length2;
+                idx += length;
            }
-            source_.advance(length2);
+            source_.advance(length);
        }
    }
    ptr[idx++] = 0;

--- a/extra/yassl/taocrypt/src/hash.cpp
+++ b/extra/yassl/taocrypt/src/hash.cpp
@@ -108,4 +108,89 @@ void HASHwithTransform::Final(byte* hash)
    Init();  // reset state
 }
+#ifdef WORD64_AVAILABLE
+HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz)
+{
+    assert(digSz  <= MaxDigestSz);
+    assert(buffSz <= MaxBufferSz);
+}
+void HASH64withTransform::AddLength(word32 len)
+{
+    HashLengthType tmp = loLen_;
+    if ( (loLen_ += len) < tmp)
+        hiLen_++;                       // carry low to high
+    hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len);
+}
+// Update digest with data of size len, do in blocks
+void HASH64withTransform::Update(const byte* data, word32 len)
+{
+    // do block size increments
+    word32 blockSz = getBlockSize();
+    byte*  local   = reinterpret_cast<byte*>(buffer_);
+    while (len) {
+        word32 add = min(len, blockSz - buffLen_);
+        memcpy(&local[buffLen_], data, add);
+        buffLen_ += add;
+        data     += add;
+        len      -= add;
+        if (buffLen_ == blockSz) {
+            ByteReverseIf(buffer_, buffer_, blockSz, getByteOrder());
+            Transform();
+            AddLength(blockSz);
+            buffLen_ = 0;
+        }
+    }
+}
+// Final process, place digest in hash
+void HASH64withTransform::Final(byte* hash)
+{
+    word32    blockSz  = getBlockSize();
+    word32    digestSz = getDigestSize();
+    word32    padSz    = getPadSize();
+    ByteOrder order    = getByteOrder();
+    AddLength(buffLen_);                        // before adding pads
+    HashLengthType preLoLen = GetBitCountLo();
+    HashLengthType preHiLen = GetBitCountHi();
+    byte*     local         = reinterpret_cast<byte*>(buffer_);
+    local[buffLen_++] = 0x80;  // add 1
+    // pad with zeros
+    if (buffLen_ > padSz) {
+        memset(&local[buffLen_], 0, blockSz - buffLen_);
+        buffLen_ += blockSz - buffLen_;
+        ByteReverseIf(buffer_, buffer_, blockSz, order);
+        Transform();
+        buffLen_ = 0;
+    }
+    memset(&local[buffLen_], 0, padSz - buffLen_);
+    ByteReverseIf(buffer_, buffer_, padSz, order);
+    buffer_[blockSz / sizeof(word64) - 2] = order ? preHiLen : preLoLen;
+    buffer_[blockSz / sizeof(word64) - 1] = order ? preLoLen : preHiLen;
+    Transform();
+    ByteReverseIf(digest_, digest_, digestSz, order);
+    memcpy(hash, digest_, digestSz);
+    Init();  // reset state
+}
+#endif // WORD64_AVAILABLE
 } // namespace
--- a/extra/yassl/taocrypt/src/integer.cpp
+++ b/extra/yassl/taocrypt/src/integer.cpp
@@ -3390,7 +3390,7 @@ void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a,
        CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), wordCount);
        SetWords(r.reg_+wordCount, 0, r.reg_.size()-wordCount);
        if (n % WORD_BITS != 0)
-          r.reg_[wordCount-1] %= ((word) 1 << (n % WORD_BITS));
+            r.reg_[wordCount-1] %= (1 << (n % WORD_BITS));
    }
    else
    {

--- a/extra/yassl/taocrypt/src/sha.cpp
+++ b/extra/yassl/taocrypt/src/sha.cpp
@@ -69,6 +69,77 @@ void SHA::Init()
    hiLen_  = 0;
 }
+void SHA256::Init()
+{
+    digest_[0] = 0x6A09E667L;
+    digest_[1] = 0xBB67AE85L;
+    digest_[2] = 0x3C6EF372L;
+    digest_[3] = 0xA54FF53AL;
+    digest_[4] = 0x510E527FL;
+    digest_[5] = 0x9B05688CL;
+    digest_[6] = 0x1F83D9ABL;
+    digest_[7] = 0x5BE0CD19L;
+    buffLen_ = 0;
+    loLen_  = 0;
+    hiLen_  = 0;
+}
+void SHA224::Init()
+{
+    digest_[0] = 0xc1059ed8;
+    digest_[1] = 0x367cd507;
+    digest_[2] = 0x3070dd17;
+    digest_[3] = 0xf70e5939;
+    digest_[4] = 0xffc00b31;
+    digest_[5] = 0x68581511;
+    digest_[6] = 0x64f98fa7;
+    digest_[7] = 0xbefa4fa4;
+    buffLen_ = 0;
+    loLen_  = 0;
+    hiLen_  = 0;
+}
+#ifdef WORD64_AVAILABLE
+void SHA512::Init()
+{
+    digest_[0] = W64LIT(0x6a09e667f3bcc908);
+    digest_[1] = W64LIT(0xbb67ae8584caa73b);
+    digest_[2] = W64LIT(0x3c6ef372fe94f82b);
+    digest_[3] = W64LIT(0xa54ff53a5f1d36f1);
+    digest_[4] = W64LIT(0x510e527fade682d1);
+    digest_[5] = W64LIT(0x9b05688c2b3e6c1f);
+    digest_[6] = W64LIT(0x1f83d9abfb41bd6b);
+    digest_[7] = W64LIT(0x5be0cd19137e2179);
+    buffLen_ = 0;
+    loLen_  = 0;
+    hiLen_  = 0;
+}
+void SHA384::Init()
+{
+    digest_[0] = W64LIT(0xcbbb9d5dc1059ed8);
+    digest_[1] = W64LIT(0x629a292a367cd507);
+    digest_[2] = W64LIT(0x9159015a3070dd17);
+    digest_[3] = W64LIT(0x152fecd8f70e5939);
+    digest_[4] = W64LIT(0x67332667ffc00b31);
+    digest_[5] = W64LIT(0x8eb44a8768581511);
+    digest_[6] = W64LIT(0xdb0c2e0d64f98fa7);
+    digest_[7] = W64LIT(0x47b5481dbefa4fa4);
+    buffLen_ = 0;
+    loLen_  = 0;
+    hiLen_  = 0;
+}
+#endif // WORD64_AVAILABLE
 SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
                                              BLOCK_SIZE) 
@@ -81,6 +152,59 @@ SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
 }
+SHA256::SHA256(const SHA256& that) : HASHwithTransform(DIGEST_SIZE /
+                                       sizeof(word32), BLOCK_SIZE) 
+{ 
+    buffLen_ = that.buffLen_;
+    loLen_   = that.loLen_;
+    hiLen_   = that.hiLen_;
+    memcpy(digest_, that.digest_, DIGEST_SIZE);
+    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
+}
+SHA224::SHA224(const SHA224& that) : HASHwithTransform(SHA256::DIGEST_SIZE /
+                                       sizeof(word32), BLOCK_SIZE) 
+{ 
+    buffLen_ = that.buffLen_;
+    loLen_   = that.loLen_;
+    hiLen_   = that.hiLen_;
+    memcpy(digest_, that.digest_, DIGEST_SIZE);
+    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
+}
+#ifdef WORD64_AVAILABLE 
+SHA512::SHA512(const SHA512& that) : HASH64withTransform(DIGEST_SIZE /
+                                       sizeof(word64), BLOCK_SIZE) 
+{ 
+    buffLen_ = that.buffLen_;
+    loLen_   = that.loLen_;
+    hiLen_   = that.hiLen_;
+    memcpy(digest_, that.digest_, DIGEST_SIZE);
+    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
+}
+SHA384::SHA384(const SHA384& that) : HASH64withTransform(SHA512::DIGEST_SIZE /
+                                       sizeof(word64), BLOCK_SIZE) 
+{ 
+    buffLen_ = that.buffLen_;
+    loLen_   = that.loLen_;
+    hiLen_   = that.hiLen_;
+    memcpy(digest_, that.digest_, DIGEST_SIZE);
+    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
+}
+#endif // WORD64_AVAILABLE
 SHA& SHA::operator= (const SHA& that)
 {
    SHA tmp(that);
@@ -90,6 +214,46 @@ SHA& SHA::operator= (const SHA& that)
 }
+SHA256& SHA256::operator= (const SHA256& that)
+{
+    SHA256 tmp(that);
+    Swap(tmp);
+    return *this;
+}
+SHA224& SHA224::operator= (const SHA224& that)
+{
+    SHA224 tmp(that);
+    Swap(tmp);
+    return *this;
+}
+#ifdef WORD64_AVAILABLE
+SHA512& SHA512::operator= (const SHA512& that)
+{
+    SHA512 tmp(that);
+    Swap(tmp);
+    return *this;
+}
+SHA384& SHA384::operator= (const SHA384& that)
+{
+    SHA384 tmp(that);
+    Swap(tmp);
+    return *this;
+}
+#endif // WORD64_AVAILABLE
 void SHA::Swap(SHA& other)
 {
    STL::swap(loLen_,   other.loLen_);
@@ -101,6 +265,53 @@ void SHA::Swap(SHA& other)
 }
+void SHA256::Swap(SHA256& other)
+{
+    STL::swap(loLen_,   other.loLen_);
+    STL::swap(hiLen_,   other.hiLen_);
+    STL::swap(buffLen_, other.buffLen_);
+    memcpy(digest_, other.digest_, DIGEST_SIZE);
+    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
+}
+void SHA224::Swap(SHA224& other)
+{
+    STL::swap(loLen_,   other.loLen_);
+    STL::swap(hiLen_,   other.hiLen_);
+    STL::swap(buffLen_, other.buffLen_);
+    memcpy(digest_, other.digest_, DIGEST_SIZE);
+    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
+}
+#ifdef WORD64_AVAILABLE
+void SHA512::Swap(SHA512& other)
+{
+    STL::swap(loLen_,   other.loLen_);
+    STL::swap(hiLen_,   other.hiLen_);
+    STL::swap(buffLen_, other.buffLen_);
+    memcpy(digest_, other.digest_, DIGEST_SIZE);
+    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
+}
+void SHA384::Swap(SHA384& other)
+{
+    STL::swap(loLen_,   other.loLen_);
+    STL::swap(hiLen_,   other.hiLen_);
+    STL::swap(buffLen_, other.buffLen_);
+    memcpy(digest_, other.digest_, DIGEST_SIZE);
+    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
+}
+#endif // WORD64_AVIALABLE
 #ifdef DO_SHA_ASM
@@ -203,6 +414,205 @@ void SHA::Transform()
 }
+#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
+#define Ch(x,y,z) (z^(x&(y^z)))
+#define Maj(x,y,z) ((x&y)|(z&(x|y)))
+#define a(i) T[(0-i)&7]
+#define b(i) T[(1-i)&7]
+#define c(i) T[(2-i)&7]
+#define d(i) T[(3-i)&7]
+#define e(i) T[(4-i)&7]
+#define f(i) T[(5-i)&7]
+#define g(i) T[(6-i)&7]
+#define h(i) T[(7-i)&7]
+#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\
+	d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
+// for SHA256
+#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22))
+#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25))
+#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3))
+#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10))
+static const word32 K256[64] = {
+	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+static void Transform256(word32* digest_, word32* buffer_)
+{
+    const  word32* K = K256;
+    word32 W[16];
+    word32 T[8];
+    // Copy digest to working vars
+    memcpy(T, digest_, sizeof(T));
+    // 64 operations, partially loop unrolled
+    for (unsigned int j = 0; j < 64; j += 16) {
+        R( 0); R( 1); R( 2); R( 3);
+        R( 4); R( 5); R( 6); R( 7);
+        R( 8); R( 9); R(10); R(11);
+        R(12); R(13); R(14); R(15);
+    }
+    // Add the working vars back into digest
+    digest_[0] += a(0);
+    digest_[1] += b(0);
+    digest_[2] += c(0);
+    digest_[3] += d(0);
+    digest_[4] += e(0);
+    digest_[5] += f(0);
+    digest_[6] += g(0);
+    digest_[7] += h(0);
+    // Wipe variables
+    memset(W, 0, sizeof(W));
+    memset(T, 0, sizeof(T));
+}
+// undef for 256
+#undef S0
+#undef S1
+#undef s0
+#undef s1
+void SHA256::Transform()
+{
+    Transform256(digest_, buffer_);
+}
+void SHA224::Transform()
+{
+    Transform256(digest_, buffer_);
+}
+#ifdef WORD64_AVAILABLE
+static const word64 K512[80] = {
+	W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
+	W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
+	W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
+	W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
+	W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
+	W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
+	W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
+	W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
+	W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
+	W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
+	W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
+	W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
+	W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
+	W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
+	W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
+	W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
+	W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
+	W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
+	W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
+	W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
+	W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
+	W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
+	W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
+	W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
+	W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
+	W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
+	W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
+	W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
+	W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
+	W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
+	W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
+	W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
+	W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
+	W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
+	W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
+	W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
+	W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
+	W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
+	W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
+	W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
+};
+// for SHA512
+#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39))
+#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41))
+#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7))
+#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6))
+static void Transform512(word64* digest_, word64* buffer_)
+{
+    const word64* K = K512;
+    word64 W[16];
+    word64 T[8];
+    // Copy digest to working vars
+    memcpy(T, digest_, sizeof(T));
+    // 64 operations, partially loop unrolled
+    for (unsigned int j = 0; j < 80; j += 16) {
+        R( 0); R( 1); R( 2); R( 3);
+        R( 4); R( 5); R( 6); R( 7);
+        R( 8); R( 9); R(10); R(11);
+        R(12); R(13); R(14); R(15);
+    }
+    // Add the working vars back into digest 
+    digest_[0] += a(0);
+    digest_[1] += b(0);
+    digest_[2] += c(0);
+    digest_[3] += d(0);
+    digest_[4] += e(0);
+    digest_[5] += f(0);
+    digest_[6] += g(0);
+    digest_[7] += h(0);
+    // Wipe variables
+    memset(W, 0, sizeof(W));
+    memset(T, 0, sizeof(T));
+}
+void SHA512::Transform()
+{
+    Transform512(digest_, buffer_);
+}
+void SHA384::Transform()
+{
+    Transform512(digest_, buffer_);
+}
+#endif // WORD64_AVIALABLE
 #ifdef DO_SHA_ASM
 // f1(x,y,z) (z^(x &(y^z)))

--- a/extra/yassl/taocrypt/test/test.cpp
+++ b/extra/yassl/taocrypt/test/test.cpp
@@ -29,6 +29,12 @@
 using TaoCrypt::byte;
 using TaoCrypt::word32;
 using TaoCrypt::SHA;
+using TaoCrypt::SHA256;
+using TaoCrypt::SHA224;
+#ifdef WORD64_AVAILABLE
+    using TaoCrypt::SHA512;
+    using TaoCrypt::SHA384;
+#endif
 using TaoCrypt::MD5;
 using TaoCrypt::MD2;
 using TaoCrypt::MD4;
@@ -90,6 +96,12 @@ struct testVector {
 void file_test(int, char**);
 int  sha_test();
+int  sha256_test();
+#ifdef WORD64_AVAILABLE
+    int  sha512_test();
+    int  sha384_test();
+#endif
+int  sha224_test();
 int  md5_test();
 int  md2_test();
 int  md4_test();
@@ -139,20 +151,20 @@ const byte msgTmp[] = { // "now is the time for all " w/o trailing 0
    0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
 };
-byte* global_msg    = 0;   // for block cipher input
+byte* msg    = 0;   // for block cipher input
-byte* global_plain  = 0;   // for cipher decrypt comparison 
+byte* plain  = 0;   // for cipher decrypt comparison 
-byte* global_cipher = 0;   // block output
+byte* cipher = 0;   // block output
 void taocrypt_test(void* args)
 {
    ((func_args*)args)->return_code = -1; // error state
-    global_msg    = NEW_TC byte[24];
+    msg    = NEW_TC byte[24];
-    global_plain  = NEW_TC byte[24];
+    plain  = NEW_TC byte[24];
-    global_cipher = NEW_TC byte[24];
+    cipher = NEW_TC byte[24];
-    memcpy(global_msg, msgTmp, 24);
+    memcpy(msg, msgTmp, 24);
    int ret = 0;
    if ( (ret = sha_test()) ) 
@@ -160,6 +172,30 @@ void taocrypt_test(void* args)
    else
        printf( "SHA      test passed!\n");
+    if ( (ret = sha256_test()) ) 
+        err_sys("SHA-256  test failed!\n", ret);
+    else
+        printf( "SHA-256  test passed!\n");
+    if ( (ret = sha224_test()) ) 
+        err_sys("SHA-224  test failed!\n", ret);
+    else
+        printf( "SHA-224  test passed!\n");
+#ifdef WORD64_AVAILABLE
+    if ( (ret = sha512_test()) ) 
+        err_sys("SHA-512  test failed!\n", ret);
+    else
+        printf( "SHA-512  test passed!\n");
+    if ( (ret = sha384_test()) ) 
+        err_sys("SHA-384  test failed!\n", ret);
+    else
+        printf( "SHA-384  test passed!\n");
+#endif
    if ( (ret = md5_test()) ) 
        err_sys("MD5      test failed!\n", ret);
    else
@@ -237,9 +273,9 @@ void taocrypt_test(void* args)
        printf( "PKCS12   test passed!\n");
    */
-    tcArrayDelete(global_cipher);
+    tcArrayDelete(cipher);
-    tcArrayDelete(global_plain);
+    tcArrayDelete(plain);
-    tcArrayDelete(global_msg);
+    tcArrayDelete(msg);
    ((func_args*)args)->return_code = ret;
 }
@@ -328,6 +364,136 @@ int sha_test()
 }
+int sha256_test()
+{
+    SHA256 sha;
+    byte   hash[SHA256::DIGEST_SIZE];
+    testVector test_sha[] =
+    {
+        testVector("abc",
+                 "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+                 "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+                 "\x15\xAD"),
+        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+                 "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+                 "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+                 "\x06\xC1")
+    };
+    int times( sizeof(test_sha) / sizeof(testVector) );
+    for (int i = 0; i < times; ++i) {
+        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
+        sha.Final(hash);
+        if (memcmp(hash, test_sha[i].output_, SHA256::DIGEST_SIZE) != 0)
+            return -1 - i;
+    }
+    return 0;
+}
+#ifdef WORD64_AVAILABLE
+int sha512_test()
+{
+    SHA512 sha;
+    byte   hash[SHA512::DIGEST_SIZE];
+    testVector test_sha[] =
+    {
+        testVector("abc",
+                 "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+                 "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+                 "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+                 "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+                 "\xa5\x4c\xa4\x9f"),
+        testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+                   "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 
+                 "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+                 "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+                 "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+                 "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+                 "\x87\x4b\xe9\x09")
+    };
+    int times( sizeof(test_sha) / sizeof(testVector) );
+    for (int i = 0; i < times; ++i) {
+        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
+        sha.Final(hash);
+        if (memcmp(hash, test_sha[i].output_, SHA512::DIGEST_SIZE) != 0)
+            return -1 - i;
+    }
+    return 0;
+}
+int sha384_test()
+{
+    SHA384 sha;
+    byte   hash[SHA384::DIGEST_SIZE];
+    testVector test_sha[] =
+    {
+        testVector("abc",
+                 "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+                 "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+                 "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+                 "\xc8\x25\xa7"),
+        testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+                   "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 
+                 "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+                 "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+                 "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+                 "\x74\x60\x39")
+    };
+    int times( sizeof(test_sha) / sizeof(testVector) );
+    for (int i = 0; i < times; ++i) {
+        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
+        sha.Final(hash);
+        if (memcmp(hash, test_sha[i].output_, SHA384::DIGEST_SIZE) != 0)
+            return -1 - i;
+    }
+    return 0;
+}
+#endif // WORD64_AVAILABLE
+int sha224_test()
+{
+    SHA224 sha;
+    byte   hash[SHA224::DIGEST_SIZE];
+    testVector test_sha[] =
+    {
+        testVector("abc",
+                 "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55"
+                 "\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7"),
+        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+                 "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
+                 "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25")
+    };
+    int times( sizeof(test_sha) / sizeof(testVector) );
+    for (int i = 0; i < times; ++i) {
+        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
+        sha.Final(hash);
+        if (memcmp(hash, test_sha[i].output_, SHA224::DIGEST_SIZE) != 0)
+            return -1 - i;
+    }
+    return 0;
+}
 int md5_test()
 {
    MD5  md5;
@@ -606,11 +772,11 @@ int des_test()
    const byte iv[] =  { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef };
    enc.SetKey(key, sizeof(key));
-    enc.Process(global_cipher, global_msg, sz);
+    enc.Process(cipher, msg, sz);
    dec.SetKey(key, sizeof(key));
-    dec.Process(global_plain, global_cipher, sz);
+    dec.Process(plain, cipher, sz);
-    if (memcmp(global_plain, global_msg, sz))
+    if (memcmp(plain, msg, sz))
        return -50;
    const byte verify1[] = 
@@ -620,7 +786,7 @@ int des_test()
        0x89,0x3d,0x51,0xec,0x4b,0x56,0x3b,0x53
    };
-    if (memcmp(global_cipher, verify1, sz))
+    if (memcmp(cipher, verify1, sz))
        return -51;
    // CBC mode
@@ -628,11 +794,11 @@ int des_test()
    DES_CBC_Decryption dec2;
    enc2.SetKey(key, sizeof(key), iv);
-    enc2.Process(global_cipher, global_msg, sz);
+    enc2.Process(cipher, msg, sz);
    dec2.SetKey(key, sizeof(key), iv);
-    dec2.Process(global_plain, global_cipher, sz);
+    dec2.Process(plain, cipher, sz);
-    if (memcmp(global_plain, global_msg, sz))
+    if (memcmp(plain, msg, sz))
        return -52;
    const byte verify2[] = 
@@ -642,7 +808,7 @@ int des_test()
        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
    };
-    if (memcmp(global_cipher, verify2, sz))
+    if (memcmp(cipher, verify2, sz))
        return -53;
    // EDE3 CBC mode
@@ -664,11 +830,11 @@ int des_test()
    };
    enc3.SetKey(key3, sizeof(key3), iv3);
-    enc3.Process(global_cipher, global_msg, sz);
+    enc3.Process(cipher, msg, sz);
    dec3.SetKey(key3, sizeof(key3), iv3);
-    dec3.Process(global_plain, global_cipher, sz);
+    dec3.Process(plain, cipher, sz);
-    if (memcmp(global_plain, global_msg, sz))
+    if (memcmp(plain, msg, sz))
        return -54;
    const byte verify3[] = 
@@ -678,7 +844,7 @@ int des_test()
        0x18,0xbc,0xbb,0x6d,0xd2,0xb1,0x16,0xda
    };
-    if (memcmp(global_cipher, verify3, sz))
+    if (memcmp(cipher, verify3, sz))
        return -55;
    return 0;
@@ -697,10 +863,10 @@ int aes_test()
    enc.SetKey(key, bs, iv);
    dec.SetKey(key, bs, iv);
-    enc.Process(global_cipher, global_msg, bs);
+    enc.Process(cipher, msg, bs);
-    dec.Process(global_plain, global_cipher, bs);
+    dec.Process(plain, cipher, bs);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -60;
    const byte verify[] = 
@@ -709,7 +875,7 @@ int aes_test()
        0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
    };
-    if (memcmp(global_cipher, verify, bs))
+    if (memcmp(cipher, verify, bs))
        return -61;
    AES_ECB_Encryption enc2;
@@ -718,10 +884,10 @@ int aes_test()
    enc2.SetKey(key, bs, iv);
    dec2.SetKey(key, bs, iv);
-    enc2.Process(global_cipher, global_msg, bs);
+    enc2.Process(cipher, msg, bs);
-    dec2.Process(global_plain, global_cipher, bs);
+    dec2.Process(plain, cipher, bs);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -62;
    const byte verify2[] = 
@@ -730,7 +896,7 @@ int aes_test()
        0xc8,0x8c,0x33,0x3b,0xb5,0x8f,0x85,0xd1
    };
-    if (memcmp(global_cipher, verify2, bs))
+    if (memcmp(cipher, verify2, bs))
        return -63;
    return 0;
@@ -749,10 +915,10 @@ int twofish_test()
    enc.SetKey(key, bs, iv);
    dec.SetKey(key, bs, iv);
-    enc.Process(global_cipher, global_msg, bs);
+    enc.Process(cipher, msg, bs);
-    dec.Process(global_plain, global_cipher, bs);
+    dec.Process(plain, cipher, bs);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -60;
    const byte verify[] = 
@@ -761,7 +927,7 @@ int twofish_test()
        0x21,0x03,0x58,0x79,0x5F,0x02,0x27,0x2C
    };
-    if (memcmp(global_cipher, verify, bs))
+    if (memcmp(cipher, verify, bs))
        return -61;
    Twofish_ECB_Encryption enc2;
@@ -770,10 +936,10 @@ int twofish_test()
    enc2.SetKey(key, bs, iv);
    dec2.SetKey(key, bs, iv);
-    enc2.Process(global_cipher, global_msg, bs);
+    enc2.Process(cipher, msg, bs);
-    dec2.Process(global_plain, global_cipher, bs);
+    dec2.Process(plain, cipher, bs);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -62;
    const byte verify2[] = 
@@ -782,7 +948,7 @@ int twofish_test()
        0xC4,0xCD,0x6B,0x91,0x14,0xC5,0x3A,0x09
    };
-    if (memcmp(global_cipher, verify2, bs))
+    if (memcmp(cipher, verify2, bs))
        return -63;
    return 0;
@@ -801,10 +967,10 @@ int blowfish_test()
    enc.SetKey(key, 16, iv);
    dec.SetKey(key, 16, iv);
-    enc.Process(global_cipher, global_msg, bs * 2);
+    enc.Process(cipher, msg, bs * 2);
-    dec.Process(global_plain, global_cipher, bs * 2);
+    dec.Process(plain, cipher, bs * 2);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -60;
    const byte verify[] = 
@@ -813,7 +979,7 @@ int blowfish_test()
        0xBC,0xD9,0x08,0xC4,0x94,0x6C,0x89,0xA3
    };
-    if (memcmp(global_cipher, verify, bs))
+    if (memcmp(cipher, verify, bs))
        return -61;
    Blowfish_ECB_Encryption enc2;
@@ -822,10 +988,10 @@ int blowfish_test()
    enc2.SetKey(key, 16, iv);
    dec2.SetKey(key, 16, iv);
-    enc2.Process(global_cipher, global_msg, bs * 2);
+    enc2.Process(cipher, msg, bs * 2);
-    dec2.Process(global_plain, global_cipher, bs * 2);
+    dec2.Process(plain, cipher, bs * 2);
-    if (memcmp(global_plain, global_msg, bs))
+    if (memcmp(plain, msg, bs))
        return -62;
    const byte verify2[] = 
@@ -834,7 +1000,7 @@ int blowfish_test()
        0x8F,0xCE,0x39,0x32,0xDE,0xD7,0xBC,0x5B
    };
-    if (memcmp(global_cipher, verify2, bs))
+    if (memcmp(cipher, verify2, bs))
        return -63;
    return 0;

--- a/extra/yassl/testsuite/testsuite.cpp
+++ b/extra/yassl/testsuite/testsuite.cpp
@@ -86,8 +86,8 @@ int main(int argc, char** argv)
            // input output compare
    byte input[TaoCrypt::MD5::DIGEST_SIZE];
    byte output[TaoCrypt::MD5::DIGEST_SIZE];
-    file_test((char*) "input", input);
+    file_test("input", input);
-    file_test((char*) "output", output);
+    file_test("output", output);
    assert(memcmp(input, output, sizeof(input)) == 0);
    printf("\nAll tests passed!\n");
@@ -141,17 +141,16 @@ int test_openSSL_des()
    /* test des encrypt/decrypt */
    char data[] = "this is my data ";
    int  dataSz = strlen(data);
-    DES_key_schedule local_key[3];
+    DES_key_schedule key[3];
    byte iv[8];
    EVP_BytesToKey(EVP_des_ede3_cbc(), EVP_md5(), NULL, (byte*)data, dataSz, 1,
-                   (byte*)local_key, iv);
+                   (byte*)key, iv);
    byte cipher[16];
-    DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz,
+    DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[1],
-                         &local_key[0], &local_key[1],
+                         &key[2], &iv, true);
-                         &local_key[2], &iv, true);
    byte plain[16];
-    DES_ede3_cbc_encrypt(cipher, plain, 16, &local_key[0], &local_key[1],
+    DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[1], &key[2],
-                         &local_key[2], &iv, false);
+                         &iv, false);
    return 0;
 }