Merge pilot.blaudden:/home/msvensson/mysql/yassl_import/my50-yassl_import

into pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint

Merge pilot.blaudden:/home/msvensson/mysql/yassl_import/my50-yassl_import
into pilot.blaudden:/home/msvensson/mysql/mysql-5.0-maint
df82efbd · unknown · 81a701cb · 45f2f764 · df82efbd · df82efbd
Commit df82efbd authored Mar 23, 2007 by unknown
31 changed files
--- a/extra/yassl/README
+++ b/extra/yassl/README
+*****************yaSSL Release notes, version 1.6.0 (2/22/07)
+    This release of yaSSL contains bug fixes, portability enhancements, and
+    better X509 support.
+See normal  build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
 *****************yaSSL Release notes, version 1.5.8 (1/10/07)
    This release of yaSSL contains bug fixes, portability enhancements, and

--- a/extra/yassl/include/buffer.hpp
+++ b/extra/yassl/include/buffer.hpp
@@ -49,13 +49,11 @@ const uint AUTO = 0xFEEDBEEF;
 // Checking Policy should implement a check function that tests whether the
 // index is within the size limit of the array
 struct Check {
-    Check() {}
    void check(uint i, uint limit);
 };
 struct NoCheck {
-    NoCheck() {}
    void check(uint, uint);
 };
@@ -193,7 +191,6 @@ inline void checked_delete(T* p)
 // sets pointer to zero so safe for std conatiners
 struct del_ptr_zero
 {
-    del_ptr_zero() {}
    template <typename T>
    void operator()(T*& p) const
    {

--- a/extra/yassl/include/crypto_wrapper.hpp
+++ b/extra/yassl/include/crypto_wrapper.hpp
@@ -42,7 +42,6 @@ namespace yaSSL {
 // Digest policy should implement a get_digest, update, and get sizes for pad
 // and  digest
 struct Digest : public virtual_base {
-    Digest() {}
    virtual void   get_digest(byte*) = 0;
    virtual void   get_digest(byte*, const byte*, unsigned int) = 0;
    virtual void   update(const byte*, unsigned int) = 0;
@@ -54,7 +53,6 @@ struct Digest : public virtual_base {
 // For use with NULL Digests
 struct NO_MAC : public Digest {
-    NO_MAC() {}
    void   get_digest(byte*);
    void   get_digest(byte*, const byte*, unsigned int);
    void   update(const byte*, unsigned int);
@@ -179,7 +177,6 @@ private:
 // BulkCipher policy should implement encrypt, decrypt, get block size, 
 // and set keys for encrypt and decrypt
 struct BulkCipher : public virtual_base {
-    BulkCipher() {}
    virtual void   encrypt(byte*, const byte*, unsigned int) = 0;
    virtual void   decrypt(byte*, const byte*, unsigned int) = 0;
    virtual void   set_encryptKey(const byte*, const byte* = 0) = 0;
@@ -193,7 +190,6 @@ struct BulkCipher : public virtual_base {
 // For use with NULL Ciphers
 struct NO_Cipher : public BulkCipher {
-    NO_Cipher() {}
    void   encrypt(byte*, const byte*, unsigned int) {}
    void   decrypt(byte*, const byte*, unsigned int) {}
    void   set_encryptKey(const byte*, const byte*)  {}
@@ -315,14 +311,12 @@ struct Auth : public virtual_base {
    virtual bool verify(const byte*, unsigned int, const byte*,
                        unsigned int) = 0;
    virtual uint get_signatureLength() const = 0;
-    Auth() {}
    virtual ~Auth() {}
 };
 // For use with NULL Authentication schemes
 struct NO_Auth : public Auth {
-    NO_Auth() {}
    void   sign(byte*, const byte*, unsigned int, const RandomPool&) {}
    bool   verify(const byte*, unsigned int, const byte*, unsigned int) 
                    { return true; }

--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -33,7 +33,8 @@
 #include "opensslv.h" /* for version number */
 #include "rsa.h"
-#define YASSL_VERSION "1.5.8"
+#define YASSL_VERSION "1.6.5"
 #if defined(__cplusplus)
@@ -189,16 +190,11 @@ enum {  /* ERR Constants */
    EVP_R_BAD_DECRYPT = 2
 };
-#ifdef WIN
-    typedef SOCKET socket_t;
-#else
-    typedef int socket_t;
-#endif
 SSL_CTX* SSL_CTX_new(SSL_METHOD*);
 SSL* SSL_new(SSL_CTX*);
-int  SSL_set_fd (SSL*, socket_t);
+int  SSL_set_fd (SSL*, int);
 int  SSL_connect(SSL*);
 int  SSL_write(SSL*, const void*, int);
 int  SSL_read(SSL*, void*, int);

--- a/extra/yassl/include/socket_wrapper.hpp
+++ b/extra/yassl/include/socket_wrapper.hpp
@@ -38,14 +38,16 @@
    #include <netinet/in.h>
    #include <arpa/inet.h>
 #endif
-#include "openssl/ssl.h"                        /* for socket_t */
 namespace yaSSL {
 typedef unsigned int uint;
-#ifndef _WIN32
+#ifdef _WIN32
+    typedef SOCKET socket_t;
+#else
+    typedef int socket_t;
    const socket_t INVALID_SOCKET = -1;
    const int SD_RECEIVE   = 0;
    const int SD_SEND      = 1;

--- a/extra/yassl/include/yassl_imp.hpp
+++ b/extra/yassl/include/yassl_imp.hpp
@@ -64,7 +64,6 @@ struct RecordLayerHeader {
 // base for all messages
 struct Message : public virtual_base {
-    Message() {}
    virtual input_buffer& set(input_buffer&) =0;   
    virtual output_buffer& get(output_buffer&) const =0;
@@ -178,7 +177,6 @@ private:
 class HandShakeBase : public virtual_base {
    int     length_;
 public:
-    HandShakeBase() {}
    int     get_length() const;
    void    set_length(int);
@@ -196,7 +194,6 @@ public:
 struct HelloRequest : public HandShakeBase {
-    HelloRequest() {}
    input_buffer&  set(input_buffer& in);
    output_buffer& get(output_buffer& out) const;
@@ -330,7 +327,6 @@ private:
 struct ServerKeyBase : public virtual_base {
-    ServerKeyBase() {}
    virtual ~ServerKeyBase() {}
    virtual void build(SSL&) {}
    virtual void read(SSL&, input_buffer&) {}
@@ -341,21 +337,15 @@ struct ServerKeyBase : public virtual_base {
 // Server random number for FORTEZZA KEA
 struct Fortezza_Server : public ServerKeyBase {
-    Fortezza_Server() {}
    opaque r_s_[FORTEZZA_MAX];
 };
 struct SignatureBase : public virtual_base {
-  SignatureBase() {}
    virtual ~SignatureBase() {}
 };
-struct anonymous_sa : public SignatureBase
+struct anonymous_sa : public SignatureBase {};
-{
-public:
-  anonymous_sa() {}
-};
 struct Hashes {
@@ -365,13 +355,11 @@ struct Hashes {
 struct rsa_sa : public SignatureBase {
-    rsa_sa() {}
    Hashes hashes_;
 };
 struct dsa_sa : public SignatureBase {
-    dsa_sa() {}
    uint8 sha_[SHA_LEN];
 };
@@ -399,7 +387,6 @@ private:
 // Server's RSA exchange
 struct RSA_Server : public ServerKeyBase {
-    RSA_Server() {}
    ServerRSAParams params_;
    opaque*         signature_;   // signed rsa_sa hashes
 };
@@ -474,7 +461,6 @@ struct PreMasterSecret {
 struct ClientKeyBase : public virtual_base {
-  ClientKeyBase() {}
    virtual ~ClientKeyBase() {}
    virtual void build(SSL&) {}
    virtual void read(SSL&, input_buffer&) {}
@@ -505,7 +491,6 @@ private:
 // Fortezza Key Parameters from page 29
 // hard code lengths cause only used here
 struct FortezzaKeys : public ClientKeyBase {
-    FortezzaKeys() {}
    opaque  y_c_                      [128];    // client's Yc, public value
    opaque  r_c_                      [128];    // client's Rc
    opaque  y_signature_              [40];     // DSS signed public key

--- a/extra/yassl/include/yassl_int.hpp
+++ b/extra/yassl/include/yassl_int.hpp
@@ -228,7 +228,6 @@ struct BIGNUM {
      TaoCrypt::Integer), we need to explicitly state the namespace
      here to let gcc 2.96 deduce the correct type.
    */
-    BIGNUM() {}
    yaSSL::Integer int_;
    void assign(const byte* b, uint s) { int_.assign(b,s); }
 };

--- a/extra/yassl/src/crypto_wrapper.cpp
+++ b/extra/yassl/src/crypto_wrapper.cpp
@@ -550,7 +550,6 @@ void RandomPool::Fill(opaque* dst, uint sz) const
 // Implementation of DSS Authentication
 struct DSS::DSSImpl {
-    DSSImpl() {}
    void SetPublic (const byte*, unsigned int);
    void SetPrivate(const byte*, unsigned int);
    TaoCrypt::DSA_PublicKey publicKey_;
@@ -623,7 +622,6 @@ bool DSS::verify(const byte* sha_digest, unsigned int /* shaSz */,
 // Implementation of RSA key interface
 struct RSA::RSAImpl {
-    RSAImpl() {}
    void SetPublic (const byte*, unsigned int);
    void SetPrivate(const byte*, unsigned int);
    TaoCrypt::RSA_PublicKey publicKey_;

--- a/extra/yassl/src/ssl.cpp
+++ b/extra/yassl/src/ssl.cpp
@@ -229,7 +229,7 @@ void SSL_free(SSL* ssl)
 }
-int SSL_set_fd(SSL* ssl, socket_t fd)
+int SSL_set_fd(SSL* ssl, int fd)
 {
    ssl->useSocket().set_fd(fd);
    return SSL_SUCCESS;
@@ -950,7 +950,7 @@ void ERR_print_errors_fp(FILE* /*fp*/)
 char* ERR_error_string(unsigned long errNumber, char* buffer)
 {
-  static char* msg = (char*) "Please supply a buffer for error string";
+    static char* msg = "Please supply a buffer for error string";
    if (buffer) {
        SetErrorString(YasslError(errNumber), buffer);

--- a/extra/yassl/taocrypt/README
+++ b/extra/yassl/taocrypt/README
-TaoCrypt release 0.9.0   09/18/2006
+TaoCrypt release 0.9.2   02/5/2007
+This release includes bug fixes, portability enhancements, and some 
+optimiations.
+See 0.9.0 for build instructions.
+******************TaoCrypt release 0.9.0   09/18/2006
 This is the first release of TaoCrypt, it was previously only included with
 yaSSL. TaoCrypt is highly portable and fast, its features include:

--- a/extra/yassl/taocrypt/benchmark/benchmark.cpp
+++ b/extra/yassl/taocrypt/benchmark/benchmark.cpp
@@ -65,7 +65,7 @@ int main(int argc, char** argv)
 const int megs = 5;  // how much to test
-const byte global_key[] = 
+const byte key[] = 
 {
    0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
    0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
@@ -81,19 +81,19 @@ const byte iv[] =
 };
-byte global_plain [1024*1024];
+byte plain [1024*1024];
-byte global_cipher[1024*1024];
+byte cipher[1024*1024];
 void bench_des()
 {
    DES_EDE3_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -107,12 +107,12 @@ void bench_des()
 void bench_aes(bool show)
 {
    AES_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -127,12 +127,12 @@ void bench_aes(bool show)
 void bench_twofish()
 {
    Twofish_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -147,12 +147,12 @@ void bench_twofish()
 void bench_blowfish()
 {
    Blowfish_CBC_Encryption enc;
-    enc.SetKey(global_key, 16, iv);
+    enc.SetKey(key, 16, iv);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_plain, global_cipher, sizeof(global_plain));
+        enc.Process(plain, cipher, sizeof(plain));
    double total = current_time() - start;
@@ -166,12 +166,12 @@ void bench_blowfish()
 void bench_arc4()
 {
    ARC4 enc;
-    enc.SetKey(global_key, 16);
+    enc.SetKey(key, 16);
    double start = current_time();
    for(int i = 0; i < megs; i++)
-        enc.Process(global_cipher, global_plain, sizeof(global_plain));
+        enc.Process(cipher, plain, sizeof(plain));
    double total = current_time() - start;
@@ -191,7 +191,7 @@ void bench_md5()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);
@@ -213,7 +213,7 @@ void bench_sha()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);
@@ -241,7 +241,7 @@ void bench_ripemd()
    for(int i = 0; i < megs; i++)
-        hash.Update(global_plain, sizeof(global_plain));
+        hash.Update(plain, sizeof(plain));
    hash.Final(digest);

--- a/extra/yassl/taocrypt/include/algebra.hpp
+++ b/extra/yassl/taocrypt/include/algebra.hpp
@@ -40,7 +40,6 @@ class TAOCRYPT_NO_VTABLE AbstractGroup : public virtual_base
 public:
    typedef Integer Element;
-    AbstractGroup() {}
    virtual ~AbstractGroup() {}
    virtual bool Equal(const Element &a, const Element &b) const =0;
@@ -95,7 +94,6 @@ private:
    class MultiplicativeGroupT : public AbstractGroup
    {
    public:
-        MultiplicativeGroupT() {}
        const AbstractRing& GetRing() const
            {return *m_pRing;}
@@ -147,7 +145,6 @@ class TAOCRYPT_NO_VTABLE AbstractEuclideanDomain
    : public AbstractRing
 {
 public:
-    AbstractEuclideanDomain() {}
    typedef Integer Element;
    virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a,

--- a/extra/yassl/taocrypt/include/des.hpp
+++ b/extra/yassl/taocrypt/include/des.hpp
@@ -41,7 +41,6 @@ enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 };
 class BasicDES {
 public:
-    BasicDES() {}
    void SetKey(const byte*, word32, CipherDir dir);
    void RawProcessBlock(word32&, word32&) const;
 protected:

--- a/extra/yassl/taocrypt/include/hash.hpp
+++ b/extra/yassl/taocrypt/include/hash.hpp
@@ -31,7 +31,6 @@ namespace TaoCrypt {
 // HASH
 class HASH : public virtual_base {
 public:
-    HASH() {}
    virtual ~HASH() {}
    virtual void Update(const byte*, word32) = 0;
@@ -58,8 +57,7 @@ public:
    word32  GetBitCountLo() const { return  loLen_ << 3; }
    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
                                           (hiLen_ << 3); } 
+    enum { MaxDigestSz = 8, MaxBufferSz = 64 };
-    enum { MaxDigestSz = 5, MaxBufferSz = 64 };
 protected:
    typedef word32 HashLengthType;
    word32          buffLen_;   // in bytes
@@ -74,6 +72,38 @@ protected:
 };
+#ifdef WORD64_AVAILABLE
+// 64-bit HASH with Transform
+class HASH64withTransform : public HASH {
+public:
+    HASH64withTransform(word32 digSz, word32 buffSz);
+    virtual ~HASH64withTransform() {}
+    virtual ByteOrder getByteOrder()  const = 0;
+    virtual word32    getPadSize()    const = 0;
+    virtual void Update(const byte*, word32);
+    virtual void Final(byte*);
+    word32  GetBitCountLo() const { return  loLen_ << 3; }
+    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
+                                           (hiLen_ << 3); } 
+    enum { MaxDigestSz = 8, MaxBufferSz = 128 };
+protected:
+    typedef word32 HashLengthType;
+    word32          buffLen_;   // in bytes
+    HashLengthType  loLen_;     // length in bytes
+    HashLengthType  hiLen_;     // length in bytes
+    word64          digest_[MaxDigestSz];
+    word64          buffer_[MaxBufferSz / sizeof(word64)];
+    virtual void Transform() = 0;
+    void AddLength(word32);
+};
+#endif // WORD64_AVAILABLE
 } // namespace

--- a/extra/yassl/taocrypt/include/hmac.hpp
+++ b/extra/yassl/taocrypt/include/hmac.hpp
@@ -109,11 +109,11 @@ void HMAC<T>::KeyInnerHash()
 // Update
 template <class T>
-void HMAC<T>::Update(const byte* msg_arg, word32 length)
+void HMAC<T>::Update(const byte* msg, word32 length)
 {
    if (!innerHashKeyed_)
        KeyInnerHash();
-    mac_.Update(msg_arg, length);
+    mac_.Update(msg, length);
 }

--- a/extra/yassl/taocrypt/include/misc.hpp
+++ b/extra/yassl/taocrypt/include/misc.hpp
@@ -464,6 +464,25 @@ inline word32 ByteReverse(word32 value)
 }
+#ifdef WORD64_AVAILABLE
+inline word64 ByteReverse(word64 value)
+{
+#ifdef TAOCRYPT_SLOW_WORD64
+	return (word64(ByteReverse(word32(value))) << 32) | 
+                   ByteReverse(word32(value>>32));
+#else
+	value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) |
+            ((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
+	value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) |
+            ((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
+	return rotlFixed(value, 32U);
+#endif
+}
+#endif // WORD64_AVAILABLE
 template <typename T>
 inline void ByteReverse(T* out, const T* in, word32 byteCount)
 {

--- a/extra/yassl/taocrypt/include/modarith.hpp
+++ b/extra/yassl/taocrypt/include/modarith.hpp
@@ -37,8 +37,8 @@ public:
    typedef int RandomizationParameter;
    typedef Integer Element;
-    ModularArithmetic(const Integer &modulus_arg = Integer::One())
+    ModularArithmetic(const Integer &modulus = Integer::One())
-        : modulus(modulus_arg), result((word)0, modulus_arg.reg_.size()) {}
+        : modulus(modulus), result((word)0, modulus.reg_.size()) {}
    ModularArithmetic(const ModularArithmetic &ma)
        : AbstractRing(),

--- a/extra/yassl/taocrypt/include/modes.hpp
+++ b/extra/yassl/taocrypt/include/modes.hpp
@@ -42,8 +42,8 @@ public:
            { cipher_.Process(c, p, sz); }
    void SetKey(const byte* k, word32 sz)   
            { cipher_.SetKey(k, sz, DIR); }
-    void SetKey(const byte* k, word32 sz, const byte* iv_arg)   
+    void SetKey(const byte* k, word32 sz, const byte* iv)   
-            { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv_arg); }
+            { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv); }
 private:
    T cipher_;

--- a/extra/yassl/taocrypt/include/rsa.hpp
+++ b/extra/yassl/taocrypt/include/rsa.hpp
@@ -131,7 +131,6 @@ private:
 // block type 2 padding
 class RSA_BlockType2  {
 public:
-    RSA_BlockType2() {}
    void   Pad(const byte*, word32, byte*, word32,
               RandomNumberGenerator&) const;
    word32 UnPad(const byte*, word32, byte*) const;
@@ -141,7 +140,6 @@ public:
 // block type 1 padding
 class RSA_BlockType1  {
 public:
-    RSA_BlockType1() {}
    void   Pad(const byte*, word32, byte*, word32, 
               RandomNumberGenerator&) const;
    word32 UnPad(const byte*, word32, byte*) const;
@@ -176,27 +174,25 @@ public:
 // Public Encrypt
 template<class Pad>
-void RSA_Encryptor<Pad>::Encrypt(const byte* plain_arg, word32 sz,
+void RSA_Encryptor<Pad>::Encrypt(const byte* plain, word32 sz, byte* cipher,
-                                 byte* cipher_arg,
+                                 RandomNumberGenerator& rng)
-                                 RandomNumberGenerator& rng_arg)
 {
    PK_Lengths lengths(key_.GetModulus());
    assert(sz <= lengths.FixedMaxPlaintextLength());
    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    padding_.Pad(plain_arg, sz, paddedBlock.get_buffer(),
+    padding_.Pad(plain, sz, paddedBlock.get_buffer(),
-                 lengths.PaddedBlockBitLength(), rng_arg);
+                 lengths.PaddedBlockBitLength(), rng);
    key_.ApplyFunction(Integer(paddedBlock.get_buffer(), paddedBlock.size())).
-        Encode(cipher_arg, lengths.FixedCiphertextLength());
+        Encode(cipher, lengths.FixedCiphertextLength());
 }
 // Private Decrypt
 template<class Pad>
-word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher_arg, word32 sz,
+word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher, word32 sz, byte* plain,
-                                   byte* plain_arg,
+                                   RandomNumberGenerator& rng)
-                                   RandomNumberGenerator& rng_arg)
 {
    PK_Lengths lengths(key_.GetModulus());
    assert(sz == lengths.FixedCiphertextLength());
@@ -205,29 +201,29 @@ word32 RSA_Decryptor<Pad>::Decrypt(const byte* cipher_arg, word32 sz,
        return 0;
    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    Integer x = key_.CalculateInverse(rng_arg, Integer(cipher_arg,
+    Integer x = key_.CalculateInverse(rng, Integer(cipher,
                                      lengths.FixedCiphertextLength()).Ref());
    if (x.ByteCount() > paddedBlock.size())
        x = Integer::Zero();	// don't return false, prevents timing attack
    x.Encode(paddedBlock.get_buffer(), paddedBlock.size());
    return padding_.UnPad(paddedBlock.get_buffer(),
-                          lengths.PaddedBlockBitLength(), plain_arg);
+                          lengths.PaddedBlockBitLength(), plain);
 }
 // Private SSL type (block 1) Encrypt
 template<class Pad>
 void RSA_Decryptor<Pad>::SSL_Sign(const byte* message, word32 sz, byte* sig,
-                                  RandomNumberGenerator& rng_arg)
+                                  RandomNumberGenerator& rng)
 {
    RSA_PublicKey inverse;
    inverse.Initialize(key_.GetModulus(), key_.GetPrivateExponent());
    RSA_Encryptor<RSA_BlockType1> enc(inverse); // SSL Type
-    enc.Encrypt(message, sz, sig, rng_arg);
+    enc.Encrypt(message, sz, sig, rng);
 }
-word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain_arg);
+word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain);
 // Public SSL type (block 1) Decrypt
@@ -235,11 +231,11 @@ template<class Pad>
 bool RSA_Encryptor<Pad>::SSL_Verify(const byte* message, word32 sz,
                                    const byte* sig)
 {
-    ByteBlock local_plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength());
+    ByteBlock plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength());
-    if (SSL_Decrypt(key_, sig, local_plain.get_buffer()) != sz)
+    if (SSL_Decrypt(key_, sig, plain.get_buffer()) != sz)
        return false;   // not right justified or bad padding
-    if ( (memcmp(local_plain.get_buffer(), message, sz)) == 0)
+    if ( (memcmp(plain.get_buffer(), message, sz)) == 0)
        return true;
    return false;
 }

--- a/extra/yassl/taocrypt/include/sha.hpp
+++ b/extra/yassl/taocrypt/include/sha.hpp
@@ -64,6 +64,103 @@ inline void swap(SHA& a, SHA& b)
    a.Swap(b);
 }
+// SHA-256 digest
+class SHA256 : public HASHwithTransform {
+public:
+    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 32, PAD_SIZE = 56,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA256() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA256(const SHA256&);
+    SHA256& operator= (const SHA256&);
+    void Swap(SHA256&);
+private:
+    void Transform();
+};
+// SHA-224 digest
+class SHA224 : public HASHwithTransform {
+public:
+    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 28, PAD_SIZE = 56,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA224() : HASHwithTransform(SHA256::DIGEST_SIZE /sizeof(word32),BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA224(const SHA224&);
+    SHA224& operator= (const SHA224&);
+    void Swap(SHA224&);
+private:
+    void Transform();
+};
+#ifdef WORD64_AVAILABLE
+// SHA-512 digest
+class SHA512 : public HASH64withTransform {
+public:
+    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 64, PAD_SIZE = 112,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA512() : HASH64withTransform(DIGEST_SIZE / sizeof(word64), BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA512(const SHA512&);
+    SHA512& operator= (const SHA512&);
+    void Swap(SHA512&);
+private:
+    void Transform();
+};
+// SHA-384 digest
+class SHA384 : public HASH64withTransform {
+public:
+    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 48, PAD_SIZE = 112,
+           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
+    SHA384() : HASH64withTransform(SHA512::DIGEST_SIZE/ sizeof(word64),
+                                   BLOCK_SIZE)
+                { Init(); }
+    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
+    word32    getBlockSize()  const { return BLOCK_SIZE; }
+    word32    getDigestSize() const { return DIGEST_SIZE; }
+    word32    getPadSize()    const { return PAD_SIZE; }
+    void Init();
+    SHA384(const SHA384&);
+    SHA384& operator= (const SHA384&);
+    void Swap(SHA384&);
+private:
+    void Transform();
+};
+#endif // WORD64_AVAILABLE
 } // namespace

--- a/extra/yassl/taocrypt/include/type_traits.hpp
+++ b/extra/yassl/taocrypt/include/type_traits.hpp
@@ -62,11 +62,7 @@ MK_FUNDAMENTAL_TYPE(unsigned long)
 MK_FUNDAMENTAL_TYPE(float)
 MK_FUNDAMENTAL_TYPE(     double)
+MK_FUNDAMENTAL_TYPE(long double)
-#ifdef LONG_DOUBLE_IS_DISTINCT_TYPE
-// Don't define by default as this gives warnings on power mac
-    MK_FUNDAMENTAL_TYPE(long double)
-#endif
 #if defined(WORD64_AVAILABLE) && defined(WORD64_IS_DISTINCT_TYPE)
    MK_FUNDAMENTAL_TYPE(word64)

--- a/extra/yassl/taocrypt/include/types.hpp
+++ b/extra/yassl/taocrypt/include/types.hpp
@@ -46,13 +46,16 @@ typedef unsigned int   word32;
    #define WORD64_AVAILABLE
    #define WORD64_IS_DISTINCT_TYPE
    typedef unsigned __int64 word64;
+    #define W64LIT(x) x##ui64
 #elif SIZEOF_LONG == 8
    #define WORD64_AVAILABLE
    typedef unsigned long word64;
+    #define W64LIT(x) x##LL
 #elif SIZEOF_LONG_LONG == 8 
    #define WORD64_AVAILABLE
    #define WORD64_IS_DISTINCT_TYPE
    typedef unsigned long long word64;
+    #define W64LIT(x) x##LL
 #endif

--- a/extra/yassl/taocrypt/mySTL/list.hpp
+++ b/extra/yassl/taocrypt/mySTL/list.hpp
@@ -231,7 +231,7 @@ void list<T>::push_front(T t)
 template<typename T> 
 void list<T>::pop_front()
 {
-    node* local_front = head_;
+    node* front = head_;
    if (head_ == 0)
        return;
@@ -241,8 +241,8 @@ void list<T>::pop_front()
        head_ = head_->next_;
        head_->prev_ = 0;
    }
-    destroy(local_front);
+    destroy(front);
-    FreeMemory(local_front);
+    FreeMemory(front);
    --sz_;
 }
@@ -303,13 +303,13 @@ T list<T>::back() const
 template<typename T>
 typename list<T>::node* list<T>::look_up(T t)
 {
-    node* local_list = head_;
+    node* list = head_;
-    if (local_list == 0) return 0;
+    if (list == 0) return 0;
-    for (; local_list; local_list = local_list->next_)
+    for (; list; list = list->next_)
-        if (local_list->value_ == t)
+        if (list->value_ == t)
-            return local_list;
+            return list;
    return 0;
 }

--- a/extra/yassl/taocrypt/src/aes.cpp
+++ b/extra/yassl/taocrypt/src/aes.cpp
@@ -90,14 +90,13 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
    rounds_ = keylen/4 + 6;
    word32 temp, *rk = key_;
+    unsigned int i=0;
    GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen);
    switch(keylen)
    {
    case 16:
-    {
-        unsigned int i=0;
        while (true)
        {
            temp  = rk[3];
@@ -115,10 +114,8 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
            rk += 4;
        }
        break;
-    }
    case 24:
-    {
-        unsigned int i=0;
        while (true)    // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack
        {
            temp = rk[ 5];
@@ -139,10 +136,7 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
        }
        break;
-    }
    case 32:
-    {
-        unsigned int i=0;
        while (true)
        {
            temp = rk[ 7];
@@ -171,7 +165,6 @@ void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
        }
        break;
    }
-    }
    if (dir_ == DECRYPTION)
    {

--- a/extra/yassl/taocrypt/src/algebra.cpp
+++ b/extra/yassl/taocrypt/src/algebra.cpp
@@ -186,10 +186,10 @@ Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
 struct WindowSlider
 {
-    WindowSlider(const Integer &exp_arg, bool fastNegate_arg,
+    WindowSlider(const Integer &exp, bool fastNegate,
                 unsigned int windowSizeIn=0)
-        : exp(exp_arg), windowModulus(Integer::One()), windowSize(windowSizeIn),
+        : exp(exp), windowModulus(Integer::One()), windowSize(windowSizeIn),
-          windowBegin(0), fastNegate(fastNegate_arg), firstTime(true),
+          windowBegin(0), fastNegate(fastNegate), firstTime(true),
          finished(false)
    {
        if (windowSize == 0)

--- a/extra/yassl/taocrypt/src/asn.cpp
+++ b/extra/yassl/taocrypt/src/asn.cpp
@@ -737,17 +737,17 @@ void CertDecoder::GetName(NameType nt)
                email = true;
            source_.advance(oidSz + 1);
-            word32 length2 = GetLength(source_);
+            word32 length = GetLength(source_);
            if (email) {
                memcpy(&ptr[idx], "/emailAddress=", 14);
                idx += 14;
-                memcpy(&ptr[idx], source_.get_current(), length2);
+                memcpy(&ptr[idx], source_.get_current(), length);
-                idx += length2;
+                idx += length;
            }
-            source_.advance(length2);
+            source_.advance(length);
        }
    }
    ptr[idx++] = 0;

--- a/extra/yassl/taocrypt/src/hash.cpp
+++ b/extra/yassl/taocrypt/src/hash.cpp
@@ -108,4 +108,89 @@ void HASHwithTransform::Final(byte* hash)
    Init();  // reset state
 }
+#ifdef WORD64_AVAILABLE
+HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz)
+{
+    assert(digSz  <= MaxDigestSz);
+    assert(buffSz <= MaxBufferSz);
+}
+void HASH64withTransform::AddLength(word32 len)
+{
+    HashLengthType tmp = loLen_;
+    if ( (loLen_ += len) < tmp)
+        hiLen_++;                       // carry low to high
+    hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len);
+}
+// Update digest with data of size len, do in blocks
+void HASH64withTransform::Update(const byte* data, word32 len)
+{
+    // do block size increments
+    word32 blockSz = getBlockSize();
+    byte*  local   = reinterpret_cast<byte*>(buffer_);
+    while (len) {
+        word32 add = min(len, blockSz - buffLen_);
+        memcpy(&local[buffLen_], data, add);
+        buffLen_ += add;
+        data     += add;
+        len      -= add;
+        if (buffLen_ == blockSz) {
+            ByteReverseIf(buffer_, buffer_, blockSz, getByteOrder());
+            Transform();
+            AddLength(blockSz);
+            buffLen_ = 0;
+        }
+    }
+}
+// Final process, place digest in hash
+void HASH64withTransform::Final(byte* hash)
+{
+    word32    blockSz  = getBlockSize();
+    word32    digestSz = getDigestSize();
+    word32    padSz    = getPadSize();
+    ByteOrder order    = getByteOrder();
+    AddLength(buffLen_);                        // before adding pads
+    HashLengthType preLoLen = GetBitCountLo();
+    HashLengthType preHiLen = GetBitCountHi();
+    byte*     local         = reinterpret_cast<byte*>(buffer_);
+    local[buffLen_++] = 0x80;  // add 1
+    // pad with zeros
+    if (buffLen_ > padSz) {
+        memset(&local[buffLen_], 0, blockSz - buffLen_);
+        buffLen_ += blockSz - buffLen_;
+        ByteReverseIf(buffer_, buffer_, blockSz, order);
+        Transform();
+        buffLen_ = 0;
+    }
+    memset(&local[buffLen_], 0, padSz - buffLen_);
+    ByteReverseIf(buffer_, buffer_, padSz, order);
+    buffer_[blockSz / sizeof(word64) - 2] = order ? preHiLen : preLoLen;
+    buffer_[blockSz / sizeof(word64) - 1] = order ? preLoLen : preHiLen;
+    Transform();
+    ByteReverseIf(digest_, digest_, digestSz, order);
+    memcpy(hash, digest_, digestSz);
+    Init();  // reset state
+}
+#endif // WORD64_AVAILABLE
 } // namespace
--- a/extra/yassl/taocrypt/src/integer.cpp
+++ b/extra/yassl/taocrypt/src/integer.cpp
@@ -3390,7 +3390,7 @@ void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a,
        CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), wordCount);
        SetWords(r.reg_+wordCount, 0, r.reg_.size()-wordCount);
        if (n % WORD_BITS != 0)
-          r.reg_[wordCount-1] %= ((word) 1 << (n % WORD_BITS));
+            r.reg_[wordCount-1] %= (1 << (n % WORD_BITS));
    }
    else
    {

--- a/extra/yassl/taocrypt/src/sha.cpp
+++ b/extra/yassl/taocrypt/src/sha.cpp
--- a/extra/yassl/taocrypt/test/test.cpp
+++ b/extra/yassl/taocrypt/test/test.cpp
--- a/extra/yassl/testsuite/testsuite.cpp
+++ b/extra/yassl/testsuite/testsuite.cpp
@@ -86,8 +86,8 @@ int main(int argc, char** argv)
            // input output compare
    byte input[TaoCrypt::MD5::DIGEST_SIZE];
    byte output[TaoCrypt::MD5::DIGEST_SIZE];
-    file_test((char*) "input", input);
+    file_test("input", input);
-    file_test((char*) "output", output);
+    file_test("output", output);
    assert(memcmp(input, output, sizeof(input)) == 0);
    printf("\nAll tests passed!\n");
@@ -141,17 +141,16 @@ int test_openSSL_des()
    /* test des encrypt/decrypt */
    char data[] = "this is my data ";
    int  dataSz = strlen(data);
-    DES_key_schedule local_key[3];
+    DES_key_schedule key[3];
    byte iv[8];
    EVP_BytesToKey(EVP_des_ede3_cbc(), EVP_md5(), NULL, (byte*)data, dataSz, 1,
-                   (byte*)local_key, iv);
+                   (byte*)key, iv);
    byte cipher[16];
-    DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz,
+    DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[1],
-                         &local_key[0], &local_key[1],
+                         &key[2], &iv, true);
-                         &local_key[2], &iv, true);
    byte plain[16];
-    DES_ede3_cbc_encrypt(cipher, plain, 16, &local_key[0], &local_key[1],
+    DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[1], &key[2],
-                         &local_key[2], &iv, false);
+                         &iv, false);
    return 0;
 }