-----BEGIN PGP SIGNED MESSAGE-----

pilotSSLeay-2.01
================

Having returned to Canada (note: I am Canadian, myself), I resumed work
on pilotSSLeay, and here is the 2.01 release.  pilotSSLeay-2.01 is a port
of most of the crypto parts of SSLeay-0.8.1 (not included) to the
PalmPilot organizer.  See the ChangeLog file for changes from previous
versions.

Note that the API for some functions changed between SSLeay-0.6.6 and
SSLeay-0.8.1, so you may have to tweak your code and/or recompile in
order to use the new version.


What you get
============

The main part of this distribution is a set of libraries and header files
for a number of crypto functions.  Included are headers and libraries for:

  o MD2,MD5
  o SHA,SHA-1
  o DES (including 3DES and DESX)
  o IDEA
  o Blowfish
  o RC2
  o RC4
  o MD5-based PRNG
  o Bignum library
  o RSA
  o Diffie-Helman

The file pilotSSLeay-2.01.diff contains diffs from the standard SSLeay-0.8.1
distribution.  If you want to build the libs yourself, follow these directions
($PILOTSSLEAYDIR is the top directory where you installed pilotSSLeay):

  o Obtain SSLeay-0.8.1.tar.gz from
        ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.8.1.tar.gz
  o tar xzvvf SSLeay-0.8.1.tar.gz
  o cd SSLeay-0.8.1
  o patch -p1 < $PILOTSSLEAYDIR/pilotSSLeay-2.01.diff
  o ./Configure palmos
  o make


How to use pilotSSLeay-2.01
===========================

The libraries are found in the "lib" subdirectory, and the header files
are in the "include" subdirectory.  To link an application with the
DES library, for example, just insert "-I$(PILOTSSLEAYDIR)/include" in your
CFLAGS and append "-L$(PILOTSSLEAYDIR)/lib -ldes" to the link line in your
Makefile (make sure to set PILOTSSLEAYDIR, of course).  See below for a
sample application.

Some of the libraries depend on others.  Here are the dependencies:

   o RSA and DH depend on BN
   o BN depends on RAND
   o RAND depends on SHA

If you use a library that have dependecies, make sure you link in the
correct order.  For example, to link with the RSA library, you would use

   -L$(PILOTSSLEAYDIR)/lib -lrsa -lbn -lrand -lsha


Shared library versions of pilotSSLeay-2.01
===========================================

NOTE: For more information about shared libraries for the PalmPilot, see:
          http://www.isaac.cs.berkeley.edu/pilot/GLib/GLib.html

In the "shlib" subdirectory are the GLib shared libraries for
pilotSSLeay-2.01, along with their corresponding stubs.  To use them,
just make sure the stub libraries (lib*.sa) are in your link path
(using -L$(PILOTSSLEAYDIR)/shlib, for example), and make sure MDLib.prc is
installed on your Pilot along with the application.

If you want to rebuild these libraries, make sure the "lib" subdirectory
contains the static versions of the libraries.  Then:

    cd shlib
    make veryclean     (to remove the ones that are there)
    make               (to build the new ones)
    make clean         (to remove intermediate files)

Note that GLib shared libraries do not currently support exporting global
_data_ to the application (they only export _functions_).  Because of this,
you may have to change your app if it tries to use the following library
global variable directly:

    des_check_key

The des.h header file defines des_check_key as (*_des_check_key_ptr()),
so you should still be able to do things like examine and set des_check_key,
but &des_check_key probably isn't what you'd expect.

Note that if you use one of the libraries that has dependencies (see above),
you will need to install all of the relevant .prc libraries on your Pilot.

Sample App
==========

The "test" subdirectory contains a sample app that can be linked to
pilotSSLeay using either the static or shared libraries.  In that directory
is also the CryptTest.prc file that is the output from the shared link.
Because a code segment of an application is limited to 32K on the Pilot,
linking to shared libraries enables the application to support more
algorithms (in particular, Blowfish, SHA and SHA-1 are missing from
the static-linked version).

To build it yourself, edit the Makefile to select either the static or shared
version.  If you choose the shared version, MAKE SURE to read the notes
in the section about shared libraries, above.

To use the app, enter a key on the "K:" line, and plaintext on the "P:" line.
Select a crypto algorithm from the popup list, and push "Encrypt".  The
result will be put in the "C:" field.  Under the "P:" and "C:" fields are
hex dumps of their contents.  The hash functions ignore the key, and the
RAND function stirs the plaintext into its mix, but procudes a (pseudo-)random
output.  Pushing the "Decrypt" button decrypts the contents of "C:" into 
"P:" for the encryption functions.  The hash and RAND functions just
blank out "P:" when you do this.  You can use this to test the crypto:
Enter a key into "K:", plaintext into "P:", choose an encryption algorithm
and push "Encrypt".  Then choose a hash algorithm and push "Decrypt".
The "P:" field will be cleared.  Finally, choose the original encryption
algorithm and push "Decrypt".  The original plaintext should appear in the
"P:" field.

This sample app pads plaintext and calculates its keys in the same way
as the test binaries that come with SSLeay, so you can verify that the
computations are correct.


Miscellaneous
=============

IN NO EVENT SHALL THE AUTHORS OR DISTRIBUTORS BE LIABLE TO ANY PARTY
FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
ARISING OUT OF THE USE OF THIS SOFTWARE, ITS DOCUMENTATION, OR ANY
DERIVATIVES THEREOF, EVEN IF THE AUTHORS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ANY WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.  THIS SOFTWARE
IS PROVIDED ON AN "AS IS" BASIS, AND THE AUTHORS AND DISTRIBUTORS HAVE
NO OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR
MODIFICATIONS.

This product includes cryptographic software written by Eric Young
(eay@cryptsoft.com).  In fact, all of the crypto bits were written by
him as part of the SSLeay-0.8.1 package.

The fact that this package includes crypto software has legal implications
in various jurisdictions (including the US).  I Am Not A Lawyer, but it's
likely that mirroring this file at a US site would be illegal (ugh).
There may also be patent issues in some countries with some of the
included algorithms.

The CHECKSUMS file contains SHA1 hashes of the rest of the files in this
distribution.  The SHA1 hash of the CHECKSUMS file is:

SHA1(CHECKSUMS)= 90c8996dcc40b93debd15be071d6fdd620fada29

Send discussion to the pilot-unix mailing list <pilot-unix@lists.best.com>
for matters relating to the Pilot, to the coderpunks mailing list
<coderpunks@toad.com> for matters relating to the crypto, or to me
at the address below (though be warned that my mail queue can get quite
lengthy).  PGP mail is preferred; finger iang@cs.berkeley.edu for my PGP key.

   - Ian Goldberg <iang@cs.berkeley.edu>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNKz/AkZRiTErSPb1AQFDfQQAtOeYLDt+PJy4L1W2+SwohQI744jNKAQn
86gv4ZMz1+JoLLXRpesJceA5STfg6aoFae9VPAHfuwz5gU3tOjGLB41/ELJ60R/a
RPAjetCwScHdEbGD1BI18PAqIvhvmZspY7MM0FQJCDt3jtGZnSu/dJYSBtxyUzCv
ij2YIHFh50E=
=/ejZ
-----END PGP SIGNATURE-----