key algorithms and leaking if the signature verify
fails.

change the way ASN1 modules are exported.

Still needs a bit of work for example the hack which a
dummy function prototype to avoid compilers warning about
multiple ;s.

uses the new ASN1 code.

Merge from the ASN1 branch of new ASN1 code
to main trunk.

Lets see if the makes it to openssl-cvs :-)

of complaints from the compiler about data pointers and function
pointers not being compatible with each other.

Add docs for BIO_find_type() and friends.

Added function BIO_next() otherwise you can't
traverse a chain without accessing BIO internals.

like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.

Beginnings of EVP cipher overhaul. This should eventually
enhance and tidy up the EVP interface.

This patch adds initial support for variable length ciphers
and changes S/MIME code to use this.

Some other library functions need modifying to support use
of modified cipher parameters.

Also need to change all the cipher functions that should
return error codes, but currenly don't.

And of course it needs extensive testing...

the old functionality.

Various warning fixes.

Initial EVP symmetric cipher docs.

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.

Remove rc4-64 from ciphers since it doesn't exist...

tolerated in certificates.

be explicitly stated with PKCS#7 verify.

Also fix for util/mkerr.pl: if the -nostatic option is being used this will be
for an external library so the autogenerated C file should include the
header file as:
#include "any/path/to/header.h"
rather than the internal library form:
#include <openssl/header.h>

to minimise the effects on existing code.

the secret key before we've encrypted it and using the right NID for RC2-64.
Add various arguments to the experimental programs 'dec' and 'enc' to make
testing less painful.

This stuff has now been tested against Netscape Messenger and it can encrypt
and decrypt S/MIME messages with RC2 (128, 64 and 40 bit) DES and triple DES.

Its still experimental though...

find the right RecipientInfo based on the recipient certificate (so would
fail a lot of the time) and fixup cipher structures to correctly (maybe)
modify the AlgorithmIdentifiers.  Largely untested at present... this will be
fixed in due course. Well the stuff was broken to begin with so if its broken
now then you haven't lost anything :-)

Containts elements of code by Sebastian Akerman <sak@parallelconsulting.com>
and made a bit less "naughty" by Steve.

Submitted by:
Reviewed by:
PR:

Changed to unsigned int: also need an evil cast in pk7_doit.c because a
signed, unsigned comparison chokes VC++.

detached data encoding was wrong and free up public keys.

under Win32 (9X and NT) again. Note: some signed/unsigned changes recently
checked in were killing the Win32 compile.

from `int' to `unsigned int' because it's a length and initialized by
EVP_DigestFinal() which expects an `unsigned int *'.

Submitted by: Richard Levitte <levitte@stacken.kth.se>
Reviewed by: Ralf S. Engelschall