-----BEGIN PGP SIGNED MESSAGE-----

pilotSSLeay-1.1
===============

Having returned to Canada (note: I am Canadian, myself), I resumed work
on pilotSSLeay, and here is the 1.1 release.  pilotSSLeay-1.1 is a port
of most of the crypto parts of SSLeay-0.6.6 (not included) to the
PalmPilot Professional organizer (it also works on the old Pilots, and I
don't see why it wouldn't work on the Personal, but I haven't tested
that).  See the ChangeLog file for changes from previous versions.


What you get
============

The main part of this distribution is a set of libraries and header files
for a number of crypto functions.  Included are headers and libraries for:

  o MD2,MD5
  o SHA,SHA-1
  o DES (including 3DES and DESX)
  o IDEA
  o Blowfish
  o RC2
  o RC4
  o MD5-based PRNG
  o Bignum library
  o RSA
  o Diffie-Helman

The file pilotSSLeay-1.1.diff contains diffs from the standard SSLeay-0.6.6
distribution.  If you want to build the libs yourself, follow these directions
($PILOTSSLEAYDIR is the top directory where you installed pilotSSLeay):

  o Obtain SSLeay-0.6.6.tar.gz from
        ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-0.6.6.tar.gz
  o tar xzvvf SSLeay-0.6.6.tar.gz
  o cd SSLeay-0.6.6
  o patch -p1 < $PILOTSSLEAYDIR/pilotSSLeay-1.1.diff
  o ./Configure palmos
  o cd crypto
  o make


How to use pilotSSLeay-1.1
==========================

The libraries are found in the "lib" subdirectory, and the header files
are in the "include" subdirectory.  To link an application with the
DES library, for example, just insert "-I$(PILOTSSLEAYDIR)/include" in your
CFLAGS and append "-L$(PILOTSSLEAYDIR)/lib -ldes" to the link line in your
Makefile (make sure to set PILOTSSLEAYDIR, of course).  See below for a
sample application.

Some of the libraries depend on others.  Here are the dependencies:

   o RSA and DH depend on BN
   o BN depends on RAND
   o RAND depends on MD

If you use a library that have dependecies, make sure you link in the
correct order.  For example, to link with the RSA library, you would use

   -L$(PILOTSSLEAYDIR)/lib -lrsa -lbn -lrand -lmd


Shared library versions of pilotSSLeay-1.1
==========================================

NOTE: In order to create or link these shared libraries, you MUST FIRST
      upgrade your copy of gcc to support GLib shared libraries.
      Instructions and more information about GLib libraries are at:

          http://www.isaac.cs.berkeley.edu/pilot/GLib/GLib.html

In the "shlib" subdirectory are the GLib shared libraries for pilotSSLeay-1.1,
along with their corresponding stubs.  To use them, just change your
application's Makefile to link with (for example) -ldes_s instead of -ldes,
and make sure MDLib.prc is installed on your Pilot along with the
application.

If you want to rebuild these libraries, make sure the "lib" subdirectory
contains the static versions of the libraries.  Then:

    cd shlib
    make veryclean     (to remove the ones that are there)
    make               (to build the new ones)
    make clean         (to remove intermediate files)

Note that GLib shared libraries do not currently support exporting global
_data_ to the application (they only export _functions_).  Because of this,
you will have to change your app if it tries to use either of the following
library globals directly:

    BN_value_one
    des_check_key

Instead of accessing the above globals, use the functions:

    BIGNUM *BN_value_one_get(void);
    int des_check_key_get(void);
    void des_check_key_set(int value);

Note that if you use one of the libraries that has dependencies (see above),
you will need to install all of the relevant .prc libraries on your Pilot.

Sample App
==========

The "test" subdirectory contains a sample app that can be linked to
pilotSSLeay using either the static or shared libraries.  In that directory
is also the CryptTest.prc file that is the output from the static link.
Because a code segment of an application is limited to 32K on the Pilot,
linking to shared libraries enables the application to support more
algorithms (in particular, SHA and SHA-1 are missing from the static-linked
version).

To build it yourself, edit the Makefile to select either the static or shared
version.  If you choose the shared version, MAKE SURE to read the notes
in the section about shared libraries, above, including updating your copy
of gcc.

To use the app, enter a key on the "K:" line, and plaintext on the "P:" line.
Select a crypto algorithm from the popup list, and push "Encrypt".  The
result will be put in the "C:" field.  Under the "P:" and "C:" fields are
hex dumps of their contents.  The hash functions ignore the key, and the
RAND function stirs the plaintext into its mix, but procudes a (pseudo-)random
output.  Pushing the "Decrypt" button decrypts the contents of "C:" into 
"P:" for the encryption functions.  The hash and RAND functions just
blank out "P:" when you do this.  You can use this to test the crypto:
Enter a key into "K:", plaintext into "P:", choose an encryption algorithm
and push "Encrypt".  Then choose a hash algorithm and push "Decrypt".
The "P:" field will be cleared.  Finally, choose the original encryption
algorithm and push "Decrypt".  The original plaintext should appear in the
"P:" field.

This sample app pads plaintext and calculates its keys in the same way
as the test binaries that come with SSLeay, so you can verify that the
computations are correct.


Miscellaneous
=============

IN NO EVENT SHALL THE AUTHORS OR DISTRIBUTORS BE LIABLE TO ANY PARTY
FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
ARISING OUT OF THE USE OF THIS SOFTWARE, ITS DOCUMENTATION, OR ANY
DERIVATIVES THEREOF, EVEN IF THE AUTHORS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.

THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ANY WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.  THIS SOFTWARE
IS PROVIDED ON AN "AS IS" BASIS, AND THE AUTHORS AND DISTRIBUTORS HAVE
NO OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR
MODIFICATIONS.

This product includes cryptographic software written by Eric Young
(eay@mincom.oz.au).  In fact, all of the crypto bits were written by
him as part of the SSLeay-0.6.6 package.

The fact that this package includes crypto software has legal implications
in various jurisdictions (including the US).  I Am Not A Lawyer, but it's
likely that mirroring this file at a US site would be illegal (ugh).
There may also be patent issues in some countries with some of the
included algorithms.

The CHECKSUMS file contains SHA1 hashes of the rest of the files in this
distribution.  The SHA1 hash of the CHECKSUMS file is:

SHA1(CHECKSUMS)= 90ddc03c876e6187e51cc201d52ebc08df572727

Send discussion to the pilot-unix mailing list <pilot-unix@lists.best.com>
for matters relating to the Pilot, to the coderpunks mailing list
<coderpunks@toad.com> for matters relating to the crypto, or to me
at the address below (though be warned that my mail queue can get quite
lengthy).  PGP mail is preferred; finger iang@cs.berkeley.edu for my PGP key.

   - Ian Goldberg <iang@cs.berkeley.edu>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBM5fvaUZRiTErSPb1AQF6GwP/SG6VSkty5dwjnC0Sc7AH3Ria1n7hnVyr
E+kuSo6r5RGKd7VIHL73ocbt1Uw4+XvQsywPBiHrj32aQmFtbKoGk32aRvh/2JbV
OzOBbWFABe/J4k3LYf654OdicjCCewlEVtmH+9BkuvV+NN2dkDopBL/pODxJxboF
/lY3W/z/1Bk=
=oan3
-----END PGP SIGNATURE-----
