Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent

infringement reasons.

1 files changed, 205 insertions, 0 deletions

diff --git a/crypto/openssl/README b/crypto/openssl/README
new file mode 100644
index 000000000000..d7682e8a2f64
--- /dev/null
+++ b/crypto/openssl/README
@@ -0,0 +1,205 @@
+
+ OpenSSL 0.9.4  09 Aug 1999
+
+ Copyright (c) 1998-1999 The OpenSSL Project
+ Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+ All rights reserved.
+
+ DESCRIPTION
+ -----------
+
+ The OpenSSL Project is a collaborative effort to develop a robust,
+ commercial-grade, fully featured, and Open Source toolkit implementing the
+ Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+ protocols with full-strength cryptography world-wide. The project is managed
+ by a worldwide community of volunteers that use the Internet to communicate,
+ plan, and develop the OpenSSL toolkit and its related documentation. 
+
+ OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
+ and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
+ OpenSSL license plus the SSLeay license) situation, which basically means
+ that you are free to get and use it for commercial and non-commercial
+ purposes as long as you fulfill the conditions of both licenses. 
+
+ OVERVIEW
+ --------
+
+ The OpenSSL toolkit includes:
+
+ libssl.a:
+     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
+     both SSLv2, SSLv3 and TLSv1 in the one server and client.
+
+ libcrypto.a:
+     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
+     actually logically part of it. It includes routines for the following:
+
+     Ciphers
+        libdes - EAY's libdes DES encryption package which has been floating
+                 around the net for a few years.  It includes 15
+                 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+                 cbc, cfb and ofb; pcbc and a more general form of cfb and
+                 ofb) including desx in cbc mode, a fast crypt(3), and
+                 routines to read passwords from the keyboard.
+        RC4 encryption,
+        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
+        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
+        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
+
+     Digests
+        MD5 and MD2 message digest algorithms, fast implementations,
+        SHA (SHA-0) and SHA-1 message digest algorithms,
+        MDC2 message digest. A DES based hash that is popular on smart cards.
+
+     Public Key
+        RSA encryption/decryption/generation.  
+            There is no limit on the number of bits.
+        DSA encryption/decryption/generation.   
+            There is no limit on the number of bits.
+        Diffie-Hellman key-exchange/key generation.  
+            There is no limit on the number of bits.
+
+     X.509v3 certificates
+        X509 encoding/decoding into/from binary ASN1 and a PEM
+             based ascii-binary encoding which supports encryption with a
+             private key.  Program to generate RSA and DSA certificate
+             requests and to generate RSA and DSA certificates.
+
+     Systems
+        The normal digital envelope routines and base64 encoding.  Higher
+        level access to ciphers and digests by name.  New ciphers can be
+        loaded at run time.  The BIO io system which is a simple non-blocking
+        IO abstraction.  Current methods supported are file descriptors,
+        sockets, socket accept, socket connect, memory buffer, buffering, SSL
+        client/server, file pointer, encryption, digest, non-blocking testing
+        and null.
+
+     Data structures
+        A dynamically growing hashing system
+        A simple stack.
+        A Configuration loader that uses a format similar to MS .ini files.
+
+ openssl: 
+     A command line tool which provides the following functions:
+
+     enc     - a general encryption program that can encrypt/decrypt using
+               one of 17 different cipher/mode combinations.  The
+               input/output can also be converted to/from base64
+               ascii encoding.
+     dgst    - a generate message digesting program that will generate
+               message digests for any of md2, md5, sha (sha-0 or sha-1)
+               or mdc2.
+     asn1parse - parse and display the structure of an asn1 encoded
+               binary file.
+     rsa     - Manipulate RSA private keys.
+     dsa     - Manipulate DSA private keys.
+     dh      - Manipulate Diffie-Hellman parameter files.
+     dsaparam- Manipulate and generate DSA parameter files.
+     crl     - Manipulate certificate revocation lists.
+     crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+     x509    - Manipulate x509 certificates, self-sign certificates.
+     req     - Manipulate PKCS#10 certificate requests and also
+               generate certificate requests.
+     genrsa  - Generates an arbitrary sized RSA private key.
+     gendsa  - Generates DSA parameters.
+     gendh   - Generates a set of Diffie-Hellman parameters, the prime
+               will be a strong prime.
+     ca      - Create certificates from PKCS#10 certificate requests.
+               This program also maintains a database of certificates
+               issued.
+     verify  - Check x509 certificate signatures.
+     speed   - Benchmark OpenSSL's ciphers.
+     s_server- A test SSL server.
+     s_client- A test SSL client.
+     s_time  - Benchmark SSL performance of SSL server programs.
+     errstr  - Convert from OpenSSL hex error codes to a readable form.
+     nseq    - Netscape certificate sequence utility
+        
+ PATENTS
+ -------
+
+ Various companies hold various patents for various algorithms in various
+ locations around the world. _YOU_ are responsible for ensuring that your use
+ of any algorithms is legal by checking if there are any patents in your
+ country.  The file contains some of the patents that we know about or are
+ rumoured to exist. This is not a definitive list.
+
+ RSA Data Security holds software patents on the RSA and RC5 algorithms.  If
+ their ciphers are used used inside the USA (and Japan?), you must contact RSA
+ Data Security for licensing conditions. Their web page is
+ http://www.rsa.com/.
+
+ RC4 is a trademark of RSA Data Security, so use of this label should perhaps
+ only be used with RSA Data Security's permission. 
+
+ The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy,
+ Japan, Netherlands, Spain, Sweden, Switzerland, UK and the USA.  They should
+ be contacted if that algorithm is to be used, their web page is
+ http://www.ascom.ch/.
+
+ INSTALLATION
+ ------------
+
+ To install this package under a Unix derivative, read the INSTALL file.  For
+ a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
+ INSTALL.VMS.
+
+ For people in the USA, it is possible to compile OpenSSL to use RSA Inc.'s
+ public key library, RSAREF, by configuring OpenSSL with the option "rsaref".
+
+ Read the documentation in the doc/ directory.  It is quite rough, but it
+ lists the functions, you will probably have to look at the code to work out
+ how to used them. Look at the example programs.
+
+ SUPPORT 
+ -------
+
+ If you have any problems with OpenSSL then please take the following steps
+ first:
+
+    - Remove ASM versions of libraries
+    - Remove compiler optimisation flags 
+    - Add compiler debug flags (if using gcc then remove -fomit-frame-pointer
+      before you try to debug things)
+
+ If you wish to report a bug then please include the following information in
+ any bug report:
+
+    OpenSSL Details
+    - Version, most of these details can be got from the
+      'openssl version -a' command.
+    Operating System Details
+    - On Unix systems: Output of './config -t'
+    - OS Name, Version
+    - Hardware platform
+    Compiler Details
+    - Name
+    - Version
+    Application Details 
+    - Name 
+    - Version 
+    Problem Description
+    - include steps that will reproduce the problem (if known)
+    Stack Traceback (if the application dumps core)
+
+ Report the bug to the OpenSSL project at:
+
+    openssl-bugs@openssl.org
+
+ HOW TO CONTRIBUTE TO OpenSSL
+ ----------------------------
+
+ Development is coordinated on the openssl-dev mailing list (see
+ http://www.openssl.org for information on subscribing). If you
+ would like to submit a patch, send it to openssl-dev@openssl.org.
+ Please be sure to include a textual explanation of what your patch
+ does.
+
+ The preferred format for changes is "diff -u" output. You might
+ generate it like this:
+
+ # cd openssl-work
+ # [your changes]
+ # ./Configure dist; make clean
+ # cd ..
+ # diff -urN openssl-orig openssl-work > mydiffs.patch