Move source4/lib/crypto to lib/crypto.

18 files changed, 1596 insertions, 0 deletions

diff --git a/lib/crypto/arcfour.c b/lib/crypto/arcfour.c
new file mode 100644
index 0000000000..94196fa1ee
--- /dev/null
+++ b/lib/crypto/arcfour.c
@@ -0,0 +1,91 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   An implementation of the arcfour algorithm
+
+   Copyright (C) Andrew Tridgell 1998
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+/* initialise the arcfour sbox with key */
+_PUBLIC_ void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key) 
+{
+	int ind;
+	uint8_t j = 0;
+	for (ind = 0; ind < sizeof(state->sbox); ind++) {
+		state->sbox[ind] = (uint8_t)ind;
+	}
+	
+	for (ind = 0; ind < sizeof(state->sbox); ind++) {
+		uint8_t tc;
+		
+		j += (state->sbox[ind] + key->data[ind%key->length]);
+		
+		tc = state->sbox[ind];
+		state->sbox[ind] = state->sbox[j];
+		state->sbox[j] = tc;
+	}
+	state->index_i = 0;
+	state->index_j = 0;
+}
+
+/* crypt the data with arcfour */
+_PUBLIC_ void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len) 
+{
+	int ind;
+	
+	for (ind = 0; ind < len; ind++) {
+		uint8_t tc;
+		uint8_t t;
+
+		state->index_i++;
+		state->index_j += state->sbox[state->index_i];
+
+		tc = state->sbox[state->index_i];
+		state->sbox[state->index_i] = state->sbox[state->index_j];
+		state->sbox[state->index_j] = tc;
+		
+		t = state->sbox[state->index_i] + state->sbox[state->index_j];
+		data[ind] = data[ind] ^ state->sbox[t];
+	}
+}
+
+/*
+  arcfour encryption with a blob key
+*/
+_PUBLIC_ void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key) 
+{
+	struct arcfour_state state;
+	arcfour_init(&state, key);
+	arcfour_crypt_sbox(&state, data, len);
+}
+
+/*
+  a variant that assumes a 16 byte key. This should be removed
+  when the last user is gone
+*/
+_PUBLIC_ void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len)
+{
+	DATA_BLOB key = data_blob(keystr, 16);
+	
+	arcfour_crypt_blob(data, len, &key);
+
+	data_blob_free(&key);
+}
+
+
diff --git a/lib/crypto/config.mk b/lib/crypto/config.mk
new file mode 100644
index 0000000000..ee111bd088
--- /dev/null
+++ b/lib/crypto/config.mk
@@ -0,0 +1,18 @@
+##############################
+# Start SUBSYSTEM LIBCRYPTO
+[SUBSYSTEM::LIBCRYPTO]
+# End SUBSYSTEM LIBCRYPTO
+##############################
+
+LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
+					 crc32.o md5.o hmacmd5.o md4.o \
+					 arcfour.o sha256.o hmacsha256.o)
+
+[MODULE::TORTURE_LIBCRYPTO]
+SUBSYSTEM = smbtorture
+PRIVATE_DEPENDENCIES = LIBCRYPTO
+
+TORTURE_LIBCRYPTO_OBJ_FILES = $(addprefix $(libcryptosrcdir)/, \
+		md4test.o md5test.o hmacmd5test.o)
+
+$(eval $(call proto_header_template,$(libcryptosrcdir)/test_proto.h,$(TORTURE_LIBCRYPTO_OBJ_FILES:.o=.c)))
diff --git a/lib/crypto/crc32.c b/lib/crypto/crc32.c
new file mode 100644
index 0000000000..5b9d9b108d
--- /dev/null
+++ b/lib/crypto/crc32.c
@@ -0,0 +1,103 @@
+/*-
+ *  COPYRIGHT (C) 1986 Gary S. Brown.  You may use this program, or
+ *  code or tables extracted from it, as desired without restriction.
+ *
+ *  First, the polynomial itself and its table of feedback terms.  The
+ *  polynomial is
+ *  X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0
+ *
+ *  Note that we take it "backwards" and put the highest-order term in
+ *  the lowest-order bit.  The X^32 term is "implied"; the LSB is the
+ *  X^31 term, etc.  The X^0 term (usually shown as "+1") results in
+ *  the MSB being 1
+ *
+ *  Note that the usual hardware shift register implementation, which
+ *  is what we're using (we're merely optimizing it by doing eight-bit
+ *  chunks at a time) shifts bits into the lowest-order term.  In our
+ *  implementation, that means shifting towards the right.  Why do we
+ *  do it this way?  Because the calculated CRC must be transmitted in
+ *  order from highest-order term to lowest-order term.  UARTs transmit
+ *  characters in order from LSB to MSB.  By storing the CRC this way
+ *  we hand it to the UART in the order low-byte to high-byte; the UART
+ *  sends each low-bit to hight-bit; and the result is transmission bit
+ *  by bit from highest- to lowest-order term without requiring any bit
+ *  shuffling on our part.  Reception works similarly
+ *
+ *  The feedback terms table consists of 256, 32-bit entries.  Notes
+ *
+ *      The table can be generated at runtime if desired; code to do so
+ *      is shown later.  It might not be obvious, but the feedback
+ *      terms simply represent the results of eight shift/xor opera
+ *      tions for all combinations of data and CRC register values
+ *
+ *      The values must be right-shifted by eight bits by the "updcrc
+ *      logic; the shift must be unsigned (bring in zeroes).  On some
+ *      hardware you could probably optimize the shift in assembler by
+ *      using byte-swap instructions
+ *      polynomial $edb88320
+ *
+ *
+ * CRC32 code derived from work by Gary S. Brown.
+ */
+
+#include "includes.h"
+
+static const uint32_t crc32_tab[] = {
+	0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
+	0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+	0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
+	0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+	0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
+	0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+	0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
+	0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+	0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
+	0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+	0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
+	0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+	0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
+	0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+	0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+	0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+	0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
+	0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+	0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
+	0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+	0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
+	0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+	0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
+	0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+	0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+	0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+	0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
+	0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+	0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
+	0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+	0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
+	0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+	0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
+	0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+	0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+	0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+	0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
+	0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+	0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
+	0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+	0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
+	0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+	0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+};
+
+uint32_t crc32_calc_buffer(const uint8_t *buf, size_t size)
+{
+	const uint8_t *p;
+	uint32_t crc;
+
+	p = buf;
+	crc = ~0U;
+
+	while (size--)
+		crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
+
+	return crc ^ ~0U;
+}
diff --git a/lib/crypto/crc32.h b/lib/crypto/crc32.h
new file mode 100644
index 0000000000..7854abf865
--- /dev/null
+++ b/lib/crypto/crc32.h
@@ -0,0 +1 @@
+uint32_t crc32_calc_buffer(const uint8_t *buf, size_t size);
diff --git a/lib/crypto/crypto.h b/lib/crypto/crypto.h
new file mode 100644
index 0000000000..9cb16ad344
--- /dev/null
+++ b/lib/crypto/crypto.h
@@ -0,0 +1,37 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   Copyright (C) Andrew Tridgell 2004
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "../lib/crypto/crc32.h"
+#include "../lib/crypto/md4.h"
+#include "../lib/crypto/md5.h"
+#include "../lib/crypto/hmacmd5.h"
+#include "../lib/crypto/sha256.h"
+#include "../lib/crypto/hmacsha256.h"
+
+struct arcfour_state {
+	uint8_t sbox[256];
+	uint8_t index_i;
+	uint8_t index_j;
+};
+
+void arcfour_init(struct arcfour_state *state, const DATA_BLOB *key);
+void arcfour_crypt_sbox(struct arcfour_state *state, uint8_t *data, int len);
+void arcfour_crypt_blob(uint8_t *data, int len, const DATA_BLOB *key);
+void arcfour_crypt(uint8_t *data, const uint8_t keystr[16], int len);
+
diff --git a/lib/crypto/hmacmd5.c b/lib/crypto/hmacmd5.c
new file mode 100644
index 0000000000..3a9ec38a27
--- /dev/null
+++ b/lib/crypto/hmacmd5.c
@@ -0,0 +1,117 @@
+/* 
+   Unix SMB/CIFS implementation.
+   HMAC MD5 code for use in NTLMv2
+   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
+   Copyright (C) Andrew Tridgell 1992-2000
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* taken direct from rfc2104 implementation and modified for suitable use
+ * for ntlmv2.
+ */
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+/***********************************************************************
+ the rfc 2104 version of hmac_md5 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_init_rfc2104(const uint8_t *key, int key_len, HMACMD5Context *ctx)
+{
+        int i;
+	uint8_t tk[16];
+
+        /* if key is longer than 64 bytes reset it to key=MD5(key) */
+        if (key_len > 64)
+	{
+                struct MD5Context tctx;
+
+                MD5Init(&tctx);
+                MD5Update(&tctx, key, key_len);
+                MD5Final(tk, &tctx);
+
+                key = tk;
+                key_len = 16;
+        }
+
+        /* start out by storing key in pads */
+        ZERO_STRUCT(ctx->k_ipad);
+        ZERO_STRUCT(ctx->k_opad);
+        memcpy( ctx->k_ipad, key, key_len);
+        memcpy( ctx->k_opad, key, key_len);
+
+        /* XOR key with ipad and opad values */
+        for (i=0; i<64; i++)
+	{
+                ctx->k_ipad[i] ^= 0x36;
+                ctx->k_opad[i] ^= 0x5c;
+        }
+
+        MD5Init(&ctx->ctx);
+        MD5Update(&ctx->ctx, ctx->k_ipad, 64);  
+}
+
+/***********************************************************************
+ the microsoft version of hmac_md5 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_init_limK_to_64(const uint8_t *key, int key_len,
+			HMACMD5Context *ctx)
+{
+        /* if key is longer than 64 bytes truncate it */
+        if (key_len > 64)
+	{
+                key_len = 64;
+        }
+
+	hmac_md5_init_rfc2104(key, key_len, ctx);
+}
+
+/***********************************************************************
+ update hmac_md5 "inner" buffer
+***********************************************************************/
+_PUBLIC_ void hmac_md5_update(const uint8_t *text, int text_len, HMACMD5Context *ctx)
+{
+        MD5Update(&ctx->ctx, text, text_len); /* then text of datagram */
+}
+
+/***********************************************************************
+ finish off hmac_md5 "inner" buffer and generate outer one.
+***********************************************************************/
+_PUBLIC_ void hmac_md5_final(uint8_t *digest, HMACMD5Context *ctx)
+{
+        struct MD5Context ctx_o;
+
+        MD5Final(digest, &ctx->ctx);          
+
+        MD5Init(&ctx_o);
+        MD5Update(&ctx_o, ctx->k_opad, 64);   
+        MD5Update(&ctx_o, digest, 16); 
+        MD5Final(digest, &ctx_o);
+}
+
+/***********************************************************
+ single function to calculate an HMAC MD5 digest from data.
+ use the microsoft hmacmd5 init method because the key is 16 bytes.
+************************************************************/
+_PUBLIC_ void hmac_md5(const uint8_t key[16], const uint8_t *data, int data_len, uint8_t *digest)
+{
+	HMACMD5Context ctx;
+	hmac_md5_init_limK_to_64(key, 16, &ctx);
+	if (data_len != 0)
+	{
+		hmac_md5_update(data, data_len, &ctx);
+	}
+	hmac_md5_final(digest, &ctx);
+}
diff --git a/lib/crypto/hmacmd5.h b/lib/crypto/hmacmd5.h
new file mode 100644
index 0000000000..5769737fcd
--- /dev/null
+++ b/lib/crypto/hmacmd5.h
@@ -0,0 +1,38 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Interface header:    HMAC MD5 code
+   Copyright (C) Luke Kenneth Casson Leighton 1996-1999
+   Copyright (C) Andrew Tridgell 1992-1999
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _HMAC_MD5_H
+
+typedef struct 
+{
+        struct MD5Context ctx;
+        uint8_t k_ipad[65];    
+        uint8_t k_opad[65];
+
+} HMACMD5Context;
+
+void hmac_md5_init_limK_to_64(const uint8_t *key, int key_len,
+			      HMACMD5Context *ctx);
+void hmac_md5_update(const uint8_t *text, int text_len, HMACMD5Context *ctx);
+void hmac_md5_final(uint8_t *digest, HMACMD5Context *ctx);
+void hmac_md5(const uint8_t key[16], const uint8_t *data, int data_len, uint8_t *digest);
+void hmac_md5_init_rfc2104(const uint8_t *key, int key_len, HMACMD5Context *ctx);
+
+#endif /* _HMAC_MD5_H */
diff --git a/lib/crypto/hmacmd5test.c b/lib/crypto/hmacmd5test.c
new file mode 100644
index 0000000000..07ed54c98d
--- /dev/null
+++ b/lib/crypto/hmacmd5test.c
@@ -0,0 +1,98 @@
+/* 
+   Unix SMB/CIFS implementation.
+   HMAC MD5 tests
+   Copyright (C) Stefan Metzmacher 2006
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+struct torture_context;
+
+static DATA_BLOB data_blob_repeat_byte(uint8_t byte, size_t length)
+{
+	DATA_BLOB b = data_blob(NULL, length);
+	memset(b.data, byte, length);
+	return b;
+}
+
+/*
+ This uses the test values from rfc 2104, 2202
+*/
+bool torture_local_crypto_hmacmd5(struct torture_context *torture) 
+{
+	bool ret = true;
+	uint32_t i;
+	struct {
+		DATA_BLOB key;
+		DATA_BLOB data;
+		DATA_BLOB md5;
+	} testarray[8];
+
+	testarray[0].key	= data_blob_repeat_byte(0x0b, 16);
+	testarray[0].data	= data_blob_string_const("Hi There");
+	testarray[0].md5	= strhex_to_data_blob("9294727a3638bb1c13f48ef8158bfc9d");
+
+	testarray[1].key	= data_blob_string_const("Jefe");
+	testarray[1].data	= data_blob_string_const("what do ya want for nothing?");
+	testarray[1].md5	= strhex_to_data_blob("750c783e6ab0b503eaa86e310a5db738");
+
+	testarray[2].key	= data_blob_repeat_byte(0xaa, 16);
+	testarray[2].data	= data_blob_repeat_byte(0xdd, 50);
+	testarray[2].md5	= strhex_to_data_blob("56be34521d144c88dbb8c733f0e8b3f6");
+
+	testarray[3].key	= strhex_to_data_blob("0102030405060708090a0b0c0d0e0f10111213141516171819");
+	testarray[3].data	= data_blob_repeat_byte(0xcd, 50);
+	testarray[3].md5	= strhex_to_data_blob("697eaf0aca3a3aea3a75164746ffaa79");
+
+	testarray[4].key	= data_blob_repeat_byte(0x0c, 16);
+	testarray[4].data	= data_blob_string_const("Test With Truncation");
+	testarray[4].md5	= strhex_to_data_blob("56461ef2342edc00f9bab995690efd4c");
+
+	testarray[5].key	= data_blob_repeat_byte(0xaa, 80);
+	testarray[5].data	= data_blob_string_const("Test Using Larger Than Block-Size Key - Hash Key First");
+	testarray[5].md5	= strhex_to_data_blob("6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd");
+
+	testarray[6].key	= data_blob_repeat_byte(0xaa, 80);
+	testarray[6].data	= data_blob_string_const("Test Using Larger Than Block-Size Key "
+							 "and Larger Than One Block-Size Data");
+	testarray[6].md5	= strhex_to_data_blob("6f630fad67cda0ee1fb1f562db3aa53e");
+
+	testarray[7].key        = data_blob(NULL, 0);
+
+	for (i=0; testarray[i].key.data; i++) {
+		HMACMD5Context ctx;
+		uint8_t md5[16];
+		int e;
+
+		hmac_md5_init_rfc2104(testarray[i].key.data, testarray[i].key.length, &ctx);
+		hmac_md5_update(testarray[i].data.data, testarray[i].data.length, &ctx);
+		hmac_md5_final(md5, &ctx);
+
+		e = memcmp(testarray[i].md5.data,
+			   md5,
+			   MIN(testarray[i].md5.length, sizeof(md5)));
+		if (e != 0) {
+			printf("hmacmd5 test[%u]: failed\n", i);
+			dump_data(0, testarray[i].key.data, testarray[i].key.length);
+			dump_data(0, testarray[i].data.data, testarray[i].data.length);
+			dump_data(0, testarray[i].md5.data, testarray[i].md5.length);
+			dump_data(0, md5, sizeof(md5));
+			ret = false;
+		}
+	}
+
+	return ret;
+}
diff --git a/lib/crypto/hmacsha256.c b/lib/crypto/hmacsha256.c
new file mode 100644
index 0000000000..6b0af9ee83
--- /dev/null
+++ b/lib/crypto/hmacsha256.c
@@ -0,0 +1,91 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   Interface header:    HMAC SHA-256 code
+
+   Copyright (C) Andrew Tridgell 2008
+
+   based in hmacsha1.c which is:
+     Copyright (C) Stefan Metzmacher
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/*
+ taken direct from rfc2202 implementation and modified for suitable use
+ */
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+/***********************************************************************
+ the rfc 2104/2202 version of hmac_sha256 initialisation.
+***********************************************************************/
+_PUBLIC_ void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx)
+{
+        int i;
+	uint8_t tk[SHA256_DIGEST_LENGTH];
+
+        /* if key is longer than 64 bytes reset it to key=HASH(key) */
+        if (key_len > 64)
+	{
+                SHA256_CTX tctx;
+
+                SHA256_Init(&tctx);
+                SHA256_Update(&tctx, key, key_len);
+                SHA256_Final(tk, &tctx);
+
+                key = tk;
+                key_len = SHA256_DIGEST_LENGTH;
+        }
+
+        /* start out by storing key in pads */
+        ZERO_STRUCT(ctx->k_ipad);
+        ZERO_STRUCT(ctx->k_opad);
+        memcpy( ctx->k_ipad, key, key_len);
+        memcpy( ctx->k_opad, key, key_len);
+
+        /* XOR key with ipad and opad values */
+        for (i=0; i<64; i++)
+	{
+                ctx->k_ipad[i] ^= 0x36;
+                ctx->k_opad[i] ^= 0x5c;
+        }
+
+        SHA256_Init(&ctx->ctx);
+        SHA256_Update(&ctx->ctx, ctx->k_ipad, 64);  
+}
+
+/***********************************************************************
+ update hmac_sha256 "inner" buffer
+***********************************************************************/
+_PUBLIC_ void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx)
+{
+        SHA256_Update(&ctx->ctx, data, data_len); /* then text of datagram */
+}
+
+/***********************************************************************
+ finish off hmac_sha256 "inner" buffer and generate outer one.
+***********************************************************************/
+_PUBLIC_ void hmac_sha256_final(uint8_t digest[SHA256_DIGEST_LENGTH], struct HMACSHA256Context *ctx)
+{
+        SHA256_CTX ctx_o;
+
+        SHA256_Final(digest, &ctx->ctx);
+
+        SHA256_Init(&ctx_o);
+        SHA256_Update(&ctx_o, ctx->k_opad, 64);
+        SHA256_Update(&ctx_o, digest, SHA256_DIGEST_LENGTH);
+        SHA256_Final(digest, &ctx_o);
+}
diff --git a/lib/crypto/hmacsha256.h b/lib/crypto/hmacsha256.h
new file mode 100644
index 0000000000..8960c636c1
--- /dev/null
+++ b/lib/crypto/hmacsha256.h
@@ -0,0 +1,38 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   Interface header:    HMAC SHA256 code
+
+   Copyright (C) Andrew Tridgell 2008
+
+   based on hmacsha1.h which is:
+
+    Copyright (C) Stefan Metzmacher 2006
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _HMAC_SHA256_H
+
+struct HMACSHA256Context {
+        SHA256_CTX ctx;
+        uint8_t k_ipad[65];    
+        uint8_t k_opad[65];
+};
+
+void hmac_sha256_init(const uint8_t *key, size_t key_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_update(const uint8_t *data, size_t data_len, struct HMACSHA256Context *ctx);
+void hmac_sha256_final(uint8_t digest[20], struct HMACSHA256Context *ctx);
+
+#endif /* _HMAC_SHA256_H */
diff --git a/lib/crypto/md4.c b/lib/crypto/md4.c
new file mode 100644
index 0000000000..7ad93ce786
--- /dev/null
+++ b/lib/crypto/md4.c
@@ -0,0 +1,176 @@
+/* 
+   Unix SMB/CIFS implementation.
+   a implementation of MD4 designed for use in the SMB authentication protocol
+   Copyright (C) Andrew Tridgell 1997-1998.
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+/* NOTE: This code makes no attempt to be fast! 
+
+   It assumes that a int is at least 32 bits long
+*/
+
+struct mdfour_state {
+	uint32_t A, B, C, D;
+};
+
+static uint32_t F(uint32_t X, uint32_t Y, uint32_t Z)
+{
+	return (X&Y) | ((~X)&Z);
+}
+
+static uint32_t G(uint32_t X, uint32_t Y, uint32_t Z)
+{
+	return (X&Y) | (X&Z) | (Y&Z); 
+}
+
+static uint32_t H(uint32_t X, uint32_t Y, uint32_t Z)
+{
+	return X^Y^Z;
+}
+
+static uint32_t lshift(uint32_t x, int s)
+{
+	x &= 0xFFFFFFFF;
+	return ((x<<s)&0xFFFFFFFF) | (x>>(32-s));
+}
+
+#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s)
+#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32_t)0x5A827999,s)
+#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32_t)0x6ED9EBA1,s)
+
+/* this applies md4 to 64 byte chunks */
+static void mdfour64(struct mdfour_state *s, uint32_t *M)
+{
+	int j;
+	uint32_t AA, BB, CC, DD;
+	uint32_t X[16];
+
+	for (j=0;j<16;j++)
+		X[j] = M[j];
+
+	AA = s->A; BB = s->B; CC = s->C; DD = s->D;
+
+        ROUND1(s->A,s->B,s->C,s->D,  0,  3);  ROUND1(s->D,s->A,s->B,s->C,  1,  7);  
+	ROUND1(s->C,s->D,s->A,s->B,  2, 11);  ROUND1(s->B,s->C,s->D,s->A,  3, 19);
+        ROUND1(s->A,s->B,s->C,s->D,  4,  3);  ROUND1(s->D,s->A,s->B,s->C,  5,  7);  
+	ROUND1(s->C,s->D,s->A,s->B,  6, 11);  ROUND1(s->B,s->C,s->D,s->A,  7, 19);
+        ROUND1(s->A,s->B,s->C,s->D,  8,  3);  ROUND1(s->D,s->A,s->B,s->C,  9,  7);  
+	ROUND1(s->C,s->D,s->A,s->B, 10, 11);  ROUND1(s->B,s->C,s->D,s->A, 11, 19);
+        ROUND1(s->A,s->B,s->C,s->D, 12,  3);  ROUND1(s->D,s->A,s->B,s->C, 13,  7);  
+	ROUND1(s->C,s->D,s->A,s->B, 14, 11);  ROUND1(s->B,s->C,s->D,s->A, 15, 19);	
+
+        ROUND2(s->A,s->B,s->C,s->D,  0,  3);  ROUND2(s->D,s->A,s->B,s->C,  4,  5);  
+	ROUND2(s->C,s->D,s->A,s->B,  8,  9);  ROUND2(s->B,s->C,s->D,s->A, 12, 13);
+        ROUND2(s->A,s->B,s->C,s->D,  1,  3);  ROUND2(s->D,s->A,s->B,s->C,  5,  5);  
+	ROUND2(s->C,s->D,s->A,s->B,  9,  9);  ROUND2(s->B,s->C,s->D,s->A, 13, 13);
+        ROUND2(s->A,s->B,s->C,s->D,  2,  3);  ROUND2(s->D,s->A,s->B,s->C,  6,  5);  
+	ROUND2(s->C,s->D,s->A,s->B, 10,  9);  ROUND2(s->B,s->C,s->D,s->A, 14, 13);
+        ROUND2(s->A,s->B,s->C,s->D,  3,  3);  ROUND2(s->D,s->A,s->B,s->C,  7,  5);  
+	ROUND2(s->C,s->D,s->A,s->B, 11,  9);  ROUND2(s->B,s->C,s->D,s->A, 15, 13);
+
+	ROUND3(s->A,s->B,s->C,s->D,  0,  3);  ROUND3(s->D,s->A,s->B,s->C,  8,  9);  
+	ROUND3(s->C,s->D,s->A,s->B,  4, 11);  ROUND3(s->B,s->C,s->D,s->A, 12, 15);
+        ROUND3(s->A,s->B,s->C,s->D,  2,  3);  ROUND3(s->D,s->A,s->B,s->C, 10,  9);  
+	ROUND3(s->C,s->D,s->A,s->B,  6, 11);  ROUND3(s->B,s->C,s->D,s->A, 14, 15);
+        ROUND3(s->A,s->B,s->C,s->D,  1,  3);  ROUND3(s->D,s->A,s->B,s->C,  9,  9);  
+	ROUND3(s->C,s->D,s->A,s->B,  5, 11);  ROUND3(s->B,s->C,s->D,s->A, 13, 15);
+        ROUND3(s->A,s->B,s->C,s->D,  3,  3);  ROUND3(s->D,s->A,s->B,s->C, 11,  9);  
+	ROUND3(s->C,s->D,s->A,s->B,  7, 11);  ROUND3(s->B,s->C,s->D,s->A, 15, 15);
+
+	s->A += AA; 
+	s->B += BB; 
+	s->C += CC; 
+	s->D += DD;
+	
+	s->A &= 0xFFFFFFFF; 
+	s->B &= 0xFFFFFFFF;
+	s->C &= 0xFFFFFFFF; 
+	s->D &= 0xFFFFFFFF;
+
+	for (j=0;j<16;j++)
+		X[j] = 0;
+}
+
+static void copy64(uint32_t *M, const uint8_t *in)
+{
+	int i;
+
+	for (i=0;i<16;i++)
+		M[i] = (in[i*4+3]<<24) | (in[i*4+2]<<16) |
+			(in[i*4+1]<<8) | (in[i*4+0]<<0);
+}
+
+static void copy4(uint8_t *out, uint32_t x)
+{
+	out[0] = x&0xFF;
+	out[1] = (x>>8)&0xFF;
+	out[2] = (x>>16)&0xFF;
+	out[3] = (x>>24)&0xFF;
+}
+
+/**
+ * produce a md4 message digest from data of length n bytes 
+ */
+_PUBLIC_ void mdfour(uint8_t *out, const uint8_t *in, int n)
+{
+	uint8_t buf[128];
+	uint32_t M[16];
+	uint32_t b = n * 8;
+	int i;
+	struct mdfour_state state;
+
+	state.A = 0x67452301;
+	state.B = 0xefcdab89;
+	state.C = 0x98badcfe;
+	state.D = 0x10325476;
+
+	while (n > 64) {
+		copy64(M, in);
+		mdfour64(&state, M);
+		in += 64;
+		n -= 64;
+	}
+
+	for (i=0;i<128;i++)
+		buf[i] = 0;
+	memcpy(buf, in, n);
+	buf[n] = 0x80;
+	
+	if (n <= 55) {
+		copy4(buf+56, b);
+		copy64(M, buf);
+		mdfour64(&state, M);
+	} else {
+		copy4(buf+120, b); 
+		copy64(M, buf);
+		mdfour64(&state, M);
+		copy64(M, buf+64);
+		mdfour64(&state, M);
+	}
+
+	for (i=0;i<128;i++)
+		buf[i] = 0;
+	copy64(M, buf);
+
+	copy4(out, state.A);
+	copy4(out+4, state.B);
+	copy4(out+8, state.C);
+	copy4(out+12, state.D);
+}
+
+
diff --git a/lib/crypto/md4.h b/lib/crypto/md4.h
new file mode 100644
index 0000000000..234e488e4f
--- /dev/null
+++ b/lib/crypto/md4.h
@@ -0,0 +1 @@
+void mdfour(uint8_t *out, const uint8_t *in, int n);
diff --git a/lib/crypto/md4test.c b/lib/crypto/md4test.c
new file mode 100644
index 0000000000..5e0451973c
--- /dev/null
+++ b/lib/crypto/md4test.c
@@ -0,0 +1,83 @@
+/* 
+   Unix SMB/CIFS implementation.
+   MD4 tests
+   Copyright (C) Stefan Metzmacher 2006
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+struct torture_context;
+
+/*
+ This uses the test values from rfc1320
+*/
+bool torture_local_crypto_md4(struct torture_context *torture) 
+{
+	bool ret = true;
+	uint32_t i;
+	struct {
+		const char *data;
+		const char *md4;
+	} testarray[] = {
+	{
+		.data	= "",
+		.md4	= "31d6cfe0d16ae931b73c59d7e0c089c0"
+	},{
+		.data	= "a",
+		.md4	= "bde52cb31de33e46245e05fbdbd6fb24"
+	},{
+		.data	= "abc",
+		.md4	= "a448017aaf21d8525fc10ae87aa6729d"
+	},{
+		.data	= "message digest",
+		.md4	= "d9130a8164549fe818874806e1c7014b"
+	},{
+		.data	= "abcdefghijklmnopqrstuvwxyz",
+		.md4	= "d79e1c308aa5bbcdeea8ed63df412da9"
+	},{
+		.data	= "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+		.md4	= "043f8582f241db351ce627e153e7f0e4"
+	},{
+		.data	= "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+		.md4	= "e33b4ddc9c38f2199c3e7b164fcc0536"
+	}
+	};
+
+	for (i=0; i < ARRAY_SIZE(testarray); i++) {
+		uint8_t md4[16];
+		int e;
+		DATA_BLOB data;
+		DATA_BLOB md4blob;
+
+		data = data_blob_string_const(testarray[i].data);
+		md4blob  = strhex_to_data_blob(testarray[i].md4);
+
+		mdfour(md4, data.data, data.length);
+
+		e = memcmp(md4blob.data, md4, MIN(md4blob.length, sizeof(md4)));
+		if (e != 0) {
+			printf("md4 test[%u]: failed\n", i);
+			dump_data(0, data.data, data.length);
+			dump_data(0, md4blob.data, md4blob.length);
+			dump_data(0, md4, sizeof(md4));
+			ret = false;
+		}
+		talloc_free(md4blob.data);
+	}
+
+	return ret;
+}
diff --git a/lib/crypto/md5.c b/lib/crypto/md5.c
new file mode 100644
index 0000000000..584c46ef2d
--- /dev/null
+++ b/lib/crypto/md5.c
@@ -0,0 +1,248 @@
+/*
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest.  This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ */
+
+/* This code slightly modified to fit into Samba by 
+   abartlet@samba.org Jun 2001 */
+
+#include "includes.h"
+
+#include "md5.h"
+
+
+static void MD5Transform(uint32_t buf[4], uint32_t const in[16]);
+
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+static void byteReverse(uint8_t *buf, uint_t longs)
+{
+    uint32_t t;
+    do {
+	t = (uint32_t) ((uint_t) buf[3] << 8 | buf[2]) << 16 |
+	    ((uint_t) buf[1] << 8 | buf[0]);
+	*(uint32_t *) buf = t;
+	buf += 4;
+    } while (--longs);
+}
+
+/*
+ * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+_PUBLIC_ void MD5Init(struct MD5Context *ctx)
+{
+    ctx->buf[0] = 0x67452301;
+    ctx->buf[1] = 0xefcdab89;
+    ctx->buf[2] = 0x98badcfe;
+    ctx->buf[3] = 0x10325476;
+
+    ctx->bits[0] = 0;
+    ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+_PUBLIC_ void MD5Update(struct MD5Context *ctx, const uint8_t *buf, size_t len)
+{
+    register uint32_t t;
+
+    /* Update bitcount */
+
+    t = ctx->bits[0];
+    if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t)
+	ctx->bits[1]++;		/* Carry from low to high */
+    ctx->bits[1] += len >> 29;
+
+    t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
+
+    /* Handle any leading odd-sized chunks */
+
+    if (t) {
+	uint8_t *p = (uint8_t *) ctx->in + t;
+
+	t = 64 - t;
+	if (len < t) {
+	    memmove(p, buf, len);
+	    return;
+	}
+	memmove(p, buf, t);
+	byteReverse(ctx->in, 16);
+	MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+	buf += t;
+	len -= t;
+    }
+    /* Process data in 64-byte chunks */
+
+    while (len >= 64) {
+	memmove(ctx->in, buf, 64);
+	byteReverse(ctx->in, 16);
+	MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+	buf += 64;
+	len -= 64;
+    }
+
+    /* Handle any remaining bytes of data. */
+
+    memmove(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern 
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+_PUBLIC_ void MD5Final(uint8_t digest[16], struct MD5Context *ctx)
+{
+    uint_t count;
+    uint8_t *p;
+
+    /* Compute number of bytes mod 64 */
+    count = (ctx->bits[0] >> 3) & 0x3F;
+
+    /* Set the first char of padding to 0x80.  This is safe since there is
+       always at least one byte free */
+    p = ctx->in + count;
+    *p++ = 0x80;
+
+    /* Bytes of padding needed to make 64 bytes */
+    count = 64 - 1 - count;
+
+    /* Pad out to 56 mod 64 */
+    if (count < 8) {
+	/* Two lots of padding:  Pad the first block to 64 bytes */
+	memset(p, 0, count);
+	byteReverse(ctx->in, 16);
+	MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+
+	/* Now fill the next block with 56 bytes */
+	memset(ctx->in, 0, 56);
+    } else {
+	/* Pad block to 56 bytes */
+	memset(p, 0, count - 8);
+    }
+    byteReverse(ctx->in, 14);
+
+    /* Append length in bits and transform */
+    ((uint32_t *) ctx->in)[14] = ctx->bits[0];
+    ((uint32_t *) ctx->in)[15] = ctx->bits[1];
+
+    MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+    byteReverse((uint8_t *) ctx->buf, 4);
+    memmove(digest, ctx->buf, 16);
+    memset(ctx, 0, sizeof(ctx));	/* In case it's sensitive */
+}
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data.  MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+static void MD5Transform(uint32_t buf[4], uint32_t const in[16])
+{
+    register uint32_t a, b, c, d;
+
+    a = buf[0];
+    b = buf[1];
+    c = buf[2];
+    d = buf[3];
+
+    MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
+    MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
+    MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
+    MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
+    MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
+    MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
+    MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
+    MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
+    MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
+    MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
+    MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
+    MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
+    MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
+    MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
+    MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
+    MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
+
+    MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
+    MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
+    MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
+    MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
+    MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
+    MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
+    MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
+    MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
+    MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
+    MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
+    MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
+    MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
+    MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
+    MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
+    MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
+    MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
+
+    MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
+    MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
+    MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
+    MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
+    MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
+    MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
+    MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
+    MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
+    MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
+    MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
+    MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
+    MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
+    MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
+    MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
+    MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
+    MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
+
+    MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
+    MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
+    MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
+    MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
+    MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
+    MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
+    MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
+    MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
+    MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
+    MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
+    MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
+    MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
+    MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
+    MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
+    MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
+    MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
+
+    buf[0] += a;
+    buf[1] += b;
+    buf[2] += c;
+    buf[3] += d;
+}
diff --git a/lib/crypto/md5.h b/lib/crypto/md5.h
new file mode 100644
index 0000000000..4064d6f003
--- /dev/null
+++ b/lib/crypto/md5.h
@@ -0,0 +1,19 @@
+#ifndef MD5_H
+#define MD5_H
+#ifndef HEADER_MD5_H
+/* Try to avoid clashes with OpenSSL */
+#define HEADER_MD5_H 
+#endif
+
+struct MD5Context {
+	uint32_t buf[4];
+	uint32_t bits[2];
+	uint8_t in[64];
+};
+
+void MD5Init(struct MD5Context *context);
+void MD5Update(struct MD5Context *context, const uint8_t *buf,
+	       size_t len);
+void MD5Final(uint8_t digest[16], struct MD5Context *context);
+
+#endif /* !MD5_H */
diff --git a/lib/crypto/md5test.c b/lib/crypto/md5test.c
new file mode 100644
index 0000000000..702e0fcf41
--- /dev/null
+++ b/lib/crypto/md5test.c
@@ -0,0 +1,93 @@
+/* 
+   Unix SMB/CIFS implementation.
+   MD5 tests
+   Copyright (C) Stefan Metzmacher
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "lib/crypto/crypto.h"
+
+struct torture_context;
+
+/*
+ This uses the test values from rfc1321
+*/
+bool torture_local_crypto_md5(struct torture_context *torture) 
+{
+	bool ret = true;
+	uint32_t i;
+	struct {
+		const char *data;
+		const char *md5;
+	} testarray[] = {
+	{
+		.data	= "",
+		.md5	= "d41d8cd98f00b204e9800998ecf8427e"
+	},{
+		.data	= "a",
+		.md5	= "0cc175b9c0f1b6a831c399e269772661"
+	},{
+		.data	= "abc",
+		.md5	= "900150983cd24fb0d6963f7d28e17f72"
+	},{
+		.data	= "message digest",
+		.md5	= "f96b697d7cb7938d525a2f31aaf161d0"
+	},{
+		.data	= "abcdefghijklmnopqrstuvwxyz",
+		.md5	= "c3fcd3d76192e4007dfb496cca67e13b"
+	},{
+		.data	= "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+						 "abcdefghijklmnopqrstuvwxyz"
+						 "0123456789",
+		.md5	= "d174ab98d277d9f5a5611c2c9f419d9f"
+	},{
+		.data	= "123456789012345678901234567890"
+						 "123456789012345678901234567890"
+						 "12345678901234567890",
+		.md5	= "57edf4a22be3c955ac49da2e2107b67a"
+	}
+	};
+
+	for (i=0; i < ARRAY_SIZE(testarray); i++) {
+		struct MD5Context ctx;
+		uint8_t md5[16];
+		int e;
+
+		DATA_BLOB data;
+		DATA_BLOB md5blob;
+
+		data = data_blob_string_const(testarray[i].data);
+		md5blob  = strhex_to_data_blob(testarray[i].md5);
+
+		MD5Init(&ctx);
+		MD5Update(&ctx, data.data, data.length);
+		MD5Final(md5, &ctx);
+
+		e = memcmp(md5blob.data,
+			   md5,
+			   MIN(md5blob.length, sizeof(md5)));
+		if (e != 0) {
+			printf("md5 test[%u]: failed\n", i);
+			dump_data(0, data.data, data.length);
+			dump_data(0, md5blob.data, md5blob.length);
+			dump_data(0, md5, sizeof(md5));
+			ret = false;
+		}
+		talloc_free(md5blob.data);
+	}
+
+	return ret;
+}
diff --git a/lib/crypto/sha256.c b/lib/crypto/sha256.c
new file mode 100644
index 0000000000..a2def25814
--- /dev/null
+++ b/lib/crypto/sha256.c
@@ -0,0 +1,253 @@
+/*
+  based on heildal lib/hcrypto/sha256.c. Copied to lib/crypto to avoid a link
+  problem. Hopefully will be removed once we solve this link problem
+
+   (tridge)
+ */
+
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "includes.h"
+#include "sha256.h"
+
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#define ROTR(x,n)   (((x)>>(n)) | ((x) << (32 - (n))))
+
+#define Sigma0(x)	(ROTR(x,2)  ^ ROTR(x,13) ^ ROTR(x,22))
+#define Sigma1(x)	(ROTR(x,6)  ^ ROTR(x,11) ^ ROTR(x,25))
+#define sigma0(x)	(ROTR(x,7)  ^ ROTR(x,18) ^ ((x)>>3))
+#define sigma1(x)	(ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10))
+
+#define A m->counter[0]
+#define B m->counter[1]
+#define C m->counter[2]
+#define D m->counter[3]
+#define E m->counter[4]
+#define F m->counter[5]
+#define G m->counter[6]
+#define H m->counter[7]
+
+static const uint32_t constant_256[64] = {
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+void
+SHA256_Init (SHA256_CTX *m)
+{
+    m->sz[0] = 0;
+    m->sz[1] = 0;
+    A = 0x6a09e667;
+    B = 0xbb67ae85;
+    C = 0x3c6ef372;
+    D = 0xa54ff53a;
+    E = 0x510e527f;
+    F = 0x9b05688c;
+    G = 0x1f83d9ab;
+    H = 0x5be0cd19;
+}
+
+static void
+calc (SHA256_CTX *m, uint32_t *in)
+{
+    uint32_t AA, BB, CC, DD, EE, FF, GG, HH;
+    uint32_t data[64];
+    int i;
+
+    AA = A;
+    BB = B;
+    CC = C;
+    DD = D;
+    EE = E;
+    FF = F;
+    GG = G;
+    HH = H;
+
+    for (i = 0; i < 16; ++i)
+	data[i] = in[i];
+    for (i = 16; i < 64; ++i)
+	data[i] = sigma1(data[i-2]) + data[i-7] + 
+	    sigma0(data[i-15]) + data[i - 16];
+
+    for (i = 0; i < 64; i++) {
+	uint32_t T1, T2;
+
+	T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i];
+	T2 = Sigma0(AA) + Maj(AA,BB,CC);
+			     
+	HH = GG;
+	GG = FF;
+	FF = EE;
+	EE = DD + T1;
+	DD = CC;
+	CC = BB;
+	BB = AA;
+	AA = T1 + T2;
+    }
+
+    A += AA;
+    B += BB;
+    C += CC;
+    D += DD;
+    E += EE;
+    F += FF;
+    G += GG;
+    H += HH;
+}
+
+/*
+ * From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
+ */
+
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+/* Vector Crays doesn't have a good 32-bit type, or more precisely,
+   int32_t as defined by <bind/bitypes.h> isn't 32 bits, and we don't
+   want to depend in being able to redefine this type.  To cope with
+   this we have to clamp the result in some places to [0,2^32); no
+   need to do this on other machines.  Did I say this was a mess?
+   */
+
+#ifdef _CRAY
+#define CRAYFIX(X) ((X) & 0xffffffff)
+#else
+#define CRAYFIX(X) (X)
+#endif
+
+static inline uint32_t
+cshift (uint32_t x, unsigned int n)
+{
+    x = CRAYFIX(x);
+    return CRAYFIX((x << n) | (x >> (32 - n)));
+}
+
+static inline uint32_t
+swap_uint32_t (uint32_t t)
+{
+    uint32_t temp1, temp2;
+
+    temp1   = cshift(t, 16);
+    temp2   = temp1 >> 8;
+    temp1  &= 0x00ff00ff;
+    temp2  &= 0x00ff00ff;
+    temp1 <<= 8;
+    return temp1 | temp2;
+}
+#endif
+
+struct x32{
+    unsigned int a:32;
+    unsigned int b:32;
+};
+
+void
+SHA256_Update (SHA256_CTX *m, const void *v, size_t len)
+{
+    const unsigned char *p = v;
+    size_t old_sz = m->sz[0];
+    size_t offset;
+
+    m->sz[0] += len * 8;
+    if (m->sz[0] < old_sz)
+	++m->sz[1];
+    offset = (old_sz / 8) % 64;
+    while(len > 0){
+	size_t l = MIN(len, 64 - offset);
+	memcpy(m->save + offset, p, l);
+	offset += l;
+	p += l;
+	len -= l;
+	if(offset == 64){
+#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
+	    int i;
+	    uint32_t current[16];
+	    struct x32 *u = (struct x32*)m->save;
+	    for(i = 0; i < 8; i++){
+		current[2*i+0] = swap_uint32_t(u[i].a);
+		current[2*i+1] = swap_uint32_t(u[i].b);
+	    }
+	    calc(m, current);
+#else
+	    calc(m, (uint32_t*)m->save);
+#endif
+	    offset = 0;
+	}
+    }
+}
+
+void
+SHA256_Final (void *res, SHA256_CTX *m)
+{
+    unsigned char zeros[72];
+    unsigned offset = (m->sz[0] / 8) % 64;
+    unsigned int dstart = (120 - offset - 1) % 64 + 1;
+
+    *zeros = 0x80;
+    memset (zeros + 1, 0, sizeof(zeros) - 1);
+    zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
+    zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
+    zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
+    zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
+    zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
+    zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
+    zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
+    zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
+    SHA256_Update (m, zeros, dstart + 8);
+    {
+	int i;
+	unsigned char *r = (unsigned char*)res;
+
+	for (i = 0; i < 8; ++i) {
+	    r[4*i+3] = m->counter[i] & 0xFF;
+	    r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
+	    r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
+	    r[4*i]   = (m->counter[i] >> 24) & 0xFF;
+	}
+    }
+}
diff --git a/lib/crypto/sha256.h b/lib/crypto/sha256.h
new file mode 100644
index 0000000000..4a5f2cbe94
--- /dev/null
+++ b/lib/crypto/sha256.h
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: sha.h 17450 2006-05-05 11:11:43Z lha $ */
+
+#ifndef HEIM_SHA_H
+/*
+  based on heildal lib/hcrypto/sha.h. Copied to lib/crypto to avoid a link
+  problem. Hopefully will be removed once we solve this link problem
+
+   (tridge)
+ */
+#define HEIM_SHA_H 1
+
+#if 0
+/* symbol renaming */
+#define SHA1_Init hc_SHA1_Init
+#define SHA1_Update hc_SHA1_Update
+#define SHA1_Final hc_SHA1_Final
+#define SHA256_Init hc_SHA256_Init
+#define SHA256_Update hc_SHA256_Update
+#define SHA256_Final hc_SHA256_Final
+#endif
+
+/*
+ * SHA-1
+ */
+
+#define SHA_DIGEST_LENGTH 20
+
+struct sha {
+  unsigned int sz[2];
+  uint32_t counter[5];
+  unsigned char save[64];
+};
+
+typedef struct sha SHA_CTX;
+
+void SHA1_Init (struct sha *m);
+void SHA1_Update (struct sha *m, const void *v, size_t len);
+void SHA1_Final (void *res, struct sha *m);
+
+/*
+ * SHA-2 256
+ */
+
+#define SHA256_DIGEST_LENGTH 32
+
+struct hc_sha256state {
+  unsigned int sz[2];
+  uint32_t counter[8];
+  unsigned char save[64];
+};
+
+typedef struct hc_sha256state SHA256_CTX;
+
+void SHA256_Init (SHA256_CTX *);
+void SHA256_Update (SHA256_CTX *, const void *, size_t);
+void SHA256_Final (void *, SHA256_CTX *);
+
+#endif /* HEIM_SHA_H */