r14198: Update Samba4 to current lorikeet-heimdal.

Andrew Bartlett
(This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)

27 files changed, 2405 insertions, 13 deletions

diff --git a/source4/heimdal/lib/des/aes.h b/source4/heimdal/lib/des/aes.h
index ef72b0add7..8a62c6461d 100755
--- a/source4/heimdal/lib/des/aes.h
+++ b/source4/heimdal/lib/des/aes.h
@@ -31,11 +31,22 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: aes.h,v 1.4 2005/04/10 19:09:47 lha Exp $ */
+/* $Id: aes.h,v 1.5 2006/01/08 21:47:27 lha Exp $ */
 
 #ifndef HEIM_AES_H
 #define HEIM_AES_H 1
 
+/* symbol renaming */
+#define AES_set_encrypt_key hc_AES_set_encrypt_key
+#define AES_set_decrypt_key hc_AES_decrypt_key
+#define AES_encrypt hc_AES_encrypt
+#define AES_decrypt hc_AES_decrypt
+#define AES_cbc_encrypt hc_AES_cbc_encrypt
+
+/*
+ *
+ */
+
 #define AES_BLOCK_SIZE 16
 #define AES_MAXNR 14
 
diff --git a/source4/heimdal/lib/des/bn.h b/source4/heimdal/lib/des/bn.h
new file mode 100644
index 0000000000..b0c90d36fc
--- /dev/null
+++ b/source4/heimdal/lib/des/bn.h
@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: bn.h,v 1.3 2006/01/13 08:27:50 lha Exp $
+ */
+
+#ifndef _HEIM_BN_H
+#define _HEIM_BN_H 1
+
+/* symbol renaming */
+#define BN_GENCB_call hc_BN_GENCB_call
+#define BN_GENCB_set hc_BN_GENCB_set
+#define BN_bin2bn hc_BN_bin2bn
+#define BN_bn2bin hc_BN_bn2bin
+#define BN_bn2hex hc_BN_bn2hex
+#define BN_clear hc_BN_clear
+#define BN_clear_bit hc_BN_clear_bit
+#define BN_clear_free hc_BN_clear_free
+#define BN_cmp hc_BN_cmp
+#define BN_dup hc_BN_dup
+#define BN_free hc_BN_free
+#define BN_is_negative hc_BN_is_negative
+#define BN_get_word hc_BN_get_word
+#define BN_hex2bn hc_BN_hex2bn
+#define BN_is_bit_set hc_BN_is_bit_set
+#define BN_new hc_BN_new
+#define BN_num_bits hc_BN_num_bits
+#define BN_num_bytes hc_BN_num_bytes
+#define BN_rand hc_BN_rand
+#define BN_set_bit hc_BN_set_bit
+#define BN_set_negative hc_BN_set_negative
+#define BN_set_word hc_BN_set_word
+#define BN_uadd hc_BN_uadd
+
+/*
+ *
+ */
+
+typedef void BIGNUM;
+typedef struct BN_GENCB BN_GENCB;
+typedef void BN_CTX;
+typedef void BN_MONT_CTX;
+typedef void BN_BLINDING;
+
+struct BN_GENCB {
+    unsigned int ver;
+    void *arg;
+    union {
+	int (*cb_2)(int, int, BN_GENCB *);
+    } cb;
+};
+
+/*
+ *
+ */
+
+BIGNUM *BN_new(void);
+void	BN_free(BIGNUM *);
+void	BN_clear_free(BIGNUM *);
+void	BN_clear(BIGNUM *);
+BIGNUM *BN_dup(const BIGNUM *);
+
+int	BN_num_bits(const BIGNUM *);
+int	BN_num_bytes(const BIGNUM *);
+
+int	BN_cmp(const BIGNUM *, const BIGNUM *);
+
+void	BN_set_negative(BIGNUM *, int);
+int	BN_is_negative(BIGNUM *);
+
+int	BN_is_bit_set(const BIGNUM *, int);
+int	BN_set_bit(BIGNUM *, int);
+int	BN_clear_bit(BIGNUM *, int);
+
+int	BN_set_word(BIGNUM *, unsigned long);
+unsigned long BN_get_word(const BIGNUM *);
+
+BIGNUM *BN_bin2bn(const void *,int len,BIGNUM *);
+int	BN_bn2bin(const BIGNUM *, void *);
+int 	BN_hex2bn(BIGNUM **, const char *);
+char *	BN_bn2hex(const BIGNUM *);
+
+int	BN_uadd(BIGNUM *, const BIGNUM *, const BIGNUM *);
+
+int	BN_rand(BIGNUM *, int, int, int);
+
+void	BN_GENCB_set(BN_GENCB *, int (*)(int, int, BN_GENCB *), void *);
+int	BN_GENCB_call(BN_GENCB *, int, int);
+
+#endif
diff --git a/source4/heimdal/lib/des/des.c b/source4/heimdal/lib/des/des.c
index b615bbd30e..b6bb55a9ba 100644
--- a/source4/heimdal/lib/des/des.c
+++ b/source4/heimdal/lib/des/des.c
@@ -45,7 +45,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: des.c,v 1.15 2005/07/20 10:49:22 lha Exp $");
+RCSID("$Id: des.c,v 1.16 2006/01/08 21:47:28 lha Exp $");
 #endif
 
 #include <stdio.h>
@@ -54,6 +54,7 @@ RCSID("$Id: des.c,v 1.15 2005/07/20 10:49:22 lha Exp $");
 #include <krb5-types.h>
 
 #include "des.h"
+#include "ui.h"
 
 static void desx(uint32_t [2], DES_key_schedule *, int);
 static void IP(uint32_t [2]);
diff --git a/source4/heimdal/lib/des/des.h b/source4/heimdal/lib/des/des.h
index 887c2e14d4..890fab462d 100644
--- a/source4/heimdal/lib/des/des.h
+++ b/source4/heimdal/lib/des/des.h
@@ -31,11 +31,41 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: des.h,v 1.24 2005/07/20 10:49:23 lha Exp $ */
+/* $Id: des.h,v 1.25 2006/01/08 21:47:28 lha Exp $ */
 
 #ifndef _DESperate_H
 #define _DESperate_H 1
 
+/* symbol renaming */
+#define DES_set_odd_parity hc_DES_set_odd_parity
+#define DES_is_weak_key hc_DES_is_weak_key
+#define DES_key_sched hc_DES_key_sched
+#define DES_set_key hc_DES_set_key
+#define DES_set_key_checked hc_DES_set_key_checked
+#define DES_set_key_sched hc_DES_set_key_sched
+#define DES_new_random_key hc_DES_new_random_key
+#define DES_string_to_key hc_DES_string_to_key
+#define DES_read_password hc_DES_read_password
+#define DES_rand_data hc_DES_rand_data
+#define DES_set_random_generator_seed hc_DES_set_random_generator_seed
+#define DES_generate_random_block hc_DES_generate_random_block
+#define DES_set_sequence_number hc_DES_set_sequence_number
+#define DES_init_random_number_generator hc_DES_init_random_number_generator
+#define DES_random_key hc_DES_random_key
+#define DES_encrypt hc_DES_encrypt
+#define DES_ecb_encrypt hc_DES_ecb_encrypt
+#define DES_ecb3_encrypt hc_DES_ecb3_encrypt
+#define DES_pcbc_encrypt hc_DES_pcbc_encrypt
+#define DES_cbc_encrypt hc_DES_cbc_encrypt
+#define DES_cbc_cksum hc_DES_cbc_cksum
+#define DES_ede3_cbc_encrypt hc_DES_ede3_cbc_encrypt
+#define DES_cfb64_encrypt hc_DES_cfb64_encrypt
+#define	_DES_ipfp_test _hc_DES_ipfp_test
+
+/*
+ *
+ */
+
 #define DES_CBLOCK_LEN 8
 #define DES_KEY_SZ 8
 
@@ -48,6 +78,10 @@ typedef struct DES_key_schedule
 	uint32_t ks[32];
 } DES_key_schedule;
 
+/*
+ *
+ */
+
 int	DES_set_odd_parity(DES_cblock *);
 int	DES_is_weak_key(DES_cblock *);
 int	DES_set_key(DES_cblock *, DES_key_schedule *);
@@ -57,8 +91,6 @@ int	DES_new_random_key(DES_cblock *);
 void	DES_string_to_key(const char *, DES_cblock *);
 int	DES_read_password(DES_cblock *, char *, int);
 
-int	UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
-
 void	DES_rand_data(void *, int);
 void	DES_set_random_generator_seed(DES_cblock *);
 void	DES_generate_random_block(DES_cblock *);
diff --git a/source4/heimdal/lib/des/dh.h b/source4/heimdal/lib/des/dh.h
new file mode 100644
index 0000000000..cbea876521
--- /dev/null
+++ b/source4/heimdal/lib/des/dh.h
@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: dh.h,v 1.4 2006/01/18 13:48:30 lha Exp $
+ */
+
+#ifndef _HEIM_DH_H
+#define _HEIM_DH_H 1
+
+/* symbol renaming */
+#define DH_null_method hc_DH_null_method
+#define DH_new hc_DH_new
+#define DH_new_method hc_DH_new_method
+#define DH_free hc_DH_free
+#define DH_up_ref hc_DH_up_ref
+#define DH_size hc_DH_size
+#define DH_set_default_method hc_DH_set_default_method
+#define DH_get_default_method hc_DH_get_default_method
+#define DH_set_method hc_DH_set_method
+#define DH_get_method hc_DH_get_method
+#define DH_set_ex_data hc_DH_set_ex_data
+#define DH_get_ex_data hc_DH_get_ex_data
+#define DH_generate_parameters_ex hc_DH_generate_parameters_ex
+#define DH_check hc_DH_check
+#define DH_generate_key hc_DH_generate_key
+#define DH_compute_key hc_DH_compute_key
+
+/*
+ *
+ */
+
+typedef struct DH DH;
+typedef struct DH_METHOD DH_METHOD;
+
+#include <hcrypto/bn.h>
+#include <hcrypto/engine.h>
+
+struct DH_METHOD {
+    const char *name;
+    int (*generate_key)(DH *);
+    int (*compute_key)(unsigned char *,const BIGNUM *,DH *);
+    int (*bn_mod_exp)(const DH *, BIGNUM *, const BIGNUM *,
+		      const BIGNUM *, const BIGNUM *, BN_CTX *,
+		      BN_MONT_CTX *);
+    int (*init)(DH *);
+    int (*finish)(DH *);
+    int flags;
+    void *app_data;
+    int (*generate_params)(DH *, int, int, BN_GENCB *);
+};
+
+struct DH {
+    int pad;
+    int version;
+    BIGNUM *p;
+    BIGNUM *g;
+    long length;
+    BIGNUM *pub_key;
+    BIGNUM *priv_key;
+    int flags;
+    void *method_mont_p;
+    BIGNUM *q;
+    BIGNUM *j;
+    void *seed;
+    int seedlen;
+    BIGNUM *counter;
+    int references;
+    struct CRYPTO_EX_DATA {
+	void *sk;
+	int dummy;
+    } ex_data;
+    const DH_METHOD *meth;
+    ENGINE *engine;
+};
+
+/* DH_check_pubkey return codes in `codes' argument. */
+#define DH_CHECK_PUBKEY_TOO_SMALL 1
+#define DH_CHECK_PUBKEY_TOO_LARGE 2
+
+/*
+ *
+ */
+
+const DH_METHOD *DH_null_method(void);
+
+DH *	DH_new(void);
+DH *	DH_new_method(ENGINE *);
+void	DH_free(DH *);
+int	DH_up_ref(DH *);
+
+int	DH_size(const DH *);
+
+
+void	DH_set_default_method(const DH_METHOD *);
+const DH_METHOD *
+	DH_get_default_method(void);
+int	DH_set_method(DH *, const DH_METHOD *);
+
+int	DH_set_ex_data(DH *, int, void *);
+void *	DH_get_ex_data(DH *, int);
+
+int	DH_generate_parameters_ex(DH *, int, int, BN_GENCB *);
+int	DH_check_pubkey(const DH *, const BIGNUM *, int *);
+int	DH_generate_key(DH *);
+int	DH_compute_key(unsigned char *,const BIGNUM *,DH *);
+
+#endif /* _HEIM_DH_H */
+
diff --git a/source4/heimdal/lib/des/dsa.h b/source4/heimdal/lib/des/dsa.h
new file mode 100644
index 0000000000..18859effc8
--- /dev/null
+++ b/source4/heimdal/lib/des/dsa.h
@@ -0,0 +1,140 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: dsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ */
+
+#ifndef _HEIM_DSA_H
+#define _HEIM_DSA_H 1
+
+#include <hcrypto/bn.h>
+
+/* symbol renaming */
+#define DSA_null_method hc_DSA_null_method
+#define DSA_new hc_DSA_new
+#define DSA_free hc_DSA_free
+#define DSA_up_ref hc_DSA_up_ref
+#define DSA_set_default_method hc_DSA_set_default_method
+#define DSA_get_default_method hc_DSA_get_default_method
+#define DSA_set_method hc_DSA_set_method
+#define DSA_get_method hc_DSA_get_method
+#define DSA_set_app_data hc_DSA_set_app_data
+#define DSA_get_app_data hc_DSA_get_app_data
+#define DSA_size hc_DSA_size
+#define DSA_verify hc_DSA_verify
+
+/*
+ *
+ */
+
+
+typedef struct DSA DSA;
+typedef struct DSA_METHOD DSA_METHOD;
+typedef struct DSA_SIG DSA_SIG;
+
+struct DSA_SIG {
+    BIGNUM *r;
+    BIGNUM *s;
+};
+
+struct DSA_METHOD {
+    const char *name;
+    DSA_SIG * (*dsa_do_sign)(const unsigned char *, int, DSA *);
+    int (*dsa_sign_setup)(DSA *, BN_CTX *, BIGNUM **, BIGNUM **);
+    int (*dsa_do_verify)(const unsigned char *, int, DSA_SIG *, DSA *);
+    int (*dsa_mod_exp)(DSA *, BIGNUM *, BIGNUM *, BIGNUM *,
+		       BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *,
+		       BN_MONT_CTX *);
+    int (*bn_mod_exp)(DSA *, BIGNUM *, BIGNUM *, const BIGNUM *,
+		      const BIGNUM *, BN_CTX *,
+		      BN_MONT_CTX *);
+    int (*init)(DSA *);
+    int (*finish)(DSA *);
+    int flags;
+    void *app_data;
+};
+
+struct DSA {
+    int pad;
+    long version;
+    int write_params;
+    BIGNUM *p;
+    BIGNUM *q;
+    BIGNUM *g;
+
+    BIGNUM *pub_key;
+    BIGNUM *priv_key;
+
+    BIGNUM *kinv;
+    BIGNUM *r;
+    int flags;
+    void *method_mont_p;
+    int references;
+    struct dsa_CRYPTO_EX_DATA {
+	void *sk;
+	int dummy;
+    } ex_data;
+    const DSA_METHOD *meth;
+    void *engine;
+};
+
+/*
+ *
+ */
+
+const DSA_METHOD *DSA_null_method(void);
+
+/*
+ *
+ */
+
+DSA *	DSA_new(void);
+void	DSA_free(DSA *);
+int	DSA_up_ref(DSA *);
+
+void	DSA_set_default_method(const DSA_METHOD *);
+const DSA_METHOD * DSA_get_default_method(void);
+
+const DSA_METHOD * DSA_get_method(const DSA *);
+int DSA_set_method(DSA *, const DSA_METHOD *);
+
+void	DSA_set_app_data(DSA *, void *arg);
+void *	DSA_get_app_data(DSA *);
+
+int	DSA_size(const DSA *);
+
+int	DSA_verify(int, const unsigned char *, int,
+		   const unsigned char *, int, DSA *);
+
+#endif /* _HEIM_DSA_H */
diff --git a/source4/heimdal/lib/des/engine.h b/source4/heimdal/lib/des/engine.h
new file mode 100644
index 0000000000..70c0a7688c
--- /dev/null
+++ b/source4/heimdal/lib/des/engine.h
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: engine.h,v 1.4 2006/01/13 15:26:52 lha Exp $
+ */
+
+#ifndef _HEIM_ENGINE_H
+#define _HEIM_ENGINE_H 1
+
+/* symbol renaming */
+#define ENGINE_add_conf_module hc_ENGINE_add_conf_module
+#define ENGINE_by_dso hc_ENGINE_by_dso
+#define ENGINE_by_id hc_ENGINE_by_id
+#define ENGINE_finish hc_ENGINE_finish
+#define ENGINE_get_DH hc_ENGINE_get_DH
+#define ENGINE_get_RSA hc_ENGINE_get_RSA
+#define ENGINE_get_id hc_ENGINE_get_id
+#define ENGINE_get_name hc_ENGINE_get_name
+#define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines
+#define ENGINE_set_DH hc_ENGINE_set_DH
+#define ENGINE_set_RSA hc_ENGINE_set_RSA
+#define ENGINE_set_id hc_ENGINE_set_id
+#define ENGINE_set_name hc_ENGINE_set_name
+#define ENGINE_set_destroy_function hc_ENGINE_set_destroy_function
+#define ENGINE_up_ref hc_ENGINE_up_ref
+
+/*
+ *
+ */
+
+typedef struct hc_engine ENGINE;
+
+#include <hcrypto/rsa.h>
+#include <hcrypto/dsa.h>
+#include <hcrypto/dh.h>
+
+#define OPENSSL_DYNAMIC_VERSION		(unsigned long)0x00020000
+
+typedef int (*openssl_bind_engine)(ENGINE *, const char *, const void *);
+typedef unsigned long (*openssl_v_check)(unsigned long);
+
+void	ENGINE_add_conf_module(void);
+void	ENGINE_load_builtin_engines(void);
+ENGINE *ENGINE_by_id(const char *);
+ENGINE *ENGINE_by_dso(const char *, const char *);
+int	ENGINE_finish(ENGINE *);
+int	ENGINE_up_ref(ENGINE *);
+int	ENGINE_set_id(ENGINE *, const char *);
+int	ENGINE_set_name(ENGINE *, const char *);
+int	ENGINE_set_RSA(ENGINE *, const RSA_METHOD *);
+int	ENGINE_set_DH(ENGINE *, const DH_METHOD *);
+int	ENGINE_set_destroy_function(ENGINE *, void (*)(ENGINE *));
+
+const char *		ENGINE_get_id(const ENGINE *);
+const char *		ENGINE_get_name(const ENGINE *);
+const RSA_METHOD *	ENGINE_get_RSA(const ENGINE *);
+const DH_METHOD *	ENGINE_get_DH(const ENGINE *);
+
+int		ENGINE_set_default_RSA(ENGINE *);
+ENGINE *	ENGINE_get_default_RSA(void);
+int		ENGINE_set_default_DH(ENGINE *);
+ENGINE *	ENGINE_get_default_DH(void);
+
+
+#endif /* _HEIM_ENGINE_H */
diff --git a/source4/heimdal/lib/des/evp.c b/source4/heimdal/lib/des/evp.c
new file mode 100644
index 0000000000..3f89a49bcc
--- /dev/null
+++ b/source4/heimdal/lib/des/evp.c
@@ -0,0 +1,728 @@
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+#include <evp.h>
+
+#include <krb5-types.h>
+
+#include <aes.h>
+#include <des.h>
+#include <sha.h>
+#include <rc2.h>
+#include <rc4.h>
+#include <md2.h>
+#include <md4.h>
+#include <md5.h>
+
+struct hc_evp_md {
+    int hash_size;
+    int block_size;
+    int ctx_size;
+    int (*init)(EVP_MD_CTX *);
+    int (*update)(EVP_MD_CTX *,const void *, size_t );
+    int (*final)(void *, EVP_MD_CTX *);
+    int (*cleanup)(EVP_MD_CTX *);
+};
+
+/*
+ *
+ */
+
+size_t
+EVP_MD_size(const EVP_MD *md)
+{
+    return md->hash_size;
+}
+
+size_t
+EVP_MD_block_size(const EVP_MD *md)
+{
+    return md->block_size;
+}
+
+EVP_MD_CTX *
+EVP_MD_CTX_create(void)
+{
+    return calloc(1, sizeof(EVP_MD_CTX));
+}
+
+void
+EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+{
+    memset(ctx, 0, sizeof(*ctx));
+}
+
+void
+EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
+{
+    EVP_MD_CTX_cleanup(ctx);
+    free(ctx);
+}
+
+int
+EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+{
+    if (ctx->md && ctx->md->cleanup)
+	(ctx->md->cleanup)(ctx);
+    ctx->md = NULL;
+    ctx->engine = NULL;
+    free(ctx->ptr);
+    return 1;
+}
+
+
+const EVP_MD *
+EVP_MD_CTX_md(EVP_MD_CTX *ctx)
+{
+    return ctx->md;
+}
+
+size_t
+EVP_MD_CTX_size(EVP_MD_CTX *ctx)
+{
+    return EVP_MD_size(ctx->md);
+}
+
+size_t
+EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
+{
+    return EVP_MD_block_size(ctx->md);
+}
+
+int
+EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
+{
+    if (ctx->md != md || ctx->engine != engine) {
+	EVP_MD_CTX_cleanup(ctx);
+	ctx->md = md;
+	ctx->engine = engine;
+
+	ctx->ptr = calloc(1, md->ctx_size);
+	if (ctx->ptr == NULL)
+	    return 0;
+    }
+    (ctx->md->init)(ctx->ptr);
+    return 1;
+}
+
+int
+EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
+{
+    (ctx->md->update)(ctx->ptr, data, size);
+    return 1;
+}
+
+int
+EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
+{
+    (ctx->md->final)(hash, ctx->ptr);
+    if (size)
+	*size = ctx->md->hash_size;
+    return 1;
+}
+
+int
+EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize, 
+	   const EVP_MD *md, ENGINE *engine)
+{
+    EVP_MD_CTX *ctx;
+    int ret;
+
+    ctx = EVP_MD_CTX_create();
+    if (ctx == NULL)
+	return 0;
+    ret = EVP_DigestInit_ex(ctx, md, engine);
+    if (ret != 1)
+	return ret;
+    ret = EVP_DigestUpdate(ctx, data, dsize);
+    if (ret != 1)
+	return ret;
+    ret = EVP_DigestFinal_ex(ctx, hash, hsize);
+    if (ret != 1)
+	return ret;
+    EVP_MD_CTX_destroy(ctx);
+    return 1;
+}
+
+/*
+ *
+ */
+
+static const struct hc_evp_md sha1 = {
+    20,
+    64,
+    sizeof(SHA_CTX),
+    (void *)SHA1_Init,
+    (void *)SHA1_Update,
+    (void *)SHA1_Final,
+    NULL
+};
+
+const EVP_MD *
+EVP_sha1(void)
+{
+    return &sha1;
+}
+
+const EVP_MD *
+EVP_sha(void)
+{
+    return &sha1;
+}
+
+const EVP_MD *
+EVP_md5(void)
+{
+    static const struct hc_evp_md md5 = {
+	16,
+	64,
+	sizeof(MD5_CTX),
+	(void *)MD5_Init,
+	(void *)MD5_Update,
+	(void *)MD5_Final,
+	NULL
+    };
+    return &md5;
+}
+
+const EVP_MD *
+EVP_md4(void)
+{
+    static const struct hc_evp_md md4 = {
+	16,
+	64,
+	sizeof(MD4_CTX),
+	(void *)MD4_Init,
+	(void *)MD4_Update,
+	(void *)MD4_Final,
+	NULL
+    };
+    return &md4;
+}
+
+const EVP_MD *
+EVP_md2(void)
+{
+    static const struct hc_evp_md md2 = {
+	16,
+	16,
+	sizeof(MD2_CTX),
+	(void *)MD2_Init,
+	(void *)MD2_Update,
+	(void *)MD2_Final,
+	NULL
+    };
+    return &md2;
+}
+
+/*
+ *
+ */
+
+static void
+null_Init (void *m)
+{
+}
+static void
+null_Update (void *m, const void * data, size_t size)
+{
+}
+static void
+null_Final(void *res, struct md5 *m)
+{
+}
+
+const EVP_MD *
+EVP_md_null(void)
+{
+    static const struct hc_evp_md null = {
+	0,
+	0,
+	0,
+	(void *)null_Init,
+	(void *)null_Update,
+	(void *)null_Final,
+	NULL
+    };
+    return &null;
+}
+
+#if 0
+void	EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+int	EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+int	EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+int	EVP_SignFinal(EVP_MD_CTX *, void *, size_t *, EVP_PKEY *);
+int	EVP_VerifyFinal(EVP_MD_CTX *, const void *, size_t, EVP_PKEY *);
+#endif
+
+/*
+ *
+ */
+
+size_t
+EVP_CIPHER_block_size(const EVP_CIPHER *c)
+{
+    return c->block_size;
+}
+
+size_t
+EVP_CIPHER_key_length(const EVP_CIPHER *c)
+{
+    return c->key_len;
+}
+
+size_t
+EVP_CIPHER_iv_length(const EVP_CIPHER *c)
+{
+    return c->iv_len;
+}
+
+void
+EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
+{
+    memset(c, 0, sizeof(*c));
+}
+
+int
+EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
+{
+    if (c->cipher && c->cipher->cleanup)
+	c->cipher->cleanup(c);
+    if (c->cipher_data) {
+	free(c->cipher_data);
+	c->cipher_data = NULL;
+    }
+    return 1;
+}
+
+#if 0
+int
+EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
+{
+    return 0;
+}
+
+int
+EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
+{
+    return 0;
+}
+#endif
+
+const EVP_CIPHER *
+EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher;
+}
+
+size_t
+EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
+{
+    return EVP_CIPHER_block_size(ctx->cipher);
+}
+
+size_t
+EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
+{
+    return EVP_CIPHER_key_length(ctx->cipher);
+}
+
+size_t
+EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+{
+    return EVP_CIPHER_iv_length(ctx->cipher);
+}
+
+unsigned long
+EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher->flags;
+}
+
+int
+EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
+{
+    return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
+}
+
+void *
+EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
+{
+    return ctx->app_data;
+}
+
+void
+EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
+{
+    ctx->app_data = data;
+}
+
+int
+EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
+		  const void *key, const void *iv, int encp)
+{
+    if (encp == -1)
+	encp = ctx->encrypt;
+    else
+	ctx->encrypt = (encp ? 1 : 0);
+
+    if (c && (c != ctx->cipher)) {
+	EVP_CIPHER_CTX_cleanup(ctx);
+	ctx->cipher = c;
+	ctx->key_len = c->key_len;
+
+	ctx->cipher_data = malloc(c->ctx_size);
+	if (ctx->cipher_data == NULL && c->ctx_size != 0)
+	    return 0;
+
+    } else if (ctx->cipher == NULL) {
+	/* reuse of cipher, but not any cipher ever set! */
+	return 0;
+    }
+
+    switch (EVP_CIPHER_CTX_flags(ctx)) {
+    case EVP_CIPH_CBC_MODE:
+
+	assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
+
+	if (iv)
+	    memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+	memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+	break;
+    default:
+	return 0;
+    }
+
+    if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
+	ctx->cipher->init(ctx, key, iv, encp);
+
+    return 1;
+}
+
+int
+EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
+{
+    return ctx->cipher->do_cipher(ctx, out, in, size);
+}
+
+/*
+ *
+ */
+
+static int
+enc_null_init(EVP_CIPHER_CTX *ctx,
+		  const unsigned char * key,
+		  const unsigned char * iv,
+		  int encp)
+{
+    return 1;
+}
+
+static int
+enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
+	      unsigned char *out,
+	      const unsigned char *in,
+	      unsigned int size)
+{
+    memmove(out, in, size);
+    return 1;
+}
+
+static int
+enc_null_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    return 1;
+}
+
+const EVP_CIPHER *
+EVP_enc_null(void)
+{
+    static const EVP_CIPHER enc_null = {
+	0,
+	0,
+	0,
+	0,
+	EVP_CIPH_CBC_MODE,
+	enc_null_init,
+	enc_null_do_cipher,
+	enc_null_cleanup,
+	0,
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &enc_null;
+}
+
+/*
+ *
+ */
+
+struct rc2_cbc {
+    unsigned int maximum_effective_key;
+    RC2_KEY key;
+};
+
+static int
+rc2_init(EVP_CIPHER_CTX *ctx,
+	 const unsigned char * key,
+	 const unsigned char * iv,
+	 int encp)
+{
+    struct rc2_cbc *k = ctx->cipher_data;
+    k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
+    RC2_set_key(&k->key,
+		EVP_CIPHER_CTX_key_length(ctx),
+		key,
+		k->maximum_effective_key);
+    return 1;
+}
+
+static int
+rc2_do_cipher(EVP_CIPHER_CTX *ctx,
+	      unsigned char *out,
+	      const unsigned char *in,
+	      unsigned int size)
+{
+    struct rc2_cbc *k = ctx->cipher_data;
+    RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+rc2_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
+    return 1;
+}
+
+
+const EVP_CIPHER *
+EVP_rc2_cbc(void)
+{
+    static const EVP_CIPHER rc2_cbc = {
+	0,
+	RC2_BLOCK_SIZE,
+	RC2_KEY_LENGTH,
+	RC2_BLOCK_SIZE,
+	EVP_CIPH_CBC_MODE,
+	rc2_init,
+	rc2_do_cipher,
+	rc2_cleanup,
+	sizeof(struct rc2_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_cbc;
+}
+
+const EVP_CIPHER *
+EVP_rc2_40_cbc(void)
+{
+    static const EVP_CIPHER rc2_40_cbc = {
+	0,
+	RC2_BLOCK_SIZE,
+	5,
+	RC2_BLOCK_SIZE,
+	EVP_CIPH_CBC_MODE,
+	rc2_init,
+	rc2_do_cipher,
+	rc2_cleanup,
+	sizeof(struct rc2_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &rc2_40_cbc;
+}
+
+/*
+ *
+ */
+
+const EVP_CIPHER *
+EVP_rc4(void)
+{
+    printf("evp rc4\n");
+    abort();
+    return NULL;
+}
+
+const EVP_CIPHER *
+EVP_rc4_40(void)
+{
+    printf("evp rc4_40\n");
+    abort();
+    return NULL;
+}
+
+/*
+ *
+ */
+
+struct des_ede3_cbc {
+    DES_key_schedule ks[3];
+};
+
+static int
+des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
+		  const unsigned char * key,
+		  const unsigned char * iv,
+		  int encp)
+{
+    struct des_ede3_cbc *k = ctx->cipher_data;
+
+    DES_key_sched((DES_cblock *)(key), &k->ks[0]);
+    DES_key_sched((DES_cblock *)(key + 8), &k->ks[1]);
+    DES_key_sched((DES_cblock *)(key + 16), &k->ks[2]);
+
+    return 1;
+}
+
+static int
+des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
+		       unsigned char *out,
+		       const unsigned char *in,
+		       unsigned int size)
+{
+    struct des_ede3_cbc *k = ctx->cipher_data;
+    DES_ede3_cbc_encrypt(in, out, size,
+			 &k->ks[0], &k->ks[1], &k->ks[2],
+			 (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
+    return 1;
+}
+
+const EVP_CIPHER *
+EVP_des_ede3_cbc(void)
+{
+    static const EVP_CIPHER des_ede3_cbc = {
+	0,
+	8,
+	24,
+	8,
+	EVP_CIPH_CBC_MODE,
+	des_ede3_cbc_init,
+	des_ede3_cbc_do_cipher,
+	des_ede3_cbc_cleanup,
+	sizeof(struct des_ede3_cbc),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &des_ede3_cbc;
+}
+
+/*
+ *
+ */
+
+static int
+aes_init(EVP_CIPHER_CTX *ctx,
+	 const unsigned char * key,
+	 const unsigned char * iv,
+	 int encp)
+{
+    AES_KEY *k = ctx->cipher_data;
+    if (ctx->encrypt)
+	AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k);
+    else
+	AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k);
+    return 1;
+}
+
+static int
+aes_do_cipher(EVP_CIPHER_CTX *ctx,
+	      unsigned char *out,
+	      const unsigned char *in,
+	      unsigned int size)
+{
+    AES_KEY *k = ctx->cipher_data;
+    AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int
+aes_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx->cipher_data, 0, sizeof(AES_KEY));
+    return 1;
+}
+
+const EVP_CIPHER *
+EVP_aes_128_cbc(void)
+{
+    static const EVP_CIPHER aes_128_cbc = {
+	0,
+	16,
+	16,
+	16,
+	EVP_CIPH_CBC_MODE,
+	aes_init,
+	aes_do_cipher,
+	aes_cleanup,
+	sizeof(AES_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &aes_128_cbc;
+}
+
+const EVP_CIPHER *
+EVP_aes_192_cbc(void)
+{
+    static const EVP_CIPHER aes_192_cbc = {
+	0,
+	16,
+	24,
+	16,
+	EVP_CIPH_CBC_MODE,
+	aes_init,
+	aes_do_cipher,
+	aes_cleanup,
+	sizeof(AES_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &aes_192_cbc;
+}
+
+
+const EVP_CIPHER *
+EVP_aes_256_cbc(void)
+{
+    static const EVP_CIPHER aes_256_cbc = {
+	0,
+	16,
+	32,
+	16,
+	EVP_CIPH_CBC_MODE,
+	aes_init,
+	aes_do_cipher,
+	aes_cleanup,
+	sizeof(AES_KEY),
+	NULL,
+	NULL,
+	NULL,
+	NULL
+    };
+    return &aes_256_cbc;
+}
diff --git a/source4/heimdal/lib/des/evp.h b/source4/heimdal/lib/des/evp.h
new file mode 100644
index 0000000000..a04f17aabf
--- /dev/null
+++ b/source4/heimdal/lib/des/evp.h
@@ -0,0 +1,231 @@
+/*
+ * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: evp.h,v 1.3 2006/02/28 14:17:25 lha Exp $ */
+
+#ifndef HEIM_EVP_H
+#define HEIM_EVP_H 1
+
+#include <hcrypto/engine.h>
+
+/* symbol renaming */
+#define EVP_CIPHER_CTX_block_size hc_EVP_CIPHER_CTX_block_size
+#define EVP_CIPHER_CTX_cipher hc_EVP_CIPHER_CTX_cipher
+#define EVP_CIPHER_CTX_cleanup hc_EVP_CIPHER_CTX_cleanup
+#define EVP_CIPHER_CTX_flags hc_EVP_CIPHER_CTX_flags
+#define EVP_CIPHER_CTX_get_app_data hc_EVP_CIPHER_CTX_get_app_data
+#define EVP_CIPHER_CTX_init hc_EVP_CIPHER_CTX_init
+#define EVP_CIPHER_CTX_iv_length hc_EVP_CIPHER_CTX_iv_length
+#define EVP_CIPHER_CTX_key_length hc_EVP_CIPHER_CTX_key_length
+#define EVP_CIPHER_CTX_mode hc_EVP_CIPHER_CTX_mode
+#define EVP_CIPHER_CTX_set_app_data hc_EVP_CIPHER_CTX_set_app_data
+#define EVP_CIPHER_CTX_set_key_length hc_EVP_CIPHER_CTX_set_key_length
+#define EVP_CIPHER_CTX_set_padding hc_EVP_CIPHER_CTX_set_padding
+#define EVP_CIPHER_block_size hc_EVP_CIPHER_block_size
+#define EVP_CIPHER_iv_length hc_EVP_CIPHER_iv_length
+#define EVP_CIPHER_key_length hc_EVP_CIPHER_key_length
+#define EVP_Cipher hc_EVP_Cipher
+#define EVP_CipherInit_ex hc_EVP_CipherInit_ex
+#define EVP_Digest hc_EVP_Digest
+#define EVP_DigestFinal_ex hc_EVP_DigestFinal_ex
+#define EVP_DigestInit_ex hc_EVP_DigestInit_ex
+#define EVP_DigestUpdate hc_EVP_DigestUpdate
+#define EVP_MD_CTX_block_size hc_EVP_MD_CTX_block_size
+#define EVP_MD_CTX_cleanup hc_EVP_MD_CTX_cleanup
+#define EVP_MD_CTX_create hc_EVP_MD_CTX_create
+#define EVP_MD_CTX_init hc_EVP_MD_CTX_init
+#define EVP_MD_CTX_destroy hc_EVP_MD_CTX_destroy
+#define EVP_MD_CTX_md hc_EVP_MD_CTX_md
+#define EVP_MD_CTX_size hc_EVP_MD_CTX_size
+#define EVP_MD_block_size hc_EVP_MD_block_size
+#define EVP_MD_size hc_EVP_MD_size
+#define EVP_aes_128_cbc hc_EVP_aes_128_cbc
+#define EVP_aes_192_cbc hc_EVP_aes_192_cbc
+#define EVP_aes_256_cbc hc_EVP_aes_256_cbc
+#define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc
+#define EVP_enc_null hc_EVP_enc_null
+#define EVP_md2 hc_EVP_md2
+#define EVP_md4 hc_EVP_md4
+#define EVP_md5 hc_EVP_md5
+#define EVP_md_null hc_EVP_md_null
+#define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc
+#define EVP_rc2_cbc hc_EVP_rc2_cbc
+#define EVP_rc4 hc_EVP_rc4
+#define EVP_rc4_40 hc_EVP_rc4_40
+#define EVP_sha hc_EVP_sha
+#define EVP_sha1 hc_EVP_sha1
+#define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1
+
+/*
+ *
+ */
+
+typedef struct hc_EVP_MD_CTX EVP_MD_CTX;
+typedef struct hc_evp_pkey EVP_PKEY;
+typedef struct hc_evp_md EVP_MD;
+typedef struct hc_CIPHER EVP_CIPHER;
+typedef struct hc_CIPHER_CTX EVP_CIPHER_CTX;
+
+#define EVP_MAX_IV_LENGTH	16
+#define EVP_MAX_BLOCK_LENGTH	32
+
+#define EVP_MAX_MD_SIZE		64
+
+struct hc_CIPHER {
+    int nid;
+    int block_size;
+    int key_len;
+    int iv_len;
+    unsigned long flags;
+    /* The lowest 3 bits is used as integer field for the mode the
+     * cipher is used in (use EVP_CIPHER.._mode() to extract the
+     * mode). The rest of the flag field is a bitfield.
+     */
+#define EVP_CIPH_CBC_MODE		2
+#define EVP_CIPH_MODE			0x7
+
+#define EVP_CIPH_ALWAYS_CALL_INIT	0x20
+
+    int (*init)(EVP_CIPHER_CTX*,const unsigned char*,const unsigned char*,int);
+    int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *,
+		     const unsigned char *, unsigned int);
+    int (*cleanup)(EVP_CIPHER_CTX *);
+    int ctx_size;
+    void *set_asn1_parameters;
+    void *get_asn1_parameters;
+    void *ctrl;
+    void *app_data;
+};
+
+struct hc_CIPHER_CTX {
+    const EVP_CIPHER *cipher;
+    ENGINE *engine;
+    int encrypt;
+    int buf_len;
+    unsigned char oiv[EVP_MAX_IV_LENGTH];
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+    unsigned char buf[EVP_MAX_BLOCK_LENGTH];
+    int num;
+    void *app_data;
+    int key_len;
+    unsigned long flags;
+    void *cipher_data;
+    int final_used;
+    int block_mask;
+    unsigned char final[EVP_MAX_BLOCK_LENGTH];
+};
+
+struct hc_EVP_MD_CTX {
+    const EVP_MD *md;
+    ENGINE *engine;
+    void *ptr;
+};
+
+/*
+ * Avaible crypto algs
+ */
+
+const EVP_MD *EVP_md_null(void);
+const EVP_MD *EVP_md2(void);
+const EVP_MD *EVP_md4(void);
+const EVP_MD *EVP_md5(void);
+const EVP_MD *EVP_sha(void);
+const EVP_MD *EVP_sha1(void);
+
+const EVP_CIPHER * EVP_aes_128_cbc(void);
+const EVP_CIPHER * EVP_aes_192_cbc(void);
+const EVP_CIPHER * EVP_aes_256_cbc(void);
+const EVP_CIPHER * EVP_des_ede3_cbc(void);
+const EVP_CIPHER * EVP_enc_null(void);
+const EVP_CIPHER * EVP_rc2_40_cbc(void);
+const EVP_CIPHER * EVP_rc2_cbc(void);
+const EVP_CIPHER * EVP_rc4(void);
+const EVP_CIPHER * EVP_rc4_40(void);
+
+/*
+ *
+ */
+
+size_t	EVP_MD_size(const EVP_MD *);
+size_t	EVP_MD_block_size(const EVP_MD *);
+
+const EVP_MD *
+	EVP_MD_CTX_md(EVP_MD_CTX *);
+size_t	EVP_MD_CTX_size(EVP_MD_CTX *);
+size_t	EVP_MD_CTX_block_size(EVP_MD_CTX *);
+
+EVP_MD_CTX *
+	EVP_MD_CTX_create(void);
+void	EVP_MD_CTX_init(EVP_MD_CTX *);
+void	EVP_MD_CTX_destroy(EVP_MD_CTX *);
+int	EVP_MD_CTX_cleanup(EVP_MD_CTX *);
+
+int	EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *);
+int	EVP_DigestUpdate(EVP_MD_CTX *,const void *, size_t);
+int	EVP_DigestFinal_ex(EVP_MD_CTX *, void *, unsigned int *);
+int	EVP_Digest(const void *, size_t, void *, unsigned int *, 
+		   const EVP_MD *, ENGINE *);
+/*
+ *
+ */
+
+size_t	EVP_CIPHER_block_size(const EVP_CIPHER *);
+size_t	EVP_CIPHER_key_length(const EVP_CIPHER *);
+size_t	EVP_CIPHER_iv_length(const EVP_CIPHER *);
+
+void	EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *);
+int	EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
+int	EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int);
+int	EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int);
+unsigned long
+	EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *);
+int	EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *);
+
+const EVP_CIPHER *
+	EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *);
+size_t	EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
+size_t	EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *);
+size_t	EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *);
+void *	EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *);
+void	EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *, void *);
+
+int	EVP_CipherInit_ex(EVP_CIPHER_CTX *,const EVP_CIPHER *, ENGINE *,
+			  const void *, const void *, int);
+
+int	EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t);
+
+int	PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t,
+			       unsigned long, size_t, void *);
+
+
+#endif /* HEIM_EVP_H */
diff --git a/source4/heimdal/lib/des/hcrypto b/source4/heimdal/lib/des/hcrypto
new file mode 120000
index 0000000000..023d458e1d
--- /dev/null
+++ b/source4/heimdal/lib/des/hcrypto
@@ -0,0 +1 @@
+./../des
\ No newline at end of file
diff --git a/source4/heimdal/lib/des/hmac.c b/source4/heimdal/lib/des/hmac.c
new file mode 100644
index 0000000000..1d323b3725
--- /dev/null
+++ b/source4/heimdal/lib/des/hmac.c
@@ -0,0 +1,119 @@
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <hmac.h>
+
+void
+HMAC_CTX_init(HMAC_CTX *ctx)
+{
+    memset(ctx, 0, sizeof(*ctx));
+}
+
+void
+HMAC_CTX_cleanup(HMAC_CTX *ctx)
+{
+    if (ctx->buf) {
+	memset(ctx->buf, 0, ctx->key_length);
+	free(ctx->buf);
+	ctx->buf = NULL;
+    }
+    if (ctx->opad) {
+	memset(ctx->ipad, 0, ctx->key_length);
+	free(ctx->opad);
+	ctx->opad = NULL;
+    }
+    if (ctx->ipad) {
+	memset(ctx->ipad, 0, ctx->key_length);
+	free(ctx->ipad);
+	ctx->ipad = NULL;
+    }
+    EVP_MD_CTX_cleanup(ctx->ctx);
+}
+
+size_t
+HMAC_size(const HMAC_CTX *ctx)
+{
+    return EVP_MD_size(ctx->md);
+}
+
+void
+HMAC_Init_ex(HMAC_CTX *ctx,
+	     const void *key,
+	     size_t keylen,
+	     const EVP_MD *md,
+	     ENGINE *engine)
+{
+    unsigned char *p;
+    size_t i;
+
+    if (ctx->md != md) {
+	ctx->md = md;
+	if (ctx->buf)
+	    free (ctx->buf);
+	ctx->key_length = EVP_MD_size(ctx->md);
+	ctx->buf = malloc(ctx->key_length);
+    }
+#if 0
+    ctx->engine = engine;
+#endif
+
+    if (keylen > EVP_MD_block_size(ctx->md)) {
+	EVP_Digest(key, keylen, ctx->buf, NULL, ctx->md, engine);
+	key = ctx->buf;
+	keylen = EVP_MD_size(ctx->md);
+    }
+
+    if (ctx->opad)
+	free(ctx->opad);
+    if (ctx->ipad)
+	free(ctx->ipad);
+
+    ctx->opad = malloc(EVP_MD_block_size(ctx->md));
+    ctx->ipad = malloc(EVP_MD_block_size(ctx->md));
+    memset(ctx->ipad, 0x36, EVP_MD_block_size(ctx->md));
+    memset(ctx->opad, 0x5c, EVP_MD_block_size(ctx->md));
+
+    for (i = 0, p = ctx->ipad; i < keylen; i++)
+	p[i] ^= ((const unsigned char *)key)[i];
+    for (i = 0, p = ctx->opad; i < keylen; i++)
+	p[i] ^= ((const unsigned char *)key)[i];
+
+    ctx->ctx = EVP_MD_CTX_create();
+
+    EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
+    EVP_DigestUpdate(ctx->ctx, ctx->ipad, EVP_MD_block_size(ctx->md));
+}
+
+void
+HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len)
+{
+    EVP_DigestUpdate(ctx->ctx, data, len);
+}
+
+void
+HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len)
+{
+    EVP_DigestFinal_ex(ctx->ctx, ctx->buf, NULL);
+
+    EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
+    EVP_DigestUpdate(ctx->ctx, ctx->opad, EVP_MD_block_size(ctx->md));
+    EVP_DigestUpdate(ctx->ctx, ctx->buf, ctx->key_length);
+    EVP_DigestFinal_ex(ctx->ctx, md, len);
+}
+
+void *
+HMAC(const EVP_MD *md,
+     const void *key, size_t key_size,
+     const void *data, size_t data_size, 
+     void *hash, unsigned int *hash_len)
+{
+    HMAC_CTX ctx;
+
+    HMAC_CTX_init(&ctx);
+    HMAC_Init_ex(&ctx, key, key_size, md, NULL);
+    HMAC_Update(&ctx, data, data_size);
+    HMAC_Final(&ctx, hash, hash_len);
+    HMAC_CTX_cleanup(&ctx);
+    return hash;
+}
diff --git a/source4/heimdal/lib/des/hmac.h b/source4/heimdal/lib/des/hmac.h
new file mode 100644
index 0000000000..a72ab574e7
--- /dev/null
+++ b/source4/heimdal/lib/des/hmac.h
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: hmac.h,v 1.3 2006/01/13 15:26:52 lha Exp $ */
+
+#ifndef HEIM_HMAC_H
+#define HEIM_HMAC_H 1
+
+#include <hcrypto/evp.h>
+
+/* symbol renaming */
+#define HMAC_CTX_init hc_HMAC_CTX_init
+#define HMAC_CTX_cleanup hc_HMAC_CTX_cleanup
+#define HMAC_size hc_HMAC_size
+#define HMAC_Init_ex hc_HMAC_Init_ex
+#define HMAC_Update hc_HMAC_Update
+#define HMAC_Final hc_HMAC_Final
+#define HMAC hc_HMAC
+
+/*
+ *
+ */
+
+#define HMAC_MAX_MD_CBLOCK	64
+
+typedef struct hc_HMAC_CTX HMAC_CTX;
+
+struct hc_HMAC_CTX {
+    const EVP_MD *md;
+    ENGINE *engine;
+    EVP_MD_CTX *ctx;
+    size_t key_length;
+    void *opad;
+    void *ipad;
+    void *buf;
+};
+
+
+void	HMAC_CTX_init(HMAC_CTX *);
+void	HMAC_CTX_cleanup(HMAC_CTX *ctx);
+
+size_t	HMAC_size(const HMAC_CTX *ctx);
+
+void	HMAC_Init_ex(HMAC_CTX *, const void *, size_t,
+		     const EVP_MD *, ENGINE *);
+void	HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len);
+void	HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len);
+
+void *	HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
+	     const void *data, size_t n, void *md, unsigned int *md_len);
+
+#endif /* HEIM_HMAC_H */
diff --git a/source4/heimdal/lib/des/md2.c b/source4/heimdal/lib/des/md2.c
new file mode 100644
index 0000000000..91d7afd125
--- /dev/null
+++ b/source4/heimdal/lib/des/md2.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+
+RCSID("$Id: md2.c,v 1.1 2006/01/08 21:47:28 lha Exp $");
+#endif
+
+#include "hash.h"
+#include "md2.h"
+
+static const unsigned char subst[256] = {
+  41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
+  19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
+  76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
+  138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
+  245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
+  148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
+  39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
+  181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
+  150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
+  112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
+  96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
+  85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
+  234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
+  129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
+  8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
+  203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
+  166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
+  31, 26, 219, 153, 141, 51, 159, 17, 131, 20
+};
+
+void
+MD2_Init (struct md2 *m)
+{
+    memset(m, 0, sizeof(*m));
+}
+
+static void
+calc(struct md2 *m, const void *v)
+{
+    unsigned char x[48], L;
+    const unsigned char *p = v;
+    int i, j, t;
+
+    L = m->checksum[15];
+    for (i = 0; i < 16; i++)
+	L = m->checksum[i] ^= subst[p[i] ^ L];
+
+    for (i = 0; i < 16; i++) {
+	x[i]      = m->state[i];
+	x[i + 16] = p[i];
+	x[i + 32] = x[i] ^ p[i];
+    }
+
+    t = 0;
+    for (i = 0; i < 18; i++) {
+	for (j = 0; j < 48; j++)
+	    t = x[j] ^= subst[t];
+	t = (t + i) & 0xff;
+    }
+
+    memcpy(m->state, x, 16);
+    memset(x, 0, sizeof(x));
+}
+
+void
+MD2_Update (struct md2 *m, const void *v, size_t len)
+{
+    size_t idx = m->len & 0xf;
+    const unsigned char *p = v;
+
+    m->len += len;
+    if (len + idx >= 16) {
+	if (idx) {
+	    memcpy(m->data + idx, p, 16 - idx);
+	    calc(m, m->data);
+	    p += 16;
+	    len -= 16 - idx;
+	}
+	while (len >= 16) {
+	    calc(m, p);
+	    p += 16;
+	    len -= 16;
+	}
+	idx = 0;
+    }
+
+    memcpy(m->data + idx, p, len);
+}
+
+void
+MD2_Final (void *res, struct md2 *m)
+{
+    unsigned char pad[16];
+    size_t padlen;
+
+    padlen = 16 - (m->len % 16);
+    memset(pad, padlen, padlen);
+
+    MD2_Update(m, pad, padlen);
+    memcpy(pad, m->checksum, 16);
+    MD2_Update(m, pad, 16);
+
+    memcpy(res, m->state, MD2_DIGEST_LENGTH);
+    memset(m, 0, sizeof(m));
+}
diff --git a/source4/heimdal/lib/des/md2.h b/source4/heimdal/lib/des/md2.h
new file mode 100644
index 0000000000..f305d943aa
--- /dev/null
+++ b/source4/heimdal/lib/des/md2.h
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: md2.h,v 1.1 2006/01/08 21:47:28 lha Exp $ */
+
+#ifndef HEIM_MD2_H
+#define HEIM_MD2_H 1
+
+/* symbol renaming */
+#define MD2_Init hc_MD2_Init
+#define MD2_Update hc_MD2_Update
+#define MD2_Final hc_MD2_Final
+
+/*
+ *
+ */
+
+#define MD2_DIGEST_LENGTH 16
+
+struct md2 {
+    size_t len;
+    unsigned char data[16]; /* stored unalligned data between Update's */
+    unsigned char checksum[16];
+    unsigned char state[16]; /* lower 16 bytes of X */
+};
+
+typedef struct md2 MD2_CTX;
+
+void MD2_Init (struct md2 *m);
+void MD2_Update (struct md2 *m, const void *p, size_t len);
+void MD2_Final (void *res, struct md2 *m);
+
+#endif /* HEIM_MD2_H */
diff --git a/source4/heimdal/lib/des/md4.h b/source4/heimdal/lib/des/md4.h
index 92147c8489..79055e0fb0 100644
--- a/source4/heimdal/lib/des/md4.h
+++ b/source4/heimdal/lib/des/md4.h
@@ -31,11 +31,22 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: md4.h,v 1.9 2005/04/10 19:12:38 lha Exp $ */
+/* $Id: md4.h,v 1.10 2006/01/08 21:47:28 lha Exp $ */
 
 #ifndef HEIM_MD4_H
 #define HEIM_MD4_H 1
 
+/* symbol renaming */
+#define MD4_Init hc_MD4_Init
+#define MD4_Update hc_MD4_Update
+#define MD4_Final hc_MD4_Final
+
+/*
+ *
+ */
+
+#define MD4_DIGEST_LENGTH 16
+
 struct md4 {
   unsigned int sz[2];
   u_int32_t counter[4];
diff --git a/source4/heimdal/lib/des/md5.h b/source4/heimdal/lib/des/md5.h
index c0463e02d7..534bc9917e 100644
--- a/source4/heimdal/lib/des/md5.h
+++ b/source4/heimdal/lib/des/md5.h
@@ -31,11 +31,22 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: md5.h,v 1.9 2005/04/10 19:14:34 lha Exp $ */
+/* $Id: md5.h,v 1.10 2006/01/08 21:47:28 lha Exp $ */
 
 #ifndef HEIM_MD5_H
 #define HEIM_MD5_H 1
 
+/* symbol renaming */
+#define MD5_Init hc_MD5_Init
+#define MD5_Update hc_MD5_Update
+#define MD5_Final hc_MD5_Final
+
+/*
+ *
+ */
+
+#define MD5_DIGEST_LENGTH 16
+
 struct md5 {
   unsigned int sz[2];
   u_int32_t counter[4];
diff --git a/source4/heimdal/lib/des/pkcs12.h b/source4/heimdal/lib/des/pkcs12.h
new file mode 100644
index 0000000000..b55f1fced5
--- /dev/null
+++ b/source4/heimdal/lib/des/pkcs12.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: pkcs12.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ */
+
+#ifndef _HEIM_PKCS12_H
+#define _HEIM_PKCS12_H 1
+
+/* symbol renaming */
+#define PKCS12_key_gen hc_PKCS12_key_gen
+
+/*
+ *
+ */
+
+#include <hcrypto/evp.h>
+
+#define PKCS12_KEY_ID 1
+#define PKCS12_IV_ID 2
+
+int	PKCS12_key_gen(const void *, size_t, const void *,
+		       size_t, int, int, size_t, void *, const EVP_MD *);
+
+
+#endif /* _HEIM_PKCS12_H */
diff --git a/source4/heimdal/lib/des/pkcs5.c b/source4/heimdal/lib/des/pkcs5.c
new file mode 100644
index 0000000000..4bfc313741
--- /dev/null
+++ b/source4/heimdal/lib/des/pkcs5.c
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+RCSID("$Id: pkcs5.c,v 1.1 2006/02/28 14:16:57 lha Exp $");
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <evp.h>
+#include <hmac.h>
+
+#include <roken.h>
+
+int
+PKCS5_PBKDF2_HMAC_SHA1(const void * password, size_t password_len,
+		       const void * salt, size_t salt_len,
+		       unsigned long iter,
+		       size_t keylen, void *key)
+{
+    size_t datalen, leftofkey, checksumsize;
+    char *data, *tmpcksum;
+    u_int32_t keypart;
+    const EVP_MD *md;
+    unsigned long i;
+    int j;
+    char *p;
+    unsigned int hmacsize;
+    
+    md = EVP_sha1();
+    checksumsize = EVP_MD_size(md);
+    datalen = salt_len + 4;
+
+    tmpcksum = malloc(checksumsize + datalen);
+    if (tmpcksum == NULL)
+	return 0;
+
+    data = &tmpcksum[checksumsize];
+
+    memcpy(data, salt, salt_len);
+
+    keypart = 1;
+    leftofkey = keylen;
+    p = key;
+
+    while (leftofkey) {
+	int len;
+
+	if (leftofkey > checksumsize)
+	    len = checksumsize;
+	else
+	    len = leftofkey;
+
+	data[datalen - 4] = (keypart >> 24) & 0xff;
+	data[datalen - 3] = (keypart >> 16) & 0xff;
+	data[datalen - 2] = (keypart >> 8)  & 0xff;
+	data[datalen - 1] = (keypart)       & 0xff;
+
+	HMAC(md, password, password_len, data, datalen, 
+	     tmpcksum, &hmacsize);
+
+	memcpy(p, tmpcksum, len);
+	for (i = 1; i < iter; i++) {
+	    HMAC(md, password, password_len, tmpcksum, checksumsize,
+		 tmpcksum, &hmacsize);
+
+	    for (j = 0; j < len; j++)
+		p[j] ^= tmpcksum[j];
+	}
+
+	p += len;
+	leftofkey -= len;
+	keypart++;
+    }
+
+    free(tmpcksum);
+
+    return 1;
+}
diff --git a/source4/heimdal/lib/des/rand.h b/source4/heimdal/lib/des/rand.h
new file mode 100644
index 0000000000..514fe0ced4
--- /dev/null
+++ b/source4/heimdal/lib/des/rand.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: rand.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ */
+
+#ifndef _HEIM_RAND_H
+#define _HEIM_RAND_H 1
+
+#include <hcrypto/bn.h>
+
+/* symbol renaming */
+#define RAND_bytes hc_RAND_bytes
+#define RAND_pseudo_bytes hc_RAND_pseudo_bytes
+
+/*
+ *
+ */
+
+int  RAND_bytes(void *, size_t num);
+int  RAND_pseudo_bytes(void *, size_t);
+
+#endif /* _HEIM_RAND_H */
diff --git a/source4/heimdal/lib/des/rc2.h b/source4/heimdal/lib/des/rc2.h
index 3ff44dca01..b2cd50b880 100755
--- a/source4/heimdal/lib/des/rc2.h
+++ b/source4/heimdal/lib/des/rc2.h
@@ -31,7 +31,17 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: rc2.h,v 1.1 2004/04/23 19:23:00 lha Exp $ */
+/* $Id: rc2.h,v 1.2 2006/01/08 21:47:29 lha Exp $ */
+
+/* symbol renaming */
+#define RC2_set_key hc_RC2_set_key 
+#define RC2_encryptc hc_RC2_encryptc
+#define RC2_decryptc hc_RC2_decryptc
+#define RC2_cbc_encrypt hc_RC2_cbc_encrypt
+
+/*
+ *
+ */
 
 #define RC2_ENCRYPT	1
 #define RC2_DECRYPT	0
diff --git a/source4/heimdal/lib/des/rc4.h b/source4/heimdal/lib/des/rc4.h
index a39e79f236..3c359dc72a 100644
--- a/source4/heimdal/lib/des/rc4.h
+++ b/source4/heimdal/lib/des/rc4.h
@@ -31,7 +31,11 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: rc4.h,v 1.3 2004/03/25 16:39:58 lha Exp $ */
+/* $Id: rc4.h,v 1.4 2006/01/08 21:47:29 lha Exp $ */
+
+/* symbol renaming */
+#define RC4_set_key hc_RC4_set_key
+#define RC4 hc_RC4
 
 typedef struct rc4_key {
     unsigned int x, y;
diff --git a/source4/heimdal/lib/des/rijndael-alg-fst.h b/source4/heimdal/lib/des/rijndael-alg-fst.h
index 028111094d..6b6e2a5cd3 100755
--- a/source4/heimdal/lib/des/rijndael-alg-fst.h
+++ b/source4/heimdal/lib/des/rijndael-alg-fst.h
@@ -28,6 +28,12 @@
 #ifndef __RIJNDAEL_ALG_FST_H
 #define __RIJNDAEL_ALG_FST_H
 
+/* symbol renaming */
+#define rijndaelKeySetupEnc _hc_rijndaelKeySetupEnc
+#define rijndaelKeySetupDec _hc_rijndaelKeySetupDec
+#define rijndaelEncrypt _hc_rijndaelEncrypt
+#define rijndaelDecrypt _hc_rijndaelDecrypt
+
 #define RIJNDAEL_MAXKC	(256/32)
 #define RIJNDAEL_MAXKB	(256/8)
 #define RIJNDAEL_MAXNR	14
diff --git a/source4/heimdal/lib/des/rnd_keys.c b/source4/heimdal/lib/des/rnd_keys.c
index 63dddeb8ce..e27b00defa 100644
--- a/source4/heimdal/lib/des/rnd_keys.c
+++ b/source4/heimdal/lib/des/rnd_keys.c
@@ -34,7 +34,7 @@
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 
-RCSID("$Id: rnd_keys.c,v 1.69 2005/07/20 10:49:24 lha Exp $");
+RCSID("$Id: rnd_keys.c,v 1.70 2006/01/08 21:47:29 lha Exp $");
 #endif
 
 #ifdef KRB5
@@ -324,6 +324,8 @@ DES_generate_random_block(DES_cblock *block)
   DES_rand_data((unsigned char *)block, sizeof(*block));
 }
 
+#define DES_rand_data_key hc_DES_rand_data_key
+
 void
 DES_rand_data_key(DES_cblock *key);
 
@@ -353,6 +355,9 @@ DES_rand_data_key(DES_cblock *key)
  * It's neccessary to be root to run it. Returns -1 if there were any
  * problems with permissions.
  */
+
+#define DES_mem_rand8 hc_DES_mem_rand8
+
 int
 DES_mem_rand8(unsigned char *data);
 
diff --git a/source4/heimdal/lib/des/rsa.h b/source4/heimdal/lib/des/rsa.h
new file mode 100644
index 0000000000..da9d2ea4b1
--- /dev/null
+++ b/source4/heimdal/lib/des/rsa.h
@@ -0,0 +1,164 @@
+/*
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden). 
+ * All rights reserved. 
+ *
+ * Redistribution and use in source and binary forms, with or without 
+ * modification, are permitted provided that the following conditions 
+ * are met: 
+ *
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in the 
+ *    documentation and/or other materials provided with the distribution. 
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this software 
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
+ * SUCH DAMAGE. 
+ */
+
+/*
+ * $Id: rsa.h,v 1.2 2006/01/13 15:26:52 lha Exp $
+ */
+
+#ifndef _HEIM_RSA_H
+#define _HEIM_RSA_H 1
+
+/* symbol renaming */
+#define RSA_null_method hc_RSA_null_method
+#define RSA_new hc_RSA_new
+#define RSA_new_method hc_RSA_new_method
+#define RSA_free hc_RSA_free
+#define RSA_up_ref hc_RSA_up_ref
+#define RSA_set_default_method hc_RSA_set_default_method
+#define RSA_get_default_method hc_RSA_get_default_method
+#define RSA_set_method hc_RSA_set_method
+#define RSA_get_method hc_RSA_get_method
+#define RSA_set_app_data hc_RSA_set_app_data
+#define RSA_get_app_data hc_RSA_get_app_data
+#define RSA_check_key hc_RSA_check_key
+#define RSA_size hc_RSA_size
+#define RSA_public_encrypt hc_RSA_public_encrypt
+#define RSA_public_decrypt hc_RSA_public_decrypt
+#define RSA_private_encrypt hc_RSA_private_encrypt
+#define RSA_private_decrypt hc_RSA_private_decrypt
+#define RSA_sign hc_RSA_sign
+#define RSA_verify hc_RSA_verify
+#define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey
+
+/*
+ *
+ */
+
+typedef struct RSA RSA;
+typedef struct RSA_METHOD RSA_METHOD;
+
+#include <hcrypto/bn.h>
+#include <hcrypto/engine.h>
+
+struct RSA_METHOD {
+    const char *name;
+    int (*rsa_pub_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
+    int (*rsa_pub_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
+    int (*rsa_priv_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
+    int (*rsa_priv_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
+    void *rsa_mod_exp;
+    void *bn_mod_exp;
+    int (*init)(RSA *rsa);
+    int (*finish)(RSA *rsa);
+    int flags;
+    char *app_data;
+    int (*rsa_sign)(int, const unsigned char *, unsigned int,
+		    unsigned char *, unsigned int *, const RSA *);
+    int (*rsa_verify)(int, const unsigned char *, unsigned int,
+		      unsigned char *, unsigned int, const RSA *);
+    int (*rsa_keygen)(RSA *, int, BIGNUM *, BN_GENCB *);
+};
+
+struct RSA {
+    int pad;
+    long version;
+    const RSA_METHOD *meth;
+    void *engine;
+    BIGNUM *n;
+    BIGNUM *e;
+    BIGNUM *d;
+    BIGNUM *p;
+    BIGNUM *q;
+    BIGNUM *dmp1;
+    BIGNUM *dmq1;
+    BIGNUM *iqmp;
+    struct rsa_CRYPTO_EX_DATA {
+	void *sk;
+	int dummy;
+    } ex_data;
+    int references;
+    int flags;
+    void *_method_mod_n;
+    void *_method_mod_p;
+    void *_method_mod_q;
+
+    char *bignum_data;
+    void *blinding;
+    void *mt_blinding;
+};
+
+#define RSA_FLAG_SIGN_VER		0x40
+
+#define RSA_PKCS1_PADDING		1
+#define RSA_PKCS1_PADDING_SIZE		11
+
+/*
+ *
+ */
+
+const RSA_METHOD *RSA_null_method(void);
+
+/*
+ *
+ */
+
+RSA *	RSA_new(void);
+RSA *	RSA_new_method(ENGINE *);
+void	RSA_free(RSA *);
+int	RSA_up_ref(RSA *);
+
+void	RSA_set_default_method(const RSA_METHOD *);
+const RSA_METHOD * RSA_get_default_method(void);
+
+const RSA_METHOD * RSA_get_method(const RSA *);
+int RSA_set_method(RSA *, const RSA_METHOD *);
+
+int	RSA_set_app_data(RSA *, void *arg);
+void *	RSA_get_app_data(RSA *);
+
+int	RSA_check_key(const RSA *);
+int	RSA_size(const RSA *);
+
+int	RSA_public_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
+int	RSA_private_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
+int	RSA_public_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
+int	RSA_private_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
+
+int RSA_sign(int, const unsigned char *, unsigned int,
+	     unsigned char *, unsigned int *, RSA *);
+int RSA_verify(int, const unsigned char *, unsigned int,
+	       unsigned char *, unsigned int, RSA *);
+
+RSA *	d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t);
+
+#endif /* _HEIM_RSA_H */
diff --git a/source4/heimdal/lib/des/sha.h b/source4/heimdal/lib/des/sha.h
index 77d84fbe6f..4657fad51f 100644
--- a/source4/heimdal/lib/des/sha.h
+++ b/source4/heimdal/lib/des/sha.h
@@ -31,11 +31,22 @@
  * SUCH DAMAGE.
  */
 
-/* $Id: sha.h,v 1.8 2005/04/10 19:18:13 lha Exp $ */
+/* $Id: sha.h,v 1.9 2006/01/08 21:47:29 lha Exp $ */
 
 #ifndef HEIM_SHA_H
 #define HEIM_SHA_H 1
 
+/* symbol renaming */
+#define SHA1_Init hc_SHA1_Init
+#define SHA1_Update hc_SHA1_Update
+#define SHA1_Final hc_SHA1_Final
+
+/*
+ *
+ */
+
+#define SHA_DIGEST_LENGTH 20
+
 struct sha {
   unsigned int sz[2];
   u_int32_t counter[5];
diff --git a/source4/heimdal/lib/des/ui.c b/source4/heimdal/lib/des/ui.c
index 92538735c4..276367e186 100644
--- a/source4/heimdal/lib/des/ui.c
+++ b/source4/heimdal/lib/des/ui.c
@@ -33,7 +33,7 @@
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-RCSID("$Id: ui.c,v 1.4 2005/04/30 14:10:18 lha Exp $");
+RCSID("$Id: ui.c,v 1.5 2006/01/08 21:47:29 lha Exp $");
 #endif
 
 #include <stdio.h>
@@ -43,7 +43,7 @@ RCSID("$Id: ui.c,v 1.4 2005/04/30 14:10:18 lha Exp $");
 #include <termios.h>
 #include <roken.h>
 
-#include <des.h>
+#include <ui.h>
 
 static sig_atomic_t intr_flag;
 
diff --git a/source4/heimdal/lib/des/ui.h b/source4/heimdal/lib/des/ui.h
new file mode 100644
index 0000000000..d6e68e12cc
--- /dev/null
+++ b/source4/heimdal/lib/des/ui.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2005 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: ui.h,v 1.1 2006/01/08 21:47:29 lha Exp $ */
+
+#ifndef _HEIM_UI_H
+#define _HEIM_UI_H 1
+
+/* symbol renaming */
+#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string
+
+int	UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
+
+#endif /* _HEIM_UI_H */
+