From owner-imc-sfl Tue Mar 24 18:54:34 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA10222 for imc-sfl-bks; Tue, 24 Mar 1998 18:54:34 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id SAA10218 for ; Tue, 24 Mar 1998 18:54:33 -0800 (PST) Message-Id: <199803250254.SAA10218@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Tue, 24 Mar 1998 18:53:56 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Starting the imc-sfl mailing list Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk Greetings. As you know, this mailing list is for discussing the S/MIME Freeware Library from Van Dyke and Associates. If you're on this list, you've probably downloaded the Word files from . So, feel free to make comments. The list is open to any kind of discussion of the library. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Wed Mar 25 08:59:13 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id IAA29800 for imc-sfl-bks; Wed, 25 Mar 1998 08:59:13 -0800 (PST) Received: from netscape.com (h-205-217-237-47.netscape.com [205.217.237.47]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id IAA29796 for ; Wed, 25 Mar 1998 08:59:12 -0800 (PST) Received: from judge.mcom.com (judge.mcom.com [205.217.237.53]) by netscape.com (8.8.5/8.8.5) with ESMTP id IAA01949 for ; Wed, 25 Mar 1998 08:58:47 -0800 (PST) Received: from netscape.com ([205.217.232.77]) by judge.mcom.com (Netscape Messaging Server 3.5) with ESMTP id AAA32C2 for ; Wed, 25 Mar 1998 08:58:44 -0800 Message-ID: <351937C5.FCE10478@netscape.com> Date: Wed, 25 Mar 1998 11:58:45 -0500 From: hecker@netscape.com (Frank Hecker) Organization: Netscape Communications Corp. X-Mailer: Mozilla 4.04 [en] (Win95; U) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: Format of published SFL documents Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk An initial request to the folks at JG Van Dyke and Associates and others: When you publish SFL documents for public comment, could you please publish them in HTML (or plain text) instead of or in addition to formats such as MS Word? The documents currently referenced appear to all be in Word97 format, and this imposes an extra burden on people who either don't have Word or have an earlier version. If for some reason the documents cannot be converted to HTML or would appear illegible in that format, it would be nice if they could at least be published in an earlier Word format (if Word97 can do this -- I'm not that familar with it). Thanks, Frank -- Frank Hecker Pre-sales support, Netscape government sales hecker@netscape.com http://people.netscape.com/hecker/ From owner-imc-sfl Thu Mar 26 13:41:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA26407 for imc-sfl-bks; Thu, 26 Mar 1998 13:41:54 -0800 (PST) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA26403 for ; Thu, 26 Mar 1998 13:41:53 -0800 (PST) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.0) id NAA23677; Thu, 26 Mar 1998 13:41:10 -0800 (PST) Received: from verisign.com by mentat.verisign.com (8.8.5/BCH1.0) id NAA04074; Thu, 26 Mar 1998 13:41:27 -0800 (PST) Message-ID: <351ACBDB.D1358E54@verisign.com> Date: Thu, 26 Mar 1998 13:42:51 -0800 From: Xinhong Yuan X-Mailer: Mozilla 4.04 [en] (WinNT; I) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: question about using SFL Content-Type: multipart/mixed; boundary="------------2736FF50B4030161B0420831" Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. --------------2736FF50B4030161B0420831 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I am a new comer to this mailing list. my question is that if I use SFL only and I don't care about the lower level like cti or bsafe, do I still have to get those libraries besides sfl? --------------2736FF50B4030161B0420831 Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Xinhong Yuan Content-Disposition: attachment; filename="vcard.vcf" begin: vcard fn: Xinhong Yuan n: Yuan;Xinhong org: VeriSign Inc. adr: 1390 Shorebird Way;;;Mountain View;CA;94043;US email;internet: xyuan@verisign.com tel;work: 650-429-3308 tel;fax: 650-961-7300 tel;home: 408-730-2123 x-mozilla-cpt: ;0 x-mozilla-html: FALSE version: 2.1 end: vcard --------------2736FF50B4030161B0420831-- From owner-imc-sfl Thu Mar 26 14:49:30 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA26875 for imc-sfl-bks; Thu, 26 Mar 1998 14:49:30 -0800 (PST) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id OAA26871 for ; Thu, 26 Mar 1998 14:49:29 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id WAA19144; Thu, 26 Mar 1998 22:49:25 GMT Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05096; Thu, 26 Mar 1998 17:50:37 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id RAA19646; Thu, 26 Mar 1998 17:50:36 -0500 Date: Thu, 26 Mar 1998 17:50:36 -0500 Message-Id: <199803262250.RAA19646@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: hecker@netscape.com (Frank Hecker), imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Format of published SFL documents Sender: owner-imc-sfl@imc.org Precedence: bulk Frank, You make an excellent point. The SFL documents are currently available in Word 97. They contain diagrams created using Word 97 which did not survive a simple export of the documents from Word 97 as html files. How about if we create RTF versions?? This preserves the diagrams. Please let me know if RTF meets your requirements. ALL: If RTF is not satisfactory to anybody else, please let me know. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 11:58 AM 3/25/98 -0500, Frank Hecker wrote: >An initial request to the folks at JG Van Dyke and Associates and >others: When you publish SFL documents for public comment, could you >please publish them in HTML (or plain text) instead of or in addition to >formats such as MS Word? The documents currently referenced appear to >all be in Word97 format, and this imposes an extra burden on people who >either don't have Word or have an earlier version. > >If for some reason the documents cannot be converted to HTML or would >appear illegible in that format, it would be nice if they could at least >be published in an earlier Word format (if Word97 can do this -- I'm not >that familar with it). > >Thanks, > >Frank >-- >Frank Hecker Pre-sales support, Netscape government sales >hecker@netscape.com http://people.netscape.com/hecker/ > From owner-imc-sfl Thu Mar 26 15:41:40 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA27349 for imc-sfl-bks; Thu, 26 Mar 1998 15:41:40 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA27345 for ; Thu, 26 Mar 1998 15:41:37 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id XAA21354; Thu, 26 Mar 1998 23:41:48 GMT Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05349; Thu, 26 Mar 1998 18:43:03 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id SAA20773; Thu, 26 Mar 1998 18:43:04 -0500 Date: Thu, 26 Mar 1998 18:43:04 -0500 Message-Id: <199803262343.SAA20773@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Xinhong Yuan , imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: question about using SFL Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, The SFL high-level library is not very useful without one or more accompanying low-level crypto token libraries. If you were to create a "stubbed out" SFL Crypto Token Interface Library (CTIL) that does not actually perform any crypto functions, then you could use the SFL high-level library in conjunction with the stubbed-out CTIL to build and process ASN.1 encoded CMS objects which include bogus signature values and which are not actually encrypted. This might be useful for laboratory test purposes, but obviously it doesn't provide useful security services. We are initially developing a SFL CTIL for the freeware Crypto++ library to provide 3DES, D-H and DSA. The vendor would need to download the Crypto++ freeware library from the Crypto++ Home Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code that is obtained from us. This combination would provide useful security services. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 01:42 PM 3/26/98 -0800, Xinhong Yuan wrote: >Hi, >I am a new comer to this mailing list. my question is that if I use SFL >only and I don't care about the lower level like cti or bsafe, do I >still have to get those libraries besides sfl? > > > >Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" >Content-Transfer-Encoding: 7bit >Content-Description: Card for Xinhong Yuan >Content-Disposition: attachment; filename="vcard.vcf" > >Attachment Converted: C:\PCE\ATTACH\vcard.vcf > From owner-imc-sfl Thu Mar 26 15:51:05 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA27488 for imc-sfl-bks; Thu, 26 Mar 1998 15:51:05 -0800 (PST) Received: from netscape.com (h-205-217-237-46.netscape.com [205.217.237.46]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA27484 for ; Thu, 26 Mar 1998 15:51:04 -0800 (PST) Received: from judge.mcom.com (judge.mcom.com [205.217.237.53]) by netscape.com (8.8.5/8.8.5) with ESMTP id PAA19860 for ; Thu, 26 Mar 1998 15:50:42 -0800 (PST) Received: from netscape.com ([205.217.232.77]) by judge.mcom.com (Netscape Messaging Server 3.52) with ESMTP id AAA2EC0; Thu, 26 Mar 1998 15:50:41 -0800 Message-ID: <351AE9D0.12138C8B@netscape.com> Date: Thu, 26 Mar 1998 18:50:40 -0500 From: hecker@netscape.com (Frank Hecker) Organization: Netscape Communications Corp. X-Mailer: Mozilla 4.04 [en] (Win95; U) MIME-Version: 1.0 To: John Pawling CC: imc-sfl@imc.org Subject: Re: Format of published SFL documents References: <199803262250.RAA19646@ajsn101.jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk John Pawling wrote: > The SFL documents are currently available in Word 97. They contain > diagrams created using Word 97 which did not survive a simple export > of the documents from Word 97 as html files. How about if we create > RTF versions?? This preserves the diagrams. Please let me know > if RTF meets your requirements. It would meet my requirements; I can't speak for others. Frank -- Frank Hecker Pre-sales support, Netscape government sales hecker@netscape.com http://people.netscape.com/hecker/ From owner-imc-sfl Thu Mar 26 18:19:04 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA29764 for imc-sfl-bks; Thu, 26 Mar 1998 18:19:04 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id SAA29759; Thu, 26 Mar 1998 18:19:00 -0800 (PST) Message-Id: <199803270219.SAA29759@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Thu, 26 Mar 1998 18:09:47 -0800 To: hecker@netscape.com (Frank Hecker), John Pawling From: Paul Hoffman / IMC Subject: Re: Format of published SFL documents Cc: imc-sfl@imc.org In-Reply-To: <351AE9D0.12138C8B@netscape.com> References: <199803262250.RAA19646@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk >It would meet my requirements; I can't speak for others. John: you can covert Word97 to HTML, and convert the art to JPEG or GIF by saving it into an art program like PaintShop. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 10:37:58 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA22109 for imc-sfl-bks; Fri, 27 Mar 1998 10:37:58 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id KAA22105 for ; Fri, 27 Mar 1998 10:37:57 -0800 (PST) Message-Id: <199803271837.KAA22105@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Fri, 27 Mar 1998 10:38:04 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Windows 95 port Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk What will someone need to use the library with Win95? Which compilers and other toolkits? --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 11:05:29 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22302 for imc-sfl-bks; Fri, 27 Mar 1998 11:05:29 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22296 for ; Fri, 27 Mar 1998 11:05:00 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA13826 for ; Fri, 27 Mar 1998 14:05:15 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA09078; Fri, 27 Mar 1998 14:06:31 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA03049; Fri, 27 Mar 1998 14:06:30 -0500 Date: Fri, 27 Mar 1998 14:06:30 -0500 Message-Id: <199803271906.OAA03049@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Format of published SFL documents Sender: owner-imc-sfl@imc.org Precedence: bulk All, We plan to provide Word 97, PDF and text-only versions of the SFL documents in conjunction with the first release of the SFL software. We will send a message to the imc-sfl mail list announcing the availability of the SFL software. It may actually be Wed before it is available. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ >At 11:58 AM 3/25/98 -0500, Frank Hecker wrote: >>An initial request to the folks at JG Van Dyke and Associates and >>others: When you publish SFL documents for public comment, could you >>please publish them in HTML (or plain text) instead of or in addition to >>formats such as MS Word? The documents currently referenced appear to >>all be in Word97 format, and this imposes an extra burden on people who >>either don't have Word or have an earlier version. >> >>If for some reason the documents cannot be converted to HTML or would >>appear illegible in that format, it would be nice if they could at least >>be published in an earlier Word format (if Word97 can do this -- I'm not >>that familar with it). >> >>Thanks, >> >>Frank >>-- >>Frank Hecker Pre-sales support, Netscape government sales >>hecker@netscape.com http://people.netscape.com/hecker/ >> > > From owner-imc-sfl Fri Mar 27 11:21:37 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22414 for imc-sfl-bks; Fri, 27 Mar 1998 11:21:37 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22409 for ; Fri, 27 Mar 1998 11:21:26 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA27848 for ; Fri, 27 Mar 1998 14:21:36 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA09162; Fri, 27 Mar 1998 14:22:51 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA03266; Fri, 27 Mar 1998 14:22:51 -0500 Date: Fri, 27 Mar 1998 14:22:51 -0500 Message-Id: <199803271922.OAA03266@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Windows 95 port Sender: owner-imc-sfl@imc.org Precedence: bulk All, Dave Harris, VDA, is one of the lead developers on the SFL project. Dave writes: >John, > I think the answer to this question depends partly on what the user >wants to do. If the user intends to use the source we provide with the >Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >and the SFL. > In theory, the user could use another compiler (Borland, for example) to >build the library, however, we have not tried this. Also, because static >libraries are not the same between different compilers, a Borland user would >need to rebuild the SNACC library as well. > While we haven't packaged the snacc compiler for Windows, in theory a >user could use the snacc 1.3 baseline and our patches to generate the >compiler so they could compile asn files on Windows. This would require >flex and bison as snacc requires them. Again, I should emphasize that we >currently do our asn compiling on the sun. > So, to do what we've done (excluding ASN compiling), all you need is >MSVC50. >dave ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 10:38 AM 3/27/98 -0800, Paul Hoffman / IMC wrote: >What will someone need to use the library with Win95? Which compilers and >other toolkits? > >--Paul Hoffman, Director >--Internet Mail Consortium > From owner-imc-sfl Fri Mar 27 11:26:50 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22456 for imc-sfl-bks; Fri, 27 Mar 1998 11:26:50 -0800 (PST) Received: from shell.wco.com (jefft@shell.wco.com [199.4.94.16]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22452 for ; Fri, 27 Mar 1998 11:26:49 -0800 (PST) Received: (from jefft@localhost) by shell.wco.com (8.8.5/8.8.5/WCO-18jul97) id LAA02230; Fri, 27 Mar 1998 11:26:47 -0800 (PST) Date: Fri, 27 Mar 1998 11:26:47 -0800 (PST) Message-Id: <199803271926.LAA02230@shell.wco.com> From: Jeff Thompson To: jsp@jgvandyke.com CC: imc-sfl@imc.org In-reply-to: <199803271906.OAA03049@ajsn101.jgvandyke.com> (jsp@jgvandyke.com) Subject: Re: Format of published SFL documents Reply-to: Jeff Thompson References: <199803271906.OAA03049@ajsn101.jgvandyke.com> Sender: owner-imc-sfl@imc.org Precedence: bulk > We plan to provide Word 97, PDF and text-only versions of the SFL documents Remeber that PC users can also download the free Word 97 Viewer at http://www.microsoft.com/word/internet/viewer/viewer97/ From owner-imc-sfl Fri Mar 27 14:16:41 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA23774 for imc-sfl-bks; Fri, 27 Mar 1998 14:16:41 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id OAA23770 for ; Fri, 27 Mar 1998 14:16:39 -0800 (PST) Message-Id: <199803272216.OAA23770@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Fri, 27 Mar 1998 14:16:48 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: Windows 95 port In-Reply-To: <199803271922.OAA03266@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk >> I think the answer to this question depends partly on what the user >>wants to do. If the user intends to use the source we provide with the >>Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >>would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >>and the SFL. Here's the $375 question: can I use the Microsoft Visual C++ "Learning Edition" ($100) to do this, or do I need the "Professional Edition" ($475)? --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 14:32:32 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA23843 for imc-sfl-bks; Fri, 27 Mar 1998 14:32:32 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id OAA23839 for ; Fri, 27 Mar 1998 14:32:29 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id RAA27058 for ; Fri, 27 Mar 1998 17:32:25 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA10121; Fri, 27 Mar 1998 17:33:42 -0500 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id RAA06438; Fri, 27 Mar 1998 17:33:41 -0500 Message-Id: <00b201bd59cf$f2799ac0$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: Subject: Re: Windows 95 port Date: Fri, 27 Mar 1998 17:30:27 -0500 Mime-Version: 1.0 Content-Type: multipart/signed; boundary="----=_NextPart_000_00AD_01BD59A6.08A95440"; protocol="application/x-pkcs7-signature"; micalg=SHA-1 X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. ------=_NextPart_000_00AD_01BD59A6.08A95440 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit While we don't have a copy of Microsoft Visual C++ 5.0, Learning Edition, Microsoft says that the following features are not included in the Learning Edition at: http://www.microsoft.com/visualc/prodinfo/comparison/whnewln.htm * Static MFC Linkage * Code Optimization * Profiling * The RemoteData control and other data-bound controls We are not using MFC, optimization and profiling would be up to the user, and we do not use data-bound controls, therefore, the "Learning Edition" MSVC owner should be able to do what we do. dave harris -----Original Message----- From: Paul Hoffman / IMC To: imc-sfl@imc.org Date: Friday, March 27, 1998 5:18 PM Subject: Re: Windows 95 port >>> I think the answer to this question depends partly on what the user >>>wants to do. If the user intends to use the source we provide with the >>>Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >>>would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >>>and the SFL. > >Here's the $375 question: can I use the Microsoft Visual C++ "Learning >Edition" ($100) to do this, or do I need the "Professional Edition" ($475)? > > >--Paul Hoffman, Director >--Internet Mail Consortium ------=_NextPart_000_00AD_01BD59A6.08A95440 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJDjCCAnww ggHloAMCAQICAghuMA0GCSqGSIb3DQEBBAUAMIG+MQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2Vz dGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5n MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMT4wPAYDVQQDEzVUaGF3 dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBLZXkgMTk5Ny4wNi4yNCAwODoyNzAeFw05NzEw MTQxNzM1NDFaFw05ODEwMTQxNzM1NDFaMEcxHzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1i ZXIxJDAiBgkqhkiG9w0BCQEWFWRoYXJyaXNAamd2YW5keWtlLmNvbTBcMA0GCSqGSIb3DQEBAQUA A0sAMEgCQQCv8CdTXhFR3TGf4bbw6Wrax2iJfuUrqMRsy8MEVyJ1ufDcg/zhV4NIaTEylz3rjTMA wsavj1E9h7arHYH+jseZAgMBAAGjQzBBMA4GA1UdDwEB/wQEAwIFoDAhBgNVHSMEGjAYoBYEFMJx 0BEApfHbaQwXvIp8kgkAuLVZMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEACLqliKOt ow0gGcg4f9AfAIojEZO2RsRg6zXass2CxC2869r9ZrgQOmJfosde3YCxHwQdEWyg0aaqod7KpKNX CdF+vpAsilat/oHec4u3oSpP88W96q+J8xc5pMmAqCfV3ZfgHWhiTNywgWzHIzXnxn337vALtJ94 rUHFRa+pJRYwggMtMIIClqADAgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEV MBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0 ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQw IgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQDUadfUsJRkW3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmH HYbqo925zpZkGsIUbkSsfOaP6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/ npom1Wq7OCQIapjHsdqjmJH9edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG SIb3DQEBBAUAA4GBAMfskn5O+PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP 9LpknBesRynfnZhe0mxgcVyirNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOp gyXy5pwvFcr+pquKB3WLDN1RhGvk+NHOd6KBMIIDWTCCAsKgAwIBAgIBBTANBgkqhkiG9w0BAQQF ADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBU b3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSsw KQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTk3MDYyNDA4Mjkz M1oXDTk4MDYyNDA4MjkzM1owgb4xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsT H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xPjA8BgNVBAMTNVRoYXd0ZSBQZXJzb25h bCBGcmVlbWFpbCBJc3N1aW5nIEtleSAxOTk3LjA2LjI0IDA4OjI3MIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQCYGIhYVYgRjQqZW+ZiDmrlIHWfKABXsqFrf4jrIdZt/wKLdX7QKZirWRECuSAp wvc6lo5EokiXMrorZdNSaTLMihWagCd34YW529MRkKW+axh3WekHW8TMF/DJEmBj7M1yysWk5NMJ IxdrUhhjc+7gQKZTEWyS5fmXYCDFZj07PwIDAQABo1IwUDASBgNVHRMBAf8ECDAGAQH/AgEAMCQG A1UdIwEBAAQaMBigFgQUcknCczTGVfQLdnKBfnf0h+fGsg4wFAYJYIZIAYb4QgEBAQH/BAQDAgAH MA0GCSqGSIb3DQEBBAUAA4GBALCE32eyV+GGRKkNQ8OjyRLcGoBKTaLqkAyOL/CipY6P76XtIxKu gbfaNtsii9ufSU/nFgplY3UGSFgjGUe/Q90QLMdD8O0txmnebuRXdcCngzC6qQCbzMXnXu8uWgEj 6LJ9G9zabFp/stYUkpK6RRVTyEeXOhcz4Y8VWiDUzfs5MYIBijCCAYYCAQEwgcUwgb4xCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 aXNpb24xPjA8BgNVBAMTNVRoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIEtleSAxOTk3 LjA2LjI0IDA4OjI3AgIIbjAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc BgkqhkiG9w0BCQUxDxcNOTgwMzI3MTczMDI3WjAjBgkqhkiG9w0BCQQxFgQUixemkum7gnEAhf9G QH2YXnjjvnowDQYJKoZIhvcNAQEBBQAEQGXRB1OiBiTQo1FaMe4wX4QI/j4Zg6g4nmy+l3y+RQE3 kq7B6r5eekJp3NgApOM1ggWXb62fGfFBmBZ2w2KaRPkAAAAAAAA= ------=_NextPart_000_00AD_01BD59A6.08A95440-- From owner-imc-sfl Thu Apr 2 23:50:18 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id XAA19186 for imc-sfl-bks; Thu, 2 Apr 1998 23:50:18 -0800 (PST) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id XAA19182 for ; Thu, 2 Apr 1998 23:50:17 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id CAA18162 for ; Fri, 3 Apr 1998 02:50:36 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA11916; Fri, 3 Apr 1998 02:51:58 -0500 Received: by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id CAA24316; Fri, 3 Apr 1998 02:51:53 -0500 From: jsp@jgvandyke.com (John Pawling) Message-Id: <199804030751.CAA24316@ajsn101.jgvandyke.com> Subject: SFL Delivery Delayed To: imc-sfl@imc.org Date: Fri, 3 Apr 1998 02:51:53 -0500 (EST) Cc: jsp@jgvandyke.com X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-imc-sfl@imc.org Precedence: bulk All, The delivery of the SFL software has been delayed due to circumstances beyond our (VDA's) control. We will inform everyone as soon as the SFL SW is available. Hopefully, this will be early next week. John Pawling From owner-imc-sfl Tue Apr 7 12:07:45 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id MAA27478 for imc-sfl-bks; Tue, 7 Apr 1998 12:07:45 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id MAA27474 for ; Tue, 7 Apr 1998 12:07:44 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA15800 for ; Tue, 7 Apr 1998 14:07:47 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05897; Tue, 7 Apr 1998 15:09:16 -0400 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id PAA05561; Tue, 7 Apr 1998 15:09:04 -0400 Date: Tue, 7 Apr 1998 15:09:04 -0400 Message-Id: <199804071909.PAA05561@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL SW Now Available Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the first interim release of the S/MIME Freeware Library (SFL) for SunOS 4.1.3 and MS Windows NT/95. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. This interim release of the SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. This process includes using the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. This interim release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Although we have made significant progress with the development of the SFL software, this interim release of the SFL software is NOT complete. We are still in the process of developing the SFL software. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is June 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. The SFL will be thoroughly tested and all memory leaks fixed once the S/MIME v3 specs are finalized. The 31 Mar 98 interim release of the SFL does not implement attributes and does not implement signed receipts. It provides a C++ API. The SFL will be enhanced to also provide a C API that will wrap the C++ API. It has not been completely tested and it includes memory leaks. It includes security holes. For example, the SFL stores private keys in the clear on the hard drive of the host system. We will be enhancing the SFL Crypto++ Crypto Token Interface Library (CTIL) to use PKCS #8 to store and protect the private key material that it accesses. The IMC has established an SFL web page at http://www.imc.org/imc-sfl/ which includes links to the SFL files stored on the VDA web site at http://www.jgvandyke.com/services/infosec/sfl.htm. The following SFL files are available: 1) Word 97, ASCII text and Adobe Acrobat PDF files for the SFL Fact Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), Application Programming Interface (API) (sfl_api.*) and CTI API (cti_api.*) documents. 2) SFL Public License (ASCII text). 3) Compressed tar file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement the Distinguished Encoding Rules. 4) Zipped exe file containing MS Windows NT/95 files including: SFL source code, SNACC ASN.1 Library, test code, project files. 5) Compressed tar file containing SunOS 4.1.3 filed including: SFL source code, SNACC ASN.1 Library, test code, makefiles. Note: The last two files also include sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates (with bogus signature values) that each include a D-H or DSA public key. Detailed instructions for the implementation of the software for each platform is included in a README file contained within the file for that platform. All source code for the SFL has been provided at no cost and with no limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" included in the license.txt file available in each of the tar and exe files, and on the VDA web site. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. This strategy allows the SFL source code to be freely distributed to the entire Internet community because it does not contain software that directly implements any crypto algorithms that are copyrighted or export controlled. For example, we the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must the Crypto++ freeware library from the Crypto++ Web Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code that is obtained from us. IMPORTANT NOTE: We were able to use the Crypto++ v2.3 library with MS Windows 95/NT with only a few trivial changes that are documented in the SFL MS Windows README file. Due to limitations with the GCC 2.7.2 compiler we had to use Crypto++ v2.0 on SunOS 4.1.3. We made many non-trivial changes to the Crypto++ v2.0 software so that we could use it on SunOS 4.1.3 with GCC 2.7.2. We are communicating with the Crypto++ author and web site manager to determine if the our modifications will be posted on Crypto++ web site. In the meantime, if you need the modified Crypto++ v2.0 for SunOS 4.1.3, please contact John Pawling. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: LINUX, Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that they be sent them to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Thu Apr 9 13:13:10 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA20853 for imc-sfl-bks; Thu, 9 Apr 1998 13:13:10 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA20849 for ; Thu, 9 Apr 1998 13:12:59 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA04835 for ; Thu, 9 Apr 1998 15:13:10 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA02552; Thu, 9 Apr 1998 16:08:34 -0400 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA00411; Thu, 9 Apr 1998 16:08:20 -0400 Message-Id: <003c01bd63f2$98a30d60$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: "SFL List" Subject: Building the SFL on the Intel/Windows platform Date: Thu, 9 Apr 1998 16:03:40 -0400 Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk Hello All, We feel that the following needs to be clarified again: For the Intel/Win32 version of the SFL and associated libraries, we are using Microsoft Visual C++ v5.0. There have been some questions about using Visual C++ v4.x. The SFL currently will NOT compile with Visual C++ v4.x. It appears as if 4.x does not fully implement ANSI C++ templates. We have not tried Borland C++ Builder or any of the other commercial win32 compilers. We were able to compile the SFL static library using GNU G++ 2.8.0 under Windows but we haven't linked or tested the G++ builds. So, if you don't want to use Visual C++ 5.0, G++ might be a good alternative for you to try (especially since that is what we use on the Unix side). For now, we intend to continue development and testing using Visual C++ 5.0. In case you don't already know, you can read about and download DJGPP binaries (GNU compilers ported to DOS/Windows) at http://www.delorie.com/djgpp/ dave harris From owner-imc-sfl Thu Apr 9 18:48:39 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA24242 for imc-sfl-bks; Thu, 9 Apr 1998 18:48:39 -0700 (PDT) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id SAA24234 for ; Thu, 9 Apr 1998 18:48:38 -0700 (PDT) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.0) id SAA22937; Thu, 9 Apr 1998 18:47:52 -0700 (PDT) Received: from verisign.com by mentat.verisign.com (8.8.5/BCH1.0) id SAA02331; Thu, 9 Apr 1998 18:48:15 -0700 (PDT) Message-ID: <352D7A6A.BB323F4A@verisign.com> Date: Thu, 09 Apr 1998 18:48:27 -0700 From: Xinhong Yuan X-Mailer: Mozilla 4.04 [en] (WinNT; I) MIME-Version: 1.0 To: John Pawling CC: imc-sfl@imc.org Subject: Re: SFL SW Now Available References: <199804071909.PAA05561@ajsn101.jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk When is your schedules to deliver the release for RSA Bsafe? John Pawling wrote: > All, > > J.G. Van Dyke and Associates (VDA) has delivered the first interim release > of the S/MIME Freeware Library (SFL) for SunOS 4.1.3 and MS Windows NT/95. > The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS > I-Ds. This interim release of the SFL has been successfully used to sign, > verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, > D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by > Government-furnished freeware. This process includes using the SNACC ASN.1 > Library to encode and decode CMS signedData and envelopedData objects. This > interim release includes: SFL High-level library; SFL Crypto++ Crypto Token > Interface Library (CTIL); VDA-enhanced GNU SNACC ASN.1 Compiler and > Library; test drivers and test data. > > Although we have made significant progress with the development of the SFL > software, this interim release of the SFL software is NOT complete. We are > still in the process of developing the SFL software. Further releases will > be provided as significant capabilities are added. The SFL is being > delivered incrementally to provide software as soon as possible to allow > developers to: work with the API; begin integrating the SFL into their > applications; and to provide feedback to the ongoing SFL development > process. The SFL documents and software are still being developed and are > subject to change. The goal for completion of the SFL is June 1998. The > stability of the S/MIME v3 specifications is a prerequisite for meeting this > delivery goal. The SFL will be thoroughly tested and all memory leaks fixed > once the S/MIME v3 specs are finalized. > > The 31 Mar 98 interim release of the SFL does not implement attributes and > does not implement signed receipts. It provides a C++ API. The SFL will be > enhanced to also provide a C API that will wrap the C++ API. It has not > been completely tested and it includes memory leaks. It includes security > holes. For example, the SFL stores private keys in the clear on the hard > drive of the host system. We will be enhancing the SFL Crypto++ Crypto > Token Interface Library (CTIL) to use PKCS #8 to store and protect the > private key material that it accesses. > > The IMC has established an SFL web page at http://www.imc.org/imc-sfl/ which > includes links to the SFL files stored on the VDA web site at > http://www.jgvandyke.com/services/infosec/sfl.htm. The following SFL files > are available: > > 1) Word 97, ASCII text and Adobe Acrobat PDF files for the SFL Fact > Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), > Application Programming Interface (API) (sfl_api.*) and CTI API > (cti_api.*) documents. > > 2) SFL Public License (ASCII text). > > 3) Compressed tar file containing SNACC ASN.1 Compiler and Library > source code that has been enhanced by VDA to implement the > Distinguished Encoding Rules. > > 4) Zipped exe file containing MS Windows NT/95 files including: SFL > source code, SNACC ASN.1 Library, test code, project files. > > 5) Compressed tar file containing SunOS 4.1.3 filed including: SFL > source code, SNACC ASN.1 Library, test code, makefiles. > > Note: The last two files also include sample CMS test data and test X.509 > Certificates. This file also includes test utilities to create X.509 > Certificates (with bogus signature values) that each include a D-H or DSA > public key. > > Detailed instructions for the implementation of the software for each > platform is included in a README file contained within the file for that > platform. > > All source code for the SFL has been provided at no cost and with no > limitations regarding its use and distribution. Organizations can use the > SFL without paying any royalties or licensing fees. VDA is developing the > SFL under contract to the U.S. Government. The U.S. Government is > furnishing the SFL software at no cost to the vendor subject to the > conditions of the "SFL Public License" included in the license.txt file > available in each of the tar and exe files, and on the VDA web site. > > The SFL is composed of a high-level library that performs generic CMS and > ESS processing independent of the crypto algorithms used to protect a > specific object. The SFL high-level library makes calls to an > algorithm-independent Crypto Token Interface API. The underlying, external > crypto token libraries are not distributed as part of the SFL source code. > The application developer must independently obtain these libraries and then > link them with the SFL. This strategy allows the SFL source code to be > freely distributed to the entire Internet community because it does not > contain software that directly implements any crypto algorithms that are > copyrighted or export controlled. For example, we the SFL uses the freeware > Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ > the vendor must the Crypto++ freeware library from the Crypto++ Web Page > (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the > SFL source code that is obtained from us. > > IMPORTANT NOTE: We were able to use the Crypto++ v2.3 library with MS > Windows 95/NT with only a few trivial changes that are documented in the SFL > MS Windows README file. Due to limitations with the GCC 2.7.2 compiler we > had to use Crypto++ v2.0 on SunOS 4.1.3. We made many non-trivial changes > to the Crypto++ v2.0 software so that we could use it on SunOS 4.1.3 with > GCC 2.7.2. We are communicating with the Crypto++ author and web site > manager to determine if the our modifications will be posted on Crypto++ > web site. In the meantime, if you need the modified Crypto++ v2.0 for SunOS > 4.1.3, please contact John Pawling. > > The SFL software is developed to maximize portability to 32-bit operating > systems. In the future, support may be added for the following operating > systems: LINUX, Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and > SCO ODT 3.0/5.0. > > The IMC has established an SFL mail list which is used to: distribute > information regarding SFL releases; discuss SFL-related issues; and provide > a means for SFL users to provide feedback, comments, bug reports, etc. > Subscription information for the imc-sfl mailing list is at the IMC web site > listed above. > > All comments regarding the SFL software and documents are welcome. We > recommend that they be sent them to the imc-sfl mail list. We will respond > to all messages on that list. > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ From owner-imc-sfl Fri Apr 10 06:03:13 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id GAA11913 for imc-sfl-bks; Fri, 10 Apr 1998 06:03:13 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id GAA11909 for ; Fri, 10 Apr 1998 06:03:12 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id IAA10292; Fri, 10 Apr 1998 08:03:29 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA12207; Fri, 10 Apr 1998 09:04:59 -0400 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id JAA01266; Fri, 10 Apr 1998 09:04:46 -0400 Date: Fri, 10 Apr 1998 09:04:46 -0400 Message-Id: <199804101304.JAA01266@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Xinhong Yuan From: jsp@jgvandyke.com (John Pawling) Subject: Re: SFL SW Now Available Cc: imc-sfl@imc.org Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, We (VDA) are working on the BSAFE CTIL right now, but we can't promise anything before June 98. Hopefully, it will be done in May 98, but we can't commit to that. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Wed Apr 15 13:28:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA04609 for imc-sfl-bks; Wed, 15 Apr 1998 13:28:06 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA04605 for ; Wed, 15 Apr 1998 13:28:04 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA04891 for ; Wed, 15 Apr 1998 15:28:24 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA19461; Wed, 15 Apr 1998 16:30:02 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA09931; Wed, 15 Apr 1998 16:29:40 -0400 Message-Id: <353517C9.1353@jgvandyke.com> Date: Wed, 15 Apr 1998 16:25:46 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: FYI: SFL, Solaris, and Linux Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Just thought I'd let everyone know that the SFL does compile, link, and work on Solaris 2.6 and Linux. The really good news is that we can use Crypto++ v2.3 on Linux with the same modifications that were necessary for Win32. Same goes with Solaris 2.6 except that the "#define LITTLE_ENDIAN" line needs to be commented out of the config.h file. Both plaforms require the following software to compile and link: * EGCS-1.01 c/c++ compiler (http://www.egcs.cygnus.com) * GNU Make v3.76.1 (anything newer should work as well) I'm still exploring the use of the SFL with Crypto++ v2.3 on SunOS 4.1.3. -Pierce J. G. Van Dyke & Associates From owner-imc-sfl Wed Apr 15 13:34:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA04652 for imc-sfl-bks; Wed, 15 Apr 1998 13:34:48 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA04648 for ; Wed, 15 Apr 1998 13:34:40 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA03903 for ; Wed, 15 Apr 1998 15:35:15 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA19595; Wed, 15 Apr 1998 16:36:53 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA10055; Wed, 15 Apr 1998 16:36:33 -0400 Message-Id: <35351964.5F82@jgvandyke.com> Date: Wed, 15 Apr 1998 16:32:36 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: FYI: Missing SNACC file Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk In the March 31st release of our modified SNACC compiler we are missing one file: ./c-lib/tbl.h.patch To build the entire distribution of SNACC this file is required. You can obtain it from the un-modified version of SNACC. This problem will be fixed in our next release. -Pierce J. G. Van Dyke & Associates From owner-imc-sfl Thu Apr 16 07:13:36 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id HAA23593 for imc-sfl-bks; Thu, 16 Apr 1998 07:13:36 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id HAA23583 for ; Thu, 16 Apr 1998 07:13:33 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id JAA24512 for ; Thu, 16 Apr 1998 09:14:21 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05056; Thu, 16 Apr 1998 10:15:59 -0400 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id KAA19957; Thu, 16 Apr 1998 10:15:41 -0400 Message-Id: <005701bd6941$5831eea0$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: "SFL List" Subject: Microsoft Visual C++ & Crypto++ v2.3 Date: Thu, 16 Apr 1998 10:09:58 -0400 Mime-Version: 1.0 Content-Type: text/plain; charset="iso-2022-kr" Content-Transfer-Encoding: 7bit X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk Hello All, After a recent question regarding this issue, I thought I might be useful to post the following information to this list that was posted to the Crypto++ list a month ago. It may be particularly helpful to those trying to use Crypto++ with the Free CTI Library and the SFL using the Microsoft compiler: >ORIGINAL MESSAGE: >I include cryptlib in my project, set the Additional Include Directories to >point to the crypto++ directory, then include a crypto header file in my >project. > >I get a compile error, as iosfwd is recursively including itself, only >because MSDEV is misinterpreting the "#include " line in >crypto\iosfwd and not loading the vc version. > >RESPONSE: >The easiest solution would be to do "delete fstream iomanip iosfwd >iostream strstream" in the Crypto++ directory. Those files are only useful >with EGCS to work around the lack of standard iostream headers. With MSVC >if they are deleted the compiler will automatically find the standard >headers. Hopefully by the next release of Crypto++ EGCS will also have the >standard headers. > So, if you have problems building Crypto++ with Microsoft Visual C++ regarding recursive includes going to deep, delete the three mentioned files... dave harris, VDA From owner-imc-sfl Thu Apr 16 10:26:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA01524 for imc-sfl-bks; Thu, 16 Apr 1998 10:26:06 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id KAA01519 for ; Thu, 16 Apr 1998 10:26:05 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id MAA12110 for ; Thu, 16 Apr 1998 12:26:45 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA07100; Thu, 16 Apr 1998 13:28:25 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id NAA23387; Thu, 16 Apr 1998 13:28:06 -0400 Message-Id: <35363EBC.29C8@jgvandyke.com> Date: Thu, 16 Apr 1998 13:24:12 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: Re: FYI: SFL, Solaris, and Linux References: <353517C9.1353@jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Sorry about the URL for EGCS. I referenced it from the another page without verifying it. The address should be http://egcs.cygnus.com . -Pierce Pierce Leonberger wrote: > > Just thought I'd let everyone know that the SFL does compile, link, > and work on Solaris 2.6 and Linux. The really good news is that we can > use Crypto++ v2.3 on Linux with the same modifications that were > necessary for Win32. Same goes with Solaris 2.6 except that the > "#define LITTLE_ENDIAN" line needs to be commented out of the config.h > file. > > Both plaforms require the following software to compile and link: > > * EGCS-1.01 c/c++ compiler (http://www.egcs.cygnus.com) > * GNU Make v3.76.1 (anything newer should work as well) > > I'm still exploring the use of the SFL with Crypto++ v2.3 on SunOS > 4.1.3. > > -Pierce > J. G. Van Dyke & Associates From owner-imc-sfl Fri Apr 17 11:08:36 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA13456 for imc-sfl-bks; Fri, 17 Apr 1998 11:08:36 -0700 (PDT) Received: from tounes.gw.tn (tounes.gw.tn [193.95.50.118]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA13452 for ; Fri, 17 Apr 1998 11:08:35 -0700 (PDT) Received: from tounes.tn (tounes.tn [193.95.50.110]) by tounes.gw.tn (8.8.8/8.8.8) with ESMTP id TAA00742 for ; Fri, 17 Apr 1998 19:08:10 -0100 (GMT) Received: from tounes.ati.tn (tounes.ati.tn [193.95.66.21]) by tounes.tngw.tn (8.8.8/8.8.8) with ESMTP id TAA00482; Fri, 17 Apr 1998 19:14:15 -0100 (GMT) Received: from venus.ati.tn (root@hamdi.ati.tn [193.95.68.33]) by tounes.ati.tn (8.6.9/8.6.9) with ESMTP id TAA26396; Fri, 17 Apr 1998 19:06:45 GMT Received: (from root@localhost) by venus.ati.tn (8.8.7/8.8.7) id TAA29214; Sat, 18 Apr 1998 19:07:42 -0100 Message-Id: <199804182007.TAA29214@venus.ati.tn> Subject: Re: FYI: Missing SNACC file To: pleonber@jgvandyke.com (Pierce Leonberger) Date: Sat, 18 Apr 1998 19:07:41 -0100 (GMT+1) Cc: imc-sfl@imc.org In-Reply-To: <35351964.5F82@jgvandyke.com> from "Pierce Leonberger" at Apr 15, 98 04:32:36 pm Reply-To: hamdi.tounsi@ati.tn From: Hamdi Tounsi MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="35900.69018.21868" Sender: owner-imc-sfl@imc.org Precedence: bulk --35900.69018.21868 Content-Type: text/plain Hi There was no tbl.h.patch in the un-modified version of SNACC ! the unmodified version is in the file Sunos413_sfl_tar ? please correct me if i erred Best regards > > In the March 31st release of our modified SNACC compiler we are > missing one file: > > ./c-lib/tbl.h.patch > > To build the entire distribution of SNACC this file is required. You > can obtain it from the un-modified version of SNACC. > > This problem will be fixed in our next release. > > -Pierce > J. G. Van Dyke & Associates > --35900.69018.21868-- From owner-imc-sfl Fri Apr 17 11:33:58 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA13641 for imc-sfl-bks; Fri, 17 Apr 1998 11:33:58 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA13637 for ; Fri, 17 Apr 1998 11:33:55 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id NAA23769; Fri, 17 Apr 1998 13:34:34 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA18183; Fri, 17 Apr 1998 14:36:14 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA10629; Fri, 17 Apr 1998 14:35:55 -0400 Message-Id: <3537A021.2247@jgvandyke.com> Date: Fri, 17 Apr 1998 14:32:01 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: hamdi.tounsi@ati.tn Cc: imc-sfl@imc.org Subject: Re: FYI: Missing SNACC file References: <199804182007.TAA29214@venus.ati.tn> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk The un-modified version of SNACC v1.3 should be downloaded from the SNACC Homepage at: http://www.fokus.gmd.de/ovma/freeware/snacc -Pierce Hamdi Tounsi wrote: > > Hi > There was no tbl.h.patch in the un-modified version of SNACC ! > the unmodified version is in the file Sunos413_sfl_tar ? please correct me if i erred > Best regards > > > > > In the March 31st release of our modified SNACC compiler we are > > missing one file: > > > > ./c-lib/tbl.h.patch > > > > To build the entire distribution of SNACC this file is required. You > > can obtain it from the un-modified version of SNACC. > > > > This problem will be fixed in our next release. > > > > -Pierce > > J. G. Van Dyke & Associates > > From owner-imc-sfl Tue May 5 17:22:51 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id RAA01106 for imc-sfl-bks; Tue, 5 May 1998 17:22:51 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.7.3) with SMTP id RAA01102 for ; Tue, 5 May 1998 17:22:50 -0700 (PDT) Message-Id: <199805060022.RAA01102@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.334 (Beta) Date: Tue, 05 May 1998 17:24:25 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: New restrictions on distributing the SFL Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk I'm sorry to announce that the source code for the SFL has been removed from the official site. It has been moved to a new site, that appears to be export-controlled. You need a password to get the software from that site, and the passwords are handed out by the US Department of Defense. I'm personally embarssed that the government of my country enforces such silly laws. I understand that many other countries have similar laws, but that doesn't make me feel any better. I had hoped that the SFL would be the beginning of sensibility on the part of the US government with respect to cryptography distribution; I still have that hope for the future. There are many people on this mailing list who are outside the US, and this change in distribution may prevent you from getting the SFL. If other Web sites appear that contain unofficial versions of the SFL and do not restrict who can download from them, I will be happy to list those on the IMC SFL page at . I would also like to list links to cryptography packages that work with the SFL at our site. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri May 15 13:49:05 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA06409 for imc-sfl-bks; Fri, 15 May 1998 13:49:05 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA06405 for ; Fri, 15 May 1998 13:49:02 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA00703 for ; Fri, 15 May 1998 16:54:01 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA11250; Fri, 15 May 1998 16:53:47 -0400 Date: Fri, 15 May 1998 16:53:47 -0400 Message-Id: <199805152053.QAA11250@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.2 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the second interim release (Version 0.2) of the S/MIME Freeware Library (SFL). It has been successfully tested with the Sun Solaris 2.6, MS Windows NT/95 and Linux operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. We have made significant progress with the testing of the SFL. The v0.2 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.2 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. We were able to successfully encrypt and decrypt (using 3DES) an envelopedData object that included copies of the message key protected using Diffie-Hellman and RSA. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.2 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. The v0.2 SFL release adds support for: authenticated attributes; ESS signed receipts; local key encryption; encrypting private keys stored in PKCS#8 format using PKCS#5; signing/verifying multiple signerInfos in a signedData object; revised CSM_List template class; enhanced test routines; bug fixes; updated documents; BSAFE CTIL; and the capability to generate RSA certificates. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. Further releases will be provided (probably on a montlky basis) as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is June 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: support for additional attributes; Fortezza CTIL; additional helper functions; C API (in addition to C++ API); support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include support for Microsoft's CAPI and Open Group's Common Data Security Architecture. We will continue developing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) Word 97 and Adobe Acrobat PDF files for the SFL Fact Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), Application Programming Interface (API) (sfl_api.*) and CTI API (cti_api.*) documents. 2) SFL Public License (ASCII text). 3) Compressed tar file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement the Distinguished Encoding Rules. The following SFL files are available at the Fortezza Developer's S/MIME Page: SFL Hi-Level: 1) Compressed tar file containing all source code except for CTILs. This includes: SFL Hi-Level source code; VDA-enhanced SNACC ASN.1 Library source code; SNACC-generated source code; makefiles; project files. 2) Zip file containing MS Windows NT/95 run time libraries for the SFL Hi-Level library and SNACC ASN.1 library. Crypto++ (a.k.a Free) CTIL: 1) Compressed tar file containing SFL Crypto++ CTIL source code, project files and makefiles. 2) Zip file containing MS Windows NT/95 run time library for Crypto++ CTIL. BSAFE CTIL: 1) Compressed tar file containing SFL BSAFE CTIL source code, project files and makefiles. 2) Zip file containing MS Windows NT/95 run time library for BSAFE CTIL. TEST SW/DATA: 1) Compressed tar file containing test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must the Crypto++ freeware library from the Crypto++ Web Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that they be sent them to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Wed May 27 13:45:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA19313 for imc-sfl-bks; Wed, 27 May 1998 13:45:48 -0700 (PDT) Received: from hq.ljl.COM (hq.ljl.com [206.151.234.1]) by mail.proper.com (8.8.8/8.8.5) with SMTP id NAA19308 for ; Wed, 27 May 1998 13:45:46 -0700 (PDT) Received: from semperfi.ljl.com by hq.ljl.COM. id aa27333; 27 May 98 15:49 CDT X-Mailer: Microsoft Outlook Express for Macintosh - 4.01 (295) Date: Wed, 27 May 1998 15:52:50 -0500 Subject: Win32 SNACC? From: Paul Robichaux To: imc-sfl@imc.org Mime-version: 1.0 X-Priority: 3 X-No-Archive: yes X-Security: ArmorMail! see http://www.ljl.com Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Message-ID: <9805271549.aa27333@hq.ljl.COM.> Sender: owner-imc-sfl@imc.org Precedence: bulk Does there already exist a Win32 build of the VDA-enhanced SNACC, or do I need to dust off OpenNT and roll my own? Thanks, -Paul From owner-imc-sfl Tue Jul 7 13:29:28 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA17854 for imc-sfl-bks; Tue, 7 Jul 1998 13:29:28 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA17850 for ; Tue, 7 Jul 1998 13:29:27 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA18203 for ; Tue, 7 Jul 1998 16:31:42 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA05943; Tue, 7 Jul 1998 16:30:51 -0400 Date: Tue, 7 Jul 1998 16:30:51 -0400 Message-Id: <199807072030.QAA05943@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.3 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the third interim release (Version 0.3) of the S/MIME Freeware Library (SFL). It has been successfully tested with the Sun Solaris 2.6 and MS Windows NT/95 operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. We have made significant progress with the testing of the SFL. The v0.3 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.3 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.3 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Since the v0.2 SFL release, we have begun interoperability testing between the MS Outlook Express S/MIME v2 e-mail client and SFL. We used the SFL to successfully verify the signature of an Outlook Express-generated v2 signedData message. We used the SFL to create a signedData message that was verified by Outlook Express. This required a number of changes in both the SFL and test environment. This is just the beginning of our interoperability testing. Since v0.2 SFL release, we have made the following progress with the SFL: fixed many bugs and memory leaks; improved VDA DER SNACC code to correctly decode indefinite length BER sequences and ANYs (this was needed to interoperate with Outlook Express and Netscape); "#pragma pack(8)" added to "sm_api.h" to force consistent structure alignment for references to the SFL classes; made minor changes recommended by customers; added support for ESSSecurityLabel signed attribute; improved Receipt Request logic; improved certificate generation utilities; and added support for processing the encapsulated content separate from the signedData object that includes the signature of the content. We also improved the SFL test environment: added ability to specify combinations of various hash/signing/encryption algorithms when creating a message; added limited MIME message construction using the freeware MIME++ library (SignedData only); increased consistency of certificates and private keys used for all CTILs (address book logic). Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided (probably on a monthly basis) as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is September 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: support for additional attributes; Fortezza CTIL; additional helper functions; C API (in addition to C++ API); support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page (now) and VDA SFL Page (any minute now): 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR03.tar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR03.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Tue Jul 7 18:18:23 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA24026 for imc-sfl-bks; Tue, 7 Jul 1998 18:18:23 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.8.5) with SMTP id SAA24022 for ; Tue, 7 Jul 1998 18:18:22 -0700 (PDT) Message-Id: <199807080118.SAA24022@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Tue, 07 Jul 1998 18:17:58 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: RE: v0.3 SFL Interim Release In-Reply-To: <004901bdaa0d$3f3f4610$be03a8c0@xyuan-pc.verisign.com> References: <199807072030.QAA05943@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk At 06:10 PM 7/7/98 -0700, Xinhong Yuan wrote: >Can anyone give me a tip how I can get access to the download site of SFL? I >need the name/password for access. Where should I get it from? As John's message said: > The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which > includes links to the SFL files stored on the VDA SFL Page > (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza > Developer's S/MIME Page > (http://www.armadillo.huntsville.al.us/software/smime). --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Tue Jul 7 18:08:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA23947 for imc-sfl-bks; Tue, 7 Jul 1998 18:08:47 -0700 (PDT) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA23943 for ; Tue, 7 Jul 1998 18:08:46 -0700 (PDT) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.5) id SAA07759; Tue, 7 Jul 1998 18:06:52 -0700 (PDT) Received: from xyuan-pc by mentat.verisign.com (8.8.5/BCH1.0) id SAA04773; Tue, 7 Jul 1998 18:08:10 -0700 (PDT) Reply-To: From: "Xinhong Yuan" To: "John Pawling" , Subject: RE: v0.3 SFL Interim Release Date: Tue, 7 Jul 1998 18:10:50 -0700 Message-ID: <004901bdaa0d$3f3f4610$be03a8c0@xyuan-pc.verisign.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Importance: Normal In-Reply-To: <199807072030.QAA05943@ajsn101.jgvandyke.com> Sender: owner-imc-sfl@imc.org Precedence: bulk Can anyone give me a tip how I can get access to the download site of SFL? I need the name/password for access. Where should I get it from? Xinhong VeriSign, Inc. 650.429.3308 > -----Original Message----- > From: owner-imc-sfl@imc.org [mailto:owner-imc-sfl@imc.org]On Behalf Of > John Pawling > Sent: Tuesday, July 07, 1998 1:31 PM > To: imc-sfl@imc.org > Subject: v0.3 SFL Interim Release > > > All, > > J.G. Van Dyke and Associates (VDA) has delivered the third interim release > (Version 0.3) of the S/MIME Freeware Library (SFL). It has been > successfully tested with the Sun Solaris 2.6 and MS Windows NT/95 > operating > systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS > and ESS I-Ds. We have made significant progress with the testing of the > SFL. The v0.3 SFL has been successfully used to sign, verify, encrypt and > decrypt CMS objects using the mandatory algorithms (DSA, D-H, > 3DES) provided > by the Crypto++ library and SHA-1 provided by > Government-furnished freeware. > The v0.3 SFL has also been used to sign, verify, encrypt and decrypt CMS > objects using the RSA suite of algorithms provided by the RSA > BSAFE library. > The SFL uses the SNACC ASN.1 Library to encode and decode CMS > signedData and > envelopedData objects. The v0.3 SFL release includes: SFL High-level > library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; > VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers > and test data. > > Since the v0.2 SFL release, we have begun interoperability testing between > the MS Outlook Express S/MIME v2 e-mail client and SFL. We used > the SFL to > successfully verify the signature of an Outlook Express-generated v2 > signedData message. We used the SFL to create a signedData > message that was > verified by Outlook Express. This required a number of changes > in both the > SFL and test environment. This is just the beginning of our > interoperability testing. > > Since v0.2 SFL release, we have made the following progress with the SFL: > fixed many bugs and memory leaks; improved VDA DER SNACC code to correctly > decode indefinite length BER sequences and ANYs (this was needed to > interoperate with Outlook Express and Netscape); "#pragma > pack(8)" added to > "sm_api.h" to force consistent structure alignment for references > to the SFL > classes; made minor changes recommended by customers; added support for > ESSSecurityLabel signed attribute; improved Receipt Request > logic; improved > certificate generation utilities; and added support for processing the > encapsulated content separate from the signedData object that includes the > signature of the content. We also improved the SFL test > environment: added > ability to specify combinations of various hash/signing/encryption > algorithms when creating a message; added limited MIME message > construction > using the freeware MIME++ library (SignedData only); increased consistency > of certificates and private keys used for all CTILs (address book logic). > > Although we have made significant progress with the development > of the SFL, > this interim release of the SFL is NOT complete. We are still in > the process > of developing and testing the SFL. For example, we will be enhancing the > BSAFE CTIL to store the user's private keys in an encrypted form. Further > releases will be provided (probably on a monthly basis) as significant > capabilities are added. The SFL is being delivered incrementally > to provide > software as soon as possible to allow developers to: work with the API; > begin integrating the SFL into their applications; and to provide feedback > to the ongoing SFL development process. The SFL documents and software are > still being developed and are subject to change. The goal for > completion of > the SFL is September 1998. The stability of the S/MIME v3 > specifications is > a prerequisite for meeting this delivery goal. > > Future releases will include: support for additional attributes; Fortezza > CTIL; additional helper functions; C API (in addition to C++ API); support > for other crypto libraries; and support for other operating systems. The > SFL will be thoroughly tested and all memory leaks fixed. Robustness > testing will be performed. The SFL will be tested for > interoperability with > S/MIME v2 and v3 products. Other possible future enhancements include > additional example CTILs supporting other Cryptographic APIs, such as Open > Group's Common Data Security Architecture. We will continue enhancing > utilities to generate certificates to be used as test data. > > The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which > includes links to the SFL files stored on the VDA SFL Page > (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza > Developer's S/MIME Page > (http://www.armadillo.huntsville.al.us/software/smime). > > > The following SFL files are not export-controlled. They are available at > the Fortezza Developer's S/MIME Page (now) and VDA SFL Page (any > minute now): > > 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL > Application Programming Interface, SFL CTI API and SFL Public License. > > 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler > and Library source code compilable for Unix that has been > enhanced by VDA to > implement the Distinguished Encoding Rules. makefiles are included. > > 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and > Library source > code that has been enhanced by VDA to implement DER. MS Windows NT/95 > project files are included for the SNACC code, MIME++ and Crypto++. Note > that the Crypto++ and MIME++ libraries are not included. See > (http://www.eskimo.com/~weidai/cryptlib.html) and > (http://hunnysoft.com/mimepp/) for these two libraries. > > The following SFL files are export controlled and are available at the > Fortezza Developer's S/MIME Page: > > 1) smimeR03.tar.Z: Compressed tar file containing all SFL source code > including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 > source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; > makefiles. This file also contains test driver source code, > sample CMS test > data and test X.509 Certificates. This file also includes test > utilities to > create X.509 Certificates that each include a D-H, DSA or RSA > public key. > > 2) smimeR03.zip: Zip file containing all SFL source code including: SFL > Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL > Crypto++ CTIL source code; SFL BSAFE CTIL source code; project > files. This > file also contains test driver source code, sample CMS test data and test > X.509 Certificates. This file also includes test utilities to > create X.509 > Certificates that each include a D-H, DSA or RSA public key. > SNACC release > and debug libraries compiled for MS Windows NT/95. > > > Instructions for applying for an account on the Fortezza > Developer's S/MIME > Page are available from that page. An account is required to download the > SFL files from the Fortezza Developer's S/MIME Page due to U.S. export > restrictions. See the U.S. Bureau of Export Administration's Commercial > Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm > for more information regarding the U.S. export restrictions. > > All source code for the SFL is being provided at no cost and with no > financial limitations regarding its use and distribution. > Organizations can > use the SFL without paying any royalties or licensing fees. VDA is > developing the SFL under contract to the U.S. Government. The U.S. > Government is furnishing the SFL software at no cost to the vendor subject > to the conditions of the "SFL Public License" available from the VDA SFL > Page and Fortezza Developer's S/MIME Page. > > The SFL is composed of a high-level library that performs generic CMS and > ESS processing independent of the crypto algorithms used to protect a > specific object. The SFL high-level library makes calls to an > algorithm-independent Crypto Token Interface API. The > underlying, external > crypto token libraries are not distributed as part of the SFL source code. > The application developer must independently obtain these > libraries and then > link them with the SFL. For example, the SFL uses the freeware Crypto++ > library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the > vendor must download the Crypto++ freeware library from the Crypto++ Web > Page and then compile it with the SFL source code. > > The SFL software is developed to maximize portability to 32-bit operating > systems. In the future, support may be added for the following operating > systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 > and SCO ODT > 3.0/5.0. > > The IMC has established an SFL mail list which is used to: distribute > information regarding SFL releases; discuss SFL-related issues; > and provide > a means for SFL users to provide feedback, comments, bug reports, etc. > Subscription information for the imc-sfl mailing list is at the > IMC web site > listed above. > > All comments regarding the SFL software and documents are welcome. We > recommend that comments should be sent to the imc-sfl mail list. We will > respond to all messages on that list. > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ > > From owner-imc-sfl Wed Jul 8 05:13:15 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA13449 for imc-sfl-bks; Wed, 8 Jul 1998 05:13:15 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA13445 for ; Wed, 8 Jul 1998 05:13:14 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id IAA20397; Wed, 8 Jul 1998 08:15:52 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id IAA21998; Wed, 8 Jul 1998 08:14:59 -0400 Date: Wed, 8 Jul 1998 08:14:59 -0400 Message-Id: <199807081214.IAA21998@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: , From: jsp@jgvandyke.com (John Pawling) Subject: RE: v0.3 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to US government export restrictions. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from http://www.armadillo.huntsville.al.us/software/smime. For more info regarding obtaining an account on the Fortezza Developer's S/MIME Page, please contact Lloyd Craig, locraig@missi.ncsc.mil, telephone: (410) 859-4463. - John Pawling >At 06:10 PM 7/7/98 -0700, Xinhong Yuan wrote: >Can anyone give me a tip how I can get access to the download site of SFL? I >need the name/password for access. Where should I get it from? > >Xinhong >VeriSign, Inc. >650.429.3308 > From owner-imc-sfl Wed Aug 5 11:05:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA07266 for imc-sfl-bks; Wed, 5 Aug 1998 11:05:48 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA07262 for ; Wed, 5 Aug 1998 11:05:46 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id OAA03244 for ; Wed, 5 Aug 1998 14:11:16 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA21938; Wed, 5 Aug 1998 14:10:04 -0400 Date: Wed, 5 Aug 1998 14:10:04 -0400 Message-Id: <199808051810.OAA21938@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL Interop Testing Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library (SFL) to implement the Internet Engineering Task Force (IETF) draft S/MIME version 3 set of specifications. Recently, VDA used the SFL to successfully exchange signed and encrypted S/MIME messages with legacy S/MIME version 2 products. This testing is the initial step in proving the interoperability of the current draft IETF S/MIME v3 set of specifications with the S/MIME v2 specifications (RFC 2315, RFC 2311, RFC 2312) based on the PKCS #7, v1.5 specification. This testing proves that the SFL code is maturing and will soon be a viable candidate for incorporation into applications that require S/MIME v3 capabilities including the optional S/MIME v3 security features. VDA successfully tested the SFL at the Internet Mail Consortium (IMC)-sponsored SecureConnect 1 event held on July 23-24, 1998 in San Jose, CA. We used the SFL to verify the digital signature of S/MIME version 2 signedData messages created by RSA (S/MAIL toolkit), WorldTalk, Microsoft and Entrust. We used the SFL to create S/MIME v2 signedData messages that were verified by RSA, WorldTalk and Microsoft. We used the SFL to decrypt an S/MIME v2 envelopedData message encrypted using the RSA S/MAIL toolkit. Also at SecureConnect, we began interoperability testing of S/MIME v3 features with Microsoft. We believe that the SecureConnect event was extremely valuable and we plan to participate at the next SecureConnect event scheduled for Spring 1999. Prior to the SecureConnect event, VDA performed interoperability testing between the Microsoft Outlook Express (MSOE) S/MIME v2 e-mail client and the SFL. We used the SFL to successfully verify the signature of an MSOE-generated v2 signedData message. We used the SFL to create a signedData message that was verified by MSOE. We used the SFL to decrypt an envelopedData that was encrypted by MSOE. We used the SFL to encrypt an envelopedData that was then decrypted using MSOE. We also used the SFL to exchange a signed and encrypted S/MIME v2 message (i.e. signedData encapsulated within envelopedData) with MSOE. All of this interoperability testing was conducted using the RSA suite of algorithms. We plan to test the IETF mandatory crypto algorithms: Secure Hash Algorithm-1, Digital Signature Algorithm, Triple Digital Encryption Standard and Diffie-Hellman key agreement algorithm. To achieve these results, we made minor changes to the SFL v0.3 code such as adding support for additional object identifiers. We plan to deliver an updated release of the SFL that includes these fixes by the end of August. More information regarding the SFL is available on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. ================================ From owner-imc-sfl Wed Aug 5 17:34:41 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA09724 for imc-sfl-bks; Wed, 5 Aug 1998 17:34:41 -0700 (PDT) Received: from stargate.zergo.com.au (root@[203.2.208.130]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA09719; Wed, 5 Aug 1998 17:34:33 -0700 (PDT) Received: from owen.zergo.com.au (owen.zergo.com.au [203.2.208.44]) by stargate.zergo.com.au (8.8.7/8.8.7) with SMTP id KAA07934; Thu, 6 Aug 1998 10:36:11 +1000 Received: by owen.zergo.com.au with Microsoft Mail id <01BDC126.3EA487D0@owen.zergo.com.au>; Thu, 6 Aug 1998 10:37:44 +1000 Message-ID: <01BDC126.3EA487D0@owen.zergo.com.au> From: Owen Roberts To: "'John Pawling'" , "'phoffman@imc.org'" , "'locraig@missi.ncsc.mil'" Cc: "'imc-sfl@imc.org'" Subject: SFL Availability to non-NorthAmericans Date: Thu, 6 Aug 1998 10:37:42 +1000 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.proper.com id RAA09720 Sender: owner-imc-sfl@imc.org Precedence: bulk Gentlemen and SFL followers, I'm sure I represent "The Rest Of" the internet community concerned with secure electronic commerce in complaining about the restriction of SFL source code to North Americans. I know that both John and Paul would prefer that it is available, because the SFL is DESIGNED to be separate from the export controlled cryptographic libraries, and this is not what the IMC is about either. I have been following the development of the SFL for some time, and have even downloaded a version of it previously. I believe the whole concept of a reference implementation is a great idea, as it is only going to push the industry forward into interoperability - and that's what the industry is all about. Fine, control the crypto, we have our own - that's easy, but when you have something as complex as S/MIME, only a reference implementation is going going to make it practical in the short and medium term. Lets get people using it. Now, thats my speel. How do we go about changing this situation? Who do we contact in the DoD. Regards, Owen Roberts ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Owen Roberts - Systems Architect Zergo Asia Pacific, Sydney Australia (+612) 9929 9650 mailto:owen@zergo.com.au ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. This strategy allows the SFL source code to be freely distributed to the entire Internet community because it does not contain software that directly implements any crypto algorithms that are copyrighted or export controlled. [John Pawling April 98] I'm sorry to announce that the source code for the SFL has been removed from the official site. It has been moved to a new site, that appears to be export-controlled. You need a password to get the software from that site, and the passwords are handed out by the US Department of Defense. I'm personally embarssed that the government of my country enforces such silly laws. I understand that many other countries have similar laws, but that doesn't make me feel any better. I had hoped that the SFL would be the beginning of sensibility on the part of the US government with respect to cryptography distribution; I still have that hope for the future. --Paul Hoffman, Director --Internet Mail Consortium [May 5] I regret to inform you I cannot process your account request. In a nutshell, my organization runs the web page. We do not have control over what is and isn't export controlled. While many people feel, as you do, that portions should be accessable, I do not have the authority to make them accessable. The IMC at www.imc.org has more information on this issue and may point you to someone who properly assist you. I'm sorry I couldn't help you. Lloyd Craig [August 6] ---------- From: John Pawling Sent: Tuesday, August 04, 1998 1:30 AM To: Owen Roberts Subject: Re: SFL Availability Owen, Enclosed is the most recent message that I sent regarding the SFL. The ASN.1 software portions of the SFL are available to everybody at http://www.armadillo.huntsville.al.us/software/smime. All other portions of the SFL are export controlled as per U.S. export laws. Please take special note of the following paragraph from the enclosed message: "Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions." The U.S. Department of Defense (DoD) Export Control Policy office ruled that the SFL source code and binaries are covered under the US export laws. The US export laws include some exceptions. In some cases, export-controlled software can be distributed to other than US citizens. For more info, please contact Lloyd Craig, DoD, Office X22, Telephone: (410) 859-4463. Also, you can contact Jim Madsen, DoD Export Control Policy office, 301-688-7834. - John Pawling At 01:51 PM 8/3/98 +1000, Owen Roberts wrote: >Hi John, > >I downloaded v0.3 (March 98) of the SFL from the jgvandyke.com pages some time ago. It used to be the case that there was no export control on this software, only on the crypto libraries to use with it like Crypto++. It seems now that the SFL is export controlled as well, as seen on http://www.armadillo.huntsville.al.us/software/smime/ where it now resides. > >Is this correct? Please tell me non-NorthAmericans will be able to use the SFL. > >Thanks for your time, >Regards, >Owen Roberts. From owner-imc-sfl Wed Aug 5 17:46:53 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA09778 for imc-sfl-bks; Wed, 5 Aug 1998 17:46:53 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.8.5) with SMTP id RAA09774 for ; Wed, 5 Aug 1998 17:46:52 -0700 (PDT) Message-Id: <199808060046.RAA09774@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Wed, 05 Aug 1998 17:49:14 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: SFL Availability to non-NorthAmericans In-Reply-To: <01BDC126.3EA487D0@owen.zergo.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk I've talked to IMC's lawyers, and they said that the SFL is "clearly export controlled even without the crypto libraries themselves." The US has been consistent in their stance on "crypto with a hole", and it has hurt many of IMC's members. I do not believe that there is any hope of the SFL being distributed until the US changes its laws or the current administration changes its mind. Either way, it is extremely unlikely, given that much more powerful (read: monied) companies have been lobbying hard for years on this. Neither Congress nor the President have shown any big interest in changing the current situation. And, I assure you, this mailing list won't make a dent; let's not waste the bandwidth. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Mon Aug 31 05:28:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA12827 for imc-sfl-bks; Mon, 31 Aug 1998 05:28:54 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA12823 for ; Mon, 31 Aug 1998 05:28:52 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id IAA04719 for ; Mon, 31 Aug 1998 08:36:49 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id IAA03712; Mon, 31 Aug 1998 08:35:27 -0400 Date: Mon, 31 Aug 1998 08:35:27 -0400 Message-Id: <199808311235.IAA03712@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.4 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the fourth interim release (Version 0.4) of the S/MIME Freeware Library (SFL). It has been successfully tested with the SunOS 4.1.3 and MS Windows NT/95 operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS (June 98) and ESS (August 98) I-Ds. We have made significant progress with the testing of the SFL. The v0.4 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.4 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.4 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Since the v0.3 SFL release, we have continued interoperability testing between S/MIME v2 e-mail clients and the SFL as documented in the attached message. To achieve the results documented in the attached message, we made minor changes to the SFL v0.3 code such as adding support for additional object identifiers. The v0.4 release of the SFL includes these fixes. Specifically, the following enhancements are included in the v0.4 SFL release: - Finished integration of newest CMS ASN.1 () and ESS ASN.1 specifications (draft-ietf-smime-ess-07.txt) into source code. - Moved UKM processing from OriginatorInfo to RecipientInfo in all encrypt/decrypt logic (this code still does not support multiple recipients under the same UKM, this will be implemented in a future release of the SFL). - SMIME test environment updates for more robustness and interoperability with SMIME v2 vendor software (as a result of the SecureConnect Conference). - Created SFL Class diagrams using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). - Based upon requests from SFL integrators, included in this e-mail message are notes regarding the use of proprietary environment private keys with the SFL. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is October 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: incorporate S/MIME specification changes; support for additional attributes; Fortezza CTIL; additional helper functions; multiple signerInfos in signed receipts; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) sfl4Unixtar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR04.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). Please note that no changes were made to the SFL documents or ASN.1 encode/decode library. The sfl4Unixtar.Z and smimeR04.zip contain all of the changes between the v0.3 and v0.4 SFL releases. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ START OF PROPRIETARY ENVIRONMENT PRIVATE KEY NOTES Some application vendors have requested information regarding how they can add support for proprietary environment private keys to the SFL. We have concluded that each application vendor should simply add their proprietary environment private keys directly to the RSA entries in the SFL CSM_CSInst class as loaded in the SMRsaInit() global function. The vendor would replace the "do"/"while" condition to reflect the intended originator private key entry(s). There are two relevant pieces of information necessary to perform the sign/encrypt operations relevant to the CTIL: public key and private key. The following paragraphs describe where this information is stored as simple "(char *)" and "int" for each. We suggest duplicating the "SMRsaInit" source code in the vendor's own source file (to avoid being over-written by SFL updates) and changing to reflect the custom conventions. For now in the RSA CTIL library, these private keys are store un-encrypted. In the freeware CTIL they are password based encrypted to make it difficult for users to snoop into memory to access the keys in the clear, but this logic has not been migrated fully to the RSA CTIL yet. For the vendor it makes it easier. In the example logic below (from "sm_rsa.cpp"), simply assign the length and data to "pRsa->m_RSAX.len" and "pRsa->m_RSAX.data" from the vendor's clear private key information. Again, the vendor's "do"/"while" condition would be set to reflect the number of keys required to be loaded (probably just a single entry for now) looping through the vendor's private data structures for the private/public keys. ... void SMRsaInit(CSMIME *pCSMIME, char *pszPassword, char *pszAddressBook, char *pszPrefix) { ... pEntry = AB.m_pEntries->SetCurrToFirst(); do { ... (sm_rsa.cpp:LINE 1336) // store the private key info as a RSA private key if (*pEntry->m_pPrivateOID == bsafe_id_rsa_encr || *pEntry->m_pPrivateOID == rsaEncryption) { // convert X from entry file into m_RSAX ITEM SME(pRsa->m_RSAX.len = (unsigned int)pEntry-> m_pPrivateInfo->Length()); SME(pRsa->m_RSAX.data = (unsigned char *)pEntry-> m_pPrivateInfo->Get()); } // store parameters and Y in preferred Alg for this instance pAlgID = NULL; SME(pRsa->GetParamsAndY(pEntry, &AB, pAlgID));//PUBLIC KEY ... } while ((pEntry = AB.m_pEntries->GoNext()) != NULL); In the future, we will probably wrap this load with a password based encryption and unwrap when necessary as demonstrated in the "sm_free.cpp" logic. This would simply add a few calls to any new logic that the vendor creates now custom to the vendor's environment relating to loading different private keys. The public key is loaded by decoding the certificate associated with a user and loading the appropriate data structure. We assume you have the public key stored separate from the certificate and can thus load it directly into the CTIL data structures. Our load from the certificate is demonstrated in the member function: GetParamsAndY; but the vendor can simply load the bitstring and length (in bytes) into the following CSM_RSA m_RSAY member. ... SME(m_RSAY.data = (unsigned char *)bufferTemp.Access()); SME(m_RSAY.len = bufferTemp.Length()); ... This operation can be done directly in the "do"/"while" loop above that loads the private key. This is where the CTIL init now loads the public key with the call to "SME(pRsa->GetParamsAndY(pEntry, &AB, pAlgID));". END OF PROPRIETARY ENVIRONMENT PRIVATE KEY NOTES ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ >Return-Path: >Date: Wed, 5 Aug 1998 14:10:04 -0400 >X-Sender: jsp@ajsn101 >To: imc-sfl@imc.org >From: jsp@jgvandyke.com (John Pawling) >Subject: SFL Interop Testing >Sender: owner-imc-sfl@imc.org >Precedence: bulk > >All, > >J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library >(SFL) to implement the Internet Engineering Task Force (IETF) draft S/MIME >version 3 set of specifications. Recently, VDA used the SFL to successfully >exchange signed and encrypted S/MIME messages with legacy S/MIME version 2 >products. This testing is the initial step in proving the interoperability >of the current draft IETF S/MIME v3 set of specifications with the S/MIME v2 >specifications (RFC 2315, RFC 2311, RFC 2312) based on the PKCS #7, v1.5 >specification. This testing proves that the SFL code is maturing and will >soon be a viable candidate for incorporation into applications that require >S/MIME v3 capabilities including the optional S/MIME v3 security features. > >VDA successfully tested the SFL at the Internet Mail Consortium >(IMC)-sponsored SecureConnect 1 event held on July 23-24, 1998 in San Jose, >CA. We used the SFL to verify the digital signature of S/MIME version 2 >signedData messages created by RSA (S/MAIL toolkit), WorldTalk, Microsoft >and Entrust. We used the SFL to create S/MIME v2 signedData messages that >were verified by RSA, WorldTalk and Microsoft. We used the SFL to decrypt >an S/MIME v2 envelopedData message encrypted using the RSA S/MAIL toolkit. >Also at SecureConnect, we began interoperability testing of S/MIME v3 >features with Microsoft. We believe that the SecureConnect event was >extremely valuable and we plan to participate at the next SecureConnect >event scheduled for Spring 1999. > >Prior to the SecureConnect event, VDA performed interoperability testing >between the Microsoft Outlook Express (MSOE) S/MIME v2 e-mail client and the >SFL. We used the SFL to successfully verify the signature of an >MSOE-generated v2 signedData message. We used the SFL to create a >signedData message that was verified by MSOE. We used the SFL to decrypt an >envelopedData that was encrypted by MSOE. We used the SFL to encrypt an >envelopedData that was then decrypted using MSOE. We also used the SFL to >exchange a signed and encrypted S/MIME v2 message (i.e. signedData >encapsulated within envelopedData) with MSOE. > >All of this interoperability testing was conducted using the RSA suite of >algorithms. We plan to test the IETF mandatory crypto algorithms: Secure >Hash Algorithm-1, Digital Signature Algorithm, Triple Digital Encryption >Standard and Diffie-Hellman key agreement algorithm. > >To achieve these results, we made minor changes to the SFL v0.3 code such as >adding support for additional object identifiers. We plan to deliver an >updated release of the SFL that includes these fixes by the end of August. > >More information regarding the SFL is available on the Fortezza Developer's >S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). > >================================ >John Pawling, jsp@jgvandyke.com >J.G. Van Dyke & Associates, Inc. >================================ > > From owner-imc-sfl Fri Sep 11 13:08:49 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA24076 for imc-sfl-bks; Fri, 11 Sep 1998 13:08:49 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA24072 for ; Fri, 11 Sep 1998 13:08:48 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA05475 for ; Fri, 11 Sep 1998 16:17:49 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA02761; Fri, 11 Sep 1998 16:16:24 -0400 Date: Fri, 11 Sep 1998 16:16:24 -0400 Message-Id: <199809112016.QAA02761@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL C API Requirements??? Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library (SFL) to implement the IETF S/MIME v3 CMS and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In the past, we have stated that we are going to also develop a C API in addition to the C++ API. We are now re-examining the requirement to develop a C API. Does anybody require a C API in addition to a C++ API to the SFL? ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Mon Sep 14 18:56:03 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA13912 for imc-sfl-bks; Mon, 14 Sep 1998 18:56:03 -0700 (PDT) Received: from inet16.us.oracle.com (inet16.us.oracle.com [192.86.155.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA13908 for ; Mon, 14 Sep 1998 18:56:03 -0700 (PDT) Received: from mailsun3 (mailsun3-fddi.us.oracle.com [144.25.88.135]) by inet16.us.oracle.com (8.8.5/8.8.5) with SMTP id TAA03264 for ; Mon, 14 Sep 1998 19:01:49 -0700 (PDT) Received: from us.oracle.com by mailsun3 with ESMTP (SMI-8.6/37.9) id TAA27349; Mon, 14 Sep 1998 19:01:48 -0700 Message-ID: <35FDCD49.3D476926@us.oracle.com> Date: Mon, 14 Sep 1998 19:13:29 -0700 From: Guang Yee X-Mailer: Mozilla 4.05 [en] (WinNT; U) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: Re: [Fwd: SFL C API Requirements???] References: <35F9911B.763DD2BB@us.oracle.com> Content-Type: multipart/mixed; boundary="------------FE68716E0009B645CEED4B4F" Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. --------------FE68716E0009B645CEED4B4F Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Yes. Any plans to implement a Java API to the SFL in the near future? > Subject: SFL C API Requirements??? > Date: Fri, 11 Sep 1998 16:16:24 -0400 > From: jsp@jgvandyke.com (John Pawling) > To: imc-sfl@imc.org > > All, > > J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library > (SFL) to implement the IETF S/MIME v3 CMS > and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In > the past, we have stated that we are going to also develop a C API in > addition to the C++ API. We are now re-examining the requirement to develop > a C API. Does anybody require a C API in addition to a C++ API to the SFL? > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ --------------FE68716E0009B645CEED4B4F Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Guang Yee Content-Disposition: attachment; filename="vcard.vcf" begin: vcard fn: Guang Yee n: Yee;Guang org: Oracle adr: 600 Oracle Parkway;;M/S: 6op301D;Redwood Shores;CA;94065;USA email;internet: gyee@us.oracle.com title: Member of Technical Staff tel;work: (650)633-6338 x-mozilla-cpt: ;0 x-mozilla-html: TRUE version: 2.1 end: vcard --------------FE68716E0009B645CEED4B4F-- From owner-imc-sfl Tue Sep 15 06:40:20 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id GAA06793 for imc-sfl-bks; Tue, 15 Sep 1998 06:40:20 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id GAA06789 for ; Tue, 15 Sep 1998 06:40:19 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id JAA17962; Tue, 15 Sep 1998 09:49:41 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id JAA18295; Tue, 15 Sep 1998 09:48:15 -0400 Date: Tue, 15 Sep 1998 09:48:15 -0400 Message-Id: <199809151348.JAA18295@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Guang Yee , imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: [Fwd: SFL C API Requirements???] Sender: owner-imc-sfl@imc.org Precedence: bulk Guang, Thank you very much for your feedback. It will be a factor in our decision regarding whether or not to develop the C API. At this point, we are not planning a Java API, but we will definitely consider that idea for future work. You are the fourth person to ask for a Java API. - John At 07:13 PM 9/14/98 -0700, Guang Yee wrote: >Yes. Any plans to implement a Java API to the SFL in the near future? > >> Subject: SFL C API Requirements??? >> Date: Fri, 11 Sep 1998 16:16:24 -0400 >> From: jsp@jgvandyke.com (John Pawling) >> To: imc-sfl@imc.org >> >> All, >> >> J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library >> (SFL) to implement the IETF S/MIME v3 CMS >> and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In >> the past, we have stated that we are going to also develop a C API in >> addition to the C++ API. We are now re-examining the requirement to develop >> a C API. Does anybody require a C API in addition to a C++ API to the SFL? >> >> ================================ >> John Pawling, jsp@jgvandyke.com >> J.G. Van Dyke & Associates, Inc. >> www.jgvandyke.com >> ================================ > From owner-imc-sfl Tue Sep 15 07:18:33 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA08291 for imc-sfl-bks; Tue, 15 Sep 1998 07:18:33 -0700 (PDT) Received: from smtp.digapp.com (smtp.digapp.com [38.164.135.2]) by mail.proper.com (8.8.8/8.8.5) with SMTP id HAA08287 for ; Tue, 15 Sep 1998 07:18:27 -0700 (PDT) Message-Id: <199809151418.HAA08287@mail.proper.com> Received: from [38.164.135.10] by smtp.digapp.com (AppleShare IP Mail Server 5.0.3) id 99629 via TCP with SMTP; Tue, 15 Sep 1998 10:28:28 -0400 Subject: Re: SFL C API Requirements??? Date: Tue, 15 Sep 1998 10:23:19 -0400 x-mailer: Claris Emailer 2.0v3, January 22, 1998 From: Mark Gavin To: "John Pawling" , Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Sender: owner-imc-sfl@imc.org Precedence: bulk [John Pawling wrote on 9/11/98 4:16 PM] >All, > >J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library >(SFL) to implement the IETF S/MIME v3 CMS >and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In >the past, we have stated that we are going to also develop a C API in >addition to the C++ API. We are now re-examining the requirement to develop >a C API. Does anybody require a C API in addition to a C++ API to the SFL? > John, We do not need a C API. All of our work is currently done in C++. I am more interested in your working on cross platform support for Macintosh, AIX, and Digital Unix. Though, we are interested in Java; we do not currently have any projects in development using Java, nor are any Java projects scheduled. Thank you. Mark Gavin Vice President Digital Applications, Inc. 215 East Providence Road Aldan, PA, USA 19018-4129 (610) 284-4006 mgavin@DigApp.com http://www.DigApp.com From owner-imc-sfl Tue Sep 15 08:29:43 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA10655 for imc-sfl-bks; Tue, 15 Sep 1998 08:29:43 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA10651 for ; Tue, 15 Sep 1998 08:29:42 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id LAA18886; Tue, 15 Sep 1998 11:39:05 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id LAA20743; Tue, 15 Sep 1998 11:37:24 -0400 Date: Tue, 15 Sep 1998 11:37:24 -0400 Message-Id: <199809151537.LAA20743@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Mark Gavin , From: jsp@jgvandyke.com (John Pawling) Subject: Re: SFL C API Requirements??? Sender: owner-imc-sfl@imc.org Precedence: bulk Mark, Thank you very much for your feedback. It will be a factor in our decision regarding whether or not to develop the C API. To date, we have tested the SFL software on MS Windows 95, MS Windows NT, Linux, Solaris 2.6 and SunOS 4.1.3. We have developed the SFL to be portable to 32-bit platforms. Once we have completed the development of the SFL software, we will then test it on other operating systems and make enhancements, if required, to the baseline source code to ease porting to those other systems. The exact list of operating systems to be tested is to be determined. I am fairly certain that we will test the SFL on IBM AIX, HP/UX 10.2 and SCO 5.0 since we already have hosts in our lab loaded with those OSs. I am not sure about Macintosh and Digital Unix. We need to discuss those ports with the Government. We provide all source code for the SFL and SNACC (DER-enhanced) libraries. If your development schedule does not permit you to wait for us to do the porting, you could test the SFL source yourself. We welcome any feedback regarding enhancements to the SFL baseline to ease porting to other systems. Thanx again, - John At 10:23 AM 9/15/98 -0400, Mark Gavin wrote: >[John Pawling wrote on 9/11/98 4:16 PM] > >>All, >> >>J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library >>(SFL) to implement the IETF S/MIME v3 CMS >>and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In >>the past, we have stated that we are going to also develop a C API in >>addition to the C++ API. We are now re-examining the requirement to develop >>a C API. Does anybody require a C API in addition to a C++ API to the SFL? >> > >John, > We do not need a C API. All of our work is currently done in C++. > >I am more interested in your working on cross platform support for >Macintosh, AIX, and Digital Unix. > >Though, we are interested in Java; we do not currently have any projects >in development using Java, nor are any Java projects scheduled. > >Thank you. > > >Mark Gavin >Vice President >Digital Applications, Inc. >215 East Providence Road >Aldan, PA, USA 19018-4129 >(610) 284-4006 >mgavin@DigApp.com >http://www.DigApp.com > > > > From owner-imc-sfl Tue Sep 15 15:17:09 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA14368 for imc-sfl-bks; Tue, 15 Sep 1998 15:17:09 -0700 (PDT) Received: from esmerelda.ve3tla.ampr.org (root@esmerelda.ve3tla.ampr.org [209.47.237.98]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA14364 for ; Tue, 15 Sep 1998 15:17:07 -0700 (PDT) Received: from penelope.ve3tla.ampr.org (h24-64-182-15.mt.wave.shaw.ca [24.64.182.15]) by esmerelda.ve3tla.ampr.org (8.8.7/8.8.7) with ESMTP id SAA08813; Tue, 15 Sep 1998 18:22:25 -0400 Received: from penelope.ve3tla.ampr.org (chk@localhost [127.0.0.1]) by penelope.ve3tla.ampr.org (8.8.7/8.8.7) with ESMTP id SAA08433; Tue, 15 Sep 1998 18:21:54 -0400 Message-Id: <199809152221.SAA08433@penelope.ve3tla.ampr.org> To: jsp@jgvandyke.com (John Pawling) cc: imc-sfl@imc.org Subject: Re: SFL C API Requirements??? References: <199809112016.QAA02761@ajsn101.jgvandyke.com> In-reply-to: Your message of "Fri, 11 Sep 1998 16:16:24 -0400". <199809112016.QAA02761@ajsn101.jgvandyke.com> From: "C. Harald Koch" X-uri: X-Face: )@F:jK?*}hv!eJ}*r*0DD"k8x1.d#i>7`ETe2;hSD2T!:Fh#wu`0pW7lO|Dfe'AbyNy[\Pw z'.bAtgTM!+iq2$yXiv4gf<:D*rZ-|f$\YQi7"D"=CG!JB?[^_7v>8Mm;z:NJ7pss)l__Cw+.>xUJ) did@Pr9 Date: Tue, 15 Sep 1998 18:21:53 -0400 Sender: owner-imc-sfl@imc.org Precedence: bulk In message <199809112016.QAA02761@ajsn101.jgvandyke.com>, John Pawling writes: > > J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library > (SFL) to implement the IETF S/MIME v3 CMS > and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In > the past, we have stated that we are going to also develop a C API in > addition to the C++ API. We are now re-examining the requirement to develop > a C API. Does anybody require a C API in addition to a C++ API to the SFL? Most existing UNIX freeware e-mail software (elm, pine, mh/nmh, mutt?) is written in C. It would be nice if these packages could use the SFL code (export restricted though it is) to add S/MIME capabilities. Therefore, it would be nice to see a C API in addition to the C++ API. -- C. Harald Koch "It takes a child to raze a village." -Michael T. Fry From owner-imc-sfl Tue Sep 15 15:32:29 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA14460 for imc-sfl-bks; Tue, 15 Sep 1998 15:32:29 -0700 (PDT) Received: from hp-vectra.infoseccorp.com (isc.infoseccorp.com [38.230.83.3]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA14455 for ; Tue, 15 Sep 1998 15:32:28 -0700 (PDT) Message-Id: <199809152232.PAA14455@mail.proper.com> Received: from d151-73.ce.mediaone.net by hp-vectra.infoseccorp.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.0.1458.49) id SWS8JLM6; Tue, 15 Sep 1998 17:42:45 -0500 X-Sender: markowitz@38.230.83.3 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Tue, 15 Sep 1998 17:38:00 -0500 To: "C. Harald Koch" From: "Michael J. Markowitz" Subject: Re: SFL C API Requirements??? Cc: jsp@jgvandyke.com (John Pawling), imc-sfl@imc.org In-Reply-To: <199809152221.SAA08433@penelope.ve3tla.ampr.org> References: <199809112016.QAA02761@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Sender: owner-imc-sfl@imc.org Precedence: bulk At 06:21 PM 9/15/98 -0400, C. Harald Koch wrote: > >Most existing UNIX freeware e-mail software (elm, pine, mh/nmh, mutt?) is >written in C. That may well be true... but what's also true is that they are almost always built with a C++-capable compiler. In fact, I don't know of any major systems vendor shipping a pure-C compiler these days. Why not take a day to update your sources to be C++-clean and move up to the latest tools? I'd vote for saving my tax dollars and skipping a C version. -mjm ========== Michael J. Markowitz, VP R&D       Email: markowitz@infoseccorp.com Information Security Corporation   Voice: 847-405-0500 1141 Lake Cook Road, Suite D       Fax:   847-405-0506 Deerfield, IL  60015               WWW:   http://www.infoseccorp.com    From owner-imc-sfl Mon Oct 5 00:35:32 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA02558 for imc-sfl-bks; Mon, 5 Oct 1998 00:35:32 -0700 (PDT) Received: from usb.gf.unity.net (to-mtts.gf.unity.net [194.93.185.249]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA02553 for ; Mon, 5 Oct 1998 00:35:13 -0700 (PDT) Received: by usb.gf.unity.net id KAA29666; (8.7.1/vak/1.8e) Mon, 5 Oct 1998 10:33:01 GMT From: vf@usb.gf.unity.net (Vadim Fedukovich) Message-Id: <199810051033.KAA29666@usb.gf.unity.net> Subject: snacc-vda build To: imc-sfl@imc.org Date: Mon, 5 Oct 1998 10:33:01 +0000 (GMT) X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-imc-sfl@imc.org Precedence: bulk Hello, can someone please send me SNACC-VDA source distribution that not required SCCS revision control system installed? I'd like to build SNACC-VDA on my linux box to encode/decode DER structures. Unfortunately I can't find any SCCS distribution. thanx, Vadim Fedukovich From owner-imc-sfl Mon Oct 5 12:16:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA08888 for imc-sfl-bks; Mon, 5 Oct 1998 12:16:47 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA08884 for ; Mon, 5 Oct 1998 12:16:41 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id PAA14639; Mon, 5 Oct 1998 15:20:45 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id PAA01869; Mon, 5 Oct 1998 15:19:12 -0400 Date: Mon, 5 Oct 1998 15:19:12 -0400 Message-Id: <199810051919.PAA01869@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 (Unverified) X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: vf@usb.gf.unity.net (Vadim Fedukovich), imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: snacc-vda build Sender: owner-imc-sfl@imc.org Precedence: bulk All, We just sent the following message to Vadim. If anybody else would like a copy of the SNACC ASN.1 software without the SCCS directories, please let me know. Please note that this is the same SNACC ASN.1 source code available at http://www.jgvandyke.com/services/infosec/sfl.htm. ====================================================== John Pawling jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ====================================================== >Return-Path: >From: "RWC" >To: >Cc: "John Pawling" >Subject: Reply: snacc-vda build >Date: Mon, 5 Oct 1998 14:58:14 -0400 >X-MSMail-Priority: Normal >X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 > >Vadim: > >I have re-built our latest version of the SNACC compiler and libraries on > > "Linux jovian 2.0.30" > >using > > "gcc version egcs-2.90.23 980102 (egcs-1.0.1 release)". > >This build was executed using the following command sequences: > >make clobber >./configure >make > >The "c++-examples/simple" test was executed successfully. The entire >resulting sub-directory set is included in this release (all binaries, >including "snacc" compiler executable for the VDA DER rules and " >./c++-lib/libasn1c++.a"). There are no SCCS subdirectories. > >The problem for you with this library is that you will have to modify the >source files in the SMIME Release 0.1 to properly link, since we changed the >location of some primitive ASN.1 definitions from SMIME to SNACC in these >newer releases. This we cannot support due to the export restrictions (our >newer releases are restricted). > >Bob Colestock >rwc@jgvandyke.com > >Attachment Converted: C:\PCE\ATTACH\vda-snac.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ At 10:33 AM 10/5/98 +0000, Vadim Fedukovich wrote: >Hello, > >can someone please send me SNACC-VDA source distribution that not required >SCCS revision control system installed? > >I'd like to build SNACC-VDA on my linux box to encode/decode DER structures. >Unfortunately I can't find any SCCS distribution. > >thanx, >Vadim Fedukovich > From owner-imc-sfl Tue Oct 6 06:42:11 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id GAA04577 for imc-sfl-bks; Tue, 6 Oct 1998 06:42:11 -0700 (PDT) Received: from usb.gf.unity.net (to-mtts.gf.unity.net [194.93.185.249]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id GAA04564 for ; Tue, 6 Oct 1998 06:41:26 -0700 (PDT) Received: by usb.gf.unity.net id QAA15748; (8.7.1/vak/1.8e) Tue, 6 Oct 1998 16:35:27 GMT From: vf@usb.gf.unity.net (Vadim Fedukovich) Message-Id: <199810061635.QAA15748@usb.gf.unity.net> Subject: Re: snacc-vda build To: jsp@jgvandyke.com (John Pawling) Date: Tue, 6 Oct 1998 16:35:26 +0000 (GMT) Cc: imc-sfl@imc.org In-Reply-To: <199810051919.PAA01869@ajsn101.jgvandyke.com> from "John Pawling" at Oct 5, 98 03:19:12 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-imc-sfl@imc.org Precedence: bulk John and Bob, thank you very much for your help yours, Vadim Fedukovich > We just sent the following message to Vadim. If anybody else would like a > copy of the SNACC ASN.1 software without the SCCS directories, please let me > know. Please note that this is the same SNACC ASN.1 source code available > at http://www.jgvandyke.com/services/infosec/sfl.htm. > > ====================================================== > John Pawling jsp@jgvandyke.com > > J.G. Van Dyke & Associates, Inc. www.jgvandyke.com > ====================================================== From owner-imc-sfl Thu Oct 8 22:49:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id WAA23270 for imc-sfl-bks; Thu, 8 Oct 1998 22:49:47 -0700 (PDT) Received: from roadrunner.virtuart.it ([194.185.203.180]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id WAA23078; Thu, 8 Oct 1998 22:46:48 -0700 (PDT) From: FRIENDS@IMAILBOX.COM Message-Id: <199810090546.WAA23078@mail.proper.com> Received: from [194.185.203.180] ([153.37.236.254]) by roadrunner.virtuart.it (Netscape Messaging Server 3.01) with SMTP id ABA27196; Fri, 9 Oct 1998 08:48:32 +0200 Date: Fri, 09 Oct 98 01:21:06 EST To: ANYpersons@aol.com Subject: FREE CELL PHONES AND NO BILLS! Sender: owner-imc-sfl@imc.org Precedence: bulk Positioning Key Leaders Now - Pre-launch Announcement - Take Advantage Of It !! Get a Cellular Phone Free and Never pay Long Distance Again!! Now You Have the Potential To Earn up To $1950.00 Per Day And up to $300.00 of FREE AIR TIME On Your Cell Phone. PLUS 40% Matching Bonus On Everyone You Personally Sponsor. ($650.00 per day-per center-Plus Bonuses) CALCULATED DAILY , PAID WEEKLY! No credit check, No turn downs, No roaming Fee and no contracts. Plus....Self-Replicating Websites, Genealogies Online, Leg Counts Online....Monthly Residual Earnings We have been overwhelmed with incoming calls and have alot of leads to share with you if you join our team today. So let's work together and build a strong business for you and your team. No co-op fees to pay or seach for any leads to call. We have plenty of leads to share with you if you are willing to work with us. We build leaders every single day!! We generate leads to help you build your business. This is an explosive program with the most sought after products and one of the best compensation plans EVER!!! Easy Duplication - Just think. If I was to ask you a simple question like this: If I can show you a way to eliminate your long distance phone bill by using a cell phone that will earn pre-paid free time and have the ability to be a pager and answering machine, would that interest you? And do you think you know 2 people that would also like to eliminate their phone bill? You got it!! The answer is very simple. OF COURSE YOU WOULD !!! Who wouldn't. In addition to that we will show you how you can earn from $650.00 a day to $1950 a day by sharing this with just two people. If you are a leader and would like to share this plan with more than 2 people, don't forget you will earn 40% matching bonuses on all personally sponsored. We have just started promoting this opportunity a couple of weeks ago and have brought in quite a few leaders. If you are truly tired of building and waiting to get paid.....YOU must act on this opportunity and need to talk to me. Positioning is the KEY and the OPPORTUNITY IS PHENOMINAL!!! I am a leader in the Network Marketing Industry and have been extremely successful and NOW I have been given this opportunity to help launch this company. The sky is the limit. We estimate to have over 5,000 new members by the end of October. Where will you be? At the top I hope. So Join our TEAM and climb it with us. And if you would like to be a leader, I welcome your phone call so we can talk. We do not discriminate and we consider everyone a LEADER that wants to help build with us. Within 2 weeks we have all ready brought aboard major proffesional network marketers who have recognized this opportunity, so we hope you take the time to check the following numbers below. Upon completing the below instructions, please give me a call so we can discuss it further. 1- 2 minute sizzle - 918-222-7233 - key in option number 1 2- Pull up the fax on demand - 918-222-7233 - option 5 or Go to our website at www.atinetwork.com ( This is just a temporary splash page. Take a look and see why so many people are so excited about this program. Actual website is under construction, website will be up and running is 1 week) ***You will notice on the fax on demand that it has specific details on the entire compensation plan. We have also brought aboard some high tech nutritionals that will build our residuals month in and month out. This plan is totally unheard of !! After you have retrieved the information, give us a call so we can explain it to you. We guarantee you will not sleep after you understand what we have put in place to make it possible for everyone to WIN WIN WIN. To leave your name and number, please call: 800-600-0343 ext. 2158 (Due to the overwhelming success, if you experience a busy signal. Please try again) ***If you do not have a fax machine , give me a call and leave your message and I will make arrangements to send you the paperwork.***** From owner-imc-sfl Mon Oct 26 21:50:46 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id VAA06490 for imc-sfl-bks; Mon, 26 Oct 1998 21:50:46 -0800 (PST) Received: from sun (sun.swets.nl [192.87.50.60]) by mail.proper.com (8.8.8/8.8.5) with SMTP id VAA06486 for ; Mon, 26 Oct 1998 21:50:44 -0800 (PST) From: COMPUCELL@worldonline.com Received: from 192.87.50.60 by sun (SMI-8.6/SMi-SVR4) id GAA00933; Tue, 27 Oct 1998 06:53:44 +0100 Message-Id: <199810270553.GAA00933@sun> Date: Mon, 26 Oct 98 21:54:14 EST To: income4u@AOL.COM Subject: PCS CELL PHONE & 2000 GATEWAY 333 MHZ COMPUTERS!!! ALL FOR THE ASKING !! Sender: owner-imc-sfl@imc.org Precedence: bulk 
WANT TO ELIMINATE ONE OF YOUR LARGEST UTILITY BILLS AND GET A COMPLETELY PAID-FOR COMPUTER???

ABSOLUTELY EVERYONE QUALIFIES.......
NO CREDIT CHECKS, NO ONE TURNED DOWN.

Would you like to receive a PCS Digital Phone (which is not only a phone but an answering machine and pager as well) and completely eliminate your long distance bills??? And, want a completely paid for 2000 Gateway 333 MHZ computer delivered rignt to your door.. and, as if that isn't enough, how about earning considerable long-term income in the process??? You can earn from $650.00 to $1950.00 a day possible. 

THEN DO YOURSELF A FAVOR AND TAKE 30 SECONDS TO CONTINUE READING THIS!!!
Be prepared to be shocked and Amazed at the information you are about to discover!! You can actually receive all the above. The company is at a pre pre-launch and people are getting involved in the hundreds because of this incredible opportunity. No folks, this is not a joke. It is as real as it can be!!! What you will read is actual and people are earning Cell phones and computers!!! No contract to sign, No finance papers to sign and no roaming fees to pay!!!  

 Pre-launch Announcement - Take Advantage Of  It !!

Get a Cellular Phone Free and Never pay Long Distance Again!!
Receive a 2000 Gateway 333 MHZ Computer (see below for specs)

Computer Specs:
Processor 333 MHz w/128k Cache
32MB RAM
3.2 Gigabyte Hard Drive
1.44 MB Floppy Drive
32x CD-ROM
Sound Blaster 64V w/Speakers
4MB 3-D AGP Video Card
US Robotics 56K Flex Modem
Mid-tower Case w/Mouse & Keyboard
15" SVGA Monitor
Windows98 & Home Essentials 98
Gateway Gold Service

IN ADDITION TO THAT YOU HAVE THE POTENTIAL TO EARN THE FOLLOWING:

Earn up To $1950.00 Per Day
And up to $300.00 of FREE AIR TIME On Your Cell Phone Per Day!!!
                                 PLUS
40% Matching Bonus On Everyone You Personally Sponsor.
                 ($650.00 per day-per center-Plus Bonuses)

CALCULATED DAILY , PAID WEEKLY!

Plus....Self-Replicating Websites, Genealogies Online, Leg Counts Online....Monthly Residual Earnings on High Tech Life Changing Products.
Low Entry - High Return. 
  
This is an explosive program with the most sought after products and one of the best compensation plans EVER!!!

Easy Duplication - Just think. If I was to ask you a simple question like this: If I can show you a way to eliminate your long distance phone bill by using a cell phone that will earn pre-paid free air  time and have the ability to be a pager and answering machine, would that interest you? If I can show you how to earn a FREE 2000 Gateway 333 MHZ Computer without signing your life away on any dotted line for any type of financing and it was given to YOU absolutely FREE. Would that interest you? And do you think you know 2 people that would also say yes to the above question??? You got it!!  The answer is very simple. 

OF COURSE YOU WOULD !!! Who wouldn't. In addition to that we will show you how you can earn from $650.00 a day to $1950.

If you are truly tired of building and waiting to get paid.....YOU must act on this opportunity and need to talk to me. Positioning is the KEY and the OPPORTUNITY IS PHENOMINAL!!! I am a leader in the Network Marketing Industry and have been extremely successful and NOW I have been given this opportunity. The sky is the limit. We estimate to have over 5,000 new members by the end of November. Where will you be? At the top I hope. So Join our TEAM  if you truly are serious about wanting to make a change in your life financially. 

This plan is totally unheard of !! And people are getting PAID!!!! I joined a couple of weeks ago and I have all ready earned two checks and my very own cell phone!!!. This company pays weekly!!! I earned my very first paycheck on the first week and the second one on the second week!! You bet I am excited!!! And YES I truly received my checks !!!   

FOR FURTHER INFORMATION CALL:
       800-600-0343  EXT. 2158

 DUE TO THE OVERWHELMING SUCCESS, IF YOU EXPERIENCE A BUSY SIGNAL, 
PLEASE TRY AGAIN.
From owner-imc-sfl Sat Oct 31 12:34:16 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA23713 for imc-sfl-bks; Sat, 31 Oct 1998 12:34:16 -0800 (PST) Received: from revnet4.revnet.com (revnet4.revnet.com [198.51.35.125]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA23708; Sat, 31 Oct 1998 12:34:14 -0800 (PST) From: scj2@gs4.revnet.com Received: from gs4.revnet.com (gs4.revnet.com [198.51.35.84]) by revnet4.revnet.com (8.8.7/8.8.7) with SMTP id OAA30963; Sat, 31 Oct 1998 14:34:36 -0600 Message-Id: <199810312034.OAA30963@revnet4.revnet.com> To: scj2@gs4.revnet.com Subject: ISM Corp has acquired 4.7 mill to begin production Stock up 100 percent Date: Sat, 31 Oct 1998 14:39:04 -0600 Originator: scj2@gs4.revnet.com X-Mailer: GroupMaster X-Mailer-Version: 1.5 X-GroupMasterUser: Revnet Express Sender: owner-imc-sfl@imc.org Precedence: bulk Please open the following message in your web browser http://gs4.revnet.com/GM/MSGVIEW/MSOHNOPA.HTML ____________________________________________________________ International Shoe Manufacturing Corp Update: International Shoe Manufacturing Corp. (Ticker-ISHO) has acquired the final-stage financing to begin full-scale production at its plants in India. The $4.75 million is being used to purchase the final equipment needed to begin production at the company’s existing plant in India. With equipment in place, the company projects net profits of over $25 million a year within two years. The company stated that the financing will be followed up by a $9 million dollar IPO in India, anticipated for March 1999. The IPO will be handled by underwriters in India, and will leave ISM with control of its wholly owned subsidiary in India. The proceeds of the IPO will pay off the $4.75 million dollar financing. The balance will be used for the acquisition of additional shoe manufacturing. ISHO is in the business of manufacturing athletic footwear for the world’s leading shoe companies. It owns a 23,000-square-foot plant located in the protected “free trade zone” in Noida, just outside of New Delhi, India, where skilled labor is plentiful and very inexpensive. The Indian government recently developed new economic policy to attract foreign investment that is export-oriented, and could employ large numbers of people. ISM is the only athletic shoe manufacturer in India directed toward the international market. It currently has contracts with Adidas and The Pentland Group. These two companies have agreed to purchase all the shoes ISM can manufacture. The athletic shoe industry is estimated at $14.25 billion a year. The world’s leading shoe companies such as Adidas, Nike, and Reebok do not manufacture shoes. They are design and marketing organizations that spend hundreds of millions of dollars a year getting their products sold. They then rely on others to manufacture to their specifications. Almost, if not all athletic shoe manufacturers are privately owned, benefiting from the hundreds of millions of dollars spent on advertising by the name-brand companies. The result is an open purchase order where such manufacturers literally can sell every pair of shoes they can produce. A business like this lends itself to being privately held due to the large cash flow allowing for internal financing. International Shoe Manufacturing Corp. is the only company known to exist that offers a public investor the opportunity to own a share of this highly lucrative business in a pure investment play. For inquiries please contact the office of the director of investor relations toll free at: 877-ISM-CORP (877-476-2677) or send your e-mail request to nsi@smallcapjournal.com Your request will be handled immediately. Or write to ISM Corp at P.O. Box 520310 Longwood, Florida 32752 Please visit ISM’s web site at www.ismcorp.net Safe Harbor for Forward-Looking Statements: Except for historical information contained herein, the statements in this press release are forward-looking statements that are made pursuant to the safe harbor provisions of the Private Securities Reform Act of 1995. Forward-looking statements involve known and unknown risks and uncertainties which may cause the company’s actual results in the future periods to differ materially from forecasted results. These risks and uncertainties include, among other things, product price volatility, product demand, market competition, risk inherent in the company’s domestic and international operations, imprecision in estimating product reserves and the company’s ability to replace and expand its holdings. ____________________________________________________________ Unsubscribe or access your membership settings at: http://gs4.revnet.com/GMG/ctrlpanel/0/79 From owner-imc-sfl Mon Nov 16 14:07:14 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA21572 for imc-sfl-bks; Mon, 16 Nov 1998 14:07:14 -0800 (PST) Received: from hydra.wireless-sys.com (hydra.wireless-sys.com [207.34.212.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA21568 for ; Mon, 16 Nov 1998 14:07:13 -0800 (PST) Received: from cassandra.wireless-sys.com.wireless-sys.com (gpeters@cassandra.wireless-sys.com [192.168.11.100]) by hydra.wireless-sys.com (8.8.7/8.8.7) with SMTP id RAA20023 for ; Mon, 16 Nov 1998 17:10:59 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <13904.41715.881889.867255@cassandra.wireless-sys.com> Date: Mon, 16 Nov 1998 17:10:59 -0500 (EST) From: Gavin Peters To: imc-sfl@imc.org Subject: Simple SFL drivers? X-Mailer: VM 6.62 under 20.4 "Emerald" XEmacs Lucid Sender: owner-imc-sfl@imc.org Precedence: bulk Hello. I'm getting started on putting together an SFL tool with an eye towards integrating S/MIME into vm/emacs. Has anyone already done this, or any relevant work? - Gavin From owner-imc-sfl Tue Nov 17 09:42:27 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA01845 for imc-sfl-bks; Tue, 17 Nov 1998 09:42:27 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA01840 for ; Tue, 17 Nov 1998 09:42:22 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id MAA20014 for ; Tue, 17 Nov 1998 12:50:31 -0500 (EST) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id MAA28793; Tue, 17 Nov 1998 12:48:43 -0500 Date: Tue, 17 Nov 1998 12:48:43 -0500 Message-Id: <199811171748.MAA28793@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.5 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the fifth interim release (Version 0.5) of the S/MIME Freeware Library (SFL). It has been successfully tested with the SunOS 4.1.3 and MS Windows NT/95 operating systems. The SFL is a freeware implementation of the IETF S/MIME v3 CMS (June 98) and ESS (September 98) (NOTE: The updated specifications will be implemented in a later release of the SFL). We have made significant progress with the testing of the SFL. The v0.5 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.5 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.5 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. The following enhancements are included in the v0.5 SFL release: - Added attributes defined in the new SMIME specification such as SigningCertificate, ContentHints, ContentReference, EquivalentLabels, and SMIMECapabilities. - General ASN.1 definition cleanup based on minor specification changes. - Started Memory Leak Testing on basic sign/verify, encrypt/decrypt operations for the COMMON library. All SFL Library and Test code has been updated to fix all memory leaks for the basic operations. (note: The following functionality still needs to be memory leak tested: Attributes, Receipt Processing, RSA, FREE, FORTEZZA CTIL Libraries, Additional Signature logic, MIME test logic). - Improvements to the RecipientInfo processing in Encrypt/Decrypt. The classes are being updated to reflect the shared UKM concept (ongoing effort). - Improvements to signed receipt processing (ongoing effort). - Updated SFL test logic to better reflect needs for detailed test cases that match requirements in CMS document. This includes updating the reporting capability. The test configuration files were enhanced to provide more comprehensive control in construction and processing of SFL components (e.g. Decrypt can now specify which Recipient to decrypt, not just the first available in the SFL logins). - Finalized testing of a "compare" function for the SFL verify operation to compare the decoded results with the actual data used to construct the test message (as specified in the test config file for construction of the signedData being verified). This validation function provides an automated check of basic processing in a repeatable manner for all releases on all platforms. It checks the content, signing certificates, hash and signature algorithms, attributes in SignerInfos, etc. - Enhanced multiple SignerInfo logic. - Updated draft SFL API document, V0.5, 12 Nov 98. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is February 1999. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: incorporate S/MIME specification changes; support for additional attributes; Fortezza CTIL; additional helper functions; multiple signerInfos in signed receipts; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) sfl5Unixtar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR05.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (can be viewed using Relation Rose C++ Demo 4.0). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Thu Nov 19 09:44:58 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA04404 for imc-sfl-bks; Thu, 19 Nov 1998 09:44:58 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA04399 for ; Thu, 19 Nov 1998 09:44:56 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id MAA23794; Thu, 19 Nov 1998 12:53:17 -0500 (EST) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id MAA17922; Thu, 19 Nov 1998 12:51:26 -0500 Date: Thu, 19 Nov 1998 12:51:26 -0500 Message-Id: <199811191751.MAA17922@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: gpeters@wireless-sys.com From: jsp@jgvandyke.com (John Pawling) Subject: Re: Simple SFL drivers? Cc: imc-sfl@imc.org, rwc@jgvandyke.com Sender: owner-imc-sfl@imc.org Precedence: bulk Gavin, Please see the enclosed message. Please feel free to contact Bob Colestock, rwc@jgvandyke.com, for more info regarding this matter. ====================================================== John Pawling jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ===================================================== >Return-Path: >From: "RWC" >To: "John Pawling" >Subject: Re: Simple SFL drivers? >Date: Thu, 19 Nov 1998 09:52:14 -0500 >X-MSMail-Priority: Normal >X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 > >John: > >The test tools will demonstrate much of these operations. The problem is >the licensing with the MIME++ library. The code that actually >constructs/interprets MIME is in "smimeR0.5/sm_mimeTest.cpp". It is pretty >straightforward to understand; it only calls very high-level SFL calls to >operate on the MIME data. > >Bob. >-----Original Message----- >From: John Pawling >To: rwc@jgvandyke.com >Date: Tuesday, November 17, 1998 1:06 PM >Subject: Simple SFL drivers? > > >>Bob, >> >>Do we have anything to say that can help Gavin?? >> >>- John >> >> >>>Return-Path: >>>Date: Mon, 16 Nov 1998 17:10:59 -0500 (EST) >>>From: Gavin Peters >>>To: imc-sfl@imc.org >>>Subject: Simple SFL drivers? >>>Sender: owner-imc-sfl@imc.org >>>Precedence: bulk >>> >>>Hello. >>> >>> I'm getting started on putting together an SFL tool with an eye >>>towards integrating S/MIME into vm/emacs. Has anyone already done >>>this, or any relevant work? >>> >>>- Gavin >>> >>> >> > > From owner-imc-sfl Sat Dec 5 23:13:09 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id XAA19197 for imc-sfl-bks; Sat, 5 Dec 1998 23:13:09 -0800 (PST) Received: from wwpceqrfyibk (user-38lc2ie.dialup.mindspring.com [209.86.10.78]) by mail.proper.com (8.8.8/8.8.5) with SMTP id XAA19190 for ; Sat, 5 Dec 1998 23:13:04 -0800 (PST) X-Reply-To: sceditor@mindspring.com Message-ID: DATE: Sun, 06 Dec 1998 02:18:24 -0500 Subject: Unrecognized Market Potential To: imc-sfl@wadj.imc.org From: sceditor@mindsprng.com MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Company: American Interactive media Group, Inc. Symbol: AIME AIME is trading below historical highs. Recent corporate activity leads one to believe this company is about to achieve high recognition as a unique and important Internet company. AIME creates Portals for large affinity groups. Recently AIME announced that "MMG Direct", one of the countries largest telemarketing firms with over 30,000,000 in its membership base. Has agreed to offer AIME's services to the MMG Direct database. If the company only experiences a 2% penetration (600,000 subscribers). AIME will become a leader in the field of original content and programming. MMG is only the first. AIME has positioned itself in a similar position as many successful software co's in the early stages of the personal computer explosion. "content is king" and AIME has the resources to take advantage of it. The ability for these newly created programs to migrate to cable shines a bright light on AIME's position as a company with outstanding long term potential. This email is confidential and for subscribers to the Small Cap Email News only. If you have received this in error please disregard. In order to correct errors please reply and place the word "error" in the subject line. Our system will remove your address at once. From: The Small Cap Email News P.O. Box 310520 Longwood Florida 32750 This is not a solicitation to buy or sell any security. This is not a paid advertisement for the company reported upon. The Small Cap News is a auto news flash email system. Subscriber are alerted on subjects of their interest in the stock markets. Alert categories include: Short Alerts, Long Alerts, Activity Alert, and Trading Slowdown Alerts. Subscribers are warned to use the analytical properties of these alerts at their own risk. Small Cap News makes no claims or guarantees to the uses and results to be gained through this service. From owner-imc-sfl Sun Dec 20 08:54:59 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA11887 for imc-sfl-bks; Sun, 20 Dec 1998 08:54:59 -0800 (PST) Received: from mailsender1 (2Cust58.tnt17.tco2.da.uu.net [153.36.20.186]) by mail.proper.com (8.8.8/8.8.5) with SMTP id IAA11869; Sun, 20 Dec 1998 08:54:43 -0800 (PST) Message-ID: <37825.82299@mailsender1> From: "maddy123@excite.com" Reply-To: nopriorities@usa.net Subject: (3688) Date: Sun, 20 Dec 1998 12:02:11 -0400 (EDT) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset="US-ASCII" Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Everyone has the ability to receive a Fully Loaded 350 MHz MMX Computer Fully Loaded For FREE !!! And $3,000 Referral Fee For everyone you share this with. (see specs below for computer). FOR THE RECORD MAKE NO MISTAKE THIS IS NOT MULTI-LEVEL MARKETING. WE ARE STRICTLY A REFERRAL-BASED COMPANY. $3000 Referral Program/ROMA 3K Incredible Concept!!! Incredible Opportunity!!! The ROMA "5 for 3" incentive system is the most exciting, revolutionary business program ever conceived. WE ARE NOT MLM. We are a referral-based company. To put this in layman's terms very simply, you personally refer 5 people who want a computer and you earn $3,000 for each and every FIVE (5) closings. You are also eligible to earn your very own, fully paid-for 350 MHz Computer. Computers are delivered within 2 weeks. In other words, the potential is totally INCREDIBLE!!! 5 = $3000 10 = $6,000 , 20 = $12,000 30 = $18,000 and so on FOREVER!!! AND ADDITIONAL BONUSES EVERY SINGLE MONTH!!! It's that EASY. Do you see the picture yet? You promote and generate interested people. Through internet promotion or any other way you wish to promote and the money will come your way !!! Everytime someone responds to your promotion, you very SIMPLY AND EASILY refer them to the company. All you need to do is direct them to our customer service representatives with your ID number, and staff takes over and does the rest. (You own personal ID number will be assigned to you upon joining). For the record, we have been delivering computers on a daily basis. AND, WE DO DELIVER WITHIN 2 WEEKS!!! Not 4, 6, 8, 10 or more weeks. Upon computer being delivered to your personal referrals, YOU GET PAID!!! We have our OWN IN-HOUSE LEASING COMPANY. Which means, we do not have to depend on ANYONE ELSE. So if you are SERIOUSLY INTERESTED in hearing more about this incredible opportunity, we highly encourage you to call our toll-free 800 number right away – TODAY!!! DO NOT WAIT!!! The Computer Package Consists of: 350 MHz Complete Desktop System -AMD K6-2 350 MHz MMX Processor w/3D -Ball Bearing Cooling Fan -ATX ADP Motherboard w/512k L2 cache -32 MB SD-RAM -4.3 GB Hard Drive -1.44 MB Floppy Drive -32X CD ROM /3D Stereo Sound -Amplified Speakers/Headphones/Microphone -4 MB AGP Video Accelerator -Rockwell Wavetable Sound Card -Mini Tower Case -56K v.90 Internal Fax/Modem -2 Fast Serial/Parallel/Game ports -Enhanced 104-Key Keyboard/Mouse PLUS: 15" SVGA Color Monitor NEC Color Desk Jet Printer MUS Twain Full Color Flatbed Scanner Windows ' 98 Lotus Suite-includes Lotus Notes, Lotus Spreadsheet and much more Norton Anti-Virus Quicken accounting software Cyberscape- 10 CD Portfolio and Reference w/Encyclopedia DragonFax included with modem 6 Months of unlimited Online Training: 25+ software titles to choose from 3 Years Parts & Labor Warranty (1st Year In Home) Ability to Process Credit Cards Full-Service Help Desk SO , IF YOU WANT THE ABILITY TO EARN ALL THE ABOVE AND/OR THE $3,000 FOR EVERY 5 REFERRALS, WE HIGHLY ENCOURAGE YOU TO CALL TODAY FOR FURTHER INFORMATION !!! For further information please call : (800) 600-0343, ext. 2158 ( 7days a week/24 hours a day) (we have literally been overwhelmed with incoming calls, so if you experience a busy signal, please try again) THE POWER OF THE PLAN IS SIMPLICITY - "5 FOR 3" = $3000 !!!!!!! OVER AND OVER AND OVER AGAIN !!! IT'S ALL UP TO YOU. THE QUESTION IS HOW BAD DO YOU REALLY WANT TO MAKE $$$$$$ GIVE US A TRY AND SEE THE PHENOMINAL RESULTS!!!! 70% of Americans still do not own a Computer and 80% of Americans are NOT yet on the INTERNET!!! WE ALSO SUPPLY WESITES TO OUR MEMBERS AND ALSO THE ABILITY TO PROCESS CREDIT CARDS!!!!!! SO DON'T WAIT ANOTHER DAY AND CLIMB ABOARD AND START REFERRING AND BEFORE YOU KNOW IT YOU'LL BE ON YOUR WAY TO $3000, $6000, $9000...AS MUCH MONEY AS YOU WANT TO MAKE SO CLIMB ABOARD AND GET STARTED. CALL TODAY! 1-800-600-0343 ext. 2158 91994 From owner-imc-sfl Tue Dec 29 18:58:27 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA28039 for imc-sfl-bks; Tue, 29 Dec 1998 18:58:27 -0800 (PST) Received: from crab.ccl.itri.org.tw (crab.ccl.itri.org.tw [140.96.83.16]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA28031 for ; Tue, 29 Dec 1998 18:57:23 -0800 (PST) Received: from pc083070.ccl.itri.org.tw (pc083070.ccl.itri.org.tw [140.96.83.70]) by crab.ccl.itri.org.tw (8.7.1/8.6.12) with SMTP id KAA04224 for ; Wed, 30 Dec 1998 10:51:35 +0800 (CST) Received: by pc083070.ccl.itri.org.tw with Microsoft Mail id <01BE33E3.085280D0@pc083070.ccl.itri.org.tw>; Wed, 30 Dec 1998 10:56:20 +0800 Message-ID: <01BE33E3.085280D0@pc083070.ccl.itri.org.tw> From: gau To: "'imc-sfl@imc.org'" Subject: Can we compile the ASN.1 code of pkcs#7? Date: Wed, 30 Dec 1998 10:56:19 +0800 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi all, We are working with pkcs#7, and we need ASN.1 en/decode function. We use SFL(snacc) to compile the ASN.1 code of pkcs#7, but it tell us that it do not know CLASS the key word. Can you tell us how overcome the problem? Many sincere thanks and kind regards, MIN-JEA GAU gau@crab.ccl.itri.org.tw From owner-imc-sfl Thu Jan 7 08:26:05 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA25269 for imc-sfl-bks; Thu, 7 Jan 1999 08:26:05 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA25265 for ; Thu, 7 Jan 1999 08:26:03 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id LAA18224 for ; Thu, 7 Jan 1999 11:31:56 -0500 (EST) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id LAA13770; Thu, 7 Jan 1999 11:29:45 -0500 Date: Thu, 7 Jan 1999 11:29:45 -0500 Message-Id: <199901071629.LAA13770@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re:Can we compile the ASN.1 code of pkcs#7? Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, I am forwarding this message to the imc-sfl mail list since Gau's original message was sent to the list. =========================================================== John Pawling, Principal Systems Engineer, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc., a Wang Global Company =========================================================== >Return-Path: >From: "Robert W. Colestock" >To: >Cc: "John Pawling" >Subject: Re:Can we compile the ASN.1 code of pkcs#7? >Date: Thu, 7 Jan 1999 11:14:08 -0600 >X-MSMail-Priority: Normal >X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 > >Gau: > >I cannot find any reference in our PKCS-7 documents to a CLASS keyword. I >have enclosed our copy of the SNACC compiled PKCS-7 definitions that we use >in the SMIME development. The SNACC compiler does not support the newer ASN >definitions, but it does seem to support all data types and encodings with a >little modification to the ASN syntax (and sometimes a little help in code). >If you send me your asn file, I may be able to help. > >These definitions came from the SMIME CMS-10 and ESS-09 specifications; they >are backward compatible with the RSA PKCS7 definitions (you should be able >to use these as is for any PKCS7 encode/decode operation). There are a >number of support definitions to complete the SNACC compiler if you are >interested in using these specific files (all of the imported definitions >properly compile under our VDA modified DER SNACC compiler for "C++", NOT >"C"). If you want the other ASN definitions, please reply, I will send them >to you. > >Bob Colestock >rwc@jgvandyke.com > >Attachment Converted: C:\PCE\ATTACH\sm_cms.asn > >Attachment Converted: C:\PCE\ATTACH\sm_ess.asn > From owner-imc-sfl Thu Jan 14 09:37:24 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA22094 for imc-sfl-bks; Thu, 14 Jan 1999 09:37:24 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA22090 for ; Thu, 14 Jan 1999 09:37:22 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id MAA15941 for ; Thu, 14 Jan 1999 12:43:55 -0500 (EST) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id MAA13152; Thu, 14 Jan 1999 12:41:41 -0500 Date: Thu, 14 Jan 1999 12:41:41 -0500 Message-Id: <199901141741.MAA13152@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.6 SFL Release Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) has delivered the sixth interim release (Version 0.6) of the S/MIME Freeware Library (SFL). It has been successfully tested with the SunOS 4.1.3 and MS Windows NT/95 operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS (draft-ietf-smime-cms-10) and ESS (draft-ietf-smime-ess-09) Internet-Drafts (I-D). The updated IETF I-Ds will be implemented in the next release. For example, the recent changes to the Diffie-Hellman Key Agreement Method I-D are not yet implemented. The following enhancements are included in the v0.6 SFL release: - Integrated CMS I-D changes into the ASN.1 syntax modules used by the SFL. Changed the C++ Class structures accordingly. - Implemented further improvements to the RecipientInfo processing in the Encrypt/Decrypt logic. The Classes are being updated to reflect the shared User Key Material concept (ongoing effort). This task has been complicated by the CMS changes. - Performed further memory leak testing in the Sign/Verify and Encrypt/Decrypt main logic paths. - Implemented further improvements to signed receipt processing (ongoing effort to support multiple signatures on a receipt). - Added attributes defined in the new SMIME I-Ds. - Enhanced multiple SignerInfo logic. - Continued to develop new test code and configuration files to implement additional test cases. This includes updating the reporting capability. - Created a new group of client level Classes for the test environment. These new test Classes facilitate the test case implementation and demonstrate the use of the SFL Classes more clearly. The new test Classes significantly increase the maintainability of the SFL and serve as an example to implementers of how to use the SFL. - Changed SFL Class names to better reflect the data contained, not the operation to be performed. The "sm_CompatibilityR05.h" file can be used to maintain backward compatibility with the old class names. The following class names were modified: CSM_SignMsg to CSM_MsgToSign CSM_VerifyMsg to CSM_MsgToVerify CSM_EncryptMsg to CSM_MsgToEncrypt CSM_DecryptMsg to CSM_MsgToDecrypt CSM_AddSignMsg to CSM_MsgToAddSignatures CSM_VerifyReceiptMsg to CSM_ReceiptMsgToVerify CSM_SignData to CSM_DataToSign CSM_VerifyData to CSM_DataToVerify CSM_EncryptData to CSM_DataToEncrypt CSM_DecryptData to CSM_DataToDecrypt CSM_ReceiptData to CSM_DataToReceipt CSM_ContentInfoMsg to be left alone (Wrapper class). - CSM_ReceiptData class was changed from inheritance by CSM_VerifyData to a public member of CSM_VerifyData. - Updated SFL API document to reflect new class names and editorial comments. NOTE: MS Visual C++ 6.0 is required on Windows platforms to compile the v0.6 SFL due to linkage failures using MSVC++ 5.0. The v0.6 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.6 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. VDA used the v0.6 SFL to successfully exchange a variety of signed and encrypted S/MIME messages between MS Outlook Express (S/MIME v2) and the v0.6 SFL (S/MIME v3) using the RSA suite of algorithms. The v0.6 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is March 1999. The stability of the S/MIME v3 I-Ds is a prerequisite for meeting this delivery goal. Future releases will include: incorporate S/MIME I-D changes; support for additional attributes; Fortezza CTIL; additional helper functions; multiple signerInfos in signed receipts; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. Note: Only the API document was updated for v0.6. 2) snacc-1.3vda.tar.Z (Unchanged for v0.6) : Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip (Unchanged for v0.6) : zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) sfl6Unixtar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR06.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). (NOT UPDATED TO REFLECT NEW CLASS NAME CHANGES!) Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ========================================================= John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Global Company jsp@jgvandyke.com ========================================================= From owner-imc-sfl Fri Jan 15 10:30:54 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23835 for imc-sfl-bks; Fri, 15 Jan 1999 08:44:31 -0800 (PST) Received: (from phoffman@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23819; Fri, 15 Jan 1999 08:44:29 -0800 (PST) Date: Fri, 15 Jan 1999 08:44:29 -0800 (PST) Message-Id: <199901151644.IAA23819@mail.proper.com> From: List Manager of imc-sfl To: imc-sfl@imc.org Subject: How to be removed from this list Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Greetings again. Occasionally, people will sign up for a mailing list and forget how to be removed. This message is a reminder for those folks. First off, when you subscribe to a mailing list, you almost always get a first message from the list owner telling you about the mailing list, and explaining how to unsubscribe. It is always a good idea to keep those messages, since you never know when you will need to unsubscribe. This is particularly useful when you change email addresses, because it is difficult to unsubscribe from a list after you have a different mailing address. In the case of this list, the method to unsubscribe is to send a message to: imc-sfl-request@imc.org with the single word: unsubscribe in the body of the message. This is the same as it always has been. To make this easier for you, I have crafted this message so that you should be able to simply reply to this message, and the reply address should be imc-sfl-request@imc.org (although some mail clients screw this up...). Remove everything from the body of the reply, and put in the single word: unsubscribe If you have tried this method, and the mailing list software won't let you unsubscribe, it is probably because your address has changed. In that case, please send a message to subs@imc.org stating which list (or lists) you want to unsubscribe from, and what you think your previous address was. There is a human (that's me!) who will then try to take care of your request, often within a few days. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Mon Jan 18 10:42:56 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA28692 for imc-sfl-bks; Mon, 18 Jan 1999 10:42:56 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA28688 for ; Mon, 18 Jan 1999 10:42:55 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id NAA07183; Mon, 18 Jan 1999 13:49:50 -0500 (EST) Received: from ajpc83bob by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id NAA28394; Mon, 18 Jan 1999 13:47:36 -0500 Message-ID: <001e01be431b$26a6dbc0$5302bd9e@ajpc83bob.jgvandyke.com> From: "Robert W. Colestock" To: Cc: "John Pawling" Subject: SFL MS Visual C++ 6.0 Required Date: Mon, 18 Jan 1999 13:45:49 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: MS Visual C++ 6.0 is required to link the new SFL test programs due to some internal "PASS 1" failure when linking the Visual C++ 5.0 Release copy. Considering that MS Visual C++ 6.0 did not have a problem and the entire test suite worked perfectly, I assume the problem was due to some resource limit in Visual C++ 5.0. Bob Colestock rwc@jgvandyke.com From owner-imc-sfl Mon Jan 18 11:10:54 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA28906 for imc-sfl-bks; Mon, 18 Jan 1999 11:10:54 -0800 (PST) Received: from smtp4.ny.us.ibm.COM (smtp4.ny.us.ibm.com [198.133.22.43]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA28902 for ; Mon, 18 Jan 1999 11:10:52 -0800 (PST) From: hemsath@us.ibm.com Received: from southrelay01.raleigh.ibm.com (southrelay01.raleigh.ibm.com [9.37.3.208]) by smtp4.ny.us.ibm.COM (8.8.7/8.8.7) with ESMTP id NAA54542 for ; Mon, 18 Jan 1999 13:57:49 -0500 Received: from d54mta08.raleigh.ibm.com (d54mta08.raleigh.ibm.com [9.67.228.40]) by southrelay01.raleigh.ibm.com (8.8.7/NCO v1.7) with SMTP id OAA95188 for ; Mon, 18 Jan 1999 14:12:02 -0500 Received: by d54mta08.raleigh.ibm.com(Lotus SMTP MTA Internal build v4.6.2 (651.2 6-10-1998)) id 852566FD.0069783B ; Mon, 18 Jan 1999 14:12:00 -0500 X-Lotus-FromDomain: IBMUS To: imc-sfl@imc.org Message-ID: <852566FD.006977A0.00@d54mta08.raleigh.ibm.com> Date: Mon, 18 Jan 1999 13:04:53 -0600 Subject: Missing eng.h file? Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm using MS Visual C++ 6.0 to build the SFL 0.6 Win32 executables, using the smime.dsw projrct file. I get the following error: >... >--------------------Configuration: sm_free - Win32 Debug-------------------- >Compiling... >sm_free.cpp >./include\sm_free.h(64) : fatal error C1083: Cannot open include file: 'rng.h': No such file or directory >sm_free_asn.cpp >Error executing cl.exe. >... Is there a simple explaination of what I might be doing wrong? Thanks. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.0.2 iQA/AwUBNqOHOwl0soYoviM2EQK+uwCfShi5CpnKFu0wYcYQvGf2tzrITM0AoLoy InT+R6O4y8ttnlF7WOy/qmr4 =Vfc3 -----END PGP SIGNATURE----- David K. Hemsath, Security Architecture, eNetwork Software, NCSD IBM Corporation; 11400 Burnet Road; Austin, TX 78758 USA Tel.: 512-838-3618 T/L 678; Fax: 0156 Pager: 800-946-4646/PIN=1400035/www.mobilecomm.com hemsath@us.ibm.com From owner-imc-sfl Tue Jan 19 10:30:37 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA20124 for imc-sfl-bks; Tue, 19 Jan 1999 10:30:37 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA20120 for ; Tue, 19 Jan 1999 10:30:35 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id NAA11755 for ; Tue, 19 Jan 1999 13:37:38 -0500 (EST) Received: from ajpc83bob by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id NAA26661; Tue, 19 Jan 1999 13:35:21 -0500 Message-ID: <000d01be43e2$9be8fcc0$5302bd9e@ajpc83bob.jgvandyke.com> From: "Robert W. Colestock" To: Subject: Re: Subject: Missing eng.h file? Date: Tue, 19 Jan 1999 13:33:36 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All: The missing file is "rng.h" from the freeware cryptopp 2.0 library. We do not distribute this library in an attempt to avoid export restrictions. The default settings in the project assume that you have the crypto ++ library and include files in the appropriate directory: ..\crpytopp\*.h ..\Debug\cryptoppd.lib <<< BE CAREFUL TO CHANGE THE PROJECT SETTINGS TO MATCH THE SFL; Multithreaded Debug DLL, etc. ALSO, THIS VERSION USES THE cryptopp 2.0, not the new 3.0 which is being integrated presently. >>> An exerpt from the README file: "3) snaccvc.zip (Unchanged for v0.6) : zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. " An exerpt from the API document: "There are three libraries provided in the default SFL release: SM_RSA (using the RSA BSAFE 3.0 library), SM_FREE (using the freeware crypto++ library), and SM_FORT (using the Fortezza CI library). " The Fortezza library has not been finished and is not integrated into the test environment. The crypto++ interface has been enabled by default using the define "SM_FREE_USED". The RSA Bsafe 3.0 interface has also been enabled by default using the define "SM_RSA_USED". Our intent was to allow users to link either or both libraries easily. Send an e-mail to me if you have problems with linking a single library, I will create a special project to link and test a single library type. Bob Colestock rwc@jgvandyke.com From owner-imc-sfl Tue Jan 19 12:18:34 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA20922 for imc-sfl-bks; Tue, 19 Jan 1999 12:18:34 -0800 (PST) Received: from smtp4.ny.us.ibm.COM (smtp4.ny.us.ibm.com [198.133.22.43]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA20918 for ; Tue, 19 Jan 1999 12:18:33 -0800 (PST) From: hemsath@us.ibm.com Received: from southrelay01.raleigh.ibm.com (southrelay01.raleigh.ibm.com [9.37.3.208]) by smtp4.ny.us.ibm.COM (8.8.7/8.8.7) with ESMTP id PAA42670; Tue, 19 Jan 1999 15:05:40 -0500 Received: from d54mta08.raleigh.ibm.com (d54mta08.raleigh.ibm.com [9.67.228.40]) by southrelay01.raleigh.ibm.com (8.8.7/NCO v1.7) with SMTP id PAA73038; Tue, 19 Jan 1999 15:19:54 -0500 Received: by d54mta08.raleigh.ibm.com(Lotus SMTP MTA Internal build v4.6.2 (651.2 6-10-1998)) id 852566FE.006FADCF ; Tue, 19 Jan 1999 15:19:49 -0500 X-Lotus-FromDomain: IBMUS To: "Robert W. Colestock" cc: IMC-sfl@imc.org Message-ID: <852566FE.006FAC70.00@d54mta08.raleigh.ibm.com> Date: Tue, 19 Jan 1999 14:12:38 -0600 Subject: Re: Subject: Missing eng.h file? Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks. I should've known the answer is "RTFM." -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.0.2 iQA/AwUBNqTnhQl0soYoviM2EQKKZACgilk2nA4RaxkYYERS/a1RHh811I4AoKeg nllmkXPPtGAP7K0Se05SDwXE =eSun -----END PGP SIGNATURE----- David K. Hemsath, Security Architecture, eNetwork Software, NCSD IBM Corporation; 11400 Burnet Road; Austin, TX 78758 USA Tel.: 512-838-3618 T/L 678; Fax: 0156 Pager: 800-946-4646/PIN=1400035/www.mobilecomm.com hemsath@us.ibm.com "Robert W. Colestock" on 01/19/99 01:33:36 PM To: imc-sfl@imc.org cc: (bcc: David Hemsath/Austin/IBM) Subject: Re: Subject: Missing eng.h file? All: The missing file is "rng.h" from the freeware cryptopp 2.0 library. We do not distribute this library in an attempt to avoid export restrictions. The default settings in the project assume that you have the crypto ++ library and include files in the appropriate directory: ..\crpytopp\*.h ..\Debug\cryptoppd.lib <<< BE CAREFUL TO CHANGE THE PROJECT SETTINGS TO MATCH THE SFL; Multithreaded Debug DLL, etc. ALSO, THIS VERSION USES THE cryptopp 2.0, not the new 3.0 which is being integrated presently. >>> An exerpt from the README file: "3) snaccvc.zip (Unchanged for v0.6) : zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. " An exerpt from the API document: "There are three libraries provided in the default SFL release: SM_RSA (using the RSA BSAFE 3.0 library), SM_FREE (using the freeware crypto++ library), and SM_FORT (using the Fortezza CI library). " The Fortezza library has not been finished and is not integrated into the test environment. The crypto++ interface has been enabled by default using the define "SM_FREE_USED". The RSA Bsafe 3.0 interface has also been enabled by default using the define "SM_RSA_USED". Our intent was to allow users to link either or both libraries easily. Send an e-mail to me if you have problems with linking a single library, I will create a special project to link and test a single library type. Bob Colestock rwc@jgvandyke.com From owner-imc-sfl Fri Mar 5 12:01:35 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA07068 for imc-sfl-bks; Fri, 5 Mar 1999 12:01:35 -0800 (PST) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA07064 for ; Fri, 5 Mar 1999 12:01:33 -0800 (PST) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id PAA21796 for ; Fri, 5 Mar 1999 15:12:54 -0500 (EST) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id PAA05684; Fri, 5 Mar 1999 15:10:15 -0500 Date: Fri, 5 Mar 1999 15:10:15 -0500 Message-Id: <199903052010.PAA05684@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: 2/99 SFL Interop Testing Update Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) is developing the Secure/Multipurpose Internet Mail Extensions (S/MIME) Freeware Library (SFL) to implement the Internet Engineering Task Force (IETF) draft S/MIME version 3 set of specifications. This message summarizes the interoperability testing that VDA has conducted using the SFL. We have used the SFL to successfully exchange signed and encrypted S/MIME v2 messages with Microsoft Outlook Express (MSOE) and Netscape Navigator. We used the SFL to successfully verify the signature of MSOE and Netsacpe generated v2 signedData messages. We used the SFL to create a signedData message that was verified by MSOE amd Netscape. We used the SFL to successfully decrypt MSOE and Netscape generated v2 envelopedData messages. We used the SFL to create an envelopedData message that was decrypted by MSOE and Netscape. We also used the SFL to successfully exchange a signed and encrypted S/MIME v2 message (i.e. signedData encapsulated within envelopedData) with MSOE and Netscape. We have also used the SFL to successfully exchange signed S/MIME v2 messages with RSA S/MAIL toolkit, WorldTalk and Entrust products. This testing is the initial step in proving the interoperability of the current draft IETF S/MIME v3 set of specifications with the S/MIME v2 specifications (RFC 2315, RFC 2311, RFC 2312 based on the RSA Public Key Cryptography Standard (PKCS) #7, v1.5 specification). VDA successfully tested the SFL at the Internet Mail Consortium (IMC)-sponsored SecureConnect2 event held on February 23-24, 1999 in San Jose, CA. We focused on performing interoperability testing of some of the proposed S/MIME v3 features between the SFL and Microsoft prototype S/MIME v3 software. We used the SFL to attempt to decrypt envelopedData objects produced by Microsoft. We focused on testing the key wrap algorithm documented in the draft S/MIME v3 Cryptographic Message Syntax (CMS-10) specification and the Ephemeral-Static (E-S) Diffie-Hellman (D-H) key agreement requirements stated in the S/MIME v3 D-H Key Agreement Method draft. Prior to SecureConnect2 we had not completed implementing the CMS-10 key wrap algorithm in the SFL because it is currently being changed by the IETF S/MIME Working Group. Because of that fact we were not able to use the SFL to achieve complete interoperability of encrypted S/MIME v3 messages using E-S D-H, but we were able to make significant progress toward that goal and are confident that we will be able to enhance the SFL code to achieve interoperability. Please note that all S/MIME v3 implementors (including VDA) must change their software to implement the new CMS key wrap algorithm. At SecureConnect2, we made significant progress with testing the KEKRecipientInfo syntax and CMS-10 key wrap algorithm with Microsoft. We used the SFL to successfully decrypt an envelopedData (including KEKRecipientInfo) constructed by Microsoft. As part of this testing, we used the SFL to use a Triple-DES key encryption key (KEK) to unwrap a RC2 content encryption key (CEK) using the CMS-10 key wrap algorithm. We then used the SFL to use the CEK to decrypt the RC2-encrypted content. We made several enhancements to the SFL to achieve this success. We also made significant progress with testing the KeyAgreeRecipientInfo syntax with Microsoft. We were able to use the SFL to partially process an envelopedData (including KeyAgreeRecipientInfo) constructed by Microsoft. We compared intermediate values generated by the SFL while attempting to decrypt the envelopedData with those generated by Microsoft when they constructed the envelopedData. The intermediate values matched, so we know that we were partially interoperable. We were never able to successfully decrypt a message using the KeyAgreeRecipientInfo syntax because we had not completely integrated the Triple-DES key wrap code into the SFL KeyAgreeRecipientInfo processing. Prior to SecureConnect2, we used the SFL to successfully ASN.1 decode S/MIME v3 Enhanced Security Services (ESS) signedAttributes such as Signed Receipt Requests, ESS Security Labels and Mail List Expansion History that were produced by Microsoft. We have also used the SFL to process ESS Signed Receipts created by Microsoft. At SecureConnect2, we also performed S/MIME v3 interoperability testing with Entrust. We were able to successfully process a S/MIME v3 SignedData message including an ESSSecurityLabel attribute generated by Entrust. In summary, we believe that the SecureConnect2 event was extremely valuable and we plan to participate at the SecureConnect3 event scheduled for September 1999. We also plan to conduct additional interoperability testing via e-mail. This testing proves that the SFL is maturing and will soon be a viable candidate for incorporation into applications that require S/MIME v3 capabilities including the optional S/MIME v3 security features such as security labels and signed receipts. We plan to deliver an updated interim SFL release which includes the enhancements made as a result of the lessons learned at SecureConnect2 and other improvements in the SFL. More information regarding the SFL is available from http://www.jgvandyke.com/services/infosec/sfl.htm, http://www.armadillo.huntsville.al.us/software/smime and http://www.imc.org/imc-sfl. Much thanks to Bob Colestock and Pierce Leonberger for testing the SFL at SecureConnect2 and for providing input to this report. ========================================================= John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Global Company jsp@jgvandyke.com ========================================================= From owner-imc-sfl Wed Apr 7 10:14:04 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA00199 for imc-sfl-bks; Wed, 7 Apr 1999 10:14:04 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA00195 for ; Wed, 7 Apr 1999 10:14:03 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id NAA06371 for ; Wed, 7 Apr 1999 13:20:05 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id NAA23323; Wed, 7 Apr 1999 13:17:11 -0400 Date: Wed, 7 Apr 1999 13:17:11 -0400 Message-Id: <199904071717.NAA23323@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.7 SFL Release Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) has delivered the seventh interim release (Version 0.7) of the S/MIME Freeware Library (SFL). It has been successfully tested using the MS Windows NT/95 and Linux operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS (draft-ietf-smime-cms-11) and ESS (draft-ietf-smime-ess-12) (NOTE: CMS-12 will be implemented in an SFL release in April 99). The following enhancements are included in the v0.7 SFL release: - Integrated CMS changes into ASN.1 syntax modules used by SFL and changed the SFL C++ Classes accordingly. - Removed dependency of VDA-enhanced SNACC v1.3 rev 0.07 ASN.1 Library on SFL files so that SNACC ASN.1 Library can be used independently of the SFL. - Completed code to implement Ephemeral Static Diffie Hellman key management. - Implemented and tested CMS-11 3DES and RC2 key wrap algorithms. Updated Crypto++ and BSAFE CTILs accordingly. - Added support for Crypto++ 3.0 C++ Classes. - Enhanced multiple SignerInfo processing logic. - Developed code to implement "C" API login. This simplifies application login to SFL CTILs. - Developing "C" API and documentation (see new SFL API document). Encrypt and Decrypt work. Sign and Verify have been partially tested. - Developing MLExpansionHistory processing code (ongoing). - Performed further Memory leak testing. - Further improvements to the RecipientInfo processing in Encrypt/Decrypt The classes have been updated to reflect the shared UKM concept. - KEKRecipientInfo has been implemented; limited interoperability testing with Microsoft has been completed. - Finalized receipt processing (receiptRequest attribute, verify creation of receipts, and verification of receipts). Added capability to generate multiple signerInfos in a signedReceipt. - Created a new group of client level C++ classes for the test environment. These new classes facilitate the test case implementation and clearly demonstrate the use of the SFL C++ Classes. - Developed new test code and configuration files to implement test cases. NOTE: MS Visual C++ 6.0 is required on Windows platforms to compile the v0.7 SFL due to linkage failures using MSVC++ 5.0. The v0.7 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.7 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE v3.0 library. The SFL uses the SNACC v1.3 ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.7 SFL release includes: SFL High-level library; SFL Crypto++ 3.0 Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test drivers and test data. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. VDA is now performing S/MIME v3 interoperability testing with Microsoft. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is 31 May 1999. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: incorporate S/MIME specification changes; Fortezza CTIL; Spyrus SPEX CTIL; continue "C" API development; additional helper functions; enhance code that displays decoded messages; MLExpansionHistory processing; countersignatures; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at the VDA SFL Page. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API, SFL Software Test Description, SFL Overview Briefing and SFL Public License. 2) snaccvda07.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. project files and makefiles are included. This release of SNACC does not depend on the SFL include files and libraries. This file includes a sample test project demonstrating the use of the SNACC classes. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR07.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98 and Linux. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. 2) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ========================================================= John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Global Company jsp@jgvandyke.com ========================================================= From owner-imc-sfl Thu Jun 10 07:38:49 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA07505 for imc-sfl-bks; Thu, 10 Jun 1999 07:38:49 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA07501 for ; Thu, 10 Jun 1999 07:38:47 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 10 Jun 1999 10:40:11 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF311DB35B@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.0 SFL Now Available Date: Thu, 10 Jun 1999 10:40:08 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) has delivered Version 1.0 of the S/MIME Freeware Library (SFL). v1.0 provides the basic functionality specified in the IETF S/MIME v3 CMS (draft-ietf-smime-cms-13) and ESS (draft-ietf-smime-ess-12) Internet-Drafts. It has been successfully tested using the MS Windows NT/95 and Solaris 2.6 operating systems. Further enhancements, ports and testing are still in process. The following enhancements are included in the v1.0 SFL release (compared with the v0.7 interim release): - Completed first level integration testing on Ephemeral Static (E-S) Diffie Hellman (D-H) key management. - Completed MLExpansionHistory processing in signed receipt logic. - Added support for the signingCertificate attribute. - Performed integration testing on CMS-13 3DES and RC2 key wrap algorithms. - Continued development on "C" API login. This simplifies application login to SFL CTILs. - Developing "C" API and documentation (see new SFL API document). - Performed further Memory leak testing. - Developed new test code and configuration files to implement test cases. - Added test utility for reading MIME encoded messages containing single body part or multi-part CMS components (SignedData or EnvelopedData) was developed and tested. This utility reports the contents of the CMS components, and will perform limited signature verification operations. It will also read ContentInfo wrapped CMS components, non-ContentInfo wrapped components, or certificates. The v1.0 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v1.0 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE v3.0 library. The SFL uses the SNACC v1.3 ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v1.0 SFL release includes: SFL High-level library; SFL Crypto++ 3.0 Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test drivers and test data. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. A significant amount of progress has been made with S/MIME v3 interoperability testing between the SFL and MS. We successfully completed testing the CMS-13 envelopedData features. We used the SFL to successfully decrypt MS-generated envelopedData messages containing KEKRecipientInfo syntaxes including 3DES- wrapped and RC2-wrapped content encryption keys. We also used the SFL to successfully decrypt MS-generated envelopedData messages containing KeyAgreeRecipientInfo syntaxes using an E-S D-H pairwise key with 3DES-wrapped and RC2-wrapped content encryption keys. MS was able to successfully decrypt SFL-generated messages including the same features as above. As part of this testing, MS was able to successfully use a VDA-generated D-H certificate. In the past, we have successfully exchanged RSA-signed signedData messages. We still need to perform DSA interoperability testing and to ensure that we have thoroughly tested all applicable CMS-13/ESS-12 features such as verifying a signed receipt. We are still in the process of enhancing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. Future releases will include: enhanced error reporting; countersignatures; Fortezza CTIL; Spyrus SPEX/ CTIL; encryptedData content type; further "C" API testing; additional helper functions; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as PKCS #11. We will enhance the utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at the VDA SFL Page. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API, SFL Software Test Description, SFL Overview Briefing and SFL Public License. 2) snaccvda07.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. project files and makefiles are included. This release of SNACC does not depend on the SFL include files and libraries. This file includes a sample test project demonstrating the use of the SNACC classes. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: Note: When this message was sent, the text of the Fortezza Developer's S/MIME Page still needed to be updated to state that v1.0 is available, but the correct v1.0 smimeR10.zip file and API document are available. 1) smimeR10.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98 and Linux. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. 2) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from http://www.rational.com/uml/resources/practice_uml/index.jtmpl. Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. We plan to port the SFL to the following operating systems: HP/UX 10.x, IBM AIX 3.2, and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ============================================================ From owner-imc-sfl Tue Jun 15 14:51:59 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA02316 for imc-sfl-bks; Tue, 15 Jun 1999 14:51:59 -0700 (PDT) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA02312 for ; Tue, 15 Jun 1999 14:51:58 -0700 (PDT) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.5) id OAA05259; Tue, 15 Jun 1999 14:52:53 -0700 (PDT) Received: from newman.verisign.com by mentat.verisign.com (8.8.5/BCH1.0) id OAA09989; Tue, 15 Jun 1999 14:53:49 -0700 (PDT) Received: by newman.verisign.com with Internet Mail Service (5.5.2448.0) id ; Tue, 15 Jun 1999 14:53:51 -0700 Message-ID: <23E9E6DBBF4DD21190BC006008B0213E93E552@newman.verisign.com> From: Hoa Ly To: "'imc-sfl@imc.org'" Subject: building snacc32.lib Date: Tue, 15 Jun 1999 14:53:44 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, I'm trying to build smime.dsw (smimeR1.0) as distributed with MSVC6.0 and got the following errors: msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(char const *)" (??6ostream@@QAEAAV0@PBD@Z) already defined in libcimtd.lib(ostream.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(class ostream & (__cdecl*)(class ostream &))" (??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "class ostream & __cdecl endl(class ostream &)" (?endl@@YAAAVostream@@AAV1@@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(char)" (??6ostream@@QAEAAV0@D@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(int)" (??6ostream@@QAEAAV0@H@Z) already defined in libcimtd.lib(ostrint.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _sprintf already defined in LIBCMTD.lib(sprintf.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _free already defined in LIBCMTD.lib(dbgheap.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _calloc already defined in LIBCMTD.lib(dbgheap.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _fclose already defined in LIBCMTD.lib(fclose.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _fopen already defined in LIBCMTD.lib(fopen.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _strncmp already defined in LIBCMTD.lib(strncmp.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _longjmp already defined in LIBCMTD.lib(longjmp.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _isprint already defined in LIBCMTD.lib(_ctype.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _isspace already defined in LIBCMTD.lib(_ctype.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _abort already defined in LIBCMTD.lib(abort.obj) LINK : warning LNK4098: defaultlib "MSVCRTD" conflicts with use of other libs; use /NODEFAULTLIB:library Debug/report_tool.exe : fatal error LNK1169: one or more multiply defined symbols found Error executing link.exe. I tried again by changing all the sub projects as multi-threaded instead of a mixture of multi-threaded and multi-threaded dll. But, still getting the error. If I removed snacc32d.lib, then I will get undefined symbol, instead of those listed above. So now I'm trying to build the snacc library without any success. I tried to follow the instruction from snaccVC6\notes.wri. First, I opened the project snaccVC6\snaccVC.dsw. There is no project label as "compiler". Then, I searched snacc-1.3, snacc-1.3vca, snaccVC5, snaccVC6 for a project name "c__lib.dsp" and could not find it either. This has been very frustrating. Please help! Thanks Hoa From owner-imc-sfl Wed Jun 16 09:28:18 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA29334 for imc-sfl-bks; Wed, 16 Jun 1999 09:28:18 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA29330 for ; Wed, 16 Jun 1999 09:28:16 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Wed, 16 Jun 1999 12:30:15 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF3115BA79@WFHQEX03> From: "Colestock, Robert" To: "'imc-sfl@imc.org'" Subject: FW: building snacc32.lib Date: Wed, 16 Jun 1999 12:30:15 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----Original Message----- From: Colestock, Robert Sent: Wednesday, June 16, 1999 11:04 AM To: 'Hoa Ly' Cc: Pawling, John; Leonberger, Pierce Subject: RE: building snacc32.lib Hoa: This error is due to the mis-alignment of the MS Visual C++ run-time DLLs; our library uses the "Debug Multithreaded DLL" as listed under the menu "Project/Settings/C++" Tab, "Category: Code Generation", "Use run-time library:". ALL of the components of your project must use consistent settings (painful, but necessary). Our libraries all use this setting for Deubug ("Multithreaded DLL" for Release). Your error indicates that some object reference compiled in your make is using another run-time DLL. All of the libraries under the SFL are consistent; this would imply that the failure (not listed in the errors below) must be with the crypto link. If you are using the crypto++ 3.0 library, you must adjust the authors settings to reflect the DLL settings above and "Re-build ALL" the crypto library. I noticed you are attempting to rebuild the SNACC library; these settings must also be consistent (they are by default). It is not necessary to re-build the SNACC library, we deliver the snacc32.lib and snacc32d.lib run-time libraries. SNACC Compiler: Sorry about the notes, they are for an older release; they have been removed. To build the SNACC compiler and run-time libraries, simply build the "snaccVC6" workspace "snacc" project. It should build "snacc.exe" which is the snacc compiler. The command line is tricky; for our project the following directory and parameters are used: working directory: ../../smimeR1.0/libsrc/asn1 command line parameters: -D -C -u ../../../snacc-1.3vda/asn1specs/asn-useful.asn1 sm_vdatypes.asn sm_x501ud.asn sm_x411ub.asn sm_x411mtsas.asn sm_x501if.asn sm_x520sa.asn sm_x509cmn.asn sm_x509af.asn sm_x509ce.asn sm_cms.asn sm_ess.asn ../../alg_libs/sm_free3/sm_free3_asn.asn ../../alg_libs/sm_rsa/sm_rsa_asn.asn ../../alg_libs/sm_fort/sm_fortAsn.asn This is important since we only support the C++ generation, and require a number of base ASN.1 definitions (in the numerous *.asn files listed, and the "asn-useful.ans1" file). Bob Colestock rwc@jgvandyke.com -----Original Message----- From: Hoa Ly [mailto:HLy@verisign.com] Sent: Tuesday, June 15, 1999 4:54 PM To: 'imc-sfl@imc.org' Subject: building snacc32.lib Hi, I'm trying to build smime.dsw (smimeR1.0) as distributed with MSVC6.0 and got the following errors: msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(char const *)" (??6ostream@@QAEAAV0@PBD@Z) already defined in libcimtd.lib(ostream.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(class ostream & (__cdecl*)(class ostream &))" (??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "class ostream & __cdecl endl(class ostream &)" (?endl@@YAAAVostream@@AAV1@@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(char)" (??6ostream@@QAEAAV0@D@Z) already defined in libsmutild.lib(sm_x509af.obj) msvcirtd.lib(MSVCIRTD.dll) : error LNK2005: "public: class ostream & __thiscall ostream::operator<<(int)" (??6ostream@@QAEAAV0@H@Z) already defined in libcimtd.lib(ostrint.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _sprintf already defined in LIBCMTD.lib(sprintf.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _free already defined in LIBCMTD.lib(dbgheap.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _calloc already defined in LIBCMTD.lib(dbgheap.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _fclose already defined in LIBCMTD.lib(fclose.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _fopen already defined in LIBCMTD.lib(fopen.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _strncmp already defined in LIBCMTD.lib(strncmp.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _longjmp already defined in LIBCMTD.lib(longjmp.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _isprint already defined in LIBCMTD.lib(_ctype.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _isspace already defined in LIBCMTD.lib(_ctype.obj) MSVCRTD.lib(MSVCRTD.dll) : error LNK2005: _abort already defined in LIBCMTD.lib(abort.obj) LINK : warning LNK4098: defaultlib "MSVCRTD" conflicts with use of other libs; use /NODEFAULTLIB:library Debug/report_tool.exe : fatal error LNK1169: one or more multiply defined symbols found Error executing link.exe. I tried again by changing all the sub projects as multi-threaded instead of a mixture of multi-threaded and multi-threaded dll. But, still getting the error. If I removed snacc32d.lib, then I will get undefined symbol, instead of those listed above. So now I'm trying to build the snacc library without any success. I tried to follow the instruction from snaccVC6\notes.wri. First, I opened the project snaccVC6\snaccVC.dsw. There is no project label as "compiler". Then, I searched snacc-1.3, snacc-1.3vca, snaccVC5, snaccVC6 for a project name "c__lib.dsp" and could not find it either. This has been very frustrating. Please help! Thanks Hoa From owner-imc-sfl Fri Jun 25 09:52:31 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA01404 for imc-sfl-bks; Fri, 25 Jun 1999 09:52:31 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA01400 for ; Fri, 25 Jun 1999 09:52:29 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Fri, 25 Jun 1999 12:55:13 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF313607B9@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Subject: SFL for SCO?? Date: Fri, 25 Jun 1999 12:55:12 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, Does anybody require support for the S/MIME Freeware Library for the SCO operating system?? We are considering dropping that platform from our "things to do" list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc. jsp@jgvandyke.com ============================================ From owner-imc-sfl Tue Jun 29 07:22:44 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA23322 for imc-sfl-bks; Tue, 29 Jun 1999 07:22:44 -0700 (PDT) Received: from ibd.ar.com (dataway5.dsl.concentric.net [216.112.11.21]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA23318 for ; Tue, 29 Jun 1999 07:22:43 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by ibd.ar.com (8.9.0.Beta5/8.9.0.Beta5) with ESMTP id HAA07593 for ; Tue, 29 Jun 1999 07:26:11 -0700 (PDT) Date: Tue, 29 Jun 1999 07:26:11 -0700 (PDT) From: "Rick H. Wesson" To: imc-sfl@imc.org Subject: rel 1.0 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: release 1.0 appears to be broken, there is no setup or Makefile in the top of the release, or the directions are wrong. the vdasnacc distribution is at least missing the version.h file. at any rate neither of these two products build on linux or sparc -rick From owner-imc-sfl Tue Jun 29 12:41:41 1999 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA00888 for imc-sfl-bks; Tue, 29 Jun 1999 12:41:41 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA00884 for ; Tue, 29 Jun 1999 12:41:38 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Tue, 29 Jun 1999 15:44:42 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF313607E5@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Cc: "Leonberger, Pierce" Subject: RE: rel 1.0 Date: Tue, 29 Jun 1999 15:44:39 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01BEC267.D34ED3F2" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01BEC267.D34ED3F2 Content-Type: text/plain; charset="iso-8859-1" All, This message from Pierce Leonberger, pleonber@jgvandyke.com , answers Rick Wesson's message. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc. jsp@jgvandyke.com ============================================ -----Original Message----- From: Leonberger, Pierce Sent: Tuesday, June 29, 1999 3:10 PM To: 'wessorh@ar.com' Cc: Pawling, John; Colestock, Robert Subject: SFL R1.0 Makefiles Rick, Attached to this message is a tar file containing the makefiles for UNIX. Extract this tar file into the directory you installed the SFL (the directory containing ./src). Then type "make setup". Let me know if you have any problems. As for vdasnacc07.zip. I just downloaded it built it for UNIX with no problems. This what I did: 1) mkdir work 2) cd work; unzip vdasnacc07.zip 3) ./configure 4) make For more complete build instructions for UNIX see the "install" file that is part of the SNACC 1.3 Distribution (included in our distribution as well). For Windows load the snaccVC6\snaccVC.dsw file into VisualC++ 6.0. Build the "snacc" project to build everything. I tried this as well and everything worked fine. If you continue to have problems e-mail your exact configuration (OS, Compiler, etc.. etc..) -Pierce -----Original Message----- From: Rick H. Wesson [mailto:wessorh@ar.com] Sent: Tuesday, June 29, 1999 10:26 AM To: imc-sfl@imc.org Subject: rel 1.0 release 1.0 appears to be broken, there is no setup or Makefile in the top of the release, or the directions are wrong. the vdasnacc distribution is at least missing the version.h file. at any rate neither of these two products build on linux or sparc -rick ------_=_NextPart_000_01BEC267.D34ED3F2 Content-Type: application/octet-stream; name="solmakes.tar" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="solmakes.tar" Li9saWJzcmMvYXNuMS9NYWtlZmlsZS5pbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxMDA2NjQAMDAwMTc1 MgAwMDAwMzMxADAwMDAwMDAyMDMzADA2NzIzMDc1NzA2ADAwMTUwNzEAMAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAbXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQwADAwMDAw MTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj CiMgTWFrZSBpbmZvcm1hdGlvbiBzcGVjaWZpYyB0byB0aGUgQVNOLjEgZGlyZWN0b3J5CiMKCiMg dGhlc2UgdmFyaWFibGVzIGFyZSBzcGVjaWZpYyB0byB0aGlzIG1ha2VmaWxlCiMgClRBUkdFVCAg ICAgICAgPSAgYWxsb2JqcwpDTU5GTEdTICAgICAgID0gICAgICAgICAgICAgICAgICAgIyBjb21t b24gdmFyaWFibGVzIGJldHdlZW4gY29tcGlsZXJzCklOQ0xVREUgICAgICAgPSAtSS4gXAogICAg ICAgICAgICAgICAgLUkuLi8uLi9pbmNsdWRlIFwKICAgICAgICAgICAgICAgIC1JJChTTkFDQ0RJ UikgLUkkKENNQVBJKQpERVBFTkRFTkNJRVMgID0gLi4vLi4vaW5jbHVkZS9zbV9hcGkuaApBU05N T0RVTEVTICAgID0gc21fdmRhdHlwZXMuYXNuIHNtX3g1MDF1ZC5hc24gIHNtX3g0MTF1Yi5hc24g c21feDQxMW10c2FzLmFzbiBcCiAgICAgICAgICAgICAgICBzbV94NTAxaWYuYXNuICBzbV94NTIw c2EuYXNuIHNtX3g1MDljbW4uYXNuIHNtX3g1MDlhZi5hc24gXAogICAgICAgICAgICAgICAgc21f eDUwOWNlLmFzbiAgc21fY21zLmFzbiBzbV9lc3MuYXNuCkFTTk1PRENYWCAgICAgPSAke0FTTk1P RFVMRVM6LmFzbj0uQ30KQVNOTU9EQ1BQICAgICA9ICR7QVNOTU9EVUxFUzouYXNuPS5jcHB9CkFT Tk1PREhEUiAgICAgPSAke0FTTk1PRFVMRVM6LmFzbj0uaH0KQVNOTU9ET0JKUyAgICA9ICR7QVNO TU9EVUxFUzouYXNuPS5vfQpPQkpTICAgICAgICAgID0gc21fdmRhc25hY2MubyBzbV9CaWdJbnRl Z2VyU3RyLm8KCgphbGxvYmpzOiAkKEFTTk1PRE9CSlMpICQoT0JKUykKCiQoT0JKUyk6ICQoREVQ RU5ERU5DSUVTKQokKEFTTk1PRE9CSlMpOiAkKEFTTk1PRENQUCkKJChBU05NT0RDUFApOiAkKEFT Tk1PRFVMRVMpCgpjbGVhbi1hc246IGNsZWFuCglybSAtZiAkKEFTTk1PRENQUCkKCUBlY2hvICJy ZW1vdmluZyBBU04uMSBpbmNsdWRlIGZpbGVzLi4uIgoJKGNkIC4uLy4uL2luY2x1ZGU7IHJtIC1m ICQoQVNOTU9ESERSKSkKY2xlYW46CglybSAtZiAqLm8KCiMKIyBFbmQgb2YgQVNOLjEgc3BlY2lm aWMgbWFrZSBpbmZvcm1hdGlvbgojCgoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL2xp YnNyYy9sb2xldmVsL01ha2VmaWxlLmluAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NAAwMDAxNzUyADAw MDAzMzEAMDAwMDAwMDEyMzIAMDY3MjI2MTEzNTEAMDAxNTY2MAAwAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMKIyBN YWtlIGluZm9ybWF0aW9uIHNwZWNpZmljIHRvIHRoZSBMb3cgTGV2ZWwgZGlyZWN0b3J5CiMKCkNT UkNTCSAgICAgID0gJCh3aWxkY2FyZCAqLmMpCkNPQkpTICAgICAgICAgPSAkKENTUkNTOi5jPS5v KQpTUkNTICAgICAgICAgID0gJCh3aWxkY2FyZCAqLmNwcCkKT0JKUyAgICAgICAgICA9ICQoU1JD UzouY3BwPS5vKSAkKENPQkpTKQoKIyB0aGVzZSB2YXJpYWJsZXMgYXJlIHNwZWNpZmljIHRvIHRo aXMgbWFrZWZpbGUKIyAKVEFSR0VUICAgICAgICA9ICBhbGxvYmpzCkNNTkZMR1MgICAgICAgPSAg ICAgICAgICAgICAgICAgICAjIGNvbW1vbiB2YXJpYWJsZXMgYmV0d2VlbiBjb21waWxlcnMKSU5D TFVERSAgICAgICA9IC1JLiBcCiAgICAgICAgICAgICAgICAtSS4uLy4uL2luY2x1ZGUgXAogICAg ICAgICAgICAgICAgLUkkKFNOQUNDRElSKSAtSSQoQ01BUEkpIC1JJChDUllQVE8zKyspCkRFUEVO REVOQ0lFUyAgPSAuLi8uLi9pbmNsdWRlL3NtX2FwaS5oIFwKICAgICAgICAgICAgICAgIC4uLy4u L2luY2x1ZGUvc21fdGxpc3QuaAogICAgICAgICAgICAKCmFsbG9ianM6ICQoT0JKUykKCiQoT0JK Uyk6ICQoREVQRU5ERU5DSUVTKQoKY2xlYW46CglybSAtcmYgKi5vCgojCiMgRW5kIG9mIExvdyBM ZXZlbCBzcGVjaWZpYyBtYWtlIGluZm9ybWF0aW9uCiMKCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL2xpYnNy Yy9oaWxldmVsL01ha2VmaWxlLmluAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NAAwMDAxNzUyADAwMDAz MzEAMDAwMDAwMDExMDQAMDY3MjIzNTAzMDIAMDAxNTY0MAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMKIyBNYWtl IGluZm9ybWF0aW9uIHNwZWNpZmljIHRvIHRoZSBMb3cgTGV2ZWwgZGlyZWN0b3J5CiMKClNSQ1Mg ICAgICAgICAgPSAkKHdpbGRjYXJkICouY3BwKQpPQkpTICAgICAgICAgID0gJChTUkNTOi5jcHA9 Lm8pCgojIHRoZXNlIHZhcmlhYmxlcyBhcmUgc3BlY2lmaWMgdG8gdGhpcyBtYWtlZmlsZQojIApU QVJHRVQgICAgICAgID0gIGFsbG9ianMKQ01ORkxHUyAgICAgICA9ICAgICAgICAgICAgICAgICAg ICMgY29tbW9uIHZhcmlhYmxlcyBiZXR3ZWVuIGNvbXBpbGVycwpJTkNMVURFICAgICAgID0gLUku IFwKICAgICAgICAgICAgICAgIC1JLi4vLi4vaW5jbHVkZSBcCiAgICAgICAgICAgICAgICAtSSQo U05BQ0NESVIpIC1JJChDTUFQSSkgLUkkKENSWVBUTzMrKykKREVQRU5ERU5DSUVTICA9IC4uLy4u L2luY2x1ZGUvc21fYXBpLmggXAogICAgICAgICAgICAgICAgLi4vLi4vaW5jbHVkZS9zbV9jbXMu aAoKYWxsb2JqczogJChPQkpTKQoKJChPQkpTKTogJChERVBFTkRFTkNJRVMpCgpjbGVhbjoKCXJt IC1mICoubwoKIwojIEVuZCBvZiBMb3cgTGV2ZWwgc3BlY2lmaWMgbWFrZSBpbmZvcm1hdGlvbgoj CgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL2xpYnNyYy9N YWtlbGliX3NtLmluAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NgAwMDAxNzUyADAwMDAzMzEA MDAwMDAwMDA2NDMAMDY1MDY3NzUzNzQAMDAxNDU3MwAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoKTElCU009bGli c20uYQoKVEFSR0VUUzogbGliYXNuMSBsaWJsbyBsaWJoaSBsaWJzbQoKY2xlYW46CgkoY2QgLi9h c24xOyBtYWtlIGNsZWFuKQoJKGNkIC4vbG9sZXZlbDsgbWFrZSBjbGVhbikKCShjZCAuL2hpbGV2 ZWw7IG1ha2UgY2xlYW4pCgpiYXJlOiBjbGVhbgoJcm0gLWYgLi4vbGliLyQoTElCU00pCgpsaWJh c24xOgoJKGNkIC4vYXNuMTsgbWFrZSkKCmxpYmxvOgoJKGNkIC4vbG9sZXZlbDsgbWFrZSkKCmxp YmhpOgoJKGNkIC4vaGlsZXZlbDsgbWFrZSkKCmxpYnNtOiAkKExJQlNNKSAkKFJBTkxJQikKCiQo TElCU00pOiAKCXJtIC1mICQoTElCU00pCglhciBydXYgLi4vbGliLyQoTElCU00pIC4vYXNuMS8q Lm8gLi9sb2xldmVsLyoubyAuL2hpbGV2ZWwvKi5vCgpyYW5saWI6CglyYW5saWIgLi4vbGliLyQo TElCU00pCgoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi9hbGdfbGlicy9z bV9mb3J0L01ha2VmaWxlLmluAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxMDA2NjQAMDAwMTc1MgAwMDAwMzMxADAw MDAwMDAyMDYxADA2NTE0NDA2MjY1ADAwMTYxNzMAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA bXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQwADAwMDAwMTYAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjCiMgTWFrZSBpbmZv cm1hdGlvbiBzcGVjaWZpYyB0byB0aGUgRm9ydGV6emEgVG9rZW4gSW50ZXJmYWNlIGRpcmVjdG9y eQojCgoKIyB0aGVzZSB2YXJpYWJsZXMgYXJlIHNwZWNpZmljIHRvIHRoaXMgbWFrZWZpbGUKIyAK TElCUkFSWSAgICAgICA9ICAuLi8uLi9saWIvbGlic21mb3J0LmEKVEFSR0VUICAgICAgICA9ICBs aWJyYXJ5CkNNTkZMR1MgICAgICAgPSAgICAgICAgICAgICAgICAgICAjIGNvbW1vbiB2YXJpYWJs ZXMgYmV0d2VlbiBjb21waWxlcnMKSU5DTFVERSAgICAgICA9IC1JLiBcCiAgICAgICAgICAgICAg ICAtSS4uLy4uL2luY2x1ZGUgXAogICAgICAgICAgICAgICAgLUkkKFNOQUNDRElSKSBcCiAgICAg ICAgICAgICAgICAtSSQoQ01BUEkpL2luY2x1ZGUvY21hcGkgXAoJCS1JJChDSV9QQVRIKS9pbmNs dWRlCkRFUEVOREVOQ0lFUyAgPSAuLi8uLi9pbmNsdWRlL3NtX2FwaS5oIFwKICAgICAgICAgICAg ICAgIC4uLy4uL2luY2x1ZGUvc21fZm9ydC5oCkFTTkVYVEVSTiAgICAgPSAuLi8uLi9saWJzcmMv YXNuMS9zbV92ZGF0eXBlcy5hc24KQVNOTU9EVUxFUyAgICA9IHNtX2ZvcnRBc24uYXNuCkFTTk1P RENYWCAgICAgPSAke0FTTk1PRFVMRVM6LmFzbj0uQ30KQVNOTU9EQ1BQICAgICA9ICR7QVNOTU9E VUxFUzouYXNuPS5jcHB9CkFTTk1PREhEUiAgICAgPSAke0FTTk1PRFVMRVM6LmFzbj0uaH0KQVNO TU9ET0JKUyAgICA9ICR7QVNOTU9EVUxFUzouYXNuPS5vfQpPQkpTICAgICAgICAgID0gJChBU05N T0RPQkpTKSBzbV9mb3J0Lm8KCmxpYnJhcnk6ICQoTElCUkFSWSkgJChSQU5MSUIpCgokKExJQlJB UlkpOiAkKE9CSlMpCgkkKEFSKSAkKEFSRkxBR1MpICRAICQoT0JKUykKCiQoUkFOTElCKToKCSQo UkFOTElCKSAkQAoKJChPQkpTKTogJChERVBFTkRFTkNJRVMpCiQoQVNOTU9ET0JKUyk6ICQoQVNO TU9EQ1BQKQokKEFTTk1PRENQUCk6ICQoQVNOTU9EVUxFUykKCmNsZWFuOgoJcm0gLWYgKi5vCmJh cmU6IGNsZWFuCglybSAtZiAkKExJQlJBUlkpCgojCiMgRW5kIG9mIEZvcnRlenphIENyeXB0byBU b2tlbiBJbnRlcmZhY2Ugc3BlY2lmaWMgc3R1ZmYKIwoKCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL2FsZ19saWJzL3NtX3Jz YS9NYWtlZmlsZS5pbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NAAwMDAxNzUyADAwMDAzMzEAMDAwMDAw MDIzMTYAMDY3MDA3NjAxMTMAMDAxNjAwMQAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtc3AA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMKIyBNYWtlIGluZm9ybWF0 aW9uIHNwZWNpZmljIHRvIHRoZSBGb3J0ZXp6YSBUb2tlbiBJbnRlcmZhY2UgZGlyZWN0b3J5CiMK CkNTUkNTICAgICAgICAgICAgPSAkKHdpbGRjYXJkICouYykKQ09CSlMgICAgICAgICAgICA9ICQo Q1NSQ1M6LmM9Lm8pCkNQUFNSQ1MgICAgICAgICAgPSAkKHdpbGRjYXJkICouY3BwKQpDUFBPQkpT ICAgICAgICAgID0gJChDUFBTUkNTOi5jcHA9Lm8pCgpBU05FWFRFUk4gICAgID0gLi4vLi4vbGli c3JjL2FzbjEvc21fdmRhdHlwZXMuYXNuCkFTTk1PRFVMRVMgICAgPSAkKHdpbGRjYXJkICouYXNu KQpBU05NT0RDWFggICAgID0gJHtBU05NT0RVTEVTOi5hc249LkN9CkFTTk1PRENQUCAgICAgPSAk e0FTTk1PRFVMRVM6LmFzbj0uY3BwfQpBU05NT0RIRFIgICAgID0gJHtBU05NT0RVTEVTOi5hc249 Lmh9CkFTTk1PRE9CSlMgICAgPSAke0FTTk1PRFVMRVM6LmFzbj0ub30KCk9CSlMgICAgICAgICAg PSAkKEFTTk1PRE9CSlMpICQoQ1BQT0JKUykgJChDT0JKUykKCiMgdGhlc2UgdmFyaWFibGVzIGFy ZSBzcGVjaWZpYyB0byB0aGlzIG1ha2VmaWxlCiMgCkxJQlJBUlkgICAgICAgPSAgLi4vLi4vbGli L2xpYnNtcnNhLmEKVEFSR0VUICAgICAgICA9ICBsaWJyYXJ5CkNNTkZMR1MgICAgICAgPSAgICAg ICAgICAgICAgICAgICAjIGNvbW1vbiB2YXJpYWJsZXMgYmV0d2VlbiBjb21waWxlcnMKSU5DTFVE RSAgICAgICA9IC1JLiBcCiAgICAgICAgICAgICAgICAtSS4uLy4uL2luY2x1ZGUgXAogICAgICAg ICAgICAgICAgLUkuLi8uLi9pbmNsdWRlL3NuYWNjL2MrKyBcCiAgICAgICAgICAgICAgICAtSSQo QlNBRkUpL2luY2x1ZGUgLUkkKENNQVBJKQpERVBFTkRFTkNJRVMgID0gLi4vLi4vaW5jbHVkZS9z bV9hcGkuaCBcCiAgICAgICAgICAgICAgICAuLi8uLi9pbmNsdWRlL3NtX3JzYS5oCgpsaWJyYXJ5 OiAkKExJQlJBUlkpICQoUkFOTElCKQoKJChMSUJSQVJZKTogJChPQkpTKQoJJChBUikgJChBUkZM QUdTKSAkQCAkKE9CSlMpCgokKFJBTkxJQik6CgkkKFJBTkxJQikgJChMSUJSQVJZKQoKJChPQkpT KTogJChERVBFTkRFTkNJRVMpCiQoQVNOTU9ET0JKUyk6ICQoQVNOTU9EQ1BQKQokKEFTTk1PRENQ UCk6ICQoQVNOTU9EVUxFUykKCmNsZWFuOgoJcm0gLWYgKi5vCmJhcmU6IGNsZWFuCglybSAtZiAk KExJQlJBUlkpCgojCiMgRW5kIG9mIEZvcnRlenphIENyeXB0byBUb2tlbiBJbnRlcmZhY2Ugc3Bl Y2lmaWMgc3R1ZmYKIwoKCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vYWxnX2xpYnMvc21fY29tbW9u L01ha2VmaWxlLmluAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAwNjY0ADAwMDE3NTIAMDAwMDMzMQAwMDAwMDAwMTQz NAAwNjcwMDc2MDIzNwAwMDE2NTEzADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1zcAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAwMDE2AAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIwojIE1ha2UgaW5mb3JtYXRpb24g c3BlY2lmaWMgdG8gdGhlIEZvcnRlenphIFRva2VuIEludGVyZmFjZSBkaXJlY3RvcnkKIwoKQ1BQ U1JDUyAgICAgICA9ICQod2lsZGNhcmQgKi5jcHApCkNQUE9CSlMgICAgICAgPSAkKENQUFNSQ1M6 LmNwcD0ubykKCk9CSlMgICAgICAgICAgPSAkKENQUE9CSlMpIAoKIyB0aGVzZSB2YXJpYWJsZXMg YXJlIHNwZWNpZmljIHRvIHRoaXMgbWFrZWZpbGUKIyAKCkxJQlJBUlkgICAgICAgPSAgLi4vLi4v bGliL2xpYnNtY29tbW9uLmEKVEFSR0VUICAgICAgICA9ICBsaWJyYXJ5CkNNTkZMR1MgICAgICAg PSAgICAgICAgICAgICAgICAgICAjIGNvbW1vbiB2YXJpYWJsZXMgYmV0d2VlbiBjb21waWxlcnMK SU5DTFVERSAgICAgICA9IC1JLiBcCiAgICAgICAgICAgICAgICAtSS4uLy4uL2luY2x1ZGUgXAog ICAgICAgICAgICAgICAgLUkkKFNOQUNDRElSKSAtSSQoQ01BUEkpCkRFUEVOREVOQ0lFUyAgPSAu Li8uLi9pbmNsdWRlL3NtX2FwaS5oIFwKICAgICAgICAgICAgICAgIC4uLy4uL2luY2x1ZGUvc21f Y29tbW9uLmgKCmxpYnJhcnk6ICQoTElCUkFSWSkgJChSQU5MSUIpCgokKExJQlJBUlkpOiAkKE9C SlMpCgkkKEFSKSAkKEFSRkxBR1MpICRAICQoT0JKUykKCiQoUkFOTElCKToKCSQoUkFOTElCKSAk KExJQlJBUlkpCgokKE9CSlMpOiAkKERFUEVOREVOQ0lFUykKCmNsZWFuOgoJcm0gLWYgKi5vCmJh cmU6IGNsZWFuCglybSAtZiAkKExJQlJBUlkpCgojCiMgRW5kIG9mIEZvcnRlenphIENyeXB0byBU b2tlbiBJbnRlcmZhY2Ugc3BlY2lmaWMgc3R1ZmYKIwoKCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vYWxnX2xpYnMvc21fZnJlZS9NYWtl ZmlsZS5pbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAwNjQ0ADAwMDE3NTIAMDAwMDMzMQAwMDAwMDAwMjc2NwAw NjY2MjUxMzcxMAAwMDE2MTUzADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1zcAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAwMDE2AAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIwojIE1ha2UgaW5mb3JtYXRpb24gc3Bl Y2lmaWMgdG8gdGhlIEZvcnRlenphIFRva2VuIEludGVyZmFjZSBkaXJlY3RvcnkKIwoKQ1BQU1JD UyAgICAgICAgICA9ICQod2lsZGNhcmQgKi5jcHApCkNQUE9CSlMgICAgICAgICAgPSAkKENQUFNS Q1M6LmNwcD0ubykKCkFTTkVYVEVSTiAgICAgPSAuLi8uLi9saWJzcmMvYXNuMS9zbV92ZGF0eXBl cy5hc24gXAogICAgICAgICAgICAgICAgLi4vLi4vbGlic3JjL2FzbjEvc21feDUwMXVkLmFzbiBc CiAgICAgICAgICAgICAgICAuLi8uLi9saWJzcmMvYXNuMS9zbV94NDExdWIuYXNuIFwKICAgICAg ICAgICAgICAgIC4uLy4uL2xpYnNyYy9hc24xL3NtX3g0MTFtdHNhcy5hc24gXAogICAgICAgICAg ICAgICAgLi4vLi4vbGlic3JjL2FzbjEvc21feDUwMWlmLmFzbiBcCiAgICAgICAgICAgICAgICAu Li8uLi9saWJzcmMvYXNuMS9zbV94NTIwc2EuYXNuIFwKICAgICAgICAgICAgICAgIC4uLy4uL2xp YnNyYy9hc24xL3NtX3g1MDljbW4uYXNuIFwKICAgICAgICAgICAgICAgIC4uLy4uL2xpYnNyYy9h c24xL3NtX3g1MDlhZi5hc24gXAogICAgICAgICAgICAgICAgLi4vLi4vbGlic3JjL2FzbjEvc21f Y21zLmFzbgpBU05NT0RVTEVTICAgID0gJCh3aWxkY2FyZCAqLmFzbikKQVNOTU9EQ1hYICAgICA9 ICR7QVNOTU9EVUxFUzouYXNuPS5DfQpBU05NT0RDUFAgICAgID0gJHtBU05NT0RVTEVTOi5hc249 LmNwcH0KQVNOTU9ESERSICAgICA9ICR7QVNOTU9EVUxFUzouYXNuPS5ofQpBU05NT0RPQkpTICAg ID0gJHtBU05NT0RVTEVTOi5hc249Lm99CgpPQkpTICAgICAgICAgID0gJChBU05NT0RPQkpTKSAk KENQUE9CSlMpCgojIHRoZXNlIHZhcmlhYmxlcyBhcmUgc3BlY2lmaWMgdG8gdGhpcyBtYWtlZmls ZQojIApMSUJSQVJZICAgICAgID0gIC4uLy4uL2xpYi9saWJzbWZyZWUuYQpUQVJHRVQgICAgICAg ID0gIGxpYnJhcnkKQ01ORkxHUyAgICAgICA9ICAgICAgICAgICAgICAgICAgICMgY29tbW9uIHZh cmlhYmxlcyBiZXR3ZWVuIGNvbXBpbGVycwpJTkNMVURFICAgICAgID0gLUkuIFwKICAgICAgICAg ICAgICAgIC1JLi4vLi4vaW5jbHVkZSBcCiAgICAgICAgICAgICAgICAtSSQoU05BQ0NESVIpIFwK ICAgICAgICAgICAgICAgIC1JJChDUllQVE8rKykKREVQRU5ERU5DSUVTICA9IC4uLy4uL2luY2x1 ZGUvc21fYXBpLmggXAogICAgICAgICAgICAgICAgLi4vLi4vaW5jbHVkZS9zbV9mcmVlLmgKCmxp YnJhcnk6ICQoTElCUkFSWSkgJChSQU5MSUIpCgokKExJQlJBUlkpOiAkKE9CSlMpCgkkKEFSKSAk KEFSRkxBR1MpICRAICQoT0JKUykKCiQoUkFOTElCKToKCSQoUkFOTElCKSAkKExJQlJBUlkpCgok KE9CSlMpOiAkKERFUEVOREVOQ0lFUykKJChBU05NT0RPQkpTKTogJChBU05NT0RDUFApCiQoQVNO TU9EQ1BQKTogJChBU05NT0RVTEVTKQoKY2xlYW46CglybSAtZiAqLm8KYmFyZTogY2xlYW4KCXJt IC1mICQoTElCUkFSWSkKCiMKIyBFbmQgb2YgRm9ydGV6emEgQ3J5cHRvIFRva2VuIEludGVyZmFj ZSBzcGVjaWZpYyBzdHVmZgojCgoKAAAAAAAAAAAALi9hbGdfbGlicy9NYWtlbGliX2FsZ3MuaW4A AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAADAxMDA2NjYAMDAwMTc1MgAwMDAwMzMxADAwMDAwMDAwNjI3ADA2NzI2 NzcyNTIyADAwMTUzNzYAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbXNwAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQwADAwMDAwMTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMSUJTTUFMR1M9bGlic21hbGdzLmEKClRBUkdF VFM6IGxpYnNtX3JzYSBsaWJzbV9jb21tb24KCmNsZWFuOgoJKGNkIC4vc21fZnJlZTM7IG1ha2Ug Y2xlYW4pCgkoY2QgLi9zbV9yc2E7IG1ha2UgY2xlYW4pCgkoY2QgLi9zbV9mb3J0OyBtYWtlIGNs ZWFuKQoJKGNkIC4vc21fY29tbW9uOyBtYWtlIGNsZWFuKQoKYmFyZTogY2xlYW4KCShjZCAuL3Nt X2ZyZWUzOyBtYWtlIGJhcmUpCgkoY2QgLi9zbV9yc2E7IG1ha2UgYmFyZSkKCShjZCAuL3NtX2Zv cnQ7IG1ha2UgYmFyZSkKCShjZCAuL3NtX2NvbW1vbjsgbWFrZSBiYXJlKQoKbGlic21fcnNhOgoJ KGNkIC4vc21fcnNhOyBtYWtlKQpsaWJzbV9mcmVlMzoKCShjZCAuL3NtX2ZyZWUzOyBtYWtlKQps aWJzbV9jb21tb246CgkoY2QgLi9zbV9jb21tb247IG1ha2UpCgAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4vYWxnX2xpYnMvc21fZnJlZTMvTWFrZWZpbGUu aW4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAwMTAwNjY0ADAwMDE3NTIAMDAwMDMzMQAwMDAwMDAwMzAyNwAwNjcyMjMy NzM1NgAwMDE2MjM0ADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA dXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1zcAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAwMDE2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIwojIE1ha2UgaW5mb3JtYXRpb24gc3BlY2lmaWMg dG8gdGhlIEZvcnRlenphIFRva2VuIEludGVyZmFjZSBkaXJlY3RvcnkKIwoKQ1BQU1JDUyAgICAg ICAgICA9ICQod2lsZGNhcmQgKi5jcHApCkNQUE9CSlMgICAgICAgICAgPSAkKENQUFNSQ1M6LmNw cD0ubykKCkFTTkVYVEVSTiAgICAgPSAuLi8uLi9saWJzcmMvYXNuMS9zbV92ZGF0eXBlcy5hc24g XAogICAgICAgICAgICAgICAgLi4vLi4vbGlic3JjL2FzbjEvc21feDUwMXVkLmFzbiBcCiAgICAg ICAgICAgICAgICAuLi8uLi9saWJzcmMvYXNuMS9zbV94NDExdWIuYXNuIFwKICAgICAgICAgICAg ICAgIC4uLy4uL2xpYnNyYy9hc24xL3NtX3g0MTFtdHNhcy5hc24gXAogICAgICAgICAgICAgICAg Li4vLi4vbGlic3JjL2FzbjEvc21feDUwMWlmLmFzbiBcCiAgICAgICAgICAgICAgICAuLi8uLi9s aWJzcmMvYXNuMS9zbV94NTIwc2EuYXNuIFwKICAgICAgICAgICAgICAgIC4uLy4uL2xpYnNyYy9h c24xL3NtX3g1MDljbW4uYXNuIFwKICAgICAgICAgICAgICAgIC4uLy4uL2xpYnNyYy9hc24xL3Nt X3g1MDlhZi5hc24gXAogICAgICAgICAgICAgICAgLi4vLi4vbGlic3JjL2FzbjEvc21fY21zLmFz bgpBU05NT0RVTEVTICAgID0gJCh3aWxkY2FyZCAqLmFzbikKQVNOTU9EQ1hYICAgICA9ICR7QVNO TU9EVUxFUzouYXNuPS5DfQpBU05NT0RDUFAgICAgID0gJHtBU05NT0RVTEVTOi5hc249LmNwcH0K QVNOTU9ESERSICAgICA9ICR7QVNOTU9EVUxFUzouYXNuPS5ofQpBU05NT0RPQkpTICAgID0gJHtB U05NT0RVTEVTOi5hc249Lm99CgpPQkpTICAgICAgICAgID0gJChBU05NT0RPQkpTKSAkKENQUE9C SlMpCgojIHRoZXNlIHZhcmlhYmxlcyBhcmUgc3BlY2lmaWMgdG8gdGhpcyBtYWtlZmlsZQojIApM SUJSQVJZICAgICAgID0gIC4uLy4uL2xpYi9saWJzbWZyZWUzLmEKVEFSR0VUICAgICAgICA9ICBs aWJyYXJ5CkNNTkZMR1MgICAgICAgPSAgICAgICAgICAgICAgICAgICAjIGNvbW1vbiB2YXJpYWJs ZXMgYmV0d2VlbiBjb21waWxlcnMKSU5DTFVERSAgICAgICA9IC1JLiBcCiAgICAgICAgICAgICAg ICAtSS4uLy4uL2luY2x1ZGUgXAogICAgICAgICAgICAgICAgLUkkKFNOQUNDRElSKSBcCiAgICAg ICAgICAgICAgICAtSSQoQ1JZUFRPMysrKSBcCiAgICAgICAgICAgICAgICAtSSQoQ01BUEkpCkRF UEVOREVOQ0lFUyAgPSAuLi8uLi9pbmNsdWRlL3NtX2FwaS5oIFwKICAgICAgICAgICAgICAgIC4u Ly4uL2luY2x1ZGUvc21fZnJlZTMuaAoKbGlicmFyeTogJChMSUJSQVJZKSAkKFJBTkxJQikKCiQo TElCUkFSWSk6ICQoT0JKUykKCSQoQVIpICQoQVJGTEFHUykgJEAgJChPQkpTKQoKJChSQU5MSUIp OgoJJChSQU5MSUIpICQoTElCUkFSWSkKCiQoT0JKUyk6ICQoREVQRU5ERU5DSUVTKQokKEFTTk1P RE9CSlMpOiAkKEFTTk1PRENQUCkKJChBU05NT0RDUFApOiAkKEFTTk1PRFVMRVMpCgpjbGVhbjoK CXJtIC1mICoubwpiYXJlOiBjbGVhbgoJcm0gLWYgJChMSUJSQVJZKQoKIwojIEVuZCBvZiBGb3J0 ZXp6YSBDcnlwdG8gVG9rZW4gSW50ZXJmYWNlIHNwZWNpZmljIHN0dWZmCiMKCgoAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL3Rlc3RzcmMvaGlsZXZlbC9NYWtlZmlsZS5pbgAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAMDEwMDY2NAAwMDAxNzUyADAwMDAzMzEAMDAwMDAwMDE1MjUAMDY3MjU0NTUyNzYA MDAxNjEwMwAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFy ADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAElOQ0xVREUgPSAtSS4uL2luY2x1ZGUgLUkuLi8uLi9pbmNs dWRlIC1JJChDUllQVE8zKyspIC1JJChTTkFDQ0RJUikgLUkkKENNQVBJKQoKIyB1bmNvbW1lbnQg dGhpcyBsaW5lIGlmIGxpbmtpbmcgd2l0aCBCU0FGRSBhbmQgQ29tbW9uIENUSUxzCkxJQlBBVEgg PSAtTC4uLy4uL2xpYiAtTCQoQlNBRkUpL2xpYiAKCiNMSUJQQVRIID0gLUwuLi8uLi9saWIgLUwk KENSWVBUTzMrKykKCiMgaWYgbGlua2luZyB3aXRoIEJTQUZFIENUSSBhbmQgRlJFRSBDVEkgdW5j b21tZW50IHRoaXMgZGVmaW5pdGlvbiBvZiBMSUJTCiMKI0xJQlMgICAgID0gJChMSUJQQVRIKSAt bHNtdXRpbCAtbHNtcnNhIC1sc21mcmVlIC1sc21jb21tb24gXAojICAgICAgICAgICAtbGJzYWZl IC1sY3J5cHQgLWxzbSAtbGFzbjFjKysKIwoKI2lmIGxpbmtpbmcgd2l0aCBGUkVFIENUSQoKI0xJ QlMgICAgID0gJChMSUJQQVRIKSAtbHNtdXRpbCAtbHNtZnJlZTMgLWxzbWNvbW1vbiBcCiMgICAg ICAgICAgIC1sY3J5cHQgLWxzbSAtbGFzbjFjKysgLWxzb2NrZXQKCiMgaWYgbGlua2luZyB3aXRo IEJTQUZFIGFuZCBkZWZhdWx0IENUSSAoQ29tbW9uKQojCkxJQlMgICAgID0gJChMSUJQQVRIKSAt bHNtdXRpbCAtbHNtcnNhIC1sc21jb21tb24gXAogICAgICAgICAgIC1sYnNhZmUgLWxzbSAtbGFz bjFjKysgLWxzb2NrZXQKCk9CSlMgPSBzbV9BdXRvaGkubwoKVEFSR0VUID0gYXV0b0hpCgphbGw6 ICQoVEFSR0VUKQoKY2xlYW46CglybSAtZiAkKE9CSlMpCmJhcmU6IGNsZWFuCglybSAtZiAkKFRB UkdFVCkKCiQoVEFSR0VUKTogJChPQkpTKSAuLi8uLi9saWIvKi5hCgkkKENYWCkgLW8gJChUQVJH RVQpICQoT0JKUykgJChMSUJTKQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAuL3Rlc3RzcmMvdXRpbC9NYWtlZmlsZS5pbgAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAMDEwMDY2NAAwMDAxNzUyADAwMDAzMzEAMDAwMDAwMDEyMjUAMDY3MjIzNTAzNDAAMDAx NTQwNAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAw c2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAACMKIyBNYWtlIGluZm9ybWF0aW9uIHNwZWNpZmljIHRvIHRoZSBB U04uMSBkaXJlY3RvcnkKIwoKQ1hYU1JDUyAgICAgICAgICA9ICQod2lsZGNhcmQgKi5jcHApCkNY WE9CSlMgICAgICAgICAgPSAkKENYWFNSQ1M6LmNwcD0ubykKQ1NSQ1MgICAgICAgICAgICA9ICQo d2lsZGNhcmQgKi5jKQpDT0JKUyAgICAgICAgICAgID0gJChDU1JDUzouYz0ubykKCk9CSlMgICAg ICAgICAgICAgPSAkKENYWE9CSlMpICQoQ09CSlMpCgojIHRoZXNlIHZhcmlhYmxlcyBhcmUgc3Bl Y2lmaWMgdG8gdGhpcyBtYWtlZmlsZQojIApUQVJHRVQgICAgICAgID0gIGFsbG9ianMKQ01ORkxH UyAgICAgICA9ICAgICAgICAgICAgICAgICAgICMgY29tbW9uIHZhcmlhYmxlcyBiZXR3ZWVuIGNv bXBpbGVycwpJTkNMVURFICAgICAgID0gLUkuLi8uLi9pbmNsdWRlICAtSS4uL2luY2x1ZGUgLUkk KFNOQUNDRElSKSAtSSQoQ1JZUFRPMysrKSBcCiAgICAgICAgICAgICAgICAtSSQoQlNBRkUpL2lu Y2x1ZGUgLUkkKENNQVBJKQoKREVQRU5ERU5DSUVTICA9IC4uLy4uL2luY2x1ZGUvc21fYXBpLmgK CmFsbG9ianM6ICQoT0JKUykKCiQoT0JKUyk6ICQoREVQRU5ERU5DSUVTKQoKY2xlYW46CglybSAt cmYgKi5vCgojCiMgRW5kIG9mIEFTTi4xIHNwZWNpZmljIG1ha2UgaW5mb3JtYXRpb24KIwoAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAuL3Rlc3RzcmMvTWFrZWxpYl9zbXV0aWwuaW4AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAMDEwMDY2NgAwMDAxNzUyADAwMDAzMzEAMDAwMDAwMDA1MjcAMDY3MjMwNzU2NDUAMDAxNTY3 NgAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2Zs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAoKTElCU01VVElMPWxpYnNtdXRpbC5hCgpUQVJHRVRTOiBsaWJ1dGls IGxpYnNtdXRpbAoKY2xlYW46CgkoY2QgLi91dGlsOyBtYWtlIGNsZWFuKQoJKGNkIC4vaGlsZXZl bDsgbWFrZSBjbGVhbikKCmJhcmU6IGNsZWFuCglybSAtZiAuLi9saWIvJChMSUJTTVVUSUwpCgps aWJ1dGlsOgoJKGNkIC4vdXRpbDsgbWFrZSkKCmxpYmxvbGV2ZWw6CgkoY2QgLi9sb2xldmVsOyBt YWtlKQoKbGlic211dGlsOiAkKExJQlNNVVRJTCkgJChSQU5MSUIpCgokKExJQlNNVVRJTCk6Cglh ciBydXYgLi4vbGliLyQoTElCU01VVElMKSAuL3V0aWwvKi5vCgpyYW5saWI6CglyYW5saWIgLi4v bGliLyQoTElCU01VVElMKQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAATWFrZWZpbGUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ADAxMDA2NjYAMDAwMTc1MgAwMDAwMzMxADAwMDAwMDAyNDE2ADA2NzAwNzUzMjU1ADAwMTIyMTMA MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAwMDAwMDQwADAwMDAwMTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAKVEFSR0VUUzogbGlic20gbGlic21hbGdzIGxpYnNtdXRpbCB0ZXN0cwoK bGlic206CgkoY2QgbGlic3JjOyBtYWtlIC1mIE1ha2VsaWJfc20pCmxpYnNtYWxnczoKCShjZCBh bGdfbGliczsgbWFrZSAtZiBNYWtlbGliX2FsZ3MpCmxpYnNtdXRpbDoKCShjZCB0ZXN0c3JjOyBt YWtlIC1mIE1ha2VsaWJfc211dGlsKQp0ZXN0czoKCShjZCB0ZXN0c3JjL2hpbGV2ZWw7IG1ha2Up IAoKc2V0dXA6CgkoLi9tYWtlcy9nZW5tYWtlLnNoIC4vbGlic3JjL01ha2VsaWJfc20pCgkoLi9t YWtlcy9nZW5tYWtlLnNoIC4vbGlic3JjL2FzbjEvTWFrZWZpbGUpCgkoLi9tYWtlcy9nZW5tYWtl LnNoIC4vbGlic3JjL2xvbGV2ZWwvTWFrZWZpbGUpCgkoLi9tYWtlcy9nZW5tYWtlLnNoIC4vbGli c3JjL2hpbGV2ZWwvTWFrZWZpbGUpCgkoLi9tYWtlcy9nZW5tYWtlLnNoIC4vdGVzdHNyYy9NYWtl bGliX3NtdXRpbCkKCSguL21ha2VzL2dlbm1ha2Uuc2ggLi90ZXN0c3JjL3V0aWwvTWFrZWZpbGUp CgkoLi9tYWtlcy9nZW5tYWtlLnNoIC4vdGVzdHNyYy9oaWxldmVsL01ha2VmaWxlKQoJKC4vbWFr ZXMvZ2VubWFrZS5zaCAuL2FsZ19saWJzL3NtX3JzYS9NYWtlZmlsZSkKCSguL21ha2VzL2dlbm1h a2Uuc2ggLi9hbGdfbGlicy9zbV9mb3J0L01ha2VmaWxlKQoJKC4vbWFrZXMvZ2VubWFrZS5zaCAu L2FsZ19saWJzL3NtX2ZyZWUzL01ha2VmaWxlKQoJKC4vbWFrZXMvZ2VubWFrZS5zaCAuL2FsZ19s aWJzL3NtX2NvbW1vbi9NYWtlZmlsZSkKCSguL21ha2VzL2dlbm1ha2Uuc2ggLi9hbGdfbGlicy9N YWtlbGliX2FsZ3MpCgojIHJlbW92ZXMgb2JqZWN0IGZpbGVzIG9ubHkKIwpjbGVhbjoKCShjZCAu L2xpYnNyYzsgbWFrZSAtZiBNYWtlbGliX3NtIGNsZWFuKQoJKGNkIC4vdGVzdHNyYzsgbWFrZSAt ZiBNYWtlbGliX3NtdXRpbCBjbGVhbikKCShjZCAuL2FsZ19saWJzOyBtYWtlIC1mIE1ha2VsaWJf YWxncyBjbGVhbikKCiMgcmVtb3ZlcyBvYmplY3QgZmlsZXMgYW5kIGxpYnJhcnkgZmlsZXMgCiMK YmFyZToKCShjZCAuL2xpYnNyYzsgbWFrZSAtZiBNYWtlbGliX3NtIGJhcmUpCgkoY2QgLi90ZXN0 c3JjOyBtYWtlIC1mIE1ha2VsaWJfc211dGlsIGJhcmUpCgkoY2QgLi90ZXN0c3JjL2hpbGV2ZWw7 IG1ha2UgYmFyZSkKCShjZCAuL2FsZ19saWJzOyBtYWtlIC1mIE1ha2VsaWJfYWxncyBiYXJlKQoK IyBkb24ndCBkbyB0aGlzIHVubGVzcyB5b3UgaGF2ZSB0aGUgU05BQ0MgY29tcGlsZXIgaW5zdGFs bGVkLgojCmNsZWFuLWFzbjoKCShjZCAuL2xpYnNyYy9hc24xOyBtYWtlIGNsZWFuLWFzbikKAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAABtYWtlcy8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDA0 MDc3NwAwMDAxNzUyADAwMDAzMzEAMDAwMDAwMDAwMDAAMDY3MjU0NTUxMjcAMDAxMTY1NwA1AAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw MDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAG1ha2VzL01ha2V0YWlsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAw NjY0ADAwMDE3NTIAMDAwMDMzMQAwMDAwMDAwMDM2NwAwNjQ3NTAyNDc0NAAwMDEzMzMxADAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAw MDA0MAAwMDAwMDE2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAALlNVRkZJWEVTIDogLmFzbiAuY3BwIC5jcHAubyAKCi5DLmNwcDoKCSQqLkMgJCou Y3BwCi5jLm86CgkkKENDKSAtYyAkKENGTEFHUykgJChDTU5GTEdTKSAkKElOQ0xVREUpICQ8Cgou Y3BwLm86CgkkKENYWCkgLWMgJChDWFhGTEFHUykgJChDTU5GTEdTKSAkKElOQ0xVREUpICQ8IAoK LmFzbi5jcHA6IAoJc25hY2MgJChTTkFDQ0ZMQUdTKSAkKEFTTk1PRFVMRVMpCgltdiAkKi5oIC4u Ly4uL2luY2x1ZGUKCW12ICQqLkMgJCouY3BwCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAABtYWtlcy9tYWtlbGliLmhlYWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2 NAAwMDAxNzUyADAwMDAzMzEAMDAwMDAwMDA0NTYAMDY0NTY3MjEwNzUAMDAxNDEwNQAwAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAw NDAAMDAwMDAxNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAENDICAgICAgICAgICAgPSBnY2MKQ0ZMQUdTICAgICAgICA9IC1nIC1XYWxsIC1EU1VO T1MKQ1hYICAgICAgICAgICA9IGcrKwpDWFhGTEFHUyAgICAgID0gLWcgLVdhbGwgLVVfX0dOVUNf XyAgLURTVU5PUyAtZmhhbmRsZS1leGNlcHRpb25zClNOQUNDRElSICAgICAgPSAvbXIyL2xvY2Fs ClNOQUNDRkxBR1MgICAgPSAtRCAtQyAtdS9tcjIvbG9jYWwvaW5jbHVkZS9zbmFjYy9hc24xL2Fz bi11c2VmdWwuYXNuMQpDTUFQSSAgICAgICAgID0gL21yMi9sb2NhbApSQU5MSUIgICAgICAgID0g cmFubGliCkVSUkxPRyAgICAgICAgPSAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAbWFrZXMvZ2VubWFrZS5zaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxMDA3NzUA MDAwMTc1MgAwMDAwMzMxADAwMDAwMDAzNjM3ADA2NTE0NDYzMDQ2ADAwMTM2MjQAMAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAbXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQw ADAwMDAwMTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAjIS9iaW4vc2gKCiMgQVVUSE9SIDogUGllcmNlIExlb25iZXJnZXIKIyBDT01QQU5ZOiBK LkcuIFZhbiBEeWtlICYgQXNzb2NpYXRlcwojIERBVEUgICA6IDAyLTI1LTE5OTgKIwojIFRoaXMg c2NyaXB0IGlzIHVzZWQgdG8gZ2VuZXJhdGUgbWFrZSBmaWxlcy4gIEl0IGRlcGVuZHMgb24gTWFr ZWhlYWQuPG9zPgojIGJlaW5nIGluIHRoZSB0aGUgLi9tYWtlcyBkaXJlY3RvcnkuICBUaGVzZSBm aWxlcyBtdXN0IGJlIGNyZWF0ZWQgZm9yCiMgZWFjaCBzeXN0ZW0gdGhlIHRoZSBTTSBsaWJyYXJ5 IGFuZCBTTSBVVElMSVRZIGxpYnJhcnkgYXJlIHRvIGJlIAojIGNvbXBpbGVkIGZvci4KIwojIFNl ZSBSRUFETUUuVFhUIGluIHRoZSAuL21ha2VzIGRpcmVjdG9yeSBmb3IgbW9yZSBpbmZvcm1hdGlv bi4KIwojCgoKaWYgWyAiJDEiID0gIiIgXTsgdGhlbgogICBlY2hvICJ1c2FnZTogJDAgPHBhdGg+ LzxNYWtlZmlsZT4iCiAgIGVjaG8gIiIKICAgbWFrZUZpbGU9Ik1ha2VmaWxlIgplbHNlCiAgIG1h a2VGaWxlPSIkMSIKICAgaWYgWyAhIC1mICRtYWtlRmlsZS5pbiBdIDsgdGhlbgogICAgICBlY2hv ICIkbWFrZUZpbGUuaW4gZG9lcyBub3QgZXhpc3QuLi4iCiAgICAgIGV4aXQKICAgZmkKZmkKCk9T PWB1bmFtZSAtc2AKUkVMPWB1bmFtZSAtcmAKTk9UQUlMPTAKCiMKIyBDaGVjayB0byBzZWUgaWYg bWFrZSBydWxlcyBhcmUgbmVlZGVkLiAgSXQncyBub3QgbmVlZGVkIGlmIHlvdSBhcmUKIyBvbmx5 IGJ1aWxkaW5nIGFuIGV4ZWN1dGFibGUgKGkuZS4gZHJpdmVycyApCiMKY2FzZSAkbWFrZUZpbGUg aW4KICAgKk1ha2VsaWIqKQoJUlVMRVM9MDsKICAgICAgICA7OwogICAqKQogICAgICAgIFJVTEVT PTE7CiAgICAgICAgOzsKZXNhYwoKIwojIElmIGEgcnVsZXMgYXJlIG5lZWRlZCBkZXRlcm1pbmUg d2hpY2ggc2V0IG9mIHJ1bGVzIHRvIHVzZSAodGVzdHNyYyBvciBsaWJzcmMpCiMKCk9TVFlQRT0i IgoKY2FzZSAkbWFrZUZpbGUgaW4KICAgKnRlc3RzcmMqKQogICAgICAgIE1BS0VSVUxFUz0iLi9t YWtlcy9UZXN0c3JjUnVsZXMiOwogICAgICAgIDs7CiAgICpsaWJzcmMqKQogICAgICAgIE1BS0VS VUxFUz0iLi9tYWtlcy9MaWJzcmNSdWxlcyI7CiAgICAgICAgOzsKICAgKmFsZ19saWJzKikKICAg ICAgICBNQUtFUlVMRVM9Ii4vbWFrZXMvTGlic3JjUnVsZXMiOwogICAgICAgIDs7CiAgICopCiAg ICAgICAgZWNobyAiRVJST1I6IGFkZCBydWxlcyBzdXBwb3J0IGZvciBhZGRpdGlvbmFsIGRpcmVj dG9yeSEhIgogICAgICAgIDs7CmVzYWMKCmNhc2UgJE9TIGluCiAgIEhQLVVYKQogICAgICBjYXNl ICRSRUwgaW4KICAgICAgICAgQS4wOS4wKikKICAgICAgICAgICAgT1NUWVBFPSJocHV4OSIKICAg ICAgICAgICAgOzsKICAgICAgZXNhYwogICAgICA7OwogICBTdW5PUykKICAgICAgY2FzZSAkUkVM IGluIAogICAgICAgICA0LjEuKikKICAgICAgICAgICAgT1NUWVBFPSJzdW5vcyIKICAgICAgICAg ICAgOzsKICAgICAgICAgNS4qKQogICAgICAgICAgICBPU1RZUEU9InNvbGFyaXMiCiAgICAgICAg ICAgIDs7CiAgICAgIGVzYWMKICAgICAgOzsKICAgTGludXgpCiAgICAgT1NUWVBFPSJsaW51eCIK ICAgICAgOzsKICAgKikKICAgICAgZWNobyAiRVJST1I6IFVucmVjb2duaXplZCBPUyBbJE9TXSBy ZXR1cm5lZCBmcm9tIHVuYW1lIiAKICAgICAgZXhpdAogICAgICA7Owplc2FjCgppZiBbICIkT1NU WVBFIiA9ICIiIF07IHRoZW4KICAgZWNobyAiY3JlYXRlIC4vbWFrZXMvTWFrZWhlYWQuJE9TVFlQ RSIKICAgZXhpdAplbHNlCiAgIGlmIFsgJFJVTEVTID0gMCBdOyB0aGVuCiAgICAgIGNhdCAuL21h a2VzL01ha2VoZWFkLiRPU1RZUEUgJG1ha2VGaWxlLmluID4kbWFrZUZpbGUKICAgZWxzZQogICAg ICBjYXQgLi9tYWtlcy9NYWtlaGVhZC4kT1NUWVBFICRtYWtlRmlsZS5pbiAkTUFLRVJVTEVTID4k bWFrZUZpbGUKICAgZmkKZmkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AG1ha2VzL01ha2V0YWlsLmlnbm9yZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAwNjY0ADAwMDE3 NTIAMDAwMDMzMQAwMDAwMDAwMDMzMQAwNjQ3MzM2MzY2MgAwMDE0NjA1ADAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAG1zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAw MDE2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA LlNVRkZJWEVTIDogLmFzbiAuY3BwIC5jcHAubyAKCi5jLm86CgktJChDQykgLWMgJChDRkxBR1Mp ICQoQ01ORkxHUykgJChJTkNMVURFKSAkPAoKLmNwcC5vOgoJLSQoQ1hYKSAtYyAkKENYWEZMQUdT KSAkKENNTkZMR1MpICQoSU5DTFVERSkgJDwgCgouYXNuLmNwcDogCglzbmFjYyAkKFNOQUNDRkxB R1MpICQ8CgltdiAkKi5oIC4uLy4uL2luY2x1ZGUKCW12ICQqLkMgJCouY3BwCgAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt YWtlcy9MaWJzcmNSdWxlcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NAAwMDAxNzUy ADAwMDAzMzEAMDAwMDAwMDA1MDYAMDY1MDQ1NTE2NjYAMDAxNDAyNwAwAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAx NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5T VUZGSVhFUyA6IC5hc24gLmNwcCAuY3BwLm8gCgouYXNuLmNwcDogCglzbmFjYyAkKFNOQUNDRkxB R1MpICQoQVNORVhURVJOKSAkKEFTTk1PRFVMRVMpCgltYWtlICQoQVNOTU9EQ1BQKQoJcm0gLWYg Ki5oICouQyAgICMgcmVtb3ZlIGFueSBleHRlcm4gbW9kdWxlcycgLkMgb3IgLmggZmlsZXMKLmMu bzoKCSQoQ0MpIC1jICQoQ0ZMQUdTKSAkKENNTkZMR1MpICQoSU5DTFVERSkgJDwKLkMuY3BwOgoJ bXYgJCouQyAkKi5jcHAKCW12ICQqLmggLi4vLi4vaW5jbHVkZQouY3BwLm86CgkkKENYWCkgLWMg JChDWFhGTEFHUykgJChDTU5GTEdTKSAkKElOQ0xVREUpICQ8IAoKAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbWFr ZXMvVGVzdHNyY1J1bGVzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxMDA2NjQAMDAwMTc1MgAw MDAwMzMxADAwMDAwMDAwMzIxADA2NDc1MDI3MjAxADAwMTQyMjEAMAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAbXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQwADAwMDAwMTYA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuU1VG RklYRVMgOiAuYXNuIC5jcHAgLmNwcC5vIAoKLmMubzoKCSQoQ0MpIC1jICQoQ0ZMQUdTKSAkKENN TkZMR1MpICQoSU5DTFVERSkgJDwKCi5jcHAubzoKCSQoQ1hYKSAtYyAkKENYWEZMQUdTKSAkKENN TkZMR1MpICQoSU5DTFVERSkgJDwgCgouYXNuLmNwcDogCglzbmFjYyAkKFNOQUNDRkxBR1MpCglt diAkKi5oIC4uL2luY2x1ZGUKCW12ICQqLkMgJCouY3BwCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1ha2Vz L01ha2VoZWFkLnRlbXBsYXRlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAwNjY0ADAwMDE3NTIAMDAw MDMzMQAwMDAwMDAwMjYzNwAwNjUwNzAwNDQ1MAAwMDE1MTAxADAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAG1zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAwMDE2AAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyBUaGlz IHRoZSBTdW5PUyBzcGVjaWZpYyBwb3J0aW9uIG9mIHRoZSBtYWtlIGZpbGUuICAKIwojIE1vZGlm eSB0aGVzZSB2YXJpYWJsZXMgYXMgbmVjZXNzYXJ5IGZvciB5b3VyIHNwZWNpZmljCiMgZW52aXJv bm1lbnQuCiMKIwoKIyBDIENvbXBpbGVyIGluZm9ybWF0aW9uCiMgQ0MgICAgICAgICAgICA9IGdj YwojIENGTEFHUyAgICAgICAgPSAtZyAtV2FsbCAtRFNVTk9TCgojIEMrKyBDb21waWxlciBpbmZv cm1hdGlvbgpDWFggICAgICAgICAgID0gZysrCiMKIyAgLVVfX0dOVUNfXyBpcyBuZWNlc3Nhcnkg YmVjYXVzZSB0aGVyZSBpcyBhIGJ1ZyBpbiB0aGUgc3RyZWFtYnVmLmggaW5jbHVkZQojICBmaWxl IHRoYXQgY29tZXMgd2l0aCBHQ0MgMi43LjIuICBJdCBkZWZpbmVzIE5VTEwgYXMgKHZvaWQqKTAg d2hlbiBpdAojICBzaG91bGQgYmUgKDApLiAgSWYgeW91IGFyZSB1c2luZyBhIG5ld2VyIHZlcnNp b24gb2YgR0NDIHlvdSBwcm9iYWJseQojICB3b24ndCBuZWVkIHRoaXMgZmxhZy4KIwojQ1hYRkxB R1MgICAgICA9IC1nIC1EU1VOT1MgLURHTlVHMjcyIC1EU01fRlJFRV9VU0VEIC1EU01fUlNBX1VT RUQgLURTTkFDQ19ERUVQX0NPUFkgLVVfX0dOVUNfXyAtZmhhbmRsZS1leGNlcHRpb25zIC1mbm8t aW1wbGljaXQtdGVtcGxhdGVzCgpDWFhGTEFHUyAgICAgID0gLURTVU5PUyAtREdOVUcyNzIgLURT TV9GUkVFX1VTRUQgLURTTkFDQ19ERUVQX0NPUFkgLVVfX0dOVUNfXyAtZmhhbmRsZS1leGNlcHRp b25zIC1mbm8taW1wbGljaXQtdGVtcGxhdGVzCgojIERPIE5PVCBNT0RJRlkgdGhlc2UgdmFyaWFs YmxlcyB1bmxlc3MgeW91IGhhdmUgdG8uCiMKCiMgRGlyZWN0b3J5IHdoZXJlIFNOQUNDIGhlYWRl ciBmaWxlcyByZXNpZGUgd2FzIGluc3RhbGxlZCBpbgojClNOQUNDRElSICAgICAgPSAuLi8uLi9p bmNsdWRlL3NuYWNjL2MrKwoKIyBEaXJlY3Rvcnkgd2hlcmUgQ3J5cHRvKysgaGVhZGVycyBhcmUK IwpDUllQVE8rKyAgICAgID0gLi4vLi4vaW5jbHVkZS9jeXJwdG8rKwoKIwojIEVORCBPRiBOT1Qg TU9ESUZZCgojIERpcmVjdG9yeSB3aGVyZSBTTkFDQyBjb21waWxlciBsaXZlcy4gIFRoaXMgaXMg YSBvbmx5IHVzZWQgaWYgaWYgdGhlIC5hc24KIyBmaWxlcyBpbiB0aGUgLi9saWJzcmMvYXNuMSBk aXJlY3RvcnkgbmVlZCB0byBiZSBjb21waWxlZC4KIwpTTkFDQyAgICAgICAgID0gL21yMi9sb2Nh bC9iaW4vc25hY2MKU05BQ0NGTEFHUyAgICA9IC1EIC1DIC11Li4vLi4vaW5jbHVkZS9zbmFjYy9h c24xL2Fzbi11c2VmdWwuYXNuMQoKIyBEaXJlY3Rvcnkgd2hlcmUgQ0kgTGlicmFyeSB3YXMgaW5z dGFsbGVkCiMKIyBDSV9QQVRIICAgICAgID0gL3UyL2NyeXB0X2ludC9saXRyb25pYwoKIyBJbmRp Y2F0ZSB3aGV0aGVyIHRoaXMgc3lzdGVtIHVzZXMgJ3JhbmxpYicuICAKUkFOTElCICAgICAgICA9 IHJhbmxpYgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbWFrZXMvTWFr ZWhlYWQuc29sYXJpcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxMjA3NzcAMDAwMTc1MgAwMDAwMzMx ADAwMDAwMDAwMDAwADA2NzI1NDU1MTI3ADAwMjIwMjIAMk1ha2VoZWFkLnNvbGFyaXMuYnNhZmVv bmx5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHNmbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAbXNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDQwADAwMDAwMTYAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtYWtlcy9NYWtl aGVhZC5saW51eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NgAwMDAxNzUyADAwMDAzMzEA MDAwMDAwMDE2MzIAMDY1MjM2MjQzNTYAMDAxNDQzNAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AABtc3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMgVGhpcyB0aGUg TGludXggc3BlY2lmaWMgcG9ydGlvbiBvZiB0aGUgbWFrZSBmaWxlLiAgCiMKIyBNb2RpZnkgdGhl c2UgdmFyaWFibGVzIGFzIG5lY2Vzc2FyeSBmb3IgeW91ciBzcGVjaWZpYwojIGVudmlyb25tZW50 LgojCiMKCiMgQysrIENvbXBpbGVyIGluZm9ybWF0aW9uCkNYWCAgICAgICAgICAgPSBjKysgICAg ICAgICAgICAgIyBlZ2NzIDEuMDEKCiMgQVIgaW5mb3JtYXRpb24KQVIgICAgICAgICAgICA9IGFy CkFSRkxBR1MgICAgICAgPSBydXYKCkNYWEZMQUdTICAgICAgPSAtZyAtRExJTlVYIC1EU01fRlJF RV9VU0VEIC1EU05BQ0NfREVFUF9DT1BZIC1EVkRBREVSX1JVTEVTCgojIERPIE5PVCBNT0RJRlkg dGhlc2UgdmFyaWFsYmxlcyB1bmxlc3MgeW91IGhhdmUgdG8uCiMKCiMgRGlyZWN0b3J5IHdoZXJl IFNOQUNDIGhlYWRlciBmaWxlcyByZXNpZGUgd2FzIGluc3RhbGxlZCBpbgojClNOQUNDRElSICAg ICAgPSAuLi8uLi9pbmNsdWRlL3NuYWNjL2MrKwoKIyBEaXJlY3Rvcnkgd2hlcmUgQ3J5cHRvKysg aGVhZGVycyBhcmUKIwpDUllQVE8rKyAgICAgID0gL2hvbWUvcGxlb25iZXIvY3J5cHRvKysvdjIu MwoKIwojIEVORCBPRiBOT1QgTU9ESUZZCgojIERpcmVjdG9yeSB3aGVyZSBTTkFDQyBjb21waWxl ciBsaXZlcy4gIFRoaXMgaXMgYSBvbmx5IHVzZWQgaWYgaWYgdGhlIC5hc24KIyBmaWxlcyBpbiB0 aGUgLi9saWJzcmMvYXNuMSBkaXJlY3RvcnkgbmVlZCB0byBiZSBjb21waWxlZC4KIwpTTkFDQyAg ICAgICAgID0gL3VzcjIvY29udHJpYi9iaW4vc25hY2MKU05BQ0NGTEFHUyAgICA9IC1EIC1DIC11 Li4vLi4vaW5jbHVkZS9zbmFjYy9hc24xL2Fzbi11c2VmdWwuYXNuMQoKIyBJbmRpY2F0ZSB3aGV0 aGVyIHRoaXMgc3lzdGVtIHVzZXMgJ3JhbmxpYicuICAKUkFOTElCICAgICAgICA9IHJhbmxpYgoA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtYWtlcy9NYWtlaGVh ZC5zb2xhcmlzLmJzYWZlb25seQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDEwMDY2NgAwMDAxNzUyADAwMDAzMzEAMDAw MDAwMDI2NDcAMDY3MjY3NzI1MzUAMDAxNjc1MQAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAHVzdGFyADAwc2ZsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt c3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDAwNDAAMDAwMDAxNgAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMKIyBNb2RpZnkgdGhl c2UgdmFyaWFibGVzIGFzIG5lY2Vzc2FyeSBmb3IgeW91ciBzcGVjaWZpYwojIGVudmlyb25tZW50 LgojCiMKCiMgQysrIENvbXBpbGVyIGluZm9ybWF0aW9uCkNDICAgICAgICAgICAgPSBnY2MKQ1hY ICAgICAgICAgICA9IGcrKwoKIyBBUiBpbmZvcm1hdGlvbgpBUiAgICAgICAgICAgID0gYXIKQVJG TEFHUyAgICAgICA9IHJ1dgoKQ0ZMQUdTICAgICAgICA9IC1hbnNpIC1EU09MQVJJUyAtRFNNX1JT QV9VU0VEIC1EU05BQ0NfREVFUF9DT1BZIC1EVkRBREVSX1JVTEVTIC1VX19HTlVDX18KQ1hYRkxB R1MgICAgICA9IC1hbnNpIC1EU09MQVJJUyAtRFNNX1JTQV9VU0VEIC1EU05BQ0NfREVFUF9DT1BZ IC1EVkRBREVSX1JVTEVTCiNDRkxBR1MgICAgICAgID0gLWcgLW12OCAtRFNPTEFSSVMgLURTTV9G UkVFM19VU0VEIC1EU05BQ0NfREVFUF9DT1BZIC1EVkRBREVSX1JVTEVTIC1VX19HTlVDX18KI0NY WEZMQUdTICAgICAgPSAtZyAtbXY4IC1EU09MQVJJUyAtRFNNX0ZSRUUzX1VTRUQgLURTTkFDQ19E RUVQX0NPUFkgLURWREFERVJfUlVMRVMgLVVfX0VYVEVOU0lPTlNfXwojQ0ZMQUdTICAgICAgICA9 IC1nIC1hbnNpIC1EU09MQVJJUyAtRFNNX0ZSRUUzX1VTRUQgLURTTkFDQ19ERUVQX0NPUFkgLURW REFERVJfUlVMRVMgCiNDWFhGTEFHUyAgICAgID0gLWcgLWFuc2kgLURTT0xBUklTIC1EU01fRlJF RTNfVVNFRCAtRFNOQUNDX0RFRVBfQ09QWSAtRFZEQURFUl9SVUxFUyAKCiMgRE8gTk9UIE1PRElG WSB0aGVzZSB2YXJpYWxibGVzIHVubGVzcyB5b3UgaGF2ZSB0by4KIwoKIyBEaXJlY3Rvcnkgd2hl cmUgU05BQ0MgaGVhZGVyIGZpbGVzIHJlc2lkZSB3YXMgaW5zdGFsbGVkIGluCiMKU05BQ0NESVIg ICAgICA9IC4uLy4uL2luY2x1ZGUvc25hY2MvYysrCgojIERpcmVjdG9yeSB3aGVyZSBDcnlwdG8r KyBoZWFkZXJzIGFyZQojCkNSWVBUTzMrKyAgICAgID0gLi4vLi4vLi4vY3J5cHRvKysuMzAKCiMg RGlyZWN0b3J5IHdoZXJlIENNQVBJIGhlYWRlcnMgYXJlIGxvY2F0ZWQKIwpDTUFQSSAgICAgICAg ID0gLi4vLi4vaW5jbHVkZS9jbWFwaQoKIyBEaXJlY3Rvcnkgd2hlcmUgQlNBRkUgd2FzIGluc3Rh bGxlZApCU0FGRSAgICAgICAgID0gLi4vLi4vLi4vQlNBRkUKCiMKIyBFTkQgT0YgTk9UIE1PRElG WQoKIyBEaXJlY3Rvcnkgd2hlcmUgU05BQ0MgY29tcGlsZXIgbGl2ZXMuICBUaGlzIGlzIGEgb25s eSB1c2VkIGlmIGlmIHRoZSAuYXNuCiMgZmlsZXMgaW4gdGhlIC4vbGlic3JjL2FzbjEgZGlyZWN0 b3J5IG5lZWQgdG8gYmUgY29tcGlsZWQuCiMKU05BQ0MgICAgICAgICA9IHNuYWNjClNOQUNDRkxB R1MgICAgPSAtRCAtQyAtdS4uLy4uL2luY2x1ZGUvc25hY2MvYXNuMS9hc24tdXNlZnVsLmFzbjEK CiMgSW5kaWNhdGUgd2hldGhlciB0aGlzIHN5c3RlbSB1c2VzICdyYW5saWInLiAgClJBTkxJQiAg ICAgICAgPQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1ha2VzL01ha2VoZWFkLnNv bGFyaXMuY3J5cHRvcHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMTAwNjY2ADAwMDE3NTIAMDAwMDMzMQAwMDAwMDAw MjY1MwAwNjcyNTAzNDExMgAwMDE2NjIxADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAdXN0YXIAMDBzZmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1zcAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDA0MAAwMDAwMDE2AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIwojIE1vZGlmeSB0aGVzZSB2 YXJpYWJsZXMgYXMgbmVjZXNzYXJ5IGZvciB5b3VyIHNwZWNpZmljCiMgZW52aXJvbm1lbnQuCiMK IwoKIyBDKysgQ29tcGlsZXIgaW5mb3JtYXRpb24KQ0MgICAgICAgICAgICA9IGdjYwpDWFggICAg ICAgICAgID0gZysrCgojIEFSIGluZm9ybWF0aW9uCkFSICAgICAgICAgICAgPSBhcgpBUkZMQUdT ICAgICAgID0gcnV2CgojQ0ZMQUdTICAgICAgICA9IC1nIC1tdjggLURTT0xBUklTIC1EU01fUlNB X1VTRUQgLURTTkFDQ19ERUVQX0NPUFkgLURWREFERVJfUlVMRVMgLVVfX0dOVUNfXwojQ1hYRkxB R1MgICAgICA9IC1nIC1tdjggLURTT0xBUklTIC1EU01fUlNBX1VTRUQgLURTTkFDQ19ERUVQX0NP UFkgLURWREFERVJfUlVMRVMKI0NGTEFHUyAgICAgICAgPSAtZyAtbXY4IC1EU09MQVJJUyAtRFNN X0ZSRUUzX1VTRUQgLURTTkFDQ19ERUVQX0NPUFkgLURWREFERVJfUlVMRVMgLVVfX0dOVUNfXwoj Q1hYRkxBR1MgICAgICA9IC1nIC1tdjggLURTT0xBUklTIC1EU01fRlJFRTNfVVNFRCAtRFNOQUND X0RFRVBfQ09QWSAtRFZEQURFUl9SVUxFUyAtVV9fRVhURU5TSU9OU19fCkNGTEFHUyAgICAgICAg PSAtZyAtYW5zaSAtRFNPTEFSSVMgLURTTV9GUkVFM19VU0VEIC1EU05BQ0NfREVFUF9DT1BZIC1E VkRBREVSX1JVTEVTIApDWFhGTEFHUyAgICAgID0gLWcgLWFuc2kgLURTT0xBUklTIC1EU01fRlJF RTNfVVNFRCAtRFNOQUNDX0RFRVBfQ09QWSAtRFZEQURFUl9SVUxFUyAKCiMgRE8gTk9UIE1PRElG WSB0aGVzZSB2YXJpYWxibGVzIHVubGVzcyB5b3UgaGF2ZSB0by4KIwoKIyBEaXJlY3Rvcnkgd2hl cmUgU05BQ0MgaGVhZGVyIGZpbGVzIHJlc2lkZSB3YXMgaW5zdGFsbGVkIGluCiMKU05BQ0NESVIg ICAgICA9IC4uLy4uL2luY2x1ZGUvc25hY2MvYysrCgojIERpcmVjdG9yeSB3aGVyZSBDcnlwdG8r KyBoZWFkZXJzIGFyZQojCkNSWVBUTzMrKyAgICAgID0gLi4vLi4vLi4vY3J5cHRvKysuMzAKCiMg RGlyZWN0b3J5IHdoZXJlIENNQVBJIGhlYWRlcnMgYXJlIGxvY2F0ZWQKIwpDTUFQSSAgICAgICAg ID0gLi4vLi4vaW5jbHVkZS9jbWFwaQoKIyBEaXJlY3Rvcnkgd2hlcmUgQlNBRkUgd2FzIGluc3Rh bGxlZApCU0FGRSAgICAgICAgID0gLi4vLi4vLi4vQlNBRkUKCiMKIyBFTkQgT0YgTk9UIE1PRElG WQoKIyBEaXJlY3Rvcnkgd2hlcmUgU05BQ0MgY29tcGlsZXIgbGl2ZXMuICBUaGlzIGlzIGEgb25s eSB1c2VkIGlmIGlmIHRoZSAuYXNuCiMgZmlsZXMgaW4gdGhlIC4vbGlic3JjL2FzbjEgZGlyZWN0 b3J5IG5lZWQgdG8gYmUgY29tcGlsZWQuCiMKU05BQ0MgICAgICAgICA9IHNuYWNjClNOQUNDRkxB R1MgICAgPSAtRCAtQyAtdS4uLy4uL2luY2x1ZGUvc25hY2MvYXNuMS9hc24tdXNlZnVsLmFzbjEK CiMgSW5kaWNhdGUgd2hldGhlciB0aGlzIHN5c3RlbSB1c2VzICdyYW5saWInLiAgClJBTkxJQiAg ICAgICAgPQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== ------_=_NextPart_000_01BEC267.D34ED3F2-- From owner-imc-sfl Wed Aug 11 06:24:01 1999 Received: by mail.proper.com (8.9.3/8.9.3) id GAA05698 for imc-sfl-bks; Wed, 11 Aug 1999 06:24:01 -0700 (PDT) Received: from hq.ljl.COM (hq.ljl.com [206.151.234.1]) by mail.proper.com (8.9.3/8.9.3) with SMTP id GAA05694 for ; Wed, 11 Aug 1999 06:24:00 -0700 (PDT) Received: from enigma.ljl.com by hq.ljl.COM. with smtp id aa09534; Wed, 11 Aug 1999 08:24:35 -0500 From: "Thomas Fronckowiak Jr." To: imc-sfl@imc.org MMDF-Warning: Parse error in original version of preceding line at hq.ljl.COM. Subject: v1.1 SFL & Fortezza CTIL Date: Wed, 11 Aug 1999 08:24:12 -0500 Message-ID: <000001bee3fc$cd18f060$81ea97ce@enigma.ljl.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: What is the status of v1.1 SFL and the Fortezza CTIL? Is there an estimated delivery date? From owner-imc-sfl Thu Aug 12 07:57:25 1999 Received: (from majordomo@localhost) by mail.proper.com (8.9.3/8.9.3) id HAA04449 for imc-sfl-bks; Thu, 12 Aug 1999 07:57:25 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id HAA04445 for ; Thu, 12 Aug 1999 07:57:23 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 12 Aug 1999 10:59:18 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31360A00@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.1 SFL Now Available Date: Thu, 12 Aug 1999 10:59:10 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) has delivered Version 1.1 of the S/MIME Freeware Library (SFL). The v1.1 SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.6 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The v1.1 SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using the mandatory algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library and SHA-1 provided by Government-furnished freeware. The v1.1 SFL has also been used to sign, verify, encrypt and decrypt CMS/ESS objects using the RSA suite of algorithms provided by the RSA BSAFE v3.0 library. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. The v1.1 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; VDA-enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test drivers and test data. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. We still need to perform signed receipt testing with Microsoft. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We also plan to participate in the IETF S/MIME WG interoperability testing including providing data for inclusion in the "Examples of S/MIME Messages" document. The following enhancements are included in the v1.1 SFL release (compared with the v1.0 release): 1) CTILs have been delivered in a separate zip file. This allows them to be delivered independently of the SFL and Certificate Management Library (CML) deliveries. 2) Several of the libraries have been converted to Dynamically Linked Libraries (DLL)/shared objects. There is a separate ReadmeDLL.txt file that provides examples of how to use the DLLs with the autoHi test driver. These libraries have been delivered: a) libsm (static library) includes SFL hilevel, lolevel, asn1 functions. Note: If customers would like this library to be converted into a DLL in a future release of the SFL, please let us know. b) libCert (static library) includes functions relating to certificates that are called by SFL and CML. This library will be converted into a DLL in a later SFL release. c) snacc32.dll (DLL/shared object) - Called by SFL and CML. d) Test (no crypto), BSAFE, Crypto++, SPEX/ and Fortezza CTILs are DLLs/shared objects. They are be called by SFL and CML. 3) Fortezza CTIL testing using MS Windows using the Government-furnished v1.52 Fortezza CI Library and a Fortezza Card has been completed including login, sign/verify and encrypt/decrypt capabilities. Also, we signed/verified and encrypted/decrypted using the Fortezza CTIL using a Spyrus Lynks Card using the Fortezza algorithms. 4) SPEX/ CTIL testing using MS Windows has been completed for login and sign/verify (RSA and DSA) functions. It was tested with the Spyrus SPEX/ Library v1.52b Release 7b, Spyrus Lynks Card and X.509 v3 Certificates created by the Spyrus S2CA. Encrypt/decrypt capabilities are not yet completely tested. We signed/verified and encrypted/decrypted using the SPEX/ CTIL using a Fortezza Card. 5) Crypto++ (a.k.a Free) CTIL testing using MS Windows completed using Crypto++ 3.1 library. We had to fix a bug in the Crypto++ 3.1 library to make it work correctly (see below). Note: The Crypto++, SPEX/ and Fortezza CTILs will be tested using Solaris 2.6. If there are any changes required, then new CTILs will be delivered. 6) Completed enhancing the BSAFE CTIL to store the user's private keys in an encrypted form using PKCS #8. Tested using MS Windows and Solaris 2.6. 7) Finished implementation and testing of the EncryptedData content type. 8) Enhanced Crypto++ 3.1 CTIL to use RC2 algorithm provided by Crypto++ 3.1. We used the RC2 algorithm provided by the Crypto++ 3.1 library to decrypt data that was encrypted using the RSA BSAFE v3.0 library (and vice versa). 9) Added code to check for erroneous attributes included in signed, authenticated, unsigned, unauthenticated and unprotected attributes. 10) Developed new test code and configuration files to implement test cases. 11) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We delivered the following documents: 1) v1.1 SFL Application Programming Interface (API), 6 August 1999 2) v1.1 CTIL API, 5 August 1999 3) v1.1 SFL Software Design Description, 3 August 1999 4) v1.1 SFL Software Test Description, 6 August 1999 5) v1.1 SFL Implementers Guide, 9 August 1999 6) SFL Fact Sheet, 30 July 1999 7) SFL Overview Briefing, 2 August 1999 We are still in the process of enhancing and testing the SFL. Future releases will include: libCert library converted to DLL/shared object; enhanced error reporting; countersignatures; SPEX/ CTIL encrypt/decrypt capabilities; PKCS #11 CTIL; enhance Crypto++ 3.1 CTIL to use RSA algorithm provided by Crypto++ 3.1 library; add sMIMEEncryptionKeyPreference attribute; additional helper functions; add support for certificate request message generation (TBD); enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. We will enhance the utilities to generate certificates to be used as test data. We do not plan to further enhance the SFL "C" API capabilities unless specifically requested. The SFL software is developed to maximize portability to 32-bit operating systems. We plan to port the SFL to the following operating systems: Linux, HP/UX 9.x/10.x, IBM AIX 3.2, SCO ODT 3.0/5.0 (possibly) and Macintosh (possibly). The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at the VDA SFL Page. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: Note: The VDA SFL Page has not yet been updated, but all files are available from the Fortezza Developer's S/MIME Page. 1) SFL Documents: Fact Sheet, Software Design Description, API, CTI API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snaccvda07.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR11.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. When building the Crypto++3.1 library be sure to set the Visual C++ project settings to include the "(Debug) Multithreaded DLL" C/C++ compiler option for proper compatibility with the other SFL code. In addition, the following code change is necessary in the Crypto++ 3.1 code to properly run it with the sm_Free3 CTIL: IN FILE "cbc.cpp" ... void CBC_CTS_Encryptor::Put(byte inByte) { //RWC;if (counter == S) //RWC; ProcessBuf(); buffer[counter] = reg[counter] ^ inByte; counter++; if (counter == S)//RWC;Added ProcessBuf(); } ... void CBC_CTS_Decryptor::Put(byte inByte) { //RWC;if (counter == S) //RWC; ProcessBuf(); buffer2[counter++] = inByte; if (counter == S)//RWC;Added ProcessBuf(); } ... 2) smR11CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza and SPEX/. The Win95/98/NT projects are also included. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from http://www.rational.com/uml/resources/practice_uml/index.jtmpl. Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. =================================== John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc., a Wang Government Services Company www.jgvandyke.com =================================== From owner-imc-sfl Wed Aug 18 12:22:14 1999 Received: by mail.proper.com (8.9.3/8.9.3) id MAA20789 for imc-sfl-bks; Wed, 18 Aug 1999 12:22:14 -0700 (PDT) Received: from hq.ljl.COM (hq.ljl.com [206.151.234.1]) by mail.proper.com (8.9.3/8.9.3) with SMTP id MAA20785 for ; Wed, 18 Aug 1999 12:22:12 -0700 (PDT) Received: from enigma.ljl.com by hq.ljl.COM. with smtp id aa10755; Wed, 18 Aug 1999 14:23:34 -0500 From: "Thomas Fronckowiak Jr." To: imc-sfl@imc.org MMDF-Warning: Parse error in original version of preceding line at hq.ljl.COM. Subject: Integrated v1.1 SFL & Fortezza CTIL Date: Wed, 18 Aug 1999 14:22:57 -0500 Message-ID: <000001bee9af$13d298f0$81ea97ce@enigma.ljl.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: We (LJL) have integrated v1.1 SFL using the Fortezza CTIL and have successfully signed, verified, encrypted and decrypted. Following is a list of issues/concerns we've come across so far, mostly with the Fortezza CTIL: 1. Failure setting personality during encrypt/decrypt. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::SMTI_GenerateKeyAgreement & CSM_Fortezza::SMTI_ExtractKeyAgreement Line: [947] error = CI_SetPersonality(mp_cardInfo->GetSlot()); [1020] error = CI_SetPersonality( mp_cardInfo->GetSlot()); GetSlot returns the current slot which happens to be changed during a call to GetUserPath(). Suggest: error = CI_SetPersonality(m_nEncryptorIndex); to be consistant with other CI_SetPesonality calls. 2. If/else logic causes the root certificate to be retrieved, even when bRootFlag == FALSE. Module: sm_fortdll.dll File: sm_fortci.cpp Function: CSM_Fortezza::GetUserPath() Line: [327] if (nParentSlot == 0 && bRootFlag == true ) if (nParentSlot == 0 && bRootFlag == true ) else should be changed to: if (nParentSlot == 0 && bRootFlag == true ) else if (nParentSlot>0) 3. Encrypt failed because the data length was not a multiple of 8 bytes. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::GeneratePad() Line: [820] data.Open(SM_FOPEN_APPEND); Padding is calculated correctly, but it is not appended to the data. Rather it overwrites the first (x) bytes of the data. The problem is in CSM_Buffer::Open - the option SM_FOPEN_APPEND only has an affect when CSM_Buffer refers to a file. The work around was to copy the data, add the padding, and then reset the CSM_Buffer. 4. Decryption sometimes gives a "Bad Pad" error. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::ExtractPad() Line: [852] data.Seek(-1, SEEK_END); Attempting to extract the padding after decryption. This function works for padding between 2-8. A padding of 1 returns an error because SEEK_END with a -1 puts the pointer to the *2nd* last byte, not the last byte. Should be: data.Seek(0, SEEK_END); 5. SM_ASSIGN_ANYBUF failed. Module: libsm.lib File: sm_MsgCertCrls.cpp Function: CSM_Fortezza::UpdateParams() Line: [515] data.Seek(-1, SEEK_END); alg.parameters is NULL. Suggest: if (alg.parameters) delete (CSM_Buffer*)alg.parameters->value; SM_ASSIGN_ANYBUF(pCBuf, alg.parameters); be changed to: if (alg.parameters) delete (CSM_Buffer*)alg.parameters->value; else alg.parameters = new AsnAny; SM_ASSIGN_ANYBUF(pCBuf, alg.parameters); 6. CSM_Fortezza::SMTI_XXXXX functions that perform a CI_Lock() call CI_Unlock() before the SME_FINISH_CATCH line instead of after it. We haven't experienced any problem with this - just wondered if this might cause a situation where the card was left locked after a thrown error. 7. May consider updating CSM_OID::GetOIDDescription() to include id-keyExchangeAlgorithm, id-fortezzaWrap80, and other fortezza oids. Thanks, Tom From owner-imc-sfl Wed Aug 18 13:01:48 1999 Received: (from majordomo@localhost) by mail.proper.com (8.9.3/8.9.3) id NAA21359 for imc-sfl-bks; Wed, 18 Aug 1999 13:01:48 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id NAA21355 for ; Wed, 18 Aug 1999 13:01:43 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Wed, 18 Aug 1999 16:04:23 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF3117C355@WFHQEX03> From: "Leonberger, Pierce" To: "'Thomas Fronckowiak Jr.'" , imc-sfl@imc.org Subject: RE: Integrated v1.1 SFL & Fortezza CTIL Date: Wed, 18 Aug 1999 16:04:24 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: THANKS!! FYI: Issues 1-4 have been addressed. We'll address the other issues ASAP. Thanks again, Pierce Leonberger -- J.G. Van Dyke & Associates, Inc. -----Original Message----- From: Thomas Fronckowiak Jr. [mailto:tom@ljl.com] Sent: Wednesday, August 18, 1999 3:23 PM To: imc-sfl@imc.org Subject: Integrated v1.1 SFL & Fortezza CTIL We (LJL) have integrated v1.1 SFL using the Fortezza CTIL and have successfully signed, verified, encrypted and decrypted. Following is a list of issues/concerns we've come across so far, mostly with the Fortezza CTIL: 1. Failure setting personality during encrypt/decrypt. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::SMTI_GenerateKeyAgreement & CSM_Fortezza::SMTI_ExtractKeyAgreement Line: [947] error = CI_SetPersonality(mp_cardInfo->GetSlot()); [1020] error = CI_SetPersonality( mp_cardInfo->GetSlot()); GetSlot returns the current slot which happens to be changed during a call to GetUserPath(). Suggest: error = CI_SetPersonality(m_nEncryptorIndex); to be consistant with other CI_SetPesonality calls. 2. If/else logic causes the root certificate to be retrieved, even when bRootFlag == FALSE. Module: sm_fortdll.dll File: sm_fortci.cpp Function: CSM_Fortezza::GetUserPath() Line: [327] if (nParentSlot == 0 && bRootFlag == true ) if (nParentSlot == 0 && bRootFlag == true ) else should be changed to: if (nParentSlot == 0 && bRootFlag == true ) else if (nParentSlot>0) 3. Encrypt failed because the data length was not a multiple of 8 bytes. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::GeneratePad() Line: [820] data.Open(SM_FOPEN_APPEND); Padding is calculated correctly, but it is not appended to the data. Rather it overwrites the first (x) bytes of the data. The problem is in CSM_Buffer::Open - the option SM_FOPEN_APPEND only has an affect when CSM_Buffer refers to a file. The work around was to copy the data, add the padding, and then reset the CSM_Buffer. 4. Decryption sometimes gives a "Bad Pad" error. Module: sm_fortdll.dll File: sm_fort.cpp Function: CSM_Fortezza::ExtractPad() Line: [852] data.Seek(-1, SEEK_END); Attempting to extract the padding after decryption. This function works for padding between 2-8. A padding of 1 returns an error because SEEK_END with a -1 puts the pointer to the *2nd* last byte, not the last byte. Should be: data.Seek(0, SEEK_END); 5. SM_ASSIGN_ANYBUF failed. Module: libsm.lib File: sm_MsgCertCrls.cpp Function: CSM_Fortezza::UpdateParams() Line: [515] data.Seek(-1, SEEK_END); alg.parameters is NULL. Suggest: if (alg.parameters) delete (CSM_Buffer*)alg.parameters->value; SM_ASSIGN_ANYBUF(pCBuf, alg.parameters); be changed to: if (alg.parameters) delete (CSM_Buffer*)alg.parameters->value; else alg.parameters = new AsnAny; SM_ASSIGN_ANYBUF(pCBuf, alg.parameters); 6. CSM_Fortezza::SMTI_XXXXX functions that perform a CI_Lock() call CI_Unlock() before the SME_FINISH_CATCH line instead of after it. We haven't experienced any problem with this - just wondered if this might cause a situation where the card was left locked after a thrown error. 7. May consider updating CSM_OID::GetOIDDescription() to include id-keyExchangeAlgorithm, id-fortezzaWrap80, and other fortezza oids. Thanks, Tom From owner-imc-sfl Thu Aug 19 09:55:15 1999 Received: by mail.proper.com (8.9.3/8.9.3) id JAA10633 for imc-sfl-bks; Thu, 19 Aug 1999 09:55:15 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id JAA10629 for ; Thu, 19 Aug 1999 09:55:14 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 19 Aug 1999 12:58:11 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31360A7A@WFHQEX03> From: "Pawling, John" To: "'Thomas Fronckowiak Jr.'" , imc-sfl@imc.org Subject: RE: Integrated v1.1 SFL & Fortezza CTIL Date: Thu, 19 Aug 1999 12:58:09 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Tom, Thank you for your message regarding LJL's successful use of the v1.1 SFL and Fortezza CTIL. Also, thank you for reporting the bugs. We welcome all feedback regarding the SFL. Currently, we are enhancing the Certificate Management Library (CML) to use the CTIL DLLs released in conjunction with the v1.1 SFL. We are also enhancing the CML to use the libCert library provided as part of the v1.1 SFL release. The VDA CML development team has requested enhancements to the libCert library to support the v1.53 CML release. These enhancements will allow the CML team to take advantage of code already developed and tested as part of the SFL. The VDA SFL development team is now making these enhancements. We plan to deliver a new SFL release (v1.2) to include the enhanced libCert library. We also plan to deliver new CTILs including fixing the bugs that you reported. The new CTILs will also include enhancements made to the SPEX/ and Fortezza CTIL DLLs to support the v1.53 CML development effort. We plan on delivering all of this code by 31 August 99. Thank you again, ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ From owner-imc-sfl Thu Sep 2 02:19:25 1999 Received: by mail.proper.com (8.9.3/8.9.3) id CAA19198 for imc-sfl-bks; Thu, 2 Sep 1999 02:19:25 -0700 (PDT) Received: from nyserver.nyconsultant.fr (nyserver0.nyconsultant.fr [195.101.164.40]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id CAA19192 for ; Thu, 2 Sep 1999 02:19:22 -0700 (PDT) Received: from newyork.nyconsultant ([128.1.202.38]) by nyserver.nyconsultant.fr with Microsoft SMTPSVC(5.5.1877.117.11); Thu, 2 Sep 1999 11:21:47 +0200 Received: from dfournout (dfournout.cegedim [128.1.211.2]) by newyork.nyconsultant with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2448.0) id R8HFQKSA; Thu, 2 Sep 1999 11:24:31 +0200 Message-ID: <001f01bef525$046d9c80$02d30180@cegedim> From: "Didier FOURNOUT" To: Subject: Version outside United States Date: Thu, 2 Sep 1999 11:24:54 +0200 Organization: NY Consultant MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_001B_01BEF535.C7EA3780" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_001B_01BEF535.C7EA3780 Content-Type: multipart/alternative; boundary="----=_NextPart_001_001C_01BEF535.C7EA3780" ------=_NextPart_001_001C_01BEF535.C7EA3780 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Does anyone know if the SFL will be available soon for developpers = outside the United States (ex: in France) ? ------=_NextPart_001_001C_01BEF535.C7EA3780 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Does anyone know if the SFL will be available soon = for=20 developpers outside the United States (ex: in France)=20 ?
------=_NextPart_001_001C_01BEF535.C7EA3780-- ------=_NextPart_000_001B_01BEF535.C7EA3780 Content-Type: text/x-vcard; name="Didier FOURNOUT.vcf" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="Didier FOURNOUT.vcf" BEGIN:VCARD VERSION:2.1 N:FOURNOUT;Didier FN:Didier FOURNOUT ORG:NY Consultant TITLE:Responsable Technique TEL;WORK;VOICE:33 1 49 09 67 67 TEL;WORK;FAX:33 1 49 09 69 02 ADR;WORK:;33 1 49 09 67 67;122 rue d'Aguesseau;BOULOGNE = BILLANCOURT;;92100 LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:33 1 49 09 67 67=3D0D=3D0A122 rue = d'Aguesseau=3D0D=3D0ABOULOGNE BILLANCOURT 92100 X-WAB-GENDER:2 URL: URL:http://www.nyconsultant.fr EMAIL;PREF;INTERNET:didier.fournout@nyconsultant.fr REV:19990902T092454Z END:VCARD ------=_NextPart_000_001B_01BEF535.C7EA3780-- From owner-imc-sfl Thu Sep 2 06:52:02 1999 Received: by mail.proper.com (8.9.3/8.9.3) id GAA27258 for imc-sfl-bks; Thu, 2 Sep 1999 06:52:02 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA27254 for ; Thu, 2 Sep 1999 06:52:01 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 2 Sep 1999 09:55:34 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31360B39@WFHQEX03> From: "Pawling, John" To: "'Didier FOURNOUT'" , imc-sfl@imc.org Subject: RE: Version outside United States Date: Thu, 2 Sep 1999 09:55:33 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Didier, The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at http://www.jgvandyke.com/services/infosec/sfl.htm . All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. To my knowledge, there has been no change in the U.S. Government Export Administration Regulations that would lead to a change in the rules for distributing the SFL. In some circumstances, the U.S. Government grants licenses allowing companies to export encryption technology. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page ( http://www.bxa.doc.gov/Encryption/Default.htm ). ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Didier FOURNOUT [mailto:didier.fournout@nyc.fr] Sent: Thursday, September 02, 1999 5:25 AM To: imc-sfl@imc.org Subject: Version outside United States Does anyone know if the SFL will be available soon for developpers outside the United States (ex: in France) ? From owner-imc-sfl Thu Sep 2 10:15:15 1999 Received: by mail.proper.com (8.9.3/8.9.3) id KAA01965 for imc-sfl-bks; Thu, 2 Sep 1999 10:15:15 -0700 (PDT) Received: from mail.student.auckland.ac.nz (mail.student.auckland.ac.nz [130.216.35.101]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id KAA01960 for ; Thu, 2 Sep 1999 10:15:12 -0700 (PDT) Received: from cs26.cs.auckland.ac.nz (pgut001@cs26.cs.auckland.ac.nz [130.216.36.9]) by mail.student.auckland.ac.nz (8.8.6/8.8.6/cs-master) with SMTP id FAA05985; Fri, 3 Sep 1999 05:17:18 +1200 (NZST) (sender pgut001@cs.auckland.ac.nz) Received: by cs26.cs.auckland.ac.nz (relaymail v0.9) id <93629263823137>; Fri, 3 Sep 1999 05:17:18 (NZST) From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: didier.fournout@nyc.fr Subject: Re: Version outside United States Cc: imc-sfl@imc.org Reply-To: pgut001@cs.auckland.ac.nz X-Charge-To: pgut001 X-Authenticated: relaymail v0.9 on cs26.cs.auckland.ac.nz Date: Fri, 3 Sep 1999 05:17:18 (NZST) Message-ID: <93629263823137@cs26.cs.auckland.ac.nz> Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: "Didier FOURNOUT" writes: >Does anyone know if the SFL will be available soon for developpers = outside >the United States (ex: in France) ? At the risk of mentioning non-SFL software on the SFL list, there's a (mostly) free S/MIME toolkit which isn't export controlled available from http://www.cs.auckland.ac.nz/~pgut001/cryptlib/. Peter. From owner-imc-sfl Mon Sep 13 07:51:08 1999 Received: by mail.proper.com (8.9.3/8.9.3) id HAA05091 for imc-sfl-bks; Mon, 13 Sep 1999 07:51:08 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id HAA05087 for ; Mon, 13 Sep 1999 07:51:07 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Mon, 13 Sep 1999 10:53:48 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0063@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: New VDA SNACC Delivered Date: Mon, 13 Sep 1999 10:53:50 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: All, VDA has delivered a new release of the freeware SNACC ASN.1 Compiler and Library that VDA has enhanced to support the Distinguished Encoding Rules (DER). This release fixes all known bugs (see below) in the previous release. We encourage all feedback related to the SNACC software. The new release is stored on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). It will also be posted on the VDA S/MIME Freeware Library (SFL) Page (http://www.jgvandyke.com/services/infosec/sfl.htm). Enhancements included in the new release: 1) Fixes bug to enable objects to be encoded/decoded of size limited only by the system resources. 2) Includes files required to build SNACC DLL used with v1.1 SFL. 3) Fixes bug in baseline SNACC code that deleted trailing zeroes from object identifier values. 4) Fixes SM_Buffer (sm_buffer.cpp) bug: Updated write/binary open, and buffer read size for performance. 5) Fixes SM_Buffer (sm_buffer.cpp) bug: Changed fopen("w") to fopen(SM_FOPEN_WRITE) to allow proper writes of files with linefeed to not be improperly modified with carriage-return/linefeed. 6) Fixes SM_Buffer (sm_buffer.cpp) bug: Enhanced to handle streaming method modes for buffers. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc.; a Wang Government Services Company jsp@jgvandyke.com ============================================ From owner-imc-sfl Mon Sep 13 13:24:32 1999 Received: by mail.proper.com (8.9.3/8.9.3) id NAA10536 for imc-sfl-bks; Mon, 13 Sep 1999 13:24:32 -0700 (PDT) Received: from kcmso1.proxy.att.com (kcmso1.att.com [192.128.133.45]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id NAA10530 for ; Mon, 13 Sep 1999 13:24:28 -0700 (PDT) Received: from gab200r1.ems.att.com ([135.37.94.32]) by kcmso1.proxy.att.com (AT&T IPNS/MSO-2.2) with ESMTP id QAA25078 for ; Mon, 13 Sep 1999 16:27:09 -0400 (EDT) Received: from njb140bh2.ems.att.com by gab200r1.ems.att.com (8.8.8+Sun/ATTEMS-1.4.1 sol2) id QAA19521; Mon, 13 Sep 1999 16:27:29 -0400 (EDT) Received: by njb140bh2.ems.att.com with Internet Mail Service (5.5.2448.0) id ; Mon, 13 Sep 1999 16:27:04 -0400 Message-ID: <81F4CCDDEDE6D211B0380000C02074000152D35F@njb140po13.ems.att.com> From: "Hardenbergh, John H, GOVMK" To: imc-sfl@imc.org Subject: Problems linking SFL package Date: Mon, 13 Sep 1999 16:20:57 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Let me first apologize if this topic seems a bit sophomoric for this list, but I'm not a strong MS C++ programmer. As part of an effort to evaluate the s/mime version 3 standards I've been tasked to look at the SFL. I've pulled down the necessary pieces and started to build the project under MS Visual C++ version 6. The individual libraries build just fine but when I go to either mimetest or report_tool I run into trouble. The linker is looking for a single library (mimeppd.lib) from version 1.1 of the mime++ package but the latest version available is 1.2.3 and appears to have three libraries (mimeppcore, mimepp_net and mimepp_util) not one. I can fix that but then I get a linker error 2001 when the DwInitialize function is called This function is actually part of the mime++ library and the problem appears to be caused by decoration of the function name. Since I assume from reading this list and the documentation that the mimetest program builds and runs just fine I wondered if anyone has either a copy of the earlier mime library or can suggest a way for me to patch the code. Thank. Regards, JHH John H. Hardenbergh AT&T Goverment Markets Group From owner-imc-sfl Mon Sep 13 14:00:58 1999 Received: by mail.proper.com (8.9.3/8.9.3) id OAA10807 for imc-sfl-bks; Mon, 13 Sep 1999 14:00:58 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id OAA10803 for ; Mon, 13 Sep 1999 14:00:57 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Mon, 13 Sep 1999 17:03:39 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A007E@wfhqex03.wang.com> From: "Pawling, John" To: "'Hardenbergh, John H, GOVMK'" , imc-sfl@imc.org Subject: RE: Problems linking SFL package Date: Mon, 13 Sep 1999 17:03:39 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: John, We plan to update the SFL test files to use the latest version of the MIME++ library. That capability will be available by the end of September. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ From owner-imc-sfl Wed Sep 15 05:17:48 1999 Received: by mail.proper.com (8.9.3/8.9.3) id FAA25547 for imc-sfl-bks; Wed, 15 Sep 1999 05:17:48 -0700 (PDT) Received: from finch-post-12.mail.demon.net (finch-post-12.mail.demon.net [194.217.242.41]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id FAA25543 for ; Wed, 15 Sep 1999 05:17:46 -0700 (PDT) Received: from pjocs.demon.co.uk ([158.152.229.188]) by finch-post-12.mail.demon.net with smtp (Exim 2.12 #1) id 11RE3b-0004Fg-0C for imc-sfl@imc.org; Wed, 15 Sep 1999 12:21:04 +0000 Received: from mailroom.com (unverified [25.45.9.197]) by pjocs.demon.co.uk (EMWAC SMTPRS 0.83) with SMTP id ; Wed, 15 Sep 1999 11:06:28 +0100 Message-ID: <37DF6FA4.9BCC50FF@mailroom.com> Date: Wed, 15 Sep 1999 11:06:28 +0100 From: Barry McCarthy Reply-To: barry.mccarthy@mailroom.com X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: imc-sfl@imc.org Subject: Non-US version without encryption Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi all, I am interested in the sfl for creating signed messages with security labels, but I am not interested in encrypting the messages, as they are on a secure network. Is there any way I can get hold of source code outside the U.S. without any encryption capabilities, thus not falling foul of the encryption export laws? TIA, Barry McCarthy. From owner-imc-sfl Wed Sep 15 06:10:24 1999 Received: by mail.proper.com (8.9.3/8.9.3) id GAA26811 for imc-sfl-bks; Wed, 15 Sep 1999 06:10:24 -0700 (PDT) Received: from mx2.imaginet.fr (artemis.imaginet.fr [195.68.75.24]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA26807 for ; Wed, 15 Sep 1999 06:10:18 -0700 (PDT) Received: from corpo01.imaginet.fr (corpo01.imaginet.fr [195.68.75.105]) by mx2.imaginet.fr (8.9.3/8.8.8) with ESMTP id PAA28129; Wed, 15 Sep 1999 15:12:53 +0200 (MET DST) Received: from roam (janus.fisystem.fr [195.68.32.60]) by corpo01.imaginet.fr (8.8.8/8.8.8) with SMTP id PAA17821; Wed, 15 Sep 1999 15:12:34 +0200 (MET DST) Message-ID: <000901beff7b$e286d4e0$b8014b0a@fisystem.fr> From: "Michael Hallgren" To: , References: <37DF6FA4.9BCC50FF@mailroom.com> Subject: Re: Non-US version without encryption Date: Wed, 15 Sep 1999 15:11:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, you're not alone :) mh > Hi all, > I am interested in the sfl for creating signed messages with > security labels, but I am not interested in encrypting the messages, as > they are on a secure network. Is there any way I can get hold of source > code outside the U.S. without any encryption capabilities, thus not > falling foul of the encryption export laws? TIA, > Barry McCarthy. > > From owner-imc-sfl Wed Sep 15 06:59:11 1999 Received: by mail.proper.com (8.9.3/8.9.3) id GAA27862 for imc-sfl-bks; Wed, 15 Sep 1999 06:59:11 -0700 (PDT) Received: from mail.student.auckland.ac.nz (mail.student.auckland.ac.nz [130.216.35.101]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA27856 for ; Wed, 15 Sep 1999 06:59:08 -0700 (PDT) Received: from cs26.cs.auckland.ac.nz (pgut001@cs26.cs.auckland.ac.nz [130.216.36.9]) by mail.student.auckland.ac.nz (8.8.6/8.8.6/cs-master) with SMTP id CAA08895 for ; Thu, 16 Sep 1999 02:02:25 +1200 (NZST) (sender pgut001@cs.auckland.ac.nz) Received: by cs26.cs.auckland.ac.nz (relaymail v0.9) id <93740414524319>; Thu, 16 Sep 1999 02:02:25 (NZST) From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: imc-sfl@imc.org Subject: Re: Non-US version without encryption Reply-To: pgut001@cs.auckland.ac.nz X-Charge-To: pgut001 X-Authenticated: relaymail v0.9 on cs26.cs.auckland.ac.nz Date: Thu, 16 Sep 1999 02:02:25 (NZST) Message-ID: <93740414524319@cs26.cs.auckland.ac.nz> Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Barry McCarthy writes: >I am interested in the sfl for creating signed messages with security labels, >but I am not interested in encrypting the messages, as they are on a secure >network. Is there any way I can get hold of source code outside the U.S. >without any encryption capabilities, thus not falling foul of the encryption >export laws? TIA, At the risk of mentioning non-sfl stuff on the sfl list, you can get a completely non-US implementation (and therefore one not affected by controls) from http://www.cs.auckland.ac.nz/~pgut001/cryptlib/. Whether you want to use the crypto contained in it is up to you. Peter. From owner-imc-sfl Wed Sep 15 09:36:43 1999 Received: by mail.proper.com (8.9.3/8.9.3) id JAA00315 for imc-sfl-bks; Wed, 15 Sep 1999 09:36:43 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id JAA00311 for ; Wed, 15 Sep 1999 09:36:42 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Wed, 15 Sep 1999 12:39:35 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A009D@wfhqex03.wang.com> From: "Pawling, John" To: "'barry.mccarthy@mailroom.com'" , imc-sfl@imc.org Subject: RE: Non-US version without encryption Date: Wed, 15 Sep 1999 12:39:32 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Barry, The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at http://www.jgvandyke.com/services/infosec/sfl.htm. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. At this point, VDA does not have any plans to produce a signed-only version of the SFL. In some circumstances, the U.S. Government grants licenses allowing companies to export encryption technology. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Barry McCarthy [mailto:barry.mccarthy@mailroom.com] Sent: Wednesday, September 15, 1999 6:06 AM To: imc-sfl@imc.org Subject: Non-US version without encryption Hi all, I am interested in the sfl for creating signed messages with security labels, but I am not interested in encrypting the messages, as they are on a secure network. Is there any way I can get hold of source code outside the U.S. without any encryption capabilities, thus not falling foul of the encryption export laws? TIA, Barry McCarthy. From owner-imc-sfl Thu Sep 23 06:00:22 1999 Received: (from majordomo@localhost) by mail.proper.com (8.9.3/8.9.3) id GAA10891 for imc-sfl-bks; Thu, 23 Sep 1999 06:00:22 -0700 (PDT) Received: from almso1.proxy.att.com (almso1.att.com [192.128.167.69]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA10887 for ; Thu, 23 Sep 1999 06:00:21 -0700 (PDT) Received: from mo3980r1.ems.att.com ([135.38.12.14]) by almso1.proxy.att.com (AT&T IPNS/MSO-2.2) with ESMTP id JAA00892 for ; Thu, 23 Sep 1999 09:03:52 -0400 (EDT) Received: from njb140bh1.ems.att.com by mo3980r1.ems.att.com (8.8.8+Sun/ATTEMS-1.4.1 sol2) id JAA01006; Thu, 23 Sep 1999 09:01:58 -0400 (EDT) Received: by njb140bh1.ems.att.com with Internet Mail Service (5.5.2448.0) id ; Thu, 23 Sep 1999 09:03:52 -0400 Message-ID: <81F4CCDDEDE6D211B0380000C0207400017A1F6D@njb140po13.ems.att.com> From: "Hardenbergh, John H, GOVMK" To: imc-sfl@imc.org Subject: Question of SFL Test Cases Date: Thu, 23 Sep 1999 09:03:50 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="----=_NextPart_000_0007_01BF05A2.893E5E30"; protocol="application/x-pkcs7-signature"; micalg=SHA-1 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0007_01BF05A2.893E5E30 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0000_01BF05A2.890EE9C0" ------=_NextPart_000_0000_01BF05A2.890EE9C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit         I've been slowly working through the various pieces of the S/MIME Freeware Library documentation and the reference implementation software.  As part of the learning curve I started to reproduce the tests described in 'Software Test Descriptions" version 1.1, unfortunately I seem to being doing something wrong.  If I run MIMETEST.EXE with no arguments I get an error back.  Then following the procedure for Test 1 I specify "./hilevel/create/SignedData_001.cfg" in the command line, if the path to the config file in wrong another error message, otherwise MIMETEST appears to run and exit normally.  Unfortunately I can remove the "sd" file, and the *.out" files but no new files are generated.  Removing the data source also has no effect.  Finally editing the config file by changing the "ContentFILE" token to "ContentFIILE" does not produce an error.  What am I missing?         In related issue is there description available of the available configuration file commands accepted by MIMETEST?   Regards, JHH -- John H. Hardenbergh | Information Security Center                     | AT&T Laboratories 973-236-6656        | Florham Park, NJ 07932 jhharde@att.com     | The answer is almost always 42 One of the extraordinary things about life is the sort of places it's prepared to put up with living. ... It will even live in New York, though it's hard to know why.                                               Douglas Adams     ------=_NextPart_000_0000_01BF05A2.890EE9C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
       =20 I've been slowly working through the=20 various pieces of the S/MIME Freeware = Library=20 documentation and the reference implementation=20 software.  As part of the learning curve I started=20 to reproduce the tests described in 'Software Test Descriptions" = version=20 1.1, unfortunately I seem to being doing something wrong.  If I run = MIMETEST.EXE with no arguments I get an error back.  Then following = the=20 procedure for Test 1 I specify "./hilevel/create/SignedData_001.cfg" in the=20 command line, if the path to the config file in wrong = another=20 error message, otherwise MIMETEST appears to run and exit = normally. =20 Unfortunately I can remove the "sd" file, and the *.out" = files=20 but no new files are generated.  Removing the data source also has = no=20 effect.  Finally editing the config file by changing the=20 "ContentFILE" token to "ContentFIILE" does not = produce an=20 error.  What am I missing?
       =20 In related issue is there description = available of the=20 available configuration file commands accepted by MIMETEST?
 
Regards, = JHH
--=20
John H. Hardenbergh | = Information Security=20 Center
          &nb= sp;        =20 | AT&T Laboratories
973-236-6656        | = Florham Park,=20 NJ 07932
jhharde@att.com   &nbs= p; | The=20 answer is almost always 42
One of the extraordinary things about life is the sort = of=20
places it's prepared to put up = with=20 living.
...=20
It will even live in New York, = though it's=20 hard to know why.
          &nb= sp;           &nbs= p;            = ;          =20 Douglas Adams  
 
------=_NextPart_000_0000_01BF05A2.890EE9C0-- ------=_NextPart_000_0007_01BF05A2.893E5E30 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIH4DCCAy4w ggKXoAMCAQICEQDSdi6NFAw9fbKoJV2v7g11MA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFy eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05ODA1MTIwMDAwMDBaFw0wODA1MTIyMzU5NTla MIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0 d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5 IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlk dWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQC7WkSKBBa7Vf0DeootlE8VeDa4DUqyb5xUv7zodyqdufBou5XZMUFweoFLuUgTVi3H COGEQqvAopKrRFyqQvCCDgLpL/vCO7u+yScKXbawNkIztW5UiE+HSr8Z2vkV6A+HthzjzMaajn9q JJLj/OBluqexfu/J2zdqyErICQbkmQIDAQABo3wwejARBglghkgBhvhCAQEEBAMCAQYwRwYDVR0g BEAwPjA8BgtghkgBhvhFAQcBATAtMCsGCCsGAQUFBwIBFh93d3cudmVyaXNpZ24uY29tL3JlcG9z aXRvcnkvUlBBMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBAgUAA4GB AIi4Nzvd2pQ3AK2qn+GBAXEekmptL/bxndPKZDjcG5gMB4ZbhRVqD7lJhaSV8Rd9Z7R/LSzdmkKe wz60jqrlCwbe8lYq+jPHvhnXU0zDvcjjF7WkSUJj7MKmFw9dWBpJPJBcVaNlIAD9GCDlX4KmsaiS xVhqwY0DPOvDzQWikK5uMIIEqjCCBBOgAwIBAgIQQP2AiZDALw/HNrDsRREF+jANBgkqhkiG9w0B AQQFADCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3Jw LiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0EgSW5k aXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDAeFw05OTA5MjEwMDAwMDBa Fw05OTExMjAyMzU5NTlaMIIBCTEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl cmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9y eS9SUEEgSW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBlcnNvbmEgTm90 IFZhbGlkYXRlZDEnMCUGA1UECxMeRGlnaXRhbCBJRCBDbGFzcyAxIC0gTWljcm9zb2Z0MRwwGgYD VQQDFBNKb2huIEguIEhhcmRlbmJlcmdoMR4wHAYJKoZIhvcNAQkBFg9qaGhhcmRlQGF0dC5jb20w XDANBgkqhkiG9w0BAQEFAANLADBIAkEAshCZfHwb78ypjRQZu32qqVjOIXVaUUiY+C2aWeLSpPAc oXF3ypROqop5DaPiyc8mYPCk/1alRBTln1UzkbRGvQIDAQABo4IBjzCCAYswCQYDVR0TBAIwADCB rAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu dmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZl cmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVyaVNp Z24wEQYJYIZIAYb4QgEBBAQDAgeAMIGGBgpghkgBhvhFAQYDBHgWdmQ0NjUyYmQ2M2YyMDQ3MDI5 Mjk4NzYzYzlkMmYyNzUwNjljNzM1OWJlZDFiMDU5ZGE3NWJjNGJjOTcwMTc0N2RhNWQzZjIxNDFi ZWFkYjJiZDJlODkyMTZhYTYyZjJkNTExNDg5Y2EyYmY0N2ZlZjNlYTQ1NjQwMwYDVR0fBCwwKjAo oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB gQBiCleCwN3ejZVqWi/umRvzTWM9hC8ylK2VTxO5YCGgl+llIRkB9QC3wdt7YdL728I7DQzBgOHX GYPBUd+lmvX5EcvmGT4Lt8JXCaap7CAbh8Q+vcXO1RTkeVMHL7hoaQ905Zq4dlLUQcqIQxN2epkx WkcfN1W6iPxDAB7wW5SrrTGCAtIwggLOAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg VmFsaWRhdGVkAhBA/YCJkMAvD8c2sOxFEQX6MAkGBSsOAwIaBQCgggGHMBgGCSqGSIb3DQEJAzEL BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTk5MDkyMzEzMDM0M1owIwYJKoZIhvcNAQkEMRYE FPsHnPgerXA6dAZd/7oAEsNcsST8MDMGCSqGSIb3DQEJDzEmMCQwDQYIKoZIhvcNAwICASgwBwYF Kw4DAhowCgYIKoZIhvcNAgUwgfIGCSsGAQQBgjcQBDGB5DCB4TCBzDEXMBUGA1UEChMOVmVyaVNp Z24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52 ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgx SDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNv bmEgTm90IFZhbGlkYXRlZAIQQP2AiZDALw/HNrDsRREF+jANBgkqhkiG9w0BAQEFAARAODnlinBq We8WoFqb1LwznKaJuXKJiGmcL8SVsp/tnfYrqtKPP380cpWr/vLrM/p/7xu7NHJISqS9rycggmeL MAAAAAAAAA== ------=_NextPart_000_0007_01BF05A2.893E5E30-- From owner-imc-sfl Thu Sep 23 09:14:00 1999 Received: (from majordomo@localhost) by mail.proper.com (8.9.3/8.9.3) id JAA13968 for imc-sfl-bks; Thu, 23 Sep 1999 09:14:00 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id JAA13964 for ; Thu, 23 Sep 1999 09:13:58 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 23 Sep 1999 12:17:42 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF3115BAFA@wfhqex03.wang.com> From: "Colestock, Robert" To: "'imc-sfl@imc.org'" Subject: RE: Question of SFL Test Cases Date: Thu, 23 Sep 1999 12:17:40 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: JHH: Sorry about the confusion. I would like to make a number of comments to your e-mail: - mimeTest.exe is intended only for the MIME encoding integration testing; it is not fully tested on our releases. Our charter only provides for the construction of CMS message components, ASN.1 encoded. The "sm_mimeTest.cpp" and supporting files are only used for MS Outlook Express/Outlook integration testing. The test cases are run through "autohi.exe". - Once you build the "autohi.exe" executable (this should be easy, since it is a subset of the "mimeTest.exe"), it can be run with the "./test/autohiAll.cfg" (if your version of the SFL has the DLL logic for MS Windows, you will need to be careful to run the version indicating DEBUG or RELEASE CTIL loads, "./test/autohiAllSFLd.cfg" or "./test/autohiAllSFL.cfg"). This config file is our test of all features (at least our attempt at such repeatable tests) and the written test cases (not all test cases have been finished yet). These tests include non-test case examples. The config files that build a message are not run as direct command line parameters, they are run through a hi-level config file that defines the login environment and lists a number of test scripts to run (see "./test/autohiAll.cfg" for example). The setup in the project file is under the "auto_hi" Project Settings DEBUG Tab Working Directory: ./test Program Arguments: ./autohiAll.cfg - In order for these tests to run, it is important to have both the RSA and Crypto++ 3.1 CTILs built. This will require the RSA bsafe 3.0 library (purchased) and the Crypto++3.1 library (downloaded as described in the README file). Since we test for all of our supported CTILs, these tests mix the 2 recipient types in the full suite of tests; there is a limited RSA only test config file. If you wish to run only 1 of these libraries please e-mail me directly, I will produce a specific set of tests for a single library, RSA or Free3 (it's on my list of things to do; the sm_rsaDLL.dll uses the Bsafe 3.0 library, the sm_free3DLL.dll uses the freely available Crypto++3.1 library). - As to a document describing the test environment or config files, sorry. Our task is to build the SFL library and test it fully, we do not provide a client program, nor a documented test environment. We do some limited integration tests with the commercial e-mail clients. The test environment is intended for unit development tests only. As to the error with the mispelled keyword, we do not check for properly formatted keywords; the FILL routines in the client level tests classes do check for mandatory fields and will abort if they are not present. In this case with content, content is many times optional, depending on the intended SignedData ASN.1 case. We do make an attempt to comment the configuration files and make the keywords as clear as possible, based on the ASN.1 documentation and ASN.1 keywords themselves (see cms-13.txt and ess-12.txt). I hope this helps. The config files are very useful for repetitive testing for releases as well as demonstrating many of the features implemented by the SFL (e.g. attributes). Assuming you have gone through the contortions necessary to attain the crypto libraries and build the CTILs necessary for these tests, the SFL test program can be run to produce a simple SignedData component easily. We provide a number of private keys and matching certificates to test (follow the file links specified in the "./test/autohiAll.cfg", "logins=" keyword to locate the private keys/certificate pairs). Bob Colestock rwc@jgvandyke.com -----Original Message----- From: Hardenbergh, John H, GOVMK [mailto:jhharde@att.com] Sent: Thursday, September 23, 1999 8:04 AM To: imc-sfl@imc.org Subject: Question of SFL Test Cases I've been slowly working through the various pieces of the S/MIME Freeware Library documentation and the reference implementation software. As part of the learning curve I started to reproduce the tests described in 'Software Test Descriptions" version 1.1, unfortunately I seem to being doing something wrong. If I run MIMETEST.EXE with no arguments I get an error back. Then following the procedure for Test 1 I specify "./hilevel/create/SignedData_001.cfg" in the command line, if the path to the config file in wrong another error message, otherwise MIMETEST appears to run and exit normally. Unfortunately I can remove the "sd" file, and the *.out" files but no new files are generated. Removing the data source also has no effect. Finally editing the config file by changing the "ContentFILE" token to "ContentFIILE" does not produce an error. What am I missing? In related issue is there description available of the available configuration file commands accepted by MIMETEST? Regards, JHH -- John H. Hardenbergh | Information Security Center | AT&T Laboratories 973-236-6656 | Florham Park, NJ 07932 jhharde@att.com | The answer is almost always 42 One of the extraordinary things about life is the sort of places it's prepared to put up with living. ... It will even live in New York, though it's hard to know why. Douglas Adams From owner-imc-sfl Thu Sep 23 09:03:02 1999 Received: by mail.proper.com (8.9.3/8.9.3) id JAA13707 for imc-sfl-bks; Thu, 23 Sep 1999 09:03:02 -0700 (PDT) Received: from internal.mail.demon.net (internal.mail.demon.net [193.195.224.3]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id JAA13703 for ; Thu, 23 Sep 1999 09:03:00 -0700 (PDT) Received: from pillar.turnpike.com (pillar.turnpike.com [194.70.55.2]) by internal.mail.demon.net with SMTP id RAA08080; Thu, 23 Sep 1999 17:07:00 +0100 (BST) Message-ID: Date: Thu, 23 Sep 1999 17:04:49 +0100 To: imc-sfl@imc.org From: Ian Bell Subject: SFL and the change in US Encryption policy MIME-Version: 1.0 X-Mailer: Turnpike Integrated Version 5.00 alpha 19M Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: > Update to Encryption Policy > September 1999 > Questions and Answers > 8. Is source code allowed to be exported under a license exception or > does this policy only authorize the export of encryption object code? > > Source code will continue to be reviewed under a case-by-case > basis. This update will allow the global export of object code > encryption software under a license exception Does anyone on this list know of the US Government's intention with regard to the export of the SFL source code outside US/Canada? The desire to make S/MIME 3 "the standard security protocol for protecting data communicated across the Internet" is currently undermined by the proliferation of weak crypto outside the US. Will anyone in the US (the developers of SFL, IMC,...) be 'encouraging' the US Government to make the SFL source code to be exportable under a licence exception? We would be very interested in the possibility of using the SFL but, being UK based, are currently unable to do so. -- Ian Bell T U R N P I K E Ltd From owner-imc-sfl Thu Sep 23 10:15:49 1999 Received: by mail.proper.com (8.9.3/8.9.3) id KAA14885 for imc-sfl-bks; Thu, 23 Sep 1999 10:15:49 -0700 (PDT) Received: from Default (ip12.proper.com [165.227.249.12]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id KAA14880; Thu, 23 Sep 1999 10:15:43 -0700 (PDT) Message-Id: <4.2.0.58.19990923101520.00caaa60@mail.imc.org> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 23 Sep 1999 10:19:49 -0700 To: Ian Bell , imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: SFL and the change in US Encryption policy In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 05:04 PM 9/23/99 +0100, Ian Bell wrote: > > 8. Is source code allowed to be exported under a license exception or > > does this policy only authorize the export of encryption object code? > > > > Source code will continue to be reviewed under a case-by-case > > basis. This update will allow the global export of object code > > encryption software under a license exception > > >Does anyone on this list know of the US Government's intention with >regard to the export of the SFL source code outside US/Canada? It looks like you answered your own question. Source code as crypto APIs do not appear to be positively affected by the announcement. IMC will soon be helping to educate the US Congress on the reasons they may be interested in easing restrictions on source code crypto. >Will anyone in the US (the developers of SFL, IMC,...) be 'encouraging' >the US Government to make the SFL source code to be exportable under a >licence exception? Possibly. :-) If it becomes easier (that is, less expensive) to get source code passed through, IMC may take this on. Until then, IMC won't try. I can't speak for Van Dyke, obviously. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Thu Sep 23 13:26:11 1999 Received: by mail.proper.com (8.9.3/8.9.3) id NAA17466 for imc-sfl-bks; Thu, 23 Sep 1999 13:26:11 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id NAA17456 for ; Thu, 23 Sep 1999 13:26:08 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 23 Sep 1999 16:29:59 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0120@wfhqex03.wang.com> From: "Pawling, John" To: "'Ian Bell'" , imc-sfl@imc.org Subject: RE: SFL and the change in US Encryption policy Date: Thu, 23 Sep 1999 16:29:57 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Ian, Thank you very much for your message. We would certainly welcome a change to the regulations limiting the distribution of the SFL. The STATEMENT BY THE WHITE HOUSE PRESS SECRETARY, Administration Announces New Approach to Encryption, September 16, 1999 (http://www.bxa.doc.gov/Encryption/WHPressEnc.htm) is certainly encouraging. It is too early to tell if this will change the export status of the SFL. After the proposed policy changes become law (planned for December 15, 1999), then we will request that the US Government re-examine their position on limiting the distribution of the SFL. In other words, we will encourage the US Government to make the SFL source code exportable under a license exception. Thanks again, ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Ian Bell [mailto:ianbell@turnpike.com] Sent: Thursday, September 23, 1999 12:05 PM To: imc-sfl@imc.org Subject: SFL and the change in US Encryption policy > Update to Encryption Policy > September 1999 > Questions and Answers > 8. Is source code allowed to be exported under a license exception or > does this policy only authorize the export of encryption object code? > > Source code will continue to be reviewed under a case-by-case > basis. This update will allow the global export of object code > encryption software under a license exception Does anyone on this list know of the US Government's intention with regard to the export of the SFL source code outside US/Canada? The desire to make S/MIME 3 "the standard security protocol for protecting data communicated across the Internet" is currently undermined by the proliferation of weak crypto outside the US. Will anyone in the US (the developers of SFL, IMC,...) be 'encouraging' the US Government to make the SFL source code to be exportable under a licence exception? We would be very interested in the possibility of using the SFL but, being UK based, are currently unable to do so. -- Ian Bell T U R N P I K E Ltd From owner-imc-sfl Mon Sep 27 14:35:08 1999 Received: (from majordomo@localhost) by mail.imc.org (8.9.3/8.9.3) id OAA09000 for imc-sfl-bks; Mon, 27 Sep 1999 14:35:08 -0700 (PDT) Received: from hq.ljl.COM (hq.ljl.com [206.151.234.1]) by mail.imc.org (8.9.3/8.9.3) with SMTP id OAA08996 for ; Mon, 27 Sep 1999 14:34:58 -0700 (PDT) Received: from enigma.ljl.com by hq.ljl.COM. with smtp id aa04098; Mon, 27 Sep 1999 16:35:43 -0500 From: "Thomas Fronckowiak Jr." To: imc-sfl@imc.org MMDF-Warning: Parse error in original version of preceding line at hq.ljl.COM. Subject: SFL, CML and Fortezza CTIL comments Date: Mon, 27 Sep 1999 16:34:54 -0500 Message-ID: <001a01bf0930$233cf1a0$81ea97ce@enigma.ljl.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 In-Reply-To: Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: We (LJL Enterprises) have continued our effort integrating the S/MIME Freeware Library into our front-end. Just a few things about SFL and related items - I apologize if any of these issues are off-topic for this list. 1. Encrypting large files We've had a problem using SFL to encrypt large files. This error occurred when the total length of the encrypted data was over 100,000 bytes, which is what the buffer size define VDASNACC_ENCDEC_BUFSIZE is (sm_vdasnacc.h). The new VDA enhanced SNACC that was just delivered had a fix in the ENCODE_BUF macro (sm_vdasnacc.h) free(outputBuf.BlkPtr()/*pchBuffer*/); This initially fixed the problem, until a few more 1000 bytes were added to the message to be encrypted. Modifying the ENCODE_BUF_NO_ALLOC macro with this same change fixed the problem. 2. CSM_MsgToEncrypt ASN.1 Encode I've experienced asn.1 encode problems particularly where additional certificates were added to encrypted messages. In some cases, and this *seems* to be file-length dependant, a certificate which has been added CSM_MsgToEncrypt::m_pMsgCrtCrls does not appear in the EncryptedData, but the ASN.1 length that surrounds the cert sequence includes the missing cert's length. As a result, an inner ASN.1 length is larger than then the entire ContentInfo length. For example, four certs are added to CSM_MsgToEncrypt::m_pMsgCrtCrls, only 3 show up in the EncryptedData, and the ASN.1 encoding from the beginning of the ContentInfo looks like: 30 83 01 86 46 06 09 2A 86 48 86 F7 0D 01 07 03 A0 83 01 86 36 30 83 01 87 DE Notice that length of the last sequence is greater than the other lengths. This was seen before the new VDA enhanced SNACC library was integrated. I haven't spent much time on this but I will try the same scenario with the latest snacc code. Let me know if there's any more info I can provide. 3. Fortezza CTIL In sm_fort.cpp, CSM_Fortezza::SMTI_Decrypt() returns an error 7 (invalid data size) from ci_decrypt when decrypting a large buffer because the wrong parameter is being checked against largestBlockSize. Line 758: if (pData->Length() > largestBlockSize ) should be: if (pEncryptedData->Length() > largestBlockSize ) Also in sm_fort.cpp, line 681: SME_THROW(error, "CI_Encrypt() faile", NULL); //failed line 734 : SME_SETUP("CSM_Fortezza::SMTI_Encrypt()"); //should be SMTI_Decrypt line 789: SME_THROW(error, "CI_Encrypt() failed", NULL); //should be CI_Decrypt 4. CML DSA attributes What's the chance of getting DSA certificate attributes added to the CML? To work correctly with current DSAs we needed to change CM_ldap.c, to include: "mosaicCASignatureCertificate", "mosaicKeyManagementCertificate", "mosaicUserSignatureCertificate", to the list of cert attributes: static char* certAttribs[] = { "userCertificate", /* 2.5.29.36 */ "cACertificate", /* 2.5.29.37 */ "mosaicKMandSigCertificate", /* 2.16.840.1.101.2.1.5.5 */ "sdnsKMandSigCertificate", /* 2.16.840.1.101.2.1.5.3 */ "fortezzaKMandSigCertificate", /* 2.16.840.1.101.2.1.5.5 */ "crossCertificatePair", /* 2.5.29.40 */ NULL }; 5. CML parsing CRL extensions In X_CM_CRL.c, function cvt_CRL_IssuerDistPts(), the lines: if(data->onlyContainsCACerts != 0) /* defaults to false if not here */ who->only_cAs_flag = *(data->onlyContainsUserCerts); should be changed to: if(data->onlyContainsCACerts != 0) /* defaults to false if not here */ who->only_cAs_flag = *(data->onlyContainsCACerts); Note: This was found in an earlier version of CML and may have been fixed in the latest release (v1.53?). 6. I was wondering about using the Fortezza CTIL for other applications in order to have a common interface to the Fortezza card. Is the CTIL interface a documented standard or is this a VDA construction? I'm almost certain it's VDA. If so, is there any push to make this a more commonly accepted crypto interface? 7. Has SFL v1.2 and the new CTILs been released yet? I know they were scheduled for earlier this month - I just haven't seen them yet. Thanks, Tom Fronckowiak From owner-imc-sfl Thu Sep 30 15:10:41 1999 Received: (from majordomo@localhost) by mail.imc.org (8.9.3/8.9.3) id PAA25254 for imc-sfl-bks; Thu, 30 Sep 1999 15:10:41 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id PAA25250 for ; Thu, 30 Sep 1999 15:10:40 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2448.0) id ; Thu, 30 Sep 1999 18:11:31 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A01BB@wfhqex03.wang.com> From: "Pawling, John" To: "'Thomas Fronckowiak Jr.'" , imc-sfl@imc.org Subject: RE: SFL, CML and Fortezza CTIL comments Date: Thu, 30 Sep 1999 18:11:41 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Tom, Thank you very much for your feedback regarding LJL's use of the SFL, CML and Fortezza CTIL. During the past weeks, we have been focusing our resources on supporting Cygnacom's and Raytheon's use of the CML (including Cygnacom's Cert Path Development Library), SFL and SPEX/ CTIL as part of the Bridge Certification Authority (BCA) Demonstration that is testing cross-certified Entrust, Motorola and Spyrus PKI domains. Raytheon has successfully integrated the SFL/CML into a plug-in for Novell GroupWise. Cygnacom has successfully integrated the SFL/CML into a plug-in for Eudora Pro. We have used the Cygnacom/Eudora client to successfully verify a signed message generated by the Raytheon/Novell client. Cygnacom has successfully completed interop testing between their SFL/CML/Eudora client and an Entrust/Eudora client that they also developed. Also, the CML/CPDL has been used to successfully build and verify a cross certified path between the Motorola and Spyrus PKI domains. Testing continues. The aforementioned BCA testing has delayed our release of the CML designed for use with the CTIL DLLs released in conjunction with the v1.1 SFL. We are also enhancing the CML to fix bugs reported during the BCA testing and to use the libCert library provided as part of the v1.1 SFL release. The VDA CML development team has requested enhancements to the libCert library to support the CML release. These enhancements will allow the CML team to take advantage of code already developed and tested as part of the SFL. The CML team is now testing these enhancements and will deliver a new release of the CML after the testing is complete. We plan to deliver a new SFL release (v1.2) to include the enhanced libCert library. We also plan to deliver new CTILs including fixing the bugs that you previously reported. The new CTILs will also include enhancements made to the SPEX/ and Fortezza CTIL DLLs to support the CML development effort. We plan on delivering all of this code during October 1999. We have the following responses to your comments: Bug #1: We will ensure that the ENCODE_BUF_NO_ALLOC macro is fixed in the SNACC baseline. If necessary, we will deliver a new SNACC release. Bug #2: We will test and fix. This will be fixed in the v1.2 SFL. Bug #3: We also discovered this bug. It is fixed in the baseline and will be delivered with the v1.2 SFL release. Bug #4: We will add these attributes in the next CML release. Note: The "mosaicCASignatureCertificate" attribute, when called via ext_get_objects function, will have the CML CM_CA_CERT_TYPE set; the "mosaicKeyManagementCertificate" & the "mosaicUserSignatureCertificate" will have the CM_USER_CERT_TYPE set in the EncObject_LL structure. Bug #5: We will add this to the next CML release. Question #6: The CTIL API is documented in the CTIL API document available from the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The CTIL API is not proprietary. To date, it is only being implemented by Van Dyke. Given the numerous "standard" crypto APIs, we doubt that any standards committees would be willing to sponsor yet another standard API. Question #7: See above. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Thomas Fronckowiak Jr. [mailto:tom@ljl.com] Sent: Monday, September 27, 1999 5:35 PM To: imc-sfl@imc.org Subject: SFL, CML and Fortezza CTIL comments We (LJL Enterprises) have continued our effort integrating the S/MIME Freeware Library into our front-end. Just a few things about SFL and related items - I apologize if any of these issues are off-topic for this list. 1. Encrypting large files We've had a problem using SFL to encrypt large files. This error occurred when the total length of the encrypted data was over 100,000 bytes, which is what the buffer size define VDASNACC_ENCDEC_BUFSIZE is (sm_vdasnacc.h). The new VDA enhanced SNACC that was just delivered had a fix in the ENCODE_BUF macro (sm_vdasnacc.h) free(outputBuf.BlkPtr()/*pchBuffer*/); This initially fixed the problem, until a few more 1000 bytes were added to the message to be encrypted. Modifying the ENCODE_BUF_NO_ALLOC macro with this same change fixed the problem. 2. CSM_MsgToEncrypt ASN.1 Encode I've experienced asn.1 encode problems particularly where additional certificates were added to encrypted messages. In some cases, and this *seems* to be file-length dependant, a certificate which has been added CSM_MsgToEncrypt::m_pMsgCrtCrls does not appear in the EncryptedData, but the ASN.1 length that surrounds the cert sequence includes the missing cert's length. As a result, an inner ASN.1 length is larger than then the entire ContentInfo length. For example, four certs are added to CSM_MsgToEncrypt::m_pMsgCrtCrls, only 3 show up in the EncryptedData, and the ASN.1 encoding from the beginning of the ContentInfo looks like: 30 83 01 86 46 06 09 2A 86 48 86 F7 0D 01 07 03 A0 83 01 86 36 30 83 01 87 DE Notice that length of the last sequence is greater than the other lengths. This was seen before the new VDA enhanced SNACC library was integrated. I haven't spent much time on this but I will try the same scenario with the latest snacc code. Let me know if there's any more info I can provide. 3. Fortezza CTIL In sm_fort.cpp, CSM_Fortezza::SMTI_Decrypt() returns an error 7 (invalid data size) from ci_decrypt when decrypting a large buffer because the wrong parameter is being checked against largestBlockSize. Line 758: if (pData->Length() > largestBlockSize ) should be: if (pEncryptedData->Length() > largestBlockSize ) Also in sm_fort.cpp, line 681: SME_THROW(error, "CI_Encrypt() faile", NULL); //failed line 734 : SME_SETUP("CSM_Fortezza::SMTI_Encrypt()"); //should be SMTI_Decrypt line 789: SME_THROW(error, "CI_Encrypt() failed", NULL); //should be CI_Decrypt 4. CML DSA attributes What's the chance of getting DSA certificate attributes added to the CML? To work correctly with current DSAs we needed to change CM_ldap.c, to include: "mosaicCASignatureCertificate", "mosaicKeyManagementCertificate", "mosaicUserSignatureCertificate", to the list of cert attributes: static char* certAttribs[] = { "userCertificate", /* 2.5.29.36 */ "cACertificate", /* 2.5.29.37 */ "mosaicKMandSigCertificate", /* 2.16.840.1.101.2.1.5.5 */ "sdnsKMandSigCertificate", /* 2.16.840.1.101.2.1.5.3 */ "fortezzaKMandSigCertificate", /* 2.16.840.1.101.2.1.5.5 */ "crossCertificatePair", /* 2.5.29.40 */ NULL }; 5. CML parsing CRL extensions In X_CM_CRL.c, function cvt_CRL_IssuerDistPts(), the lines: if(data->onlyContainsCACerts != 0) /* defaults to false if not here */ who->only_cAs_flag = *(data->onlyContainsUserCerts); should be changed to: if(data->onlyContainsCACerts != 0) /* defaults to false if not here */ who->only_cAs_flag = *(data->onlyContainsCACerts); Note: This was found in an earlier version of CML and may have been fixed in the latest release (v1.53?). 6. I was wondering about using the Fortezza CTIL for other applications in order to have a common interface to the Fortezza card. Is the CTIL interface a documented standard or is this a VDA construction? I'm almost certain it's VDA. If so, is there any push to make this a more commonly accepted crypto interface? 7. Has SFL v1.2 and the new CTILs been released yet? I know they were scheduled for earlier this month - I just haven't seen them yet. Thanks, Tom Fronckowiak From owner-imc-sfl Fri Oct 8 07:05:54 1999 Received: by mail.imc.org (8.9.3/8.9.3) id HAA12285 for imc-sfl-bks; Fri, 8 Oct 1999 07:05:54 -0700 (PDT) Received: from hqsfw-ext.ncr.disa.mil (falcon6.ncr.disa.mil [164.117.38.26]) by mail.imc.org (8.9.3/8.9.3) with SMTP id HAA12281 for ; Fri, 8 Oct 1999 07:05:52 -0700 (PDT) Received: from falcon6.ncr.disa.mil by hqsfw-ext.ncr.disa.mil via smtpd (for mail.imc.org [208.184.76.43]) with SMTP; 8 Oct 1999 14:07:18 UT Received: by falcon6.ncr.disa.mil with Internet Mail Service (5.5.2448.0) id <4PYCJJYC>; Fri, 8 Oct 1999 10:10:28 +0100 Message-ID: <4F86FA95C67CD311987A00508B3038990740@falcon6.ncr.disa.mil> From: Doug Colligan To: "'imc-sfl@imc.org'" Cc: "'coed@ncrs.disa.mil'" , "'mwchigh@erols.com'" , Doug Colligan , "'colligan@mercury.ncr.disa.mil'" Subject: BSAFE42.lib and SFL (sm_rsaDLL project) Date: Fri, 8 Oct 1999 10:10:27 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hello I work for DISA and am attempting to build the SFL library using the following tools (VS6.0 with patch 3, RSA BSAFE 4.2) and I get the following linker errors when building this particular CTIL. bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strcpy bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asn.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asndata.obj) error LNK2001 unresolved external _T_strlen I realize that this is not the recommended release of BSAFE to utilize but it is what I have. If this is not the correct forum for this question then please direct me to the correct forum and I will state now that I am sorry to bother folks with this mail message. Since T_* are internal mechanisms to the RSA compiled library I have no insight into the RSA library. Am hoping that I can correct this using either a compiler or a linker directive when building sm_rsaDLL. Appreciate your time David Coe From owner-imc-sfl Fri Oct 8 08:22:38 1999 Received: by mail.imc.org (8.9.3/8.9.3) id IAA13338 for imc-sfl-bks; Fri, 8 Oct 1999 08:22:38 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id IAA13333 for ; Fri, 8 Oct 1999 08:22:34 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <4DYS3D1X>; Fri, 8 Oct 1999 11:24:38 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0260@WFHQEX03> From: "Pawling, John" To: "'Doug Colligan'" , "'imc-sfl@imc.org'" Cc: "'coed@ncrs.disa.mil'" , "'mwchigh@erols.com'" , "'colligan@mercury.ncr.disa.mil'" Subject: RE: BSAFE42.lib and SFL (sm_rsaDLL project) Date: Fri, 8 Oct 1999 11:24:28 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: David, We have tested the SFL and BSAFE CTIL with the RSA BSAFE v3.0 library. We have not tested with the BSAFE v4.2 library. We will investigate obtaining a copy of the v4.2 BSAFE library. Assuming that we can obtain it, we will test it with the BSAFE CTIL. This will probably take at least a week. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Doug Colligan [mailto:colligand@falcon6.ncr.disa.mil] Sent: Friday, October 08, 1999 5:10 AM To: 'imc-sfl@imc.org' Cc: 'coed@ncrs.disa.mil'; 'mwchigh@erols.com'; Doug Colligan; 'colligan@mercury.ncr.disa.mil' Subject: BSAFE42.lib and SFL (sm_rsaDLL project) Hello I work for DISA and am attempting to build the SFL library using the following tools (VS6.0 with patch 3, RSA BSAFE 4.2) and I get the following linker errors when building this particular CTIL. bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strcpy bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asn.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asndata.obj) error LNK2001 unresolved external _T_strlen I realize that this is not the recommended release of BSAFE to utilize but it is what I have. If this is not the correct forum for this question then please direct me to the correct forum and I will state now that I am sorry to bother folks with this mail message. Since T_* are internal mechanisms to the RSA compiled library I have no insight into the RSA library. Am hoping that I can correct this using either a compiler or a linker directive when building sm_rsaDLL. Appreciate your time David Coe From owner-imc-sfl Fri Oct 8 08:34:12 1999 Received: by mail.imc.org (8.9.3/8.9.3) id IAA13597 for imc-sfl-bks; Fri, 8 Oct 1999 08:34:12 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id IAA13593 for ; Fri, 8 Oct 1999 08:34:11 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <4DYS3DHC>; Fri, 8 Oct 1999 11:36:20 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0263@WFHQEX03> From: "Pawling, John" To: "'Doug Colligan'" , "'imc-sfl@imc.org'" Cc: "'coed@ncrs.disa.mil'" , "'mwchigh@erols.com'" , "'colligan@mercury.ncr.disa.mil'" Subject: RE: BSAFE42.lib and SFL (sm_rsaDLL project) Date: Fri, 8 Oct 1999 11:36:09 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, Bob Colestock, VDA, writes: "I believe you can simply place these 2 functions in our "./alg_libs/sm_rsa/sm_tstdlib.c". RSA must have added these to the other memory allocation/copy functions we had to replace. They would simply call the standard "C" functions of similar names (see our replacements for malloc, memcpy, etc.)." I hope this helps. - John Pawling -----Original Message----- From: Pawling, John Sent: Friday, October 08, 1999 11:24 AM To: 'Doug Colligan'; 'imc-sfl@imc.org' Cc: 'coed@ncrs.disa.mil'; 'mwchigh@erols.com'; 'colligan@mercury.ncr.disa.mil' Subject: RE: BSAFE42.lib and SFL (sm_rsaDLL project) David, We have tested the SFL and BSAFE CTIL with the RSA BSAFE v3.0 library. We have not tested with the BSAFE v4.2 library. We will investigate obtaining a copy of the v4.2 BSAFE library. Assuming that we can obtain it, we will test it with the BSAFE CTIL. This will probably take at least a week. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc., a Wang Government Services Company jsp@jgvandyke.com ============================================ -----Original Message----- From: Doug Colligan [mailto:colligand@falcon6.ncr.disa.mil] Sent: Friday, October 08, 1999 5:10 AM To: 'imc-sfl@imc.org' Cc: 'coed@ncrs.disa.mil'; 'mwchigh@erols.com'; Doug Colligan; 'colligan@mercury.ncr.disa.mil' Subject: BSAFE42.lib and SFL (sm_rsaDLL project) Hello I work for DISA and am attempting to build the SFL library using the following tools (VS6.0 with patch 3, RSA BSAFE 4.2) and I get the following linker errors when building this particular CTIL. bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strcpy bsafe42.lib (asendecod.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asn.obj) error LNK2001 unresolved external _T_strlen bsafe42.lib (asndata.obj) error LNK2001 unresolved external _T_strlen I realize that this is not the recommended release of BSAFE to utilize but it is what I have. If this is not the correct forum for this question then please direct me to the correct forum and I will state now that I am sorry to bother folks with this mail message. Since T_* are internal mechanisms to the RSA compiled library I have no insight into the RSA library. Am hoping that I can correct this using either a compiler or a linker directive when building sm_rsaDLL. Appreciate your time David Coe From owner-imc-sfl Fri Nov 5 13:07:10 1999 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA02721 for imc-sfl-bks; Fri, 5 Nov 1999 13:07:10 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA02713 for ; Fri, 5 Nov 1999 13:07:09 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Fri, 5 Nov 1999 16:06:56 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF315A03E5@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.3 S/MIME Freeware Library Date: Fri, 5 Nov 1999 16:06:57 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="ISO-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA) has delivered Version 1.3 of the S/MIME Freeware Library (SFL) and v1.3 SFL Application Programming Interface (API), 29 October 1999. Note: The v1.2 SFL release was internal to VDA and was not distributed. The v1.3 SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.6 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using the mandatory algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library and SHA-1 provided by Government-furnished freeware. The SFL has also been used to sign, verify, encrypt and decrypt CMS/ESS objects using the RSA suite of algorithms provided by the RSA BSAFE v3.0 library. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. The v1.3 SFL release includes: SFL High-level library; Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; VDA-enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test drivers and test data. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. We still need to perform signed receipt testing with Microsoft. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We are also participating in the IETF S/MIME WG interoperability testing documented in the "Examples of S/MIME Messages" document. We have used the SFL to successfully verify many of the signed messages included in the document. We are continuing to set up test config files to use the SFL to test the other messages included in the document. We also plan to provide sample messages for inclusion in the document. The following enhancements are included in the v1.3 SFL release (compared with the v1.1 release): 1) The SNACC and CTIL Dynamically linked Libraries (DLL) delivered in conjunction with the v1.3 SFL have been successfully tested with the v1.3 SFL and with the v1.55 Certificate Management Library, so these two libraries can share the same set of CTIL DLLs. 2) Enhanced libCert library to meet requirements of CML team. 3) Fixed bugs in CTILs reported during Bridge Certification Authority testing. 4) Enhanced Crypto++ (a.k.a Free) CTIL to use the RSA public key algorithm provided by the Crypto++ 3.1 library. We used the RSA algorithm provided by the Crypto++ 3.1 library to successfully perform key transport interop testing with the RSA BSAFE v3.0 library. We are still in the process of testing interoperable RSA signature verification. Previously, we successfully completed RC2 interop testing between Crypto++ 3.1 and BSAFE. The Crypto++ CTIL includes VDA-developed code to use the RSA public key algorithm implemented within the external Crypto++ library. As with all of the external crypto token libraries, the Crypto++ library is not distributed as part of the SFL source or object code. To use the Crypto++ library with the SFL, the application developer must independently obtain the Crypto++ library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The RSA public key algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication System and Method". Within the U.S., users of the RSA public key algorithm provided by the external Crypto++ library must obtain a license from RSA granting them permission to use the RSA algorithm. 5) All CTILs were tested using MS Windows. The BSAFE CTIL and SNACC were tested as shared objects using Solaris 2.6. The Fortezza and Crypto++ CTILs will also be tested as shared objects using Solaris 2.6. If any changes are required, then new CTILs will be delivered. 6) The SFL can now be used to generate countersignatures. We are still in the process of testing the verification of countersignatures. 7) Added enhanced error reporting (for specific non-fatal error conditions) such that the SFL will continue processing and will provide a linked list of error information. 8) Developed new test code and configuration files to implement test cases. 9) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We are still in the process of enhancing and testing the SFL. We are developing a Public Key Cryptographic Standard (PKCS) #11 CTIL. The majority of the coding is complete. We began testing the Litronic Maestro crypto library that provides a PKCS #11 API. We also plan to test the PKCS #11 CTIL with the Spyrus SPEX/ II library that provides a PKCS #11 API. Future releases will also include: libCert library converted to DLL/shared object; additional enhanced error reporting; verification of countersignatures; SPEX/ CTIL encrypt/decrypt/ESDH capabilities; PKCS #11 CTIL; add sMIMEEncryptionKeyPreference attribute; additional helper functions; add "Certificate Management Messages over CMS" ASN.1 encode/decode functions; add enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. We will enhance the utilities to generate certificates to be used as test data. We do not plan to further enhance the SFL "C" API capabilities unless specifically requested. The SFL software is developed to maximize portability to 32-bit operating systems. We plan to port the SFL to the following operating systems: Linux, HP/UX 9.x/10.x, IBM AIX 3.2, SCO 5.0 (possibly) and Macintosh (possibly). The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at the VDA SFL Page. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: Note: The VDA SFL Page has not yet been updated, but all files are available from the Fortezza Developer's S/MIME Page. 1) SFL Documents: Fact Sheet, Software Design Description, API, CTI API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snaccvda07.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR13.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code and Crypto++. Note that the Crypto++ library is not included. Crypto++ can be downloaded from (http://www.eskimo.com/~weidai/cryptlib.html). 2) smR13CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza and SPEX/. The Win95/98/NT projects are also included. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from http://www.rational.com/uml/resources/practice_uml/index.jtmpl. Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Wed Nov 10 15:55:41 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id PAA16473 for imc-sfl-bks; Wed, 10 Nov 1999 15:55:41 -0800 (PST) Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA16469 for ; Wed, 10 Nov 1999 15:55:39 -0800 (PST) Received: from xboibrg1.boi.hp.com (xboibrg1.boi.hp.com [15.56.8.167]) by palrel3.hp.com (8.8.6 (PHNE_17135)/8.8.5tis) with ESMTP id PAA16167 for ; Wed, 10 Nov 1999 15:56:26 -0800 (PST) Received: by xboibrg1.boi.hp.com with Internet Mail Service (5.5.2650.21) id ; Wed, 10 Nov 1999 16:56:25 -0700 Message-ID: <973751E29EE0D211976800A0C9F446FE015DBD20@xboi05.boi.hp.com> From: "MCMAINS,ALEX (HP-Boise,ex1)" To: "'imc-sfl@imc.org'" Subject: Minimal SFL Program Date: Wed, 10 Nov 1999 16:56:21 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hi, I work for HP, and I am tryng to compile a minimal program using the SFL. I am using Visual C++ 6.0 on NT 4.0. The program that I am trying to compile looks like this: #include "sm_api.h" int main() { CSM_MsgToEncrypt mte; return 0; } I get the following compile time errors: Compiling... test.cpp e:\downloads\sfl smime\smimer1.3\include\snacc\c++\asn-oid.h(92) : warning C4800: 'int' : forcing value to bool 'true' or 'false' (performance warning) e:\downloads\sfl smime\smimer1.3\include\snacc\c++\asn-octs.h(106) : warning C4800: 'int' : forcing value to bool 'true' or 'false' (performance warning) e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(42) : error C2071: 'indentG' : illegal storage class e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(43) : error C2071: 'stdIndentG' : illegal storage class e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(45) : error C2487: 'Indent' : member of dll interface class may not be declared with dll interface e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(47) : error C2487: '<<' : member of dll interface class may not be declared with dll interface e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(47) : error C2804: binary 'operator <<' has too many parameters e:\program files\microsoft visual studio\vc98\include\malloc.h(36) : error C2059: syntax error : 'string' e:\program files\microsoft visual studio\vc98\include\malloc.h(36) : error C2334: unexpected token(s) preceding '{'; skipping apparent function body e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x501ud.h(23) : error C2071: 'ds' : illegal storage class e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x501ud.h(24) : error C2071: 'module' : illegal storage class ... e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x411ub.h(62) : error C2071: 'ub_pds_name_length' : illegal storage class e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x411ub.h(62) : fatal error C1003: error count exceeds 100; stopping compilation Error executing cl.exe. SFL Test.exe - 102 error(s), 2 warning(s) Can you explain what I am doing wrong? And maybe show an example of a minimal program that will compile. Thank you. NOTE: I have not been able to compile auto_hi.exe due to linking errors I get when compiling sm_free3DLL. I'm really only interested in BSAFE anyway at this point. Alex McMains (alex_mcmains@hp.com) From owner-imc-sfl Fri Nov 12 07:34:38 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id HAA17366 for imc-sfl-bks; Fri, 12 Nov 1999 07:34:38 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA17362 for ; Fri, 12 Nov 1999 07:34:31 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Fri, 12 Nov 1999 10:35:04 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF316BE21F@WFHQEX03> From: "Leonberger, Pierce" To: "'MCMAINS,ALEX (HP-Boise,ex1)'" , "'imc-sfl@imc.org'" Subject: RE: Minimal SFL Program Date: Fri, 12 Nov 1999 10:34:54 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="ISO-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: You are most likely missing the following preprocessor definitions: VDADER_RULES,SNACC_DEEP_COPY At a minimum you'll need to link to: libsmd.lib and snaccDLLd.lib (assuming debug build) Our debug libraries link to the Debug Multithreaded DLL runtime library. Our release libraries link to the Multithreaded DLL runtime library. You'll need to link your test program to the appropriate runtime library. -Pierce -----Original Message----- From: MCMAINS,ALEX (HP-Boise,ex1) [mailto:alex_mcmains@hp.com] Sent: Wednesday, November 10, 1999 6:56 PM To: 'imc-sfl@imc.org' Subject: Minimal SFL Program Hi, I work for HP, and I am tryng to compile a minimal program using the SFL. I am using Visual C++ 6.0 on NT 4.0. The program that I am trying to compile looks like this: #include "sm_api.h" int main() { CSM_MsgToEncrypt mte; return 0; } I get the following compile time errors: Compiling... test.cpp e:\downloads\sfl smime\smimer1.3\include\snacc\c++\asn-oid.h(92) : warning C4800: 'int' : forcing value to bool 'true' or 'false' (performance warning) e:\downloads\sfl smime\smimer1.3\include\snacc\c++\asn-octs.h(106) : warning C4800: 'int' : forcing value to bool 'true' or 'false' (performance warning) e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(42) : error C2071: 'indentG' : illegal storage class e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(43) : error C2071: 'stdIndentG' : illegal storage class e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(45) : error C2487: 'Indent' : member of dll interface class may not be declared with dll interface e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(47) : error C2487: '<<' : member of dll interface class may not be declared with dll interface e:\downloads\sfl smime\smimer1.3\include\snacc\c++\print.h(47) : error C2804: binary 'operator <<' has too many parameters e:\program files\microsoft visual studio\vc98\include\malloc.h(36) : error C2059: syntax error : 'string' e:\program files\microsoft visual studio\vc98\include\malloc.h(36) : error C2334: unexpected token(s) preceding '{'; skipping apparent function body e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x501ud.h(23) : error C2071: 'ds' : illegal storage class e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x501ud.h(24) : error C2071: 'module' : illegal storage class ... e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x411ub.h(62) : error C2071: 'ub_pds_name_length' : illegal storage class e:\downloads\sfl smime\smimer1.3\libcert\include\sm_x411ub.h(62) : fatal error C1003: error count exceeds 100; stopping compilation Error executing cl.exe. SFL Test.exe - 102 error(s), 2 warning(s) Can you explain what I am doing wrong? And maybe show an example of a minimal program that will compile. Thank you. NOTE: I have not been able to compile auto_hi.exe due to linking errors I get when compiling sm_free3DLL. I'm really only interested in BSAFE anyway at this point. Alex McMains (alex_mcmains@hp.com) From owner-imc-sfl Tue Nov 23 11:18:34 1999 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id LAA11353 for imc-sfl-bks; Tue, 23 Nov 1999 11:18:34 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id LAA11341 for ; Tue, 23 Nov 1999 11:18:32 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Tue, 23 Nov 1999 14:20:01 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF315A04AF@WFHQEX03> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.56 Certificate Management Library Date: Tue, 23 Nov 1999 14:20:01 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="ISO-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J. G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered the Government-Furnished Version 1.56 Certificate Management Library (CML). The primary difference between the v1.55 and v1.56 CML is that the v1.56 CML has been tested using the Solaris 2.6 and Linux operating systems in addition to MS Windows. The v1.56 CML was tested using MS Windows with the Crypto Token Interface Libraries (CTIL) Dynamically Linked Libraries (DLL) for the following crypto libraries: RSA BSAFE v3.0, Crypto++ v3.1, Fortezza Cryptologic Interface (CI) v1.52b and Spyrus SPEX/ v1.52b Release 7b. The v1.56 CML was tested using Solaris 2.6 with the CTILs as shared objects for the RSA BSAFE v3.0 and Fortezza CI v1.52b libraries. The v1.56 CML was also tested using Linux, but no CTILs have been tested using Linux. The v1.56 CML is described in the v1.5 CM Application Programming Interface (API) document. It implements the 1997 X.509 certification path processing rules and meets SDN.706 requirements. It (optionally) provides local cache management functions and (optionally) obtains data objects using LDAP v2. It can (optionally) be used in conjunction with the v1.31 Certificate Path Development Library (CPDL) developed by CygnaCom Solutions to provide robust certification path building capabilities such as using cross certificates. The CML has been used to validate X.509 Certificates and Certificate Revocation Lists (CRL) signed using Digital Signature Algorithm (DSA) and RSA. Further enhancements, ports and testing of the CML are still in process. Further releases of the CML will be provided as significant capabilities are added. The v1.56 CML software (including source code and libraries) (CMLibv1_56.zip), API document (CMv1_5api.doc, CMv1_5api.pdf), test certs (CM155data.zip) and readme.txt files are stored on the Fortezza Developers CML Page (http://www.armadillo.huntsville.al.us/software/certmgmt/index.html). VDA welcomes all feedback regarding the CML software and documents. If bugs are reported, then VDA will investigate each reported bug and, if required, will produce a patch or an updated release of the software to repair the bug. All source code for the CML is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the CML without paying any royalties or licensing fees. The CML was originally developed by the U.S. Government. VDA is enhancing and supporting the CML under contract to the U.S. Government. The U.S. Government is furnishing the CML software at no cost to the vendor subject to the conditions of the CML Public License provided with the CML software. The CML software is not subject to U.S. Government encryption export regulations, so it is freely available to everyone. The v1.56 CML uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. VDA has successfully tested the v1.56 CML with the SNACC and CTIL DLLs delivered in conjunction with the v1.3 S/MIME Freeware Library available from Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). Source code for the VDA-developed CTILs is available from the Fortezza Developer's S/MIME Page. The actual crypto libraries are not provided with the CML. They must be independently obtained from the appropriate source. The v1.56 CML has been used in conjunction with the v1.31 CPDL to successfully meet all of the requirements of the Bridge Certification Authority (CA) Demonstration effort which includes cross-certified Entrust, Spyrus and Motorola v3 certificate domains. The CML/CPDL successfully constructed and verified a variety of v3 certification paths including cross-certificates between the domains. The CMLibv1_56.zip file includes the CPDL source code and public license. http://www.cygnacom.com/cpl provides more information regarding the CPDL. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Wed Dec 22 08:24:49 1999 Received: by ns.secondary.com (8.9.3/8.9.3) id IAA20471 for imc-sfl-bks; Wed, 22 Dec 1999 08:24:49 -0800 (PST) Received: from omx1.stercomm.com (omx1.stercomm.com [209.95.244.34]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id IAA20467 for ; Wed, 22 Dec 1999 08:24:48 -0800 (PST) Received: from nuntius.stercomm.com (nuntius.stercomm.com [199.3.24.42]) by omx1.stercomm.com with ESMTP id LAA17909; Wed, 22 Dec 1999 11:26:10 -0500 (EST) Received: from smtplnk2.stercomm.com (pressure.stercomm.com [199.3.24.9]) by nuntius.stercomm.com with SMTP id LAA01383; Wed, 22 Dec 1999 11:28:32 -0500 (EST) Received: by smtplnk2.stercomm.com(Lotus SMTP MTA v4.6.3 (733.2 10-16-1998)) id 8525684F.005A9FCA ; Wed, 22 Dec 1999 11:29:51 -0500 X-Lotus-FromDomain: STERLING COMMERCE From: "Dale Moberg" To: Imc-sfl@imc.org cc: john.pawling@wang.com Message-ID: <8525684F.005A9D9E.00@smtplnk2.stercomm.com> Date: Wed, 22 Dec 1999 11:28:19 -0500 Subject: sfl version 1.3 problem with sm_error.[h,cpp] Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hi (warning: long, lowlevel and pedestrian!) I had a problem compiling sfl 1.3 under Solaris 2.6, BSafe4.0, gcc 2.95. For some reason we did not see the problem under the NT compile. Maybe we mixed up the source somehow but looking over the sources we could not find any version of sm_error.h and sm_error.cpp that solves the following problem during our solaris compile. The problem seems to be a versioning issue for code for the CSM_Exception class. Basically the sm_error.h file seems to need an update as well as the sm_error.cpp file. The SME_APPEND macro (code given below) from one version of sm_error.h (macro is used in libsrc/lolevel/sm_attr.cpp) uses member function FillException. No implementation was found in sm_error.cpp. I used the constructor implementation to guess at an implementation for FillException to get a compile of sm_attr.cpp The SME_APPEND macro is not found in sm_error.h version /* @(#) sm_error.h 1.15 05/18/99 17:54:55 */ under the snacc c++-lib source tree but is present in the sm_error.h file in under the include/snacc directory for smimer1.3. ( which interestingly has the same version identifier-- /* @(#) sm_error.h 1.15 05/18/99 17:54:55 */... ) Next there is an issue concerning a member variable from sm_error.h, char m_szStackString[1024]; A declaration is found in sm_error.h under the snacc c++-lib source tree but is not present in the sm_error.h file under the include/snacc directory for smimer1.3. Used in sm_error.cpp implementation in both versions found under the snacc-1.3vda directory and under smimer1.3 directory. So to get a compile, I added a merge of the SME_APPEND macro and the member variable declaration for char m_szStackString[1024] to make a working sm_error.h. To allow the sm_attr.cpp build, a faked up implementation of FillException was added. Is there an 'official' release 1.3 sm_error.h and sm_error.cpp available that has the merged member variable declaration, SME_APPEND macro, and a FillException implementation? If so can someone email the files to me? Apologies for the length but I hope it helps you track down the discrepancy. Btw, we did get sfl 1.3 to work with bsafe4 under gcc 2.95 compile and many interop tests have worked so far. #define SME_APPEND(errorNumber, pszError, pStrDat) {bSMELocal = true;\ if (pMultException)\ pMultException->FillException(errorNumber,__LINE__,SME_FN\ __FILE__,pszError,pStrDat);\ else\ pMultException = new CSM_Exception(errorNumber,__LINE__,SME_FN,\ __FILE__,pszError,pStrDat); } From owner-imc-sfl Thu Jan 6 13:04:39 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA14369 for imc-sfl-bks; Thu, 6 Jan 2000 13:04:39 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA14365 for ; Thu, 6 Jan 2000 13:04:38 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Thu, 6 Jan 2000 16:05:36 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0662@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.4 S/MIME Freeware Library Date: Thu, 6 Jan 2000 16:05:31 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered Version 1.4 of the S/MIME Freeware Library (SFL) software and Application Programming Interface (API). The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.6 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using the mandatory algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library and SHA-1 provided by Government-furnished freeware. The SFL has also been used to sign, verify, encrypt and decrypt CMS/ESS objects using the RSA suite of algorithms provided by the RSA BSAFE v4.2 and Crypto++ 3.1 libraries. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. The v1.4 SFL release includes: SFL High-level library; Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; VDA-enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test drivers and test data. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We are also participating in the IETF S/MIME WG interoperability testing documented in the "Examples of S/MIME Messages" document. We have used the SFL to successfully process the majority of the signedData and envelopedData messages included in the document. We are continuing to set up test config files to use the SFL to test the other cases included in the document such as signed receipts. We also plan to provide sample messages for inclusion in the document. We successfully completed Fortezza S/MIME v3 interoperability testing with Microsoft using the SFL and Fortezza CTIL. This also proved the correctness of the "CMS KEA and Skipjack Conventions" Internet-Draft. The following enhancements are included in the v1.4 SFL release (compared with the v1.3 release): 1) SNACC and CTIL Dynamically linked Libraries (DLL) delivered in conjunction with the v1.4 SFL were successfully tested with the v1.4 SFL and with the v1.6 Certificate Management Library, so these two libraries can share the same set of DLLs; 2) BSAFE CTIL tested with v4.2 BSAFE Crypto-C library on MS Windows 95/98/NT and Solaris 2.6; 3) All CTILs were tested using MS Windows. The Fortezza, BSAFE and Crypto++ CTILs were tested with the respective security libraries as shared objects using Solaris 2.6. 4) Completed testing of enhanced Crypto++ (a.k.a Free) CTIL using the RSA public key algorithm provided by the Crypto++ 3.1 library. We used the RSA algorithm provided by the Crypto++ 3.1 library to successfully perform RSA key transport and RSA signature verification interop testing with the RSA BSAFE v4.2 library. Previously, we successfully completed RC2 interop testing between Crypto++ 3.1 and BSAFE. The Crypto++ CTIL includes VDA-developed code to use the RSA public key algorithm implemented within the external Crypto++ library. As with all of the external crypto token libraries, the Crypto++ library is not distributed as part of the SFL source or object code. To use the Crypto++ library with the SFL, the application developer must independently obtain the Crypto++ library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The RSA public key algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication System and Method". Within the U.S., users of the RSA public key algorithm provided by the external Crypto++ library must obtain a license from RSA granting them permission to use the RSA algorithm. 5) Completed sMIMEEncryptionKeyPreference attribute testing; 6) Implemented a shared User Keying Material (UKM) bug fix; 7) libCert library converted to a DLL/shared object; 8) Enhanced SNACC to replace printf with vdaprintf that does not print to screen; 9) SFL can now be used to generate and verify countersignatures. We are still performing additional testing of the countersignature features to ensure robustness; 10) Developed new test code and configuration files to implement test cases; and 11) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We are still in the process of enhancing and testing the SFL. We are developing a Public Key Cryptographic Standard (PKCS) #11 CTIL. The majority of the coding is complete. We continued testing the Litronic Maestro crypto library that provides a PKCS #11 API. We also plan to test the PKCS #11 CTIL with the Spyrus SPEX/ 2 library that provides a PKCS #11 API. Future releases will also include: countersignature robustness testing; SPEX/ CTIL encrypt/decrypt/ESDH capabilities; PKCS #11 CTIL; add "Certificate Management Messages over CMS" ASN.1 encode/decode functions; add enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. We will enhance the utilities to generate certificates to be used as test data. We do not plan to further enhance the SFL "C" API capabilities unless specifically requested. The SFL software is developed to maximize portability to 32-bit operating systems. We plan to port the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2 (possibly), SCO 5.0 (possibly) and Macintosh (possibly). The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The VDA-enhanced SNACC ASN.1 software and SFL documentation are freely available to everyone at the VDA SFL Page. All other portions of the SFL software are export controlled in accordance with the U.S. Government Export Administration Regulations. For specific details and guidance on exporting the SFL software, contact the U.S. Department of Commerce, Bureau of Export Administration, Export Counseling Division, (202) 482-4811. The Bureau of Export Administration maintains additional resources online on its Commercial Encryption Export Controls page (http://www.bxa.doc.gov/Encryption/Default.htm). Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: Note: The VDA SFL Page has not yet been updated, but all files are available from the Fortezza Developer's S/MIME Page. 1) SFL Documents: Fact Sheet, Software Design Description, API, CTI API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snacc1_4VDA.zip: Zip file containing SNACC v1.4 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR14.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code and Crypto++. Note that the Crypto++ library is not included. Crypto++ can be downloaded from (http://www.eskimo.com/~weidai/cryptlib.html). 2) smR14CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza and SPEX/. The Win95/98/NT projects are also included. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from http://www.rational.com/uml/resources/practice_uml/index.jtmpl. Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Thu Jan 6 13:55:29 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA14986 for imc-sfl-bks; Thu, 6 Jan 2000 13:55:29 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA14982 for ; Thu, 6 Jan 2000 13:55:28 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Thu, 6 Jan 2000 16:56:27 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF315A066C@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.6 Certificate Management Library Date: Thu, 6 Jan 2000 16:56:27 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J. G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered the Government-Furnished Version 1.6 Certificate Management Library (CML) software and Application Programming Interface (API). The v1.6 CML is available from the Fortezza Developers CML Page (http://www.armadillo.huntsville.al.us/software/certmgmt/index.html). It includes the following enhancements (compared with the v1.56 CML release): 1) Tested with the SNACC, Crypto Token Interface Libraries (CTIL) and LibCert Dynamically Linked Libraries (DLL) delivered with the v1.4 S/MIME Freeware Library (SFL) available from Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). 2) Tested using MS Windows with the CTIL DLLs for the following crypto libraries: RSA BSAFE v4.2, Crypto++ v3.1, Fortezza Cryptologic Interface (CI) v1.52b and Spyrus SPEX/ v1.52b Release 7b. 3) Tested using Solaris 2.6 with the CTILs as shared objects for the RSA BSAFE v4.2, Fortezza CI v1.52b and Crypto++ v3.1 libraries. 4) Enhanced to process RFC 2459-compliant (i.e. PKIX) Diffie-Hellman certificates. 5) DN Normalization: The rules for comparing DNs were enhanced to be compliant with the 1997 X.500 series of recommendations. 6) CML re-engineered to reduce the number of DLLs by adding the cmdec_c DLL into the cmasn DLL. 7) Implemented short-term solution to allow an application to call CM_RequestCerts to locate a certificate based only on the match criteria specified in the CertMatch_struct structure (i.e. no subject DN is required). For example, CM_RequestCerts can search for a certificate based only on the issuer and serial number fields. 8) Implemented BSAFE (in addition to RSAREF) in the CM_Sigcheck.c module as recommended by Steve Koehler, Secure Computing Corporation. 9) Enhanced Extended Key Usage extension information to provide criticality flag. The v1.6 CML is described in the v1.6 CML API document. It implements the 1997 X.509 certification path processing rules and meets SDN.706 requirements. It (optionally) provides local cache management functions and (optionally) obtains data objects using LDAP v2. It can (optionally) be used in conjunction with the v1.31 Certificate Path Development Library (CPDL) developed by CygnaCom Solutions to provide robust certification path building capabilities such as using cross certificates. The CML has been used to validate X.509 Certificates and Certificate Revocation Lists (CRL) signed using Digital Signature Algorithm (DSA) and RSA. Further enhancements, ports and testing of the CML are still in process. Further releases of the CML will be provided as significant capabilities are added. The following v1.6 CML files are available: CMLv16win.zip -> Windows DLLs CML16so.tar.Z -> Solaris Libraries CML16sr.tar.Z -> Source, include Windows project files The aforementioned files and the v1.6 CML API document (CMv1_6api.doc, CMv1_6api.pdf), test certs (CM155data.zip) and readme.txt files are stored on the Fortezza Developers CML Page. VDA welcomes all feedback regarding the CML software and documents. If bugs are reported, then VDA will investigate each reported bug and, if required, will produce a patch or an updated release of the software to repair the bug. All source code for the CML is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the CML without paying any royalties or licensing fees. The CML was originally developed by the U.S. Government. VDA is enhancing and supporting the CML under contract to the U.S. Government. The U.S. Government is furnishing the CML software at no cost to the vendor subject to the conditions of the CML Public License provided with the CML software. The CML software is not subject to U.S. Government encryption export regulations, so it is freely available to everyone. The v1.6 CML uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. VDA has successfully tested the v1.6 CML with the SNACC and CTIL DLLs delivered in conjunction with the v1.4 SFL. Source code for the VDA-developed CTILs is available from the Fortezza Developer's S/MIME Page. The actual crypto libraries are not provided with the CML or SFL. They must be independently obtained from the appropriate source. The v1.6 CML can be used in conjunction with the v1.31 CPDL to successfully meet all of the requirements of the Bridge Certification Authority Demonstration effort which includes cross-certified Entrust, Spyrus and Motorola v3 certificate domains. The CMLibv1_6.zip file includes the CPDL source code and public license. http://www.cygnacom.com/cpl provides more information regarding the CPDL. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Thu Jan 13 10:13:52 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id KAA25888 for imc-sfl-bks; Thu, 13 Jan 2000 10:13:52 -0800 (PST) Received: from chmls06.mediaone.net (chmls06.mediaone.net [24.128.1.71]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA25883 for ; Thu, 13 Jan 2000 10:13:50 -0800 (PST) Received: from bigvaio (brianlambert.ne.mediaone.net [24.128.216.18]) by chmls06.mediaone.net (8.8.7/8.8.7) with SMTP id NAA06341 for ; Thu, 13 Jan 2000 13:14:30 -0500 (EST) From: "Brian Lambert" To: Subject: Site down... Date: Thu, 13 Jan 2000 13:14:54 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hi, I'm new to the list. I am trying to follow links from imc.org that go to http://www.jgvandyke.com/ and the response I get is: Socket Error Connection refused by Remote Host Could anyone help me out? Thanks, Brian Lambert Glassbook, Inc. From owner-imc-sfl Thu Jan 13 11:15:44 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id LAA26612 for imc-sfl-bks; Thu, 13 Jan 2000 11:15:44 -0800 (PST) Received: from 206-175-161-171 (206-175-161-171.vpnworkshop.com [206.175.161.171]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id LAA26606 for ; Thu, 13 Jan 2000 11:15:43 -0800 (PST) Message-Id: <4.2.1.20000113111635.00c5ede0@mail.imc.org> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.1 Date: Thu, 13 Jan 2000 11:16:50 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: Site down... Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: >Could anyone help me out? They seem to be having problems. Instead, take a look at . --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Thu Jan 13 12:23:41 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id MAA27385 for imc-sfl-bks; Thu, 13 Jan 2000 12:23:41 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id MAA27378; Thu, 13 Jan 2000 12:23:39 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Thu, 13 Jan 2000 15:25:21 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF316BE2A2@wfhqex03.wang.com> From: "Leonberger, Pierce" To: "'Paul Hoffman / IMC'" , imc-sfl@imc.org Subject: RE: Site down... Date: Thu, 13 Jan 2000 15:25:17 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: The site has been down for at least a week. I'm too embarrassed to tell you what the problem is. Hopefully it will be back soon. The link Paul provided probably has all the information you need anyway. -Pierce -----Original Message----- From: Paul Hoffman / IMC [mailto:phoffman@imc.org] Sent: Thursday, January 13, 2000 2:17 PM To: imc-sfl@imc.org Subject: Re: Site down... >Could anyone help me out? They seem to be having problems. Instead, take a look at . --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Thu Jan 27 10:32:32 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id KAA25786 for imc-sfl-bks; Thu, 27 Jan 2000 10:32:32 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA25782 for ; Thu, 27 Jan 2000 10:32:30 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Thu, 27 Jan 2000 13:35:59 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF315A0775@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: SFL and New U.S. Encryption Export Regulation Date: Thu, 27 Jan 2000 13:33:45 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, On 14 January 2000, the U.S. Department of Commerce, Bureau of Export Administration published a new regulation implementing an update to the U.S. Government's encryption export policy . Many have asked if this new regulation impacts the distribution of the S/MIME Freeware Library (SFL) developed by J.G. Van Dyke & Associates (VDA) under contract to the National Security Agency (NSA). NSA controls the distribution of the SFL. They are reviewing the new regulation to determine if the SFL source code can be freely distributed. As soon as I hear of any changes to the distribution policy for the SFL, I will inform this mail list. While NSA is evaluating the impact of the new regulation to the SFL distribution policy, VDA still considers the SFL as being export controlled. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Thu Feb 10 09:01:33 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id JAA05467 for imc-sfl-bks; Thu, 10 Feb 2000 09:01:33 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA05463 for ; Thu, 10 Feb 2000 09:01:31 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <1JW624TF>; Thu, 10 Feb 2000 12:04:06 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF3196597D@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.5 SFL Freely Available to All!! Date: Thu, 10 Feb 2000 12:04:06 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered Version 1.5 of the S/MIME Freeware Library (SFL) source code and Application Programming Interface (API). The SFL source code files are freely available to everyone from the Fortezza Developer's S/MIME Page (with no password control). On 14 January 2000, the U.S. Department of Commerce, Bureau of Export Administration published a new regulation implementing an update to the U.S. Government's encryption export policy . In accordance with the revisions to the Export Administration Regulations (EAR) of 14 Jan 2000, the downloading of the SFL source code is no longer password controlled. The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.7 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using: S/MIME v3 mandatory-to-implement algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library; RSA suite of algorithms provided by the RSA BSAFE v4.2 and Crypto++ 3.1 libraries; and Fortezza suite of algorithms provided by the Fortezza Crypto Card. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. The v1.5 SFL release includes: SFL High- level library; Free (a.k.a. Crypto++) Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; PKCS #11 CTIL (still being tested); VDA- enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test utilities; test drivers and test data. All CTILs were tested as Dynamically Linked Libraries (DLL) using MS Windows. The Fortezza, BSAFE and Crypto++ CTILs were tested with the respective security libraries as shared objects using Solaris 2.7. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. This testing included the RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We are also participating in the IETF S/MIME WG interoperability testing documented in the "Examples of S/MIME Messages" document. We have used the SFL to successfully process all of the correct signedData and envelopedData messages included in the document. We are continuing to set up test config files to use the SFL to test the other cases included in the document such as signed receipts. We also plan to provide sample messages for inclusion in the document. The following enhancements are included in the v1.5 SFL release (compared with the v1.4 release): 1) SNACC: Fixed ASN.1 INTEGER bug in which one-byte values were improperly processed. 2) Fixed many memory leaks; 3) Full CounterSignature test suite (autohiAllSFLd.cfg); 4) CertificateBuilder utility generates private/public key pairs and certificates (there is a "README.txt" file in the root directory regarding this utility). 5) PKCS #11 CTIL project (SFL integrators need to separately obtain a PKCS #11 crypto library, but this project provides a good template for PKCS #11). We are still testing the PKCS #11 CTIL. 6) Developed new test code and configuration files to implement test cases; and 7) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We are still in the process of enhancing and testing the SFL. Future releases will include: completion of PKCS #11 CTIL testing; SPEX/ CTIL encrypt/decrypt/ESDH capabilities; finish CertificateBuilder command line utility; modify PKCS #12 code in test utilities to provide interoperable key storage; add "Certificate Management Messages over CMS" ASN.1 encode/decode functions; add enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. The SFL is developed to maximize portability to 32-bit operating systems. In addition to testing on MS Windows and Solaris 2.7, we plan to port the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2 (possibly), SCO 5.0 (possibly) and Macintosh (possibly). The following SFL files are available from the Fortezza Developer's S/MIME Page: 1) SFL Documents: Fact Sheet, Software Design Description, API, CTIL API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snacc1_5VDA.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. 3) smimeR15.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code and Crypto++. 4) smR15CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza, SPEX/ and PKCS #11. The Win95/98/NT projects are also included. (NOTE: The Free (a.k.a. Crypto++) CTIL includes VDA-developed source code to use the RSA public key algorithm implemented within the external Crypto++ library. As with all of the external crypto token libraries, the Crypto++ library is not distributed as part of the SFL source code. To use the Crypto++ library with the SFL, the application developer must independently obtain the Crypto++ library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The RSA public key algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication System and Method". Within the U.S., users of the RSA public key algorithm provided by the external Crypto++ library must obtain a license from RSA granting them permission to use the RSA algorithm.) 5) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from . Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL source code at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The Internet Mail Consortium (IMC) has established an SFL web page . The IMC has also established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. The SFL documents and VDA-enhanced SNACC source code are also available from the VDA SFL Web Page . All comments regarding the SFL source code and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Mon Feb 14 13:38:59 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA22568 for imc-sfl-bks; Mon, 14 Feb 2000 13:38:59 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA22564 for ; Mon, 14 Feb 2000 13:38:58 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <1JW6J52M>; Mon, 14 Feb 2000 16:41:46 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF319659BF@wfhqex03.wang.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.5 SFL Re-Delivered Date: Mon, 14 Feb 2000 16:41:46 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, We made a mistake when we constructed the smR15CTI.zip file described in the enclosed message. We omitted the CTIL source code. We have re-built, checked and re-delivered a corrected smR15CTI.zip file which is now stored on the Fortezza Developer's S/MIME Page . We also fixed memory leaks in the SFL code that we uncovered during Solaris 2.7 memory leak testing late last week. The memory leak fixes are included in a new smimeR15.zip file also stored on the Fortezza Developer's S/MIME Page. Anybody who downloaded the smR15CTI.zip and smimeR15.zip files prior to the afternoon of 14 February should re-download the new zip files currently stored on the Fortezza Developer's SFL Web Page. We sincerely apologize for any inconvenience caused by this mistake. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ Original message: ===================================================================== All, J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered Version 1.5 of the S/MIME Freeware Library (SFL) source code and Application Programming Interface (API). The SFL source code files are freely available to everyone from the Fortezza Developer's S/MIME Page (with no password control). On 14 January 2000, the U.S. Department of Commerce, Bureau of Export Administration published a new regulation implementing an update to the U.S. Government's encryption export policy . In accordance with the revisions to the Export Administration Regulations (EAR) of 14 Jan 2000, the downloading of the SFL source code is no longer password controlled. The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.7 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using: S/MIME v3 mandatory-to-implement algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library; RSA suite of algorithms provided by the RSA BSAFE v4.2 and Crypto++ 3.1 libraries; and Fortezza suite of algorithms provided by the Fortezza Crypto Card. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 Library to encode/decode objects. The v1.5 SFL release includes: SFL High- level library; Free (a.k.a. Crypto++) Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; PKCS #11 CTIL (still being tested); VDA- enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test utilities; test drivers and test data. All CTILs were tested as Dynamically Linked Libraries (DLL) using MS Windows. The Fortezza, BSAFE and Crypto++ CTILs were tested with the respective security libraries as shared objects using Solaris 2.7. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. This testing included the RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We are also participating in the IETF S/MIME WG interoperability testing documented in the "Examples of S/MIME Messages" document. We have used the SFL to successfully process all of the correct signedData and envelopedData messages included in the document. We are continuing to set up test config files to use the SFL to test the other cases included in the document such as signed receipts. We also plan to provide sample messages for inclusion in the document. The following enhancements are included in the v1.5 SFL release (compared with the v1.4 release): 1) SNACC: Fixed ASN.1 INTEGER bug in which one-byte values were improperly processed. 2) Fixed many memory leaks; 3) Full CounterSignature test suite (autohiAllSFLd.cfg); 4) CertificateBuilder utility generates private/public key pairs and certificates (there is a "README.txt" file in the root directory regarding this utility). 5) PKCS #11 CTIL project (SFL integrators need to separately obtain a PKCS #11 crypto library, but this project provides a good template for PKCS #11). We are still testing the PKCS #11 CTIL. 6) Developed new test code and configuration files to implement test cases; and 7) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We are still in the process of enhancing and testing the SFL. Future releases will include: completion of PKCS #11 CTIL testing; SPEX/ CTIL encrypt/decrypt/ESDH capabilities; finish CertificateBuilder command line utility; modify PKCS #12 code in test utilities to provide interoperable key storage; add "Certificate Management Messages over CMS" ASN.1 encode/decode functions; add enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. The SFL is developed to maximize portability to 32-bit operating systems. In addition to testing on MS Windows and Solaris 2.7, we plan to port the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2 (possibly), SCO 5.0 (possibly) and Macintosh (possibly). The following SFL files are available from the Fortezza Developer's S/MIME Page: 1) SFL Documents: Fact Sheet, Software Design Description, API, CTIL API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snacc1_5VDA.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and Library source code compilable for Unix and MS Windows NT/95/98 that has been enhanced by VDA to implement the Distinguished Encoding Rules. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. 3) smimeR15.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98. MS Windows NT/95/98 project files and Unix makefiles are included for the SNACC code and Crypto++. 4) smR15CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza, SPEX/ and PKCS #11. The Win95/98/NT projects are also included. (NOTE: The Free (a.k.a. Crypto++) CTIL includes VDA-developed source code to use the RSA public key algorithm implemented within the external Crypto++ library. As with all of the external crypto token libraries, the Crypto++ library is not distributed as part of the SFL source code. To use the Crypto++ library with the SFL, the application developer must independently obtain the Crypto++ library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The RSA public key algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication System and Method". Within the U.S., users of the RSA public key algorithm provided by the external Crypto++ library must obtain a license from RSA granting them permission to use the RSA algorithm.) 5) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from . Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL source code at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The Internet Mail Consortium (IMC) has established an SFL web page . The IMC has also established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. The SFL documents and VDA-enhanced SNACC source code are also available from the VDA SFL Web Page . All comments regarding the SFL source code and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Thu Feb 24 15:43:09 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id PAA19597 for imc-sfl-bks; Thu, 24 Feb 2000 15:43:09 -0800 (PST) Received: from atlrel1.hp.com (atlrel1.hp.com [156.153.255.210]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA19593 for ; Thu, 24 Feb 2000 15:43:08 -0800 (PST) Received: from xboibrg1.boi.hp.com (xboibrg1.boi.hp.com [15.56.8.167]) by atlrel1.hp.com (Postfix) with ESMTP id 01AF9BA2 for ; Thu, 24 Feb 2000 18:47:21 -0500 (EST) Received: by xboibrg1.boi.hp.com with Internet Mail Service (5.5.2650.21) id ; Thu, 24 Feb 2000 16:47:20 -0700 Message-ID: <973751E29EE0D211976800A0C9F446FE015DBDAD@xboi05.boi.hp.com> From: "MCMAINS,ALEX (HP-Boise,ex1)" To: "'imc-sfl@imc.org'" Subject: PKCS#7 decoding Date: Thu, 24 Feb 2000 16:47:12 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hi, Using the SFL is there a way to take a CSM_Buffer instantiated with a PKCS#7 file and then instantiate some other class with this buffer that would allow access to the ASN.1 encoded values, i.e. a PKCS#7 decoder class? I am trying to get at a X.509v3 cert in a PKCS#7 file so that I can add it to a CML database. If this seems nonsensical, are there any suggestions for achieving this objective differently? Thanks. -- Alex McMains From owner-imc-sfl Fri Feb 25 13:38:52 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA02694 for imc-sfl-bks; Fri, 25 Feb 2000 13:38:52 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA02689 for ; Fri, 25 Feb 2000 13:38:50 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <1JW6N493>; Fri, 25 Feb 2000 16:42:39 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF31965A71@wfhqex03.wang.com> From: "Pawling, John" To: "'MCMAINS,ALEX (HP-Boise,ex1)'" , "'imc-sfl@imc.org'" Subject: RE: PKCS#7 decoding Date: Fri, 25 Feb 2000 16:42:31 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Alex, If you are simply trying to extract a cert from a PKCS #7 object, then you can use the constructor for the "CSM_MsgToVerify" class to decode a file, then reference the "m_pMsgCertCrls" member, if there were any certificates present in the SignedData (PKCS 7) message. ... CSM_Buffer A("c:\temp\FILE_TO_DECODE.bin"); CSM_MsgToVerify B(&A); CSM_CertificateChoice *tmpCert; if (B.m_pMsgCertCrls && B.m_pMsgCertCrls->AccessCertificates()) { for (tmpCert=B.m_pMsgCertCrls->AccessCertificates()->SetCurrtoFirst(); tmpCert; tmpCert=B.m_pMsgCertCrls->AccessCertificates()->GoNext()) if (tmpCert->AccessSNACCCertificate()) { tmpCert->AccessSNACCCertificate()->Print(cout); // RAW SNACC class "Print(ostream &os)". // At this point, you have access to all of the // SNACC Certificate elemnts: "->AccessSNACCCertificate()". } } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ If you need to use the SFL to ASN.1 decode a PKCS #7 object, add a certificate, and then re-encode the PKCS #7 object then use the following code. Following is a segment of code that can be used to decode a signedData (without verifying its signature), add a certificate, re-encode the signedData and write out a New SignedData message. The applications needs to feed the SignedData, the certificate and an output file name. { // Open SignedData using CSM_MsgToVerify CSM_MsgToVerify *pVerify = NULL; CSM_Buffer *pBuf = NULL; CSM_ContentInfoMsg *pContent = NULL; pBuf = new CSM_Buffer(szSignedDataFile); // szSignedDataFile is a pointer to the SignedData pContent = new CSM_ContentInfoMsg(pBuf); pVerify = new CSM_MsgToVerify(&pContent->AccessEncapContent()->m_content); /* At this point, pVerify contains a pointer to an instance of the SNACC class SignedData in member variable m_pSnaccSignedData. Inside of m_pSnaccSignedData is a pointer to the list of certificates */ // Now add the certificate to the certificate list inside m_pSnaccSignedData CSM_Buffer CertBuf(szCertificateFile); // szCertificateFile is a pointer to the cert to add CSM_CertificateChoice *pCertChoice = NULL; pCertChoice = new CSM_CertificateChoice(CertBuf); CertificateChoices *pSNACCCert; pSNACCCert = pVerify->m_pSnaccSignedData->certificates->Append(); pSNACCCert->choiceId = CertificateChoices::certificateCid; pSNACCCert->certificate = pCertChoice->AccessSNACCCertificate(); /* At this point, pCertChoice contains a pointer to an instance of the SNACC class Certificate in member variable m_pSNACCCert. This Certificate can be appended to the list of certificates in m_pSnaccSignedData. */ // ReEncode the signed data into a CSM_Buffer CSM_Buffer *pNewSignedData = NULL; pNewSignedData = new CSM_Buffer(); ENCODE_BUF(pVerify->m_pSnaccSignedData, pNewSignedData); // Now, take the encoded SignedData buffer and wrap it in a // ContentInfo with an OID specifying id_signedData. CSM_OID tOID(id_signedData); CSM_ContentInfoMsg *pCI = new CSM_ContentInfoMsg; CSM_Content tmpcont(pNewSignedData, tOID); SME(pCI->SetEncapContent(tmpcont)); SME((pCI->AccessEncodedCI())->ConvertMemoryToFile(szOutputFile)); } Much thanks to Bob Colestock, VDA, and Lourdes Maldonado, VDA, for providing these code samples. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ -----Original Message----- From: MCMAINS,ALEX (HP-Boise,ex1) [mailto:alex_mcmains@hp.com] Sent: Thursday, February 24, 2000 6:47 PM To: 'imc-sfl@imc.org' Subject: PKCS#7 decoding Hi, Using the SFL is there a way to take a CSM_Buffer instantiated with a PKCS#7 file and then instantiate some other class with this buffer that would allow access to the ASN.1 encoded values, i.e. a PKCS#7 decoder class? I am trying to get at a X.509v3 cert in a PKCS#7 file so that I can add it to a CML database. If this seems nonsensical, are there any suggestions for achieving this objective differently? Thanks. -- Alex McMains From owner-imc-sfl Mon Feb 28 07:17:24 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id HAA14083 for imc-sfl-bks; Mon, 28 Feb 2000 07:17:24 -0800 (PST) Received: from cer31mx.cirso.fr (cer31mx.cirso.fr [194.98.67.53]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA14079 for ; Mon, 28 Feb 2000 07:17:22 -0800 (PST) Received: from contact.cirso.fr (contact.cirso.fr [194.98.67.50]) by cer31mx.cirso.fr (8.9.3/) with SMTP id SAA22673 for ; Mon, 28 Feb 2000 18:10:23 +0100 Received: by contact.cirso.fr(Lotus SMTP MTA v4.6.4 (830.2 3-23-1999)) id C1256893.0053DA51 ; Mon, 28 Feb 2000 16:15:53 +0100 X-Lotus-FromDomain: CER59@CER31@CIRSO From: "Philippe WILLEM" To: imc-sfl@imc.org Message-ID: Date: Mon, 28 Feb 2000 15:50:42 +0100 Subject: SFL R1.5 / genmake.sh Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Hi, In ./makes/genmake.sh it is said to read the file ./makes/README.TXTtu access further explanations about this script, unfortunately the current distrib is missing this file. Anybody can post this file for me ? From owner-imc-sfl Mon Feb 28 08:01:38 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id IAA14926 for imc-sfl-bks; Mon, 28 Feb 2000 08:01:38 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id IAA14922 for ; Mon, 28 Feb 2000 08:01:37 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <1JW63M5N>; Mon, 28 Feb 2000 11:01:04 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF316BE31B@wfhqex03.wang.com> From: "Leonberger, Pierce" To: "'Philippe WILLEM'" , imc-sfl@imc.org Subject: RE: SFL R1.5 / genmake.sh Date: Mon, 28 Feb 2000 11:01:12 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I wrote that script a log time ago. I don't know if I ever created that readme :-) I don't see it in our baseline. All the script does is merge the ./makes/Makehead. ( is determined by 'uname') the Make*.in files which are in the specific directories. So if you are building for SunOS, Solaris, HPUX, or Linux you should just have to create the appropriate ./makes/Makehead. file. If you are building for a system other than that you'll need to edit ./makes/genmake.sh as well to recognize the values returned by 'uname'. >From the root level of the SFL release you should be able to do a "make setup" (generates makefiles) followed by "make". If you have difficulty building the SFL for Solaris or Linux (the only two UNIX systems we currently support) please send me an e-mail. -Pierce -----Original Message----- From: Philippe WILLEM [mailto:Philippe.WILLEM@branchur.fr] Sent: Monday, February 28, 2000 9:51 AM To: imc-sfl@imc.org Subject: SFL R1.5 / genmake.sh Hi, In ./makes/genmake.sh it is said to read the file ./makes/README.TXTtu access further explanations about this script, unfortunately the current distrib is missing this file. Anybody can post this file for me ? From owner-imc-sfl Wed Mar 22 14:09:07 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id OAA27542 for imc-sfl-bks; Wed, 22 Mar 2000 14:09:07 -0800 (PST) Received: from hotmail.com (f254.law7.hotmail.com [216.33.236.132]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id OAA27538 for ; Wed, 22 Mar 2000 14:09:06 -0800 (PST) Received: (qmail 33552 invoked by uid 0); 22 Mar 2000 22:10:30 -0000 Message-ID: <20000322221030.33551.qmail@hotmail.com> Received: from 204.191.92.11 by www.hotmail.com with HTTP; Wed, 22 Mar 2000 14:10:30 PST X-Originating-IP: [204.191.92.11] From: "Margaret Cyrzan" To: imc-sfl@imc.org Subject: Crypto++ 3.2 Date: Wed, 22 Mar 2000 17:10:30 EST Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I just downloaded the S/MIME freeware library and I also just downloaded the Crypto++ 3.2 library and I had problems compiling SFL with Crypto++ version 3.2. I was wondering if there was support yet for Crypto++ version 3.2 or if I have to download version 3.1. I'm using MS Visual C++ 6.0 and the compile errors are the following: --------------------Configuration: sm_free3DLL - Win32 Debug-------------------- Compiling... StdAfx.cpp Compiling... sm_CryptoKeysBase.cpp sm_CryptoKeysDH.cpp e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdsa.h(66) : error C2065: 'x' : undeclared identifier e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdsa.h(67) : error C2065: 'y' : undeclared identifier e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdsa.h(68) : error C2065: 'p' : undeclared identifier e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdsa.h(69) : error C2065: 'q' : undeclared identifier e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdsa.h(70) : error C2065: 'g' : undeclared identifier e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(164) : error C2039: 'Prime' : is not a member of 'DH' e:\libraries\crypto32\dh.h(10) : see declaration of 'DH' e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(164) : error C2228: left of '.DEREncode' must have class/struct/union type e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(169) : error C2039: 'Generator' : is not a member of 'DH' e:\libraries\crypto32\dh.h(10) : see declaration of 'DH' e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(169) : error C2228: left of '.DEREncode' must have class/struct/union type e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(180) : error C2039: 'Prime' : is not a member of 'DH' e:\libraries\crypto32\dh.h(10) : see declaration of 'DH' e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(180) : error C2228: left of '.Encode' must have class/struct/union type e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(186) : error C2039: 'Generator' : is not a member of 'DH' e:\libraries\crypto32\dh.h(10) : see declaration of 'DH' e:\libraries\smimer1.5\alg_libs\sm_free3\sm_cryptokeysdh.cpp(186) : error C2228: left of '.Encode' must have class/struct/union type sm_CryptoKeysDsa.cpp Any help would be appreciated. Thanks, Margaret ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-imc-sfl Tue Apr 4 01:51:03 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id BAA08828 for imc-sfl-bks; Tue, 4 Apr 2000 01:51:03 -0700 (PDT) Received: from cer31mx.cirso.fr (cer31mx.cirso.fr [194.98.67.53]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id BAA08824 for ; Tue, 4 Apr 2000 01:51:00 -0700 (PDT) Received: from contact.cirso.fr (contact.cirso.fr [194.98.67.50]) by cer31mx.cirso.fr (8.9.3/) with SMTP id MAA21033 for ; Tue, 4 Apr 2000 12:48:42 +0200 Received: by contact.cirso.fr(Lotus SMTP MTA v4.6.4 (830.2 3-23-1999)) id C12568B7.0030CF7A ; Tue, 4 Apr 2000 10:53:08 +0200 X-Lotus-FromDomain: CER59@CER31@CIRSO From: "Arnaud De Timmerman" To: imc-sfl@imc.org Message-ID: Date: Tue, 4 Apr 2000 10:45:55 +0200 Subject: program using sfl Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: hi all, Where could I find a program using the SFL (on unix) and its makefile ? thanks From owner-imc-sfl Tue Apr 4 06:38:12 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id GAA25863 for imc-sfl-bks; Tue, 4 Apr 2000 06:38:12 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA25859 for ; Tue, 4 Apr 2000 06:38:11 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Tue, 4 Apr 2000 09:40:40 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31965C98@wfhqex01.wangfed.com> From: "Pawling, John" To: "'Arnaud De Timmerman'" , imc-sfl@imc.org Subject: RE: program using sfl Date: Tue, 4 Apr 2000 09:40:40 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Arnaud: The file "./testsrc/util/sm_AutoCf.c" demonstrates all uses of the "C" API. The calling program is "sm_Autohi.cpp", also available in the "./testsrc/hilevel". These happen to be our only demonstration programs for unit development tests. The make file is in the corresponding subdirectories. Bob Colestock -----Original Message----- From: Arnaud De Timmerman [mailto:Arnaud.De.Timmerman@branchur.fr] Sent: Tuesday, April 04, 2000 4:46 AM To: imc-sfl@imc.org Subject: program using sfl hi all, Where could I find a program using the SFL (on unix) and its makefile ? thanks From owner-imc-sfl Sun Apr 9 21:12:54 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id VAA29186 for imc-sfl-bks; Sun, 9 Apr 2000 21:12:54 -0700 (PDT) Received: from hotmail.com (f124.law3.hotmail.com [209.185.241.124]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id VAA29182 for ; Sun, 9 Apr 2000 21:12:53 -0700 (PDT) Received: (qmail 72526 invoked by uid 0); 10 Apr 2000 04:15:49 -0000 Message-ID: <20000410041549.72525.qmail@hotmail.com> Received: from 161.142.78.83 by www.hotmail.com with HTTP; Sun, 09 Apr 2000 21:15:49 PDT X-Originating-IP: [161.142.78.83] From: "lai siewcheng" To: imc-sfl@imc.org Subject: SNACC ASN.1 Date: Sun, 09 Apr 2000 21:15:49 PDT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Can you send me a copy of the Snacc ASN.1 software without the SCCS distribution.Currently I'm using Linux to compile the Snacc but there are errors in it.First I get the error that said it cannot "No rule to make target "/mr2/local/lib/gcc-lib/sparc-sun-sunos4.1.3/2.7.2/include /stdio.h" "that is needed by the Cebuf/asn-len.o.Can you tell what is wrong ? Thank you. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-imc-sfl Wed Apr 12 10:33:37 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id KAA14147 for imc-sfl-bks; Wed, 12 Apr 2000 10:33:37 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA14142 for ; Wed, 12 Apr 2000 10:33:36 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Wed, 12 Apr 2000 13:36:43 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31965D51@wfhqex01.wangfed.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: FW: SNACC ASN.1 Date: Wed, 12 Apr 2000 13:36:44 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: -----Original Message----- From: Colestock, Robert Sent: Wednesday, April 12, 2000 1:27 PM To: 'lai siewcheng' Subject: RE: SNACC ASN.1 lai siewcheng: We do not support the Linux port, but based on the error reported below I can suggest that you read the SNACC "Readme" file. The "configure" command regens all of the makefiles with the appropriate directory names. It should work on Linux fine. As to the SCCS; ignore these directories, they are not referenced by the SNACC makefiles. Bob Colestock robert.colestock@wang.com -----Original Message----- From: lai siewcheng [mailto:laisiewcheng@hotmail.com] Sent: Sunday, April 09, 2000 11:16 PM To: imc-sfl@imc.org Subject: SNACC ASN.1 Can you send me a copy of the Snacc ASN.1 software without the SCCS distribution.Currently I'm using Linux to compile the Snacc but there are errors in it.First I get the error that said it cannot "No rule to make target "/mr2/local/lib/gcc-lib/sparc-sun-sunos4.1.3/2.7.2/include /stdio.h" "that is needed by the Cebuf/asn-len.o.Can you tell what is wrong ? Thank you. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-imc-sfl Wed Apr 12 13:14:33 2000 Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id NAA17823 for imc-sfl-bks; Wed, 12 Apr 2000 13:14:33 -0700 (PDT) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id NAA17818 for ; Wed, 12 Apr 2000 13:14:31 -0700 (PDT) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id ; Wed, 12 Apr 2000 16:17:36 -0400 Message-ID: <33BD629222C0D211B6DB0060085ACF31965D56@wfhqex01.wangfed.com> From: "Pawling, John" To: imc-sfl@imc.org Subject: v1.6 S/MIME Freeware Library & Mail List Date: Wed, 12 Apr 2000 16:17:37 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-imc-sfl@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: All, J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has delivered Version 1.6 of the S/MIME Freeware Library (SFL) source code and Application Programming Interface (API). The SFL source code files are freely available to everyone from the Fortezza Developer's S/MIME Page . The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto++ freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification. It has been successfully tested using the MS Windows NT/95/98 and Solaris 2.7 operating systems. Further enhancements, ports and testing of the SFL are still in process. Further releases of the SFL will be provided as significant capabilities are added. The SFL has been successfully used to sign, verify, encrypt and decrypt CMS/ESS objects using: S/MIME v3 mandatory-to-implement algorithms (DSA, E-S D-H, 3DES) provided by the Crypto++ 3.1 library; RSA suite of algorithms provided by the RSA BSAFE v4.2 and Crypto++ 3.1 libraries; and Fortezza suite of algorithms provided by the Fortezza Crypto Card. The SFL uses the VDA-enhanced SNACC v1.3 ASN.1 C++ Library to encode/decode objects. The v1.6 SFL release includes: SFL High-level library; Free (a.k.a. Crypto++) Crypto Token Interface Library (CTIL); BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; PKCS #11 CTIL (still being tested); VDA- enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and C++ Library; test utilities; test drivers and test data. All CTILs were tested as Dynamically Linked Libraries (DLL) using MS Windows. The Fortezza, BSAFE and Crypto++ CTILs were tested with the respective security libraries as shared objects using Solaris 2.7. The SFL has been successfully used to exchange signedData and envelopedData messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and Netscape Communicator 4.X S/MIME v2 products. Signed messages have been exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. The SFL has also been used to perform S/MIME v3 interoperability testing with Microsoft that exercised the majority of the features specified by RFCs 2630, 2631 and 2634. This testing included the RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. The following enhancements are included in the v1.6 SFL release (compared with the v1.5 release): 1) We used the SFL to successfully process all of the SFL-supported sample data included in the S/MIME WG "Examples of S/MIME Messages" document. We also used the SFL to construct sample data (such as signed receipts) to be added to the document. We automated this SFL testing (through the use of test drivers and configuration files) so that it can be easily repeated and modified by us or independently by a third party. We developed sample objects that illustrate each feature in the Examples document that the SFL supports. This self-contained environment uses the specified certificates (DSA, RSA, and DH) in the login as described in the document. This directory resides in "./smimeR1.6/test/specMatrix.d/CMS_Examples.d"; the binaries are named as in the document (e.g. 5.4.bin, etc.). The config files used to generate these examples are in the "config.d" subdirectory. The certificate build config files are in the "certs.d/config.d" subdirectory. 2) We successfully completed RFC 2634 signed receipt interoperability testing between the SFL and Microsoft. We added a check to the SFL to ensure that the application always includes in the receiptRequest attribute a receiptsTo e-mail address to which the signed receipt is to be sent. 3) We verified that the SFL can produce and process the SFL-supported features documented in the S/MIME v3 interoperability matrices created by Jim Schaad. We automated this SFL testing so that it can be easily repeated and modified by us or independently by a third party. We have developed sample objects that illustrate each feature in the matrix that the SFL supports. We updated the Interop.xls document (contained in the "./smimeR1.6/test/specMatrix.d" subdirectories) to indicate the testing performed using the SFL. Within this document, each feature row contains a reference to a binary file in the "CMS_Examples.d" directory that demonstrates that feature if applicable. These additional file names are preceded by the name "ExInterop..." to distinguish them from the "examples-03.txt" example binaries. 4) Fixed a number of bugs in the SFL and test drivers found during the aforementioned interoperability testing. Features improved in the SFL include: proper SignedData and SignerInfo version numbers; creating/processing encrypted messages without a User Key Material (UKM); added SubjectKeyIdentifier (SKI) processing in SignedData and EnvelopedData (Originator only, the RecipientInfos automatically use SKI for Fortezza/SPEX CTILs); and EnvelopedData unprotectedAttrs from the test config file. We also corrected the following bugs in the test driver/configuration files used to create X.509 Certificates for SFL testing: corrected inconsistent UTC and General Time Dates; included dates past 1999; corrected object identifiers (OID) for algorithms; and regenerated certificates to include unsigned integers. 5) List template processing has been fixed to use the same "CSM_ListC" template from the common libCert DLL. The old convention required a new name for this list class in each DLL; the new convention uses the same CSM_ListC template class from libCert. This forces the compiler to build the logic for the actual class lists uniquely in the new DLL (see references to CSM_ListC in the SFL for an example). This simplifies the list logic in support libraries and any new user libraries interested in using the list template. 6) CertificateBuilder utility has been improved in functionality and tested more thoroughly. This utility can view, edit, and create certificates (including extensions) as well as generate a variety of public/private keys for processing by the SFL. A new command line CertificateBuilderCL has been created (it does not yet allow the building of keys, private or public). The command line utility has not yet been tested on Unix. 7) Tested SFL with the C++ version of the SNACC ASN.1 library enhanced to support PrintableString, TeletexString, NumericString, IA5String, VisibileString, BMPString, UniversalString and UTF8String character string types. We added an optional function to SNACC to convert ASN.1 OCTET STRINGs to single- or multi-byte character strings (as appropriate). 8) Developed new test code and configuration files to implement test cases; and 9) Performed regression testing to ensure that aforementioned enhancements did not break existing SFL functionality. We are still in the process of enhancing and testing the SFL. Future releases will include: completion of PKCS #11 CTIL testing; SPEX/ CTIL encrypt/decrypt/ESDH capabilities; finish CertificateBuilder command line utility; enhancing CertificateBuilder to support creation of Attribute Certificates; modify PKCS #12 code in test utilities to provide interoperable key storage; add MIME support for test drivers; add "Certificate Management Messages over CMS" ASN.1 encode/decode functions; add enhanced test routines; bug fixes; support for other crypto APIs (possible); and support for other operating systems. The SFL is developed to maximize portability to 32-bit operating systems. In addition to testing on MS Windows and Solaris 2.7, we plan to port the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2 (possibly), SCO 5.0 (possibly) and Macintosh (possibly). The following SFL files are available from the Fortezza Developer's S/MIME Page: 1) SFL Documents: Fact Sheet, Software Design Description, API, CTIL API, Software Test Description, Implementers Guide, Overview Briefing and Public License. 2) snacc1_6VDA.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler and C++ Library source code compilable for Unix and MS Windows NT/95/98/2000 that has been enhanced by VDA to implement the Distinguished Encoding Rules and to support multiple-byte character strings. Project files and makefiles are included. This file includes a sample test project demonstrating the use of the SNACC classes. 3) smimeR16.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; project files. This file also contains test driver source code, sample CMS/ESS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries are compiled for MS Windows NT/95/98/2000. MS Windows NT/95/98/2000 project files and Unix makefiles are included for the SNACC code and Crypto++. 4) smR16CTI.zip: Source code for the following CTILs: Test (no crypto), Crypto++, BSAFE, Fortezza, SPEX/ and PKCS #11. The Win95/98/NT/2000 projects are also included. (NOTE: The Free (a.k.a. Crypto++) CTIL includes VDA-developed source code to use the RSA public key algorithm implemented within the external Crypto++ library. As with all of the external crypto token libraries, the Crypto++ library is not distributed as part of the SFL source code. To use the Crypto++ library with the SFL, the application developer must independently obtain the Crypto++ library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The RSA public key algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication System and Method". Within the U.S., users of the RSA public key algorithm provided by the external Crypto++ library must obtain a license from RSA granting them permission to use the RSA algorithm.) 5) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). The file can also be viewed using Rational Rose C++ Demo 4.0 45 day evaluation copy which can be obtained from . Not all classes are documented in the MDL file at this time. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL source code at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. On 14 January 2000, the U.S. Department of Commerce, Bureau of Export Administration published a new regulation implementing an update to the U.S. Government's encryption export policy . In accordance with the revisions to the Export Administration Regulations (EAR) of 14 Jan 2000, the downloading of the SFL source code is not password controlled. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent CTIL API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the VDA-developed Crypto++ CTIL source code. The Internet Mail Consortium (IMC) has established an SFL web page . The IMC has also established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL source code and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ From owner-imc-sfl Fri Apr 14 09:15:28 2000 Received: by ns.secondary.com (8.9.3/8.9.3) id JAA00737 for imc-sfl-bks; Fri, 14 Apr 2000 09:15:28 -0700 (PDT) Received: from pol88b.polito.it (pol88b.polito.it [130.192.2.16]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA00732 for ; Fri, 14 Apr 2000 09:15:25 -0700 (PDT) Disposition-notification-to: ramunno@polito.it Received: from clyde (clyde.polito.it) by polito.it (PMDF V5.2-27 #3020) with SMTP id <01JO8H8DM5OW96VQDX@polito.it> for imc-sfl@imc.org; Fri, 14 Apr 2000 18:09:11 GMT+1 Date: Fri, 14 Apr 2000 18:08:56 +0200 From: Gianluca Ramunno Subject: Problems building sm_free3DLL project in SFL 1.6 by means of VC++ 6.0 SP3 To: imc-sfl@imc.org Reply-to: ramunno@polito.it Message-id: <004201bfa62b$b