Get the BN_mod_exp_mont bugfix (for handling negative inputs) correct
this time.

bn_add_words(), not bn_sub_words()...

command line, and make the peer-authentication similarly configurable.

- Add "-cipher" and "-out_state" command line arguments to control SSL
  cipher-suites and handshake debug output respectively.

- Implemented error handling for SSL handshakes that break down. This uses
  a cheat - storing a non-NULL pointer as "app_data" in the SSL structure
  when the SSL should be killed.

or two kinks lurking around, but it now appears to deal with the basic
test cases ok.

Sketch the test for BN_kronecker.

Also add the next file in advance so that I can't forget this one :-)

Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".

use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.

use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.

making a note in the CHANGES file.

the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called. Custom RSA_METHODs may wish to
initialise contexts and other specifics in the RSA structure upon creation
and that was previously not possible - "ex_data" is where that stuff
should go and it was being initialised too late for it to be used.

BN_swap manual page.

"make update"

These new files will not be included literally in OpenSSL, but I intend
to integrate most of their contents.  Most file names will change,
and when the integration is done, the superfluous files will be deleted.

Submitted by: Lenka Fibikova <fibikova@exp-math.uni-essen.de>

You can still get the code using tag "rsaref".

I'm a little bit nervous about bn_div_words, as I don't know what it's
supposed to return on overflow.  For now, I trust the rest of the
system to give it numbers that will not cause any overflow...

problem in some other file, but I can't recall which.

(incorrect) attempt to free it once more...

BN_mul() correctly constified, avoids two realloc()'s that aren't
really necessary and saves memory to boot.  This required a small
change in bn_mul_part_recursive() and the addition of variants of
bn_cmp_words(), bn_add_words() and bn_sub_words() that can take arrays
with differing sizes.

The test results show a performance that very closely matches the
original code from before my constification.  This may seem like a
very small win from a performance point of view, but if one remembers
that the variants of bn_cmp_words(), bn_add_words() and bn_sub_words()
are not at all optimized for the moment (and there's no corresponding
assembler code), and that their use may be just as non-optimal, I'm
pretty confident there are possibilities...

This code needs reviewing!