WinCE patches

CHANGES

@@ -319,6 +319,10 @@ TODO: bug: pad  x  with leading zeros if necessary
  
  Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
 
+  *) Add the VC-CE target, introduce the WINCE sysname, and add
+     INSTALL.WCE and appropriate conditionals to make it build.
+     [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
+
   *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
      cygssl-x.y.z.dll, where x, y and z are the major, minor and
      edit numbers of the version.

Configure

@@ -500,6 +500,7 @@ my %table=(
 # Windows NT, Microsoft Visual C++ 4.0
 
 "VC-NT","cl::::WINNT::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
+"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
 "VC-WIN32","cl::::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}::::::::::win32",
 "VC-WIN16","cl:::(unknown):WIN16::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
 "VC-W31-16","cl:::(unknown):WIN16::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
@@ -571,8 +572,8 @@ my %table=(
 
 );
 
-my @WinTargets=qw(VC-NT VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS BC-32
+my @WinTargets=qw(VC-NT VC-CE VC-WIN32 VC-WIN16 VC-W31-16 VC-W31-32 VC-MSDOS
-	BC-16 Mingw32 OS2-EMX);
+	BC-32 BC-16 Mingw32 OS2-EMX);
 
 my $idx = 0;
 my $idx_cc = $idx++;

INSTALL.W32

@@ -2,6 +2,8 @@
  INSTALLATION ON THE WIN32 PLATFORM
  ----------------------------------
 
+ [Instructions for building for Windows CE can be found in INSTALL.WCE]
+
  Heres a few comments about building OpenSSL in Windows environments.  Most
  of this is tested on Win32 but it may also work in Win 3.1 with some
  modification.

INSTALL.WCE

@@ -0,0 +1,63 @@
+ 
+ INSTALLATION FOR THE WINDOWS CE PLATFORM
+ ----------------------------------------
+
+ Building OpenSSL for Windows CE requires the following external tools:
+
+  * Microsoft eMbedded Visual C++ 3.0
+  * wcecompat compatibility library (www.essemer.com.au)
+  * Optionally ceutils for running automated tests (www.essemer.com.au)
+
+ The C Runtime Library implementation for Windows CE that is included with
+ Microsoft eMbedded Visual C++ 3.0 is incomplete and in some places
+ incorrect.  wcecompat plugs the holes and tries to bring the Windows CE
+ CRT to a level that is more compatible with ANSI C.  wcecompat goes further
+ and provides low-level IO and stream IO support for stdin/stdout/stderr
+ (which Windows CE does not provide).  This IO functionality is not needed
+ by the OpenSSL library itself but is used for the tests and openssl.exe.
+ More information is available at www.essemer.com.au.
+
+ Building
+ --------
+
+ You need Perl for Win32.  Unless you will build on Cygwin, you will need
+ ActiveState Perl, available from http://www.activestate.com/ActivePerl.
+
+ Setup the eMbedded Visual C++ environment.  There are batch files for doing
+ this installed with eVC++.  For an ARM processor, for example, execute:
+
+ > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
+
+ Next indicate where wcecompat is located:
+
+ > set WCECOMPAT=C:\wcecompat
+
+ Next you should run Configure:
+
+ > perl Configure VC-CE
+
+ Next you need to build the Makefiles:
+
+ > ms\do_ms
+
+ If you get errors about things not having numbers assigned then check the
+ troubleshooting section in INSTALL.W32: you probably won't be able to compile
+ it as it stands.
+
+ Then from the VC++ environment at a prompt do:
+
+ - to build static libraries:
+
+   > nmake -f ms\ce.mak
+
+ - or to build DLLs:
+
+   > nmake -f ms\cedll.mak
+
+ If all is well it should compile and you will have some static libraries and
+ executables in out32, or some DLLs and executables in out32dll.  If you want
+ to try the tests then make sure the ceutils are in the path and do:
+ 
+ > cd out32
+ > ..\ms\testce
+

apps/apps.c

@@ -345,6 +345,7 @@ void program_name(char *in, char *out, int size)
 #ifdef OPENSSL_SYS_WIN32
 int WIN32_rename(char *from, char *to)
 	{
+#ifndef OPENSSL_SYS_WINCE
 	/* Windows rename gives an error if 'to' exists, so delete it
 	 * first and ignore file not found errror
 	 */
@@ -352,6 +353,30 @@ int WIN32_rename(char *from, char *to)
 		return -1;
 #undef rename
 	return rename(from, to);
+#else
+	/* convert strings to UNICODE */
+	{
+	BOOL result = FALSE;
+	WCHAR* wfrom;
+	WCHAR* wto;
+	int i;
+	wfrom = malloc((strlen(from)+1)*2);
+	wto = malloc((strlen(to)+1)*2);
+	if (wfrom != NULL && wto != NULL)
+		{
+		for (i=0; i<(int)strlen(from)+1; i++)
+			wfrom[i] = (short)from[i];
+		for (i=0; i<(int)strlen(to)+1; i++)
+			wto[i] = (short)to[i];
+		result = MoveFile(wfrom, wto);
+		}
+	if (wfrom != NULL)
+		free(wfrom);
+	if (wto != NULL)
+		free(wto);
+	return result;
+	}
+#endif
 	}
 #endif
 

apps/s_client.c

@@ -140,6 +140,14 @@ typedef unsigned int u_int;
 #include <conio.h>
 #endif
 
+#ifdef OPENSSL_SYS_WINCE
+/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
+#ifdef fileno
+#undef fileno
+#endif
+#define fileno(a) (int)_fileno(a)
+#endif
+
 
 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
@@ -662,7 +670,11 @@ re_start:
 					tv.tv_usec = 0;
 					i=select(width,(void *)&readfds,(void *)&writefds,
 						 NULL,&tv);
+#ifdef OPENSSL_SYS_WINCE
+					if(!i && (!_kbhit() || !read_tty) ) continue;
+#else
 					if(!i && (!((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0))) || !read_tty) ) continue;
+#endif
 				} else 	i=select(width,(void *)&readfds,(void *)&writefds,
 					 NULL,NULL);
 			}
@@ -828,7 +840,11 @@ printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240
 			}
 
 #ifdef OPENSSL_SYS_WINDOWS
+#ifdef OPENSSL_SYS_WINCE
+		else if (_kbhit())
+#else
 		else if ((_kbhit()) || (WAIT_OBJECT_0 == WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
+#endif
 #else
 		else if (FD_ISSET(fileno(stdin),&readfds))
 #endif

apps/s_server.c

@@ -149,6 +149,14 @@ typedef unsigned int u_int;
 #include <conio.h>
 #endif
 
+#ifdef OPENSSL_SYS_WINCE
+/* Windows CE incorrectly defines fileno as returning void*, so to avoid problems below... */
+#ifdef fileno
+#undef fileno
+#endif
+#define fileno(a) (int)_fileno(a)
+#endif
+
 #if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
 /* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
 #undef FIONBIO

apps/s_socket.c

@@ -140,7 +140,9 @@ static void ssl_sock_cleanup(void)
 	if (wsa_init_done)
 		{
 		wsa_init_done=0;
+#ifndef OPENSSL_SYS_WINCE
 		WSACancelBlockingCall();
+#endif
 		WSACleanup();
 		}
 	}

apps/s_time.c

@@ -487,7 +487,7 @@ int MAIN(int argc, char **argv)
 	tm_Time_F(START);
 	for (;;)
 		{
-		if (finishtime < time(NULL)) break;
+		if (finishtime < (long)time(NULL)) break;
 #ifdef WIN32_STUFF
 
 		if( flushWinMsgs(0) == -1 )
@@ -538,9 +538,9 @@ int MAIN(int argc, char **argv)
 		}
 	totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
 
-	i=(int)(time(NULL)-finishtime+maxTime);
+	i=(int)((long)time(NULL)-finishtime+maxTime);
 	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
 
 	/* Now loop and time connections using the same session id over and over */
 
@@ -572,7 +572,7 @@ next:
 	nConn = 0;
 	totalTime = 0.0;
 
-	finishtime=time(NULL)+maxTime;
+	finishtime=(long)time(NULL)+maxTime;
 
 	printf( "starting\n" );
 	bytes_read=0;
@@ -580,7 +580,7 @@ next:
 		
 	for (;;)
 		{
-		if (finishtime < time(NULL)) break;
+		if (finishtime < (long)time(NULL)) break;
 
 #ifdef WIN32_STUFF
 		if( flushWinMsgs(0) == -1 )
@@ -630,7 +630,7 @@ next:
 
 
 	printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
-	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+	printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,(long)time(NULL)-finishtime+maxTime,bytes_read/nConn);
 
 	ret=0;
 end:

crypto/aes/aes_locl.h

@@ -62,7 +62,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#ifdef _MSC_VER
+#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
 # define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
 # define GETU32(p) SWAP(*((u32 *)(p)))
 # define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }

crypto/bio/b_sock.c

@@ -482,7 +482,9 @@ void BIO_sock_cleanup(void)
 	if (wsa_init_done)
 		{
 		wsa_init_done=0;
+#ifndef OPENSSL_SYS_WINCE
 		WSACancelBlockingCall();
+#endif
 		WSACleanup();
 		}
 #endif

crypto/bio/bss_log.c

@@ -68,7 +68,8 @@
 
 #include "cryptlib.h"
 
-#if defined(OPENSSL_SYS_WIN32)
+#if defined(OPENSSL_SYS_WINCE)
+#elif defined(OPENSSL_SYS_WIN32)
 #  include <process.h>
 #elif defined(OPENSSL_SYS_VMS)
 #  include <opcdef.h>

crypto/crypto.h

@@ -121,6 +121,9 @@
 
 #ifndef OPENSSL_NO_FP_API
 #include <stdio.h>
+#ifdef OPENSSL_SYS_WINCE
+#include <stdio_extras.h>
+#endif
 #endif
 
 #include <openssl/stack.h>

crypto/des/read2pwd.c

@@ -112,6 +112,9 @@
 #include <string.h>
 #include <openssl/des.h>
 #include <openssl/ui.h>
+#ifdef OPENSSL_SYS_WINCE
+#include <stdio_extras.h>	/* BUFSIZ */
+#endif
 
 int DES_read_password(DES_cblock *key, const char *prompt, int verify)
 	{

crypto/des/read_pwd.c

@@ -101,8 +101,10 @@
 
 #ifdef WIN_CONSOLE_BUG
 #include <windows.h>
+#ifndef OPENSSL_SYS_WINCE
 #include <wincon.h>
 #endif
+#endif
 
 
 /* There are 5 types of terminal interface supported,
@@ -167,7 +169,7 @@
 #include <sys/ioctl.h>
 #endif
 
-#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__)
+#if defined(OPENSSL_SYS_MSDOS) && !defined(__CYGWIN32__) && !defined(OPENSSL_SYS_WINCE)
 #include <conio.h>
 #define fgets(a,b,c) noecho_fgets(a,b,c)
 #endif
@@ -222,7 +224,25 @@ int des_read_pw_string(char *buf, int length, const char *prompt,
 	return(ret);
 	}
 
-#ifndef OPENSSL_SYS_WIN16
+#ifdef OPENSSL_SYS_WINCE
+
+int des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
+	{ 
+	memset(buf,0,size);
+	memset(buff,0,size);
+	return(0);
+	}
+
+#elif defined(OPENSSL_SYS_WIN16)
+
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
+	{ 
+	memset(buf,0,size);
+	memset(buff,0,size);
+	return(0);
+	}
+
+#else /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
 
 static void read_till_nl(FILE *in)
 	{
@@ -393,17 +413,6 @@ error:
 	return(!ok);
 	}
 
-#else /* OPENSSL_SYS_WIN16 */
-
-int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
-	{ 
-	memset(buf,0,size);
-	memset(buff,0,size);
-	return(0);
-	}
-
-#endif
-
 static void pushsig(void)
 	{
 	int i;
@@ -466,7 +475,7 @@ static void recsig(int i)
 #endif
 	}
 
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+#ifdef OPENSSL_SYS_MSDOS
 static int noecho_fgets(char *buf, int size, FILE *tty)
 	{
 	int i;
@@ -509,3 +518,4 @@ static int noecho_fgets(char *buf, int size, FILE *tty)
 	return(strlen(buf));
 	}
 #endif
+#endif /* !OPENSSL_SYS_WINCE && !WIN16 */

crypto/dso/dso_win32.c

@@ -61,7 +61,7 @@
 #include "cryptlib.h"
 #include <openssl/dso.h>
 
-#ifndef OPENSSL_SYS_WIN32
+#if !defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
 DSO_METHOD *DSO_METHOD_win32(void)
 	{
 	return NULL;

crypto/ec/ectest.c

@@ -71,6 +71,11 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../../e_os.h"
+#endif
 #include <string.h>
 #include <time.h>
 

crypto/engine/enginetest.c

@@ -58,6 +58,9 @@
 
 #include <openssl/e_os2.h>
 #include <stdio.h>
+#ifdef OPENSSL_SYS_WINCE
+#include <stdlib_extras.h>
+#endif
 #include <string.h>
 #include <openssl/buffer.h>
 #include <openssl/crypto.h>

crypto/rand/rand_win.c

@@ -125,7 +125,7 @@
  * http://developer.intel.com/design/security/rng/redist_license.htm
  */
 #define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider"
+#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
 
 static void readtimer(void);
 static void readscreen(void);
@@ -170,7 +170,9 @@ typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
 typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
 
 #include <lmcons.h>
+#ifndef OPENSSL_SYS_WINCE
 #include <lmstats.h>
+#endif
 #if 1 /* The NET API is Unicode only.  It requires the use of the UNICODE
        * macro.  When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was
        * was added to the Platform SDK to allow the NET API to be used in
@@ -209,20 +211,32 @@ int RAND_poll(void)
         osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
         GetVersionEx( &osverinfo ) ;
 
-	/* load functions dynamically - not available on all systems */
+#ifdef OPENSSL_SYS_WINCE
-	advapi = LoadLibrary("ADVAPI32.DLL");
+	/* poll the CryptoAPI PRNG */
-	kernel = LoadLibrary("KERNEL32.DLL");
+	/* The CryptoAPI returns sizeof(buf) bytes of randomness */
-	user = LoadLibrary("USER32.DLL");
+	if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
-	netapi = LoadLibrary("NETAPI32.DLL");
+		{
+		if (CryptGenRandom(hProvider, sizeof(buf), buf))
+			RAND_add(buf, sizeof(buf), sizeof(buf));
+		CryptReleaseContext(hProvider, 0); 
+		}
+#endif
 
+	/* load functions dynamically - not available on all systems */
+	advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
+	kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
+	user = LoadLibrary(TEXT("USER32.DLL"));
+	netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
+
+#ifndef OPENSSL_SYS_WINCE
 #if 1 /* There was previously a problem with NETSTATGET.  Currently, this
        * section is still experimental, but if all goes well, this conditional
        * will be removed
        */
 	if (netapi)
 		{
-		netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
+		netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
-		netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
+		netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
 		}
 
 	if (netstatget && netfree)
@@ -249,7 +263,9 @@ int RAND_poll(void)
 	if (netapi)
 		FreeLibrary(netapi);
 #endif /* 1 */
+#endif /* !OPENSSL_SYS_WINCE */
  
+#ifndef OPENSSL_SYS_WINCE
         /* It appears like this can cause an exception deep within ADVAPI32.DLL
          * at random times on Windows 2000.  Reported by Jeffrey Altman.  
          * Only use it on NT.
@@ -280,7 +296,7 @@ int RAND_poll(void)
 			bufsz += 8192;
 
 			length = bufsz;
-			rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global",
+			rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"),
 				NULL, NULL, buf, &length);
 			}
 		if (rc == ERROR_SUCCESS)
@@ -304,15 +320,16 @@ int RAND_poll(void)
 			free(buf);
 		}
 #endif
+#endif /* !OPENSSL_SYS_WINCE */
 
 	if (advapi)
 		{
 		acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
-			"CryptAcquireContextA");
+			TEXT("CryptAcquireContextA"));
 		gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
-			"CryptGenRandom");
+			TEXT("CryptGenRandom"));
 		release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
-			"CryptReleaseContext");
+			TEXT("CryptReleaseContext"));
 		}
 
 	if (acquire && gen && release)
@@ -366,9 +383,9 @@ int RAND_poll(void)
 		GETFOREGROUNDWINDOW win;
 		GETQUEUESTATUS queue;
 
-		win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
+		win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
-		cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
+		cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
-		queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
+		queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
 
 		if (win)
 			{
@@ -439,17 +456,17 @@ int RAND_poll(void)
 		MODULEENTRY32 m;
 
 		snap = (CREATETOOLHELP32SNAPSHOT)
-			GetProcAddress(kernel, "CreateToolhelp32Snapshot");
+			GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
-		heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
+		heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
-		heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
+		heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
-		heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
+		heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
-		heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
+		heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
-		process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
+		process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
-		process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
+		process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
-		thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
+		thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
-		thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
+		thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
-		module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
+		module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
-		module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
+		module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
 
 		if (snap && heap_first && heap_next && heaplist_first &&
 			heaplist_next && process_first && process_next &&
@@ -584,7 +601,7 @@ static void readtimer(void)
 	DWORD w;
 	LARGE_INTEGER l;
 	static int have_perfc = 1;
-#ifdef _MSC_VER
+#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
 	static int have_tsc = 1;
 	DWORD cyclecount;
 
@@ -637,6 +654,7 @@ static void readtimer(void)
 
 static void readscreen(void)
 {
+#ifndef OPENSSL_SYS_WINCE
   HDC		hScrDC;		/* screen DC */
   HDC		hMemDC;		/* memory DC */
   HBITMAP	hBitmap;	/* handle for our bitmap */
@@ -650,7 +668,7 @@ static void readscreen(void)
   int		n = 16;		/* number of screen lines to grab at a time */
 
   /* Create a screen DC and a memory DC compatible to screen DC */
-  hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+  hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL);
   hMemDC = CreateCompatibleDC(hScrDC);
 
   /* Get screen resolution */
@@ -697,6 +715,7 @@ static void readscreen(void)
   DeleteObject(hBitmap);
   DeleteDC(hMemDC);
   DeleteDC(hScrDC);
+#endif /* !OPENSSL_SYS_WINCE */
 }
 
 #endif

crypto/ui/ui_openssl.c

@@ -159,8 +159,10 @@
 
 #ifdef WIN_CONSOLE_BUG
 # include <windows.h>
+#ifndef OPENSSL_SYS_WINCE
 # include <wincon.h>
 #endif
+#endif
 
 
 /* There are 5 types of terminal interface supported,
@@ -281,10 +283,12 @@ static FILE *tty_in, *tty_out;
 static int is_a_tty;
 
 /* Declare static functions */
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 static void read_till_nl(FILE *);
 static void recsig(int);
 static void pushsig(void);
 static void popsig(void);
+#endif
 #if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
 static int noecho_fgets(char *buf, int size, FILE *tty);
 #endif
@@ -371,6 +375,7 @@ static int read_string(UI *ui, UI_STRING *uis)
 	}
 
 
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 /* Internal functions to read a string without echoing */
 static void read_till_nl(FILE *in)
 	{
@@ -383,6 +388,7 @@ static void read_till_nl(FILE *in)
 	}
 
 static volatile sig_atomic_t intr_signal;
+#endif
 
 static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
 	{
@@ -390,9 +396,9 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
 	int ok;
 	char result[BUFSIZ];
 	int maxsize = BUFSIZ-1;
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 	char *p;
 
-#ifndef OPENSSL_SYS_WIN16
 	intr_signal=0;
 	ok=0;
 	ps=0;
@@ -555,6 +561,7 @@ static int close_console(UI *ui)
 	}
 
 
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 /* Internal functions to handle signals and act on them */
 static void pushsig(void)
 	{
@@ -618,9 +625,10 @@ static void recsig(int i)
 	{
 	intr_signal=i;
 	}
+#endif
 
 /* Internal functions specific for Windows */
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
 static int noecho_fgets(char *buf, int size, FILE *tty)
 	{
 	int i;

crypto/ui/ui_util.c

@@ -55,6 +55,9 @@
 
 #include <string.h>
 #include <openssl/ui.h>
+#ifdef OPENSSL_SYS_WINCE
+#include <stdio_extras.h>	/* BUFSIZ */
+#endif
 
 int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify)
 	{

e_os.h

@@ -229,6 +229,13 @@ extern "C" {
 #  include <io.h>
 #  include <fcntl.h>
 
+#  ifdef OPENSSL_SYS_WINCE
+#    include <stdio_extras.h>
+#    include <stdlib_extras.h>
+#    include <string_extras.h>
+#    include <winsock_extras.h>
+#  endif
+
 #  define ssize_t long
 
 #  if defined (__BORLANDC__)
@@ -258,7 +265,11 @@ extern "C" {
 #  define SSLEAY_CONF	OPENSSL_CONF
 #  define NUL_DEV	"nul"
 #  define RFILE		".rnd"
-#  define DEFAULT_HOME  "C:"
+#  ifdef OPENSSL_SYS_WINCE
+#    define DEFAULT_HOME  ""
+#  else
+#    define DEFAULT_HOME  "C:"
+#  endif
 
 #else /* The non-microsoft world world */
 

e_os2.h

@@ -106,11 +106,15 @@ extern "C" {
 #   undef OPENSSL_SYS_UNIX
 #   define OPENSSL_SYS_WINNT
 #  endif
+#  if defined(OPENSSL_SYSNAME_WINCE)
+#   undef OPENSSL_SYS_UNIX
+#   define OPENSSL_SYS_WINCE
+#  endif
 # endif
 #endif
 
 /* Anything that tries to look like Microsoft is "Windows" */
-#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT)
+#if defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
 # undef OPENSSL_SYS_UNIX
 # define OPENSSL_SYS_WINDOWS
 # ifndef OPENSSL_SYS_MSDOS

ms/do_ms.bat

@@ -5,6 +5,8 @@ rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak
 perl util\mk1mf.pl dll VC-W31-32 >ms\w31dll.mak
 perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak
 perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak
+perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak
+perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak
 
 perl util\mkdef.pl 16 libeay > ms\libeay16.def
 perl util\mkdef.pl 32 libeay > ms\libeay32.def

ms/tencce.bat

@@ -0,0 +1,19 @@
+rem called by testencce
+
+echo test %1 %2 %3 %4 %5 %6 
+cecopy %input% CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6 
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+
+:err

ms/testce.bat

@@ -0,0 +1,234 @@
+@echo off
+
+cemkdir CE:\OpenSSL
+
+set test=..\ms
+set opath=%PATH%
+PATH=..\ms;%PATH%
+cecopy ..\apps\openssl.cnf CE:\OpenSSL
+set OPENSSL_CONF=\OpenSSL\openssl.cnf
+set HOME=\OpenSSL
+set CERUN_PASS_ENV=OPENSSL_CONF HOME
+
+rem run this from inside the bin directory
+
+rem Copy the DLL's (though they'll only exist if we're in out32dll)
+if exist libeay32.dll cecopy libeay32.dll CE:\OpenSSL
+if exist ssleay32.dll cecopy ssleay32.dll CE:\OpenSSL
+
+echo rsa_test
+call %test%\testce2 rsa_test
+if errorlevel 1 goto done
+
+echo destest
+call %test%\testce2 destest
+if errorlevel 1 goto done
+
+echo ideatest
+call %test%\testce2 ideatest
+if errorlevel 1 goto done
+
+echo bftest
+call %test%\testce2 bftest
+if errorlevel 1 goto done
+
+echo shatest
+call %test%\testce2 shatest
+if errorlevel 1 goto done
+
+echo sha1test
+call %test%\testce2 sha1test
+if errorlevel 1 goto done
+
+echo md5test
+call %test%\testce2 md5test
+if errorlevel 1 goto done
+
+echo md2test
+call %test%\testce2 md2test
+if errorlevel 1 goto done
+
+echo mdc2test
+call %test%\testce2 mdc2test
+if errorlevel 1 goto done
+
+echo rc2test
+call %test%\testce2 rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+call %test%\testce2 rc4test
+if errorlevel 1 goto done
+
+echo randtest
+call %test%\testce2 randtest
+if errorlevel 1 goto done
+
+echo dhtest
+call %test%\testce2 dhtest
+if errorlevel 1 goto done
+
+echo exptest
+call %test%\testce2 exptest
+if errorlevel 1 goto done
+
+echo dsatest
+call %test%\testce2 dsatest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testencce openssl.exe
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpemce openssl.exe
+if errorlevel 1 goto done
+
+cecopy openssl.exe CE:\OpenSSL
+
+echo verify
+copy ..\certs\*.pem cert.tmp >nul
+cecopy cert.tmp CE:\OpenSSL
+cemkdir CE:\OpenSSL\certs
+rem cecopy ..\certs\*.pem CE:\OpenSSL\certs
+cecopy ..\certs\ca-cert.pem CE:\OpenSSL\certs
+cecopy ..\certs\dsa-ca.pem CE:\OpenSSL\certs
+cecopy ..\certs\dsa-pca.pem CE:\OpenSSL\certs
+cecopy ..\certs\factory.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-CA.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-root.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-user.pem CE:\OpenSSL\certs
+cecopy ..\certs\nortelCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\pca-cert.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-4R.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-5R.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-6R.pem CE:\OpenSSL\certs
+cecopy ..\certs\rsa-cca.pem CE:\OpenSSL\certs
+cecopy ..\certs\thawteCb.pem CE:\OpenSSL\certs
+cecopy ..\certs\thawteCp.pem CE:\OpenSSL\certs
+cecopy ..\certs\timCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\tjhCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign1.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign2.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign3.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsignss.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsigntca.pem CE:\OpenSSL\certs
+cerun CE:\OpenSSL\openssl verify -CAfile \OpenSSL\cert.tmp \OpenSSL\certs\*.pem
+
+echo testss
+call %test%\testssce openssl.exe
+if errorlevel 1 goto done
+
+cecopy ssltest.exe CE:\OpenSSL
+cecopy ..\apps\server.pem CE:\OpenSSL
+cecopy ..\apps\client.pem CE:\OpenSSL
+
+echo test sslv2
+cerun CE:\OpenSSL\ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3
+cerun CE:\OpenSSL\ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+cerun CE:\OpenSSL\ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+cerun CE:\OpenSSL\ssltest -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -dhe1024dsa -v
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication  via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 via BIO pair
+cerun CE:\OpenSSL\ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -bio_pair -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+del cert.tmp
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
+PATH=%opath%
+

ms/testce2.bat

@@ -0,0 +1,2 @@
+cecopy %1.exe CE:\OpenSSL
+cerun CE:\OpenSSL\%1 %2 %3 %4 %5 %6 %7 %8 %9

ms/testencce.bat

@@ -0,0 +1,97 @@
+@echo off
+echo start testenc
+
+path=..\ms;%path%
+set ssleay=%1%
+copy ..\ms\testenc.bat >nul
+set input=testenc.bat
+set tmp1=cipher.out
+set out1=clear.out
+set cmp=perl ..\ms\cmp.pl
+
+cecopy %ssleay% CE:\OpenSSL
+
+cd
+call tencce.bat enc
+if errorlevel 1 goto err
+
+call tencce.bat rc4
+if errorlevel 1 goto err
+
+call tencce.bat des-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ecb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3
+if errorlevel 1 goto err
+
+call tencce.bat des-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tencce.bat idea-ecb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cfb
+if errorlevel 1 goto err
+
+call tencce.bat idea-ofb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cbc
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tencce.bat bf-ecb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cfb
+if errorlevel 1 goto err
+
+call tencce.bat bf-ofb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1% >nul 2>&1
+del %tmp1% >nul 2>&1
+:err
+

ms/testpemce.bat

@@ -0,0 +1,42 @@
+@echo off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=fc.exe
+
+cecopy %ssleay% CE:\OpenSSL
+
+copy ..\test\testcrl.pem >nul
+call tpemce.bat crl testcrl.pem
+if errorlevel 1 goto err
+
+copy ..\test\testp7.pem >nul
+call tpemce.bat pkcs7 testp7.pem
+if errorlevel 1 goto err
+
+copy ..\test\testreq2.pem >nul
+call tpemce.bat req testreq2.pem
+if errorlevel 1 goto err
+
+copy ..\test\testrsa.pem >nul
+call tpemce.bat rsa testrsa.pem
+if errorlevel 1 goto err
+
+copy ..\test\testx509.pem >nul
+call tpemce.bat x509 testx509.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\testsid.pem >nul
+call tpemce.bat sess_id testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1% >nul 2>&1
+:err

ms/testssce.bat

@@ -0,0 +1,104 @@
+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509
+set verifycmd=%ssleay% verify
+
+set CAkey=\OpenSSL\keyCA.ss
+set CAcert=\OpenSSL\certCA.ss
+set CAserial=\OpenSSL\certCA.srl
+set CAreq=\OpenSSL\reqCA.ss
+cecopy ..\test\CAss.cnf CE:\OpenSSL
+set CAconf=\OpenSSL\CAss.cnf
+set CAreq2=\OpenSSL\req2CA.ss	
+
+cecopy ..\test\Uss.cnf CE:\OpenSSL
+set Uconf=\OpenSSL\Uss.cnf
+set Ukey=\OpenSSL\keyU.ss
+set Ureq=\OpenSSL\reqU.ss
+set Ucert=\OpenSSL\certU.ss
+
+echo make a certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto e_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509_2
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto e_vrfy_1
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto e_vrfy_2
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto e_vrfy_3
+
+echo --
+echo make another certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto e_x_sign
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+cecopy CE:%CAcert% .
+cecopy CE:%CAkey% .
+cecopy CE:%CAserial% .
+cecopy CE:%Ucert% .
+cecopy CE:%Ukey% .
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+cedel CE:\OpenSSL\err.ss
+
+goto end
+
+:e_req
+echo error using 'req' to generate a certificate request
+goto end
+:e_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:e_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:e_vrfy_1
+echo first generated request is invalid
+goto end
+:e_vrfy_2
+echo second generated request is invalid
+goto end
+:e_vrfy_3
+echo first generated cert is invalid
+goto end
+:e_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:e_x_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end

ms/tpemce.bat

@@ -0,0 +1,8 @@
+rem called by testpemce
+
+echo test %1 %2
+cecopy %2 CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 -in \OpenSSL\%2 -out \OpenSSL\%tmp1%
+del %tmp1% >nul 2>&1
+cecopy CE:\OpenSSL\%tmp1% .
+%cmp% %2 %tmp1%

ssl/ssl_cert.c

@@ -818,10 +818,30 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
 	WIN32_FIND_DATA FindFileData;
 	HANDLE hFind;
 	int ret = 0;
+#ifdef OPENSSL_SYS_WINCE
+	WCHAR* wdir = NULL;
+#endif
 
 	CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
 	
+#ifdef OPENSSL_SYS_WINCE
+	/* convert strings to UNICODE */
+	{
+		BOOL result = FALSE;
+		int i;
+		wdir = malloc((strlen(dir)+1)*2);
+		if (wdir == NULL)
+			goto err_noclose;
+		for (i=0; i<(int)strlen(dir)+1; i++)
+			wdir[i] = (short)dir[i];
+	}
+#endif
+
+#ifdef OPENSSL_SYS_WINCE
+	hFind = FindFirstFile(wdir, &FindFileData);
+#else
 	hFind = FindFirstFile(dir, &FindFileData);
+#endif
 	/* Note that a side effect is that the CAs will be sorted by name */
 	if(hFind == INVALID_HANDLE_VALUE)
 		{
@@ -836,7 +856,11 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
 		char buf[1024];
 		int r;
 		
+#ifdef OPENSSL_SYS_WINCE
+		if(strlen(dir)+_tcslen(FindFileData.cFileName)+2 > sizeof buf)
+#else
 		if(strlen(dir)+strlen(FindFileData.cFileName)+2 > sizeof buf)
+#endif
 			{
 			SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG);
 			goto err;
@@ -854,6 +878,10 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
 err:
 	FindClose(hFind);
 err_noclose:
+#ifdef OPENSSL_SYS_WINCE
+	if (wdir != NULL)
+		free(wdir);
+#endif
 	CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
 	return ret;
 	}

ssl/ssltest.c

@@ -148,6 +148,9 @@
 #ifdef OPENSSL_SYS_VMS
 #  define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
 #  define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
+#elif defined(OPENSSL_SYS_WINCE)
+#  define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
+#  define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
 #else
 #  define TEST_SERVER_CERT "../apps/server.pem"
 #  define TEST_CLIENT_CERT "../apps/client.pem"

util/mk1mf.pl

@@ -24,6 +24,7 @@ $infile="MINFO";
 
 %ops=(
 	"VC-WIN32",   "Microsoft Visual C++ [4-6] - Windows NT or 9X",
+	"VC-CE",   "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
 	"VC-NT",   "Microsoft Visual C++ [4-6] - Windows NT ONLY",
 	"VC-W31-16",  "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
 	"VC-WIN16",   "Alias for VC-W31-32",
@@ -138,6 +139,10 @@ elsif (($platform eq "VC-WIN32") || ($platform eq "VC-NT"))
 	$NT = 1 if $platform eq "VC-NT";
 	require 'VC-32.pl';
 	}
+elsif ($platform eq "VC-CE")
+	{
+	require 'VC-CE.pl';
+	}
 elsif ($platform eq "Mingw32")
 	{
 	require 'Mingw32.pl';

util/pl/VC-CE.pl

@@ -0,0 +1,112 @@
+#!/usr/local/bin/perl
+# VC-CE.pl - the file for eMbedded Visual C++ 3.0 for windows CE, static libraries
+#
+
+$ssl=	"ssleay32";
+$crypto="libeay32";
+$RSAref="RSAref32";
+
+$o='\\';
+$cp='copy nul+';	# Timestamps get stuffed otherwise
+$rm='del';
+
+# C compiler stuff
+$cc='$(CC)';
+$cflags=' /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -D$(TARGETCPU) -D_$(TARGETCPU)_ -DUNDER_CE=300 -D_WIN32_CE=300 -DWIN32_PLATFORM_PSPC -DUNICODE -D_UNICODE -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include';
+$lflags="/nologo /subsystem:windowsce,3.00 /machine:$(TARGETCPU) /opt:ref";
+$mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+
+if ($debug)
+	{
+	$cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
+	$lflags.=" /debug";
+	$mlflags.=' /debug';
+	}
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock)
+	{ $ex_libs=""; }
+else	{ $ex_libs='winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib'; }
+#else	{ $ex_libs='winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib'; }
+
+# static library stuff
+$mklib='lib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+#$app_ex_obj="setargv.obj";
+$app_ex_obj="";
+
+$bn_asm_obj='';
+$bn_asm_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if ($shlib)
+	{
+	$mlflags.=" $lflags /dll";
+#	$cflags =~ s| /MD| /MT|;
+	$lib_cflag=" -D_WINDLL -D_DLL";
+	$out_def="out32dll";
+	$tmp_def="tmp32dll";
+	}
+
+$cflags.=" /Fd$out_def";
+
+sub do_lib_rule
+	{
+	local($objs,$target,$name,$shlib)=@_;
+	local($ret,$Name);
+
+	$taget =~ s/\//$o/g if $o ne '/';
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+#	$target="\$(LIB_D)$o$target";
+	$ret.="$target: $objs\n";
+	if (!$shlib)
+		{
+#		$ret.="\t\$(RM) \$(O_$Name)\n";
+		$ex =' ';
+		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs $ex\n<<\n";
+		}
+	else
+		{
+		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+#		$ex.=' winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib';
+		$ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib';
+		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+		}
+	$ret.="\n";
+	return($ret);
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($targer);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n";
+	$ret.="  \$(APP_EX_OBJ) $files $libs\n<<\n\n";
+	return($ret);
+	}
+
+1;