CryptoPP:

changed folder structure

git-svn-id: http://svn.miranda-ng.org/main/trunk@1083 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c

40 files changed, 9353 insertions, 0 deletions

diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pflTypes.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pflTypes.h
new file mode 100644
index 0000000000..00f3242fd4
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pflTypes.h
@@ -0,0 +1,52 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pflTypes.h,v 1.5 2003/11/20 21:15:48 vinnie Exp $
+____________________________________________________________________________*/
+#ifndef Included_pflTypes_h	/* [ */
+#define Included_pflTypes_h
+
+#include "pgpBase.h"
+ 
+/* opaque declarations */
+typedef struct PFLFileSpec *		PFLFileSpecRef;
+typedef struct PFLFileSpec const *	PFLConstFileSpecRef;
+
+typedef struct PFLDirectoryIter *		PFLDirectoryIterRef;
+typedef struct PFLDirectoryIter const *	PFLConstDirectoryIterRef;
+
+/* Validity checks */
+#define	kInvalidPFLFileSpecRef			((PFLFileSpecRef) NULL)
+#define	kInvalidPFLDirectoryIterRef		((PFLDirectoryIterRef) NULL)
+
+#define PFLFileSpecRefIsValid( ref )		( (ref) != kInvalidPFLFileSpecRef )
+#define PFLDirectoryIterRefIsValid( ref )	\
+			( (ref) != kInvalidPFLDirectoryIterRef )
+
+/* Languages supported by pgpLocStrings  */
+enum PFLLanguage_
+{
+	kPFLLanguage_Default     = 0,
+	kPFLLanguage_English     = 1,
+	kPFLLanguage_Japanese    = 2,
+	kPFLLanguage_German      = 3,
+	kPFLLanguage_Spanish     = 4,
+	
+ 	PGP_ENUM_FORCE( PFLLanguage_ )
+};
+
+PGPENUM_TYPEDEF( PFLLanguage_, PFLLanguage );
+
+
+#endif /* ] Included_pflTypes_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpAPIAdapter.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpAPIAdapter.h
new file mode 100644
index 0000000000..e473df49e2
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpAPIAdapter.h
@@ -0,0 +1,186 @@
+/*____________________________________________________________________________
+ *	Copyright (C) 2003 PGP Corporation
+ *	All rights reserved.
+ *
+ *	Size of UTF-16 string is always given in 16 bit characters. This includes 
+ *	PGPGetKeyDBObjDataPropertyU16 and PGPGetKeyDBObjAllocatedDataPropertyU16
+ *	for which void* is assumed to be PGPChar16* where applicable. 
+ *	So you can write like this:
+ *
+ *		wchar_t s[80];
+ *		PGPSize size;
+ *		PGPGetPrimaryUserIDNameU16( key, s, sizeof(s)/sizeof(s[0]), &size );
+ *            
+ *	$Id: pgpAPIAdapter.h,v 1.12 2004/05/07 08:29:12 bgaiser Exp $
+ *____________________________________________________________________________*/
+#ifndef Included_pgpAPIAdapter_h   /* [ */
+#define Included_pgpAPIAdapter_h
+
+#include "pgpKeys.h"
+#include "pgpKeyServer.h"
+
+#include "pgpMemoryMgr.h"
+#include "pgpUtilities.h"
+#include "pgpPFLErrors.h"
+#include "pgpFileSpec.h"
+#include "pgpHashWords.h"
+#include "pgpShareFile.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+PGPError PGPGetErrorStringU8( PGPError theError, PGPSize bufferSize, PGPChar8 * theString );
+PGPError PGPGetErrorStringU16( PGPError theError, PGPSize bufferSize, PGPChar16 * theString );
+
+PGPError PGPGetPGPsdkVersionStringU8( PGPChar8 versionString[ 256 ] );
+PGPError PGPGetPGPsdkVersionStringU16( PGPChar16 versionString[ 256 ] );
+
+PGPError PGPNewFileSpecFromFullPathU8( PGPContextRef context, const PGPChar8 *path, PGPFileSpecRef *ref );
+PGPError PGPNewFileSpecFromFullPathU16( PGPContextRef context, const PGPChar16 *path, PGPFileSpecRef *ref );
+
+PGPError PGPGetFullPathFromFileSpecU8( PGPFileSpecRef fileRef, PGPChar8 **fullPathPtr);
+PGPError PGPGetFullPathFromFileSpecU16( PGPFileSpecRef fileRef, PGPChar16 **fullPathPtr);
+
+PGPError PGPRenameFileU8( PGPFileSpecRef fileRef, const PGPChar8 *newName );
+PGPError PGPRenameFileU16( PGPFileSpecRef fileRef, const PGPChar16 *newName );
+
+PGPOptionListRef PGPOPassphraseBufferU8( PGPContextRef context, const PGPChar8 *passphrase, PGPSize passphraseLength);
+PGPOptionListRef PGPOPassphraseBufferU16( PGPContextRef context, const PGPChar16 *passphrase, PGPSize passphraseLength);
+
+PGPOptionListRef PGPOPassphraseU8( PGPContextRef context, const PGPChar8 *passphrase);
+PGPOptionListRef PGPOPassphraseU16( PGPContextRef context, const PGPChar16 *passphrase);
+
+PGPOptionListRef PGPOPGPMIMEEncodingU8(PGPContextRef context, PGPBoolean mimeEncoding, PGPSize *mimeBodyOffset, PGPChar8 mimeSeparator[ kPGPMimeSeparatorSize ]);
+PGPOptionListRef PGPOPGPMIMEEncodingU16(PGPContextRef context, PGPBoolean mimeEncoding, PGPSize *mimeBodyOffset, PGPChar16 mimeSeparator[ kPGPMimeSeparatorSize ]);
+
+PGPOptionListRef PGPOKeyGenNameU8( PGPContextRef context, const void *name, PGPSize nameLength );
+PGPOptionListRef PGPOKeyGenNameU16( PGPContextRef context, const void *name, PGPSize nameLength );
+
+PGPOptionListRef PGPOPreferredKeyServerU8( PGPContextRef context, PGPChar8 const * server );
+PGPOptionListRef PGPOPreferredKeyServerU16( PGPContextRef context, PGPChar16 const * server );
+
+PGPOptionListRef PGPOCommentStringU8( PGPContextRef context,PGPChar8 const *comment);
+PGPOptionListRef PGPOCommentStringU16( PGPContextRef context,PGPChar16 const *comment);
+
+PGPOptionListRef PGPOVersionStringU8( PGPContextRef context, PGPChar8 const *version);
+PGPOptionListRef PGPOVersionStringU16( PGPContextRef context, PGPChar16 const *version);
+
+PGPOptionListRef PGPOFileNameStringU8( PGPContextRef context, PGPChar8 const *fileName);
+PGPOptionListRef PGPOFileNameStringU16( PGPContextRef context, PGPChar16 const *fileName);
+
+PGPOptionListRef PGPOSigRegularExpressionU8(PGPContextRef context, PGPChar8 const *regularExpression);
+PGPOptionListRef PGPOSigRegularExpressionU16(PGPContextRef context, PGPChar16 const *regularExpression);
+
+PGPError PGPGetKeyDBObjDataPropertyU8( PGPKeyDBObjRef key, PGPKeyDBObjProperty whichProperty, void *buffer, PGPSize bufferSize, PGPSize *dataSize);
+PGPError PGPGetKeyDBObjDataPropertyU16( PGPKeyDBObjRef key, PGPKeyDBObjProperty whichProperty, void *buffer, PGPSize bufferSize, PGPSize *dataSize);
+
+PGPError PGPGetKeyDBObjAllocatedDataPropertyU8( PGPKeyDBObjRef obj, PGPKeyDBObjProperty prop, void **buffer, PGPSize *dataSize );
+PGPError PGPGetKeyDBObjAllocatedDataPropertyU16( PGPKeyDBObjRef obj, PGPKeyDBObjProperty prop, void **buffer, PGPSize *dataSize );
+
+PGPError PGPNewKeyDBObjDataFilterU8( PGPContextRef context, PGPKeyDBObjProperty prop, const void *val, PGPSize len, PGPMatchCriterion match, PGPFilterRef *outFilter );
+PGPError PGPNewKeyDBObjDataFilterU16( PGPContextRef context, PGPKeyDBObjProperty prop, const void *val, PGPSize len, PGPMatchCriterion match, PGPFilterRef *outFilter );
+
+PGPError PGPLDAPQueryFromFilterU8( PGPFilterRef filter, PGPChar8 **queryOut );
+PGPError PGPLDAPQueryFromFilterU16( PGPFilterRef filter, PGPChar16 **queryOut );
+
+PGPError PGPLDAPX509QueryFromFilterU8( PGPFilterRef filter,PGPChar8 **queryOut );
+PGPError PGPLDAPX509QueryFromFilterU16( PGPFilterRef filter,PGPChar16 **queryOut );
+
+PGPError PGPHKSQueryFromFilterU8( PGPFilterRef filter, PGPChar8 **queryOut );
+PGPError PGPHKSQueryFromFilterU16( PGPFilterRef filter, PGPChar16 **queryOut );
+
+PGPError PGPNetToolsCAHTTPQueryFromFilterU8( PGPFilterRef filter, PGPChar8 **queryOut );
+PGPError PGPNetToolsCAHTTPQueryFromFilterU16( PGPFilterRef filter, PGPChar16 **queryOut );
+
+PGPError PGPAddUserIDU8( PGPKeyDBObjRef key, PGPChar8 const *userID, PGPOptionListRef firstOption, ...);
+PGPError PGPAddUserIDU16( PGPKeyDBObjRef key, PGPChar16 const *userID, PGPOptionListRef firstOption, ...);
+
+PGPInt32 PGPCompareUserIDStringsU8(PGPChar8 const *a, PGPChar8 const *b);
+PGPInt32 PGPCompareUserIDStringsU16(PGPChar16 const *a, PGPChar16 const *b);
+
+PGPError PGPGetKeyIDStringU8( PGPKeyID const * ref, PGPKeyIDStringType type, PGPChar8 outString[ kPGPMaxKeyIDStringSize ] );
+PGPError PGPGetKeyIDStringU16( PGPKeyID const * ref, PGPKeyIDStringType type, PGPChar16 outString[ kPGPMaxKeyIDStringSize ] );
+
+PGPError PGPNewKeyIDFromStringU8( const PGPChar8 *string, PGPPublicKeyAlgorithm pkalg, PGPKeyID * outID );
+PGPError PGPNewKeyIDFromStringU16( const PGPChar16 *string, PGPPublicKeyAlgorithm pkalg, PGPKeyID * outID );
+
+PGPError PGPSetPKCS11DrvFileU8( PGPChar8 *module );
+PGPError PGPSetPKCS11DrvFileU16( PGPChar16 *module );
+
+PGPError PGPGetTokenInfoDataPropertyU8( PGPContextRef context, PGPUInt32 tokenNumber, PGPTokenProperty prop, PGPByte *value, PGPSize size, PGPSize *sizeout );
+PGPError PGPGetTokenInfoDataPropertyU16( PGPContextRef context, PGPUInt32 tokenNumber, PGPTokenProperty prop, void *value, PGPSize size, PGPSize *sizeout );
+
+PGPError PGPCreateDistinguishedNameU8( PGPContextRef context, PGPChar8 const *str, PGPByte **pdname, PGPSize *pdnamelen );
+PGPError PGPCreateDistinguishedNameU16( PGPContextRef context, PGPChar16 const *str, PGPByte **pdname, PGPSize *pdnamelen );
+
+PGPError PGPGetPrimaryUserIDNameU8(PGPKeyDBObjRef key, PGPChar8 *buffer, PGPSize bufferSize, PGPSize *dataSize);
+PGPError PGPGetPrimaryUserIDNameU16(PGPKeyDBObjRef key, PGPChar16 *buffer, PGPSize bufferSize, PGPSize *dataSize);
+
+PGPError PGPGetHashWordStringU8( PGPUInt32 index, PGPHashWordList list, PGPChar8 hashWordString[ 12 ] );
+PGPError PGPGetHashWordStringU16( PGPUInt32 index, PGPHashWordList list, PGPChar16 hashWordString[ 12 ] );
+
+PGPError PGPSetShareFileUserIDU8( PGPShareFileRef shareFileRef, const PGPUTF8 *userID );
+PGPError PGPSetShareFileUserIDU16( PGPShareFileRef shareFileRef, const PGPChar16 *userID );
+
+PGPError PGPGetShareFileUserIDU8( PGPShareFileRef shareFileRef, PGPSize bufferSize, PGPUTF8 *userID, PGPSize *fullSize );
+PGPError PGPGetShareFileUserIDU16( PGPShareFileRef shareFileRef, PGPSize bufferSize, PGPChar16 *userID, PGPSize *fullSize );
+
+PGPError PGPGetTARCacheObjDataPropertyU8( PGPTARCacheObjRef obj, PGPTARCacheObjProperty prop, void *buffer, PGPSize bufSize, PGPSize *dataSize );
+PGPError PGPGetTARCacheObjDataPropertyU16( PGPTARCacheObjRef obj, PGPTARCacheObjProperty prop, void *buffer, PGPSize bufSize, PGPSize *dataSize );
+
+
+/* ----- SDK UI ----- */
+PGPUInt32 PGPEstimatePassphraseQualityU8( const PGPChar8 *passphrase );
+PGPUInt32 PGPEstimatePassphraseQualityU16( const PGPChar16 *passphrase );
+
+PGPOptionListRef PGPOUIDialogPromptU8( PGPContextRef context, const PGPChar8 *prompt );
+PGPOptionListRef PGPOUIDialogPromptU16( PGPContextRef context, const PGPChar16 *prompt );
+
+PGPOptionListRef PGPOUIWindowTitleU8( PGPContextRef context, const PGPChar8 *title );
+PGPOptionListRef PGPOUIWindowTitleU16( PGPContextRef context, const PGPChar16 *title );
+
+PGPOptionListRef PGPOUIOutputPassphraseU8( PGPContextRef context, PGPChar8 **passphrase );
+PGPOptionListRef PGPOUIOutputPassphraseU16( PGPContextRef context, PGPChar16 **passphrase );
+
+PGPOptionListRef PGPOUICheckboxU8(PGPContextRef context, PGPUInt32 itemID, const PGPChar8 *title, const PGPChar8 *description, PGPUInt32 initialValue, PGPUInt32 *resultPtr, PGPOptionListRef firstOption, ...);
+PGPOptionListRef PGPOUICheckboxU16(PGPContextRef context, PGPUInt32 itemID, const PGPChar16 *title, const PGPChar16 *description, PGPUInt32 initialValue, PGPUInt32 *resultPtr, PGPOptionListRef firstOption, ...);
+
+PGPOptionListRef PGPOUIPopupListU8(PGPContextRef context, PGPUInt32 itemID, const PGPChar8 *title, const PGPChar8 *description,PGPUInt32 listItemCount, const PGPChar16 *listItems[], PGPUInt32 initialValue, PGPUInt32 *resultPtr, PGPOptionListRef firstOption, ...);
+PGPOptionListRef PGPOUIPopupListU16(PGPContextRef context, PGPUInt32 itemID, const PGPChar16 *title, const PGPChar16 *description,PGPUInt32 listItemCount, const PGPChar16 *listItems[], PGPUInt32 initialValue, PGPUInt32 *resultPtr, PGPOptionListRef firstOption, ...);
+
+
+/* ----- SDK Network ----- */
+PGPOptionListRef PGPONetURLU8(PGPContextRef context, const PGPChar8 *url);
+PGPOptionListRef PGPONetURLU16(PGPContextRef context, const PGPChar16 *url);
+
+PGPOptionListRef PGPONetHostNameU8(PGPContextRef context, const PGPChar8 *hostName, PGPUInt16 port);
+PGPOptionListRef PGPONetHostNameU16(PGPContextRef context, const PGPChar16 *hostName, PGPUInt16 port);
+
+PGPOptionListRef PGPOKeyServerKeyStoreDNU8(PGPContextRef context, const PGPChar8 *szKeyStoreDn);
+PGPOptionListRef PGPOKeyServerKeyStoreDNU16(PGPContextRef context, const PGPChar16 *szKeyStoreDn);
+
+PGPError PGPGetKeyServerHostNameU8(PGPKeyServerRef inKeyServerRef, PGPChar8 ** outHostName); /* Use PGPFreeData to free */
+PGPError PGPGetKeyServerHostNameU16(PGPKeyServerRef inKeyServerRef, PGPChar16 ** outHostName); /* Use PGPFreeData to free */
+
+PGPError PGPGetKeyServerPathU8(PGPKeyServerRef inKeyServerRef, PGPChar8 ** outPath); /* Use PGPFreeData to free */
+PGPError PGPGetKeyServerPathU16(PGPKeyServerRef inKeyServerRef, PGPChar16 ** outPath); /* Use PGPFreeData to free */
+
+PGPError PGPGetLastKeyServerErrorStringU8(PGPKeyServerRef inKeyServerRef,PGPChar8 ** outErrorString);
+PGPError PGPGetLastKeyServerErrorStringU16(PGPKeyServerRef inKeyServerRef,PGPChar16 ** outErrorString);
+
+PGPError PGPGetProxyServerU8(PGPContextRef context, PGPProxyServerType type, PGPChar8 **proxyAddress, PGPUInt16 *proxyPort );
+PGPError PGPGetProxyServerU16(PGPContextRef context, PGPProxyServerType type, PGPChar16 **proxyAddress, PGPUInt16 *proxyPort );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpAPIAdapter_h   */
+
+
+/*__Editor_settings____
+ *
+ *	Local Variables:
+ *	tab-width: 4
+ *	End:
+ *	vi: ts=4 sw=4
+ *	vim: si
+ *_____________________*/
+
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBER.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBER.h
new file mode 100644
index 0000000000..ad20d033fd
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBER.h
@@ -0,0 +1,175 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+    All rights reserved.
+
+    $Id: pgpBER.h,v 1.15 2003/08/08 04:40:39 ajivsov Exp $
+____________________________________________________________________________*/
+
+/*
+ * For extremely detailed explanation of all the BER types and
+ * encoding, see X.208 (Specification of Abstract Syntax Notation One (ASN.1))
+ * and X.209 (Specification of Basic Encoding Rules for Abstract Syntax
+ * Notation One (ASN.1)).
+ *
+ * These two sources will tell you everything you would ever need (and want)
+ * to know about BER and ASN.1.
+ */
+
+#ifndef Included_pgpBER_h  /* [ */
+#define Included_pgpBER_h
+
+#include "pgpPubTypes.h"
+#include "pgpMemoryMgr.h"
+#include "pgpSockets.h"
+
+/* BER types */
+/* The X.209 BER specification actually defines a lot more
+ * types than is listed here, but these are the only ones
+ * the current PGPldap implementation uses. */
+enum PGPberType_
+{
+    kPGPberType_Boolean     = 0x01, /* tag = 0x01 */
+    kPGPberType_Int         = 0x02, /* tag = 0x02 */
+    kPGPberType_Bitstring   = 0x03, /* tag = 0x03 */
+    kPGPberType_Octetstring = 0x04, /* tag = 0x04 */
+    kPGPberType_NULL        = 0x05, /* tag = 0x05 */
+	kPGPberType_ObjectID	= 0x06, /* tag = 0x06 */
+    kPGPberType_Enumeration = 0x0A, /* tag = 0x0A */
+	kPGPberType_PrintableString = 0x0D, /* tag = 0x0D */
+    kPGPberType_Sequence    = 0x30, /* constructed, tag = 0x10 */
+    kPGPberType_Set         = 0x31, /* constructed, tag = 0x11 */
+
+    kPGPberType_None        = 0xFFFFFFFF
+};
+PGPENUM_TYPEDEF (PGPberType_, PGPberType);
+
+enum PGPberFormatSpecifier_
+{
+    kPGPberFormatSpecifier_Boolean      = 'b',
+    kPGPberFormatSpecifier_Int          = 'i',
+    kPGPberFormatSpecifier_Octetstring  = 'o',
+    kPGPberFormatSpecifier_String       = 's',
+    kPGPberFormatSpecifier_StringVector = 'v',
+    kPGPberFormatSpecifier_BERVector    = 'V',  /* strings and lengths */
+    kPGPberFormatSpecifier_NULL         = 'n',
+    kPGPberFormatSpecifier_Enumeration  = 'e',
+    kPGPberFormatSpecifier_Tag          = 't',
+    kPGPberFormatSpecifier_BeginSequence= '{',
+    kPGPberFormatSpecifier_EndSequence  = '}',
+    kPGPberFormatSpecifier_BeginSet     = '[',
+    kPGPberFormatSpecifier_EndSet       = ']',
+
+	kPGPberFormatSpecifier_Force		= '*'
+};
+PGPENUM_TYPEDEF (PGPberFormatSpecifier_, PGPberFormatSpecifier);
+
+
+typedef struct PGPberElement *	PGPberElementRef;
+
+#define kInvalidPGPberElementRef	( (PGPberElementRef) NULL)
+#define PGPberElementRefIsValid(ber)	\
+			( (ber) != kInvalidPGPberElementRef )
+#define PGPValidateBERElementRef(ber) \
+			PGPValidateParam( PGPberElementRefIsValid( ber ) )
+
+typedef struct PGPberValue
+{
+    PGPSize     length;
+    PGPByte     *value;
+} PGPberValue;
+
+/* Functions */
+
+	PGPError
+PGPNewBERElement(
+	PGPContextRef		context,
+	PGPberElementRef *	ber );
+
+/* ber_free */
+	PGPError
+PGPFreeBERElement(
+	PGPberElementRef	ber );
+
+/* BER encoding functions */
+    PGPError
+PGPberAppend(
+    PGPberElementRef	ber, 
+    const PGPChar8 *	s, 
+	... );
+
+	PGPError
+PGPberGetEncoding(
+	PGPberElementRef	ber,
+	PGPByte **			encoding );
+
+/* BER decoding functions */
+	PGPError
+PGPberRead(
+	PGPberElementRef	ber,
+	const PGPChar8 *	fmt,
+	... );
+
+	PGPError
+PGPberGetLength(
+	PGPberElementRef	ber,
+	PGPSize *			length );
+
+	PGPError
+PGPberRewind(
+	PGPberElementRef	ber );
+
+	PGPError
+PGPberNextPrimitive(
+	PGPberElementRef	ber );
+
+	PGPError
+PGPberNextConstructed(
+	PGPberElementRef	ber );
+
+	PGPError
+PGPberNext(
+	PGPberElementRef	ber );
+
+	PGPError
+PGPberSkip(
+	PGPberElementRef	ber );
+
+	PGPError
+PGPberPeek(
+	PGPberElementRef	ber,
+	PGPberType *		tag,
+	PGPSize *			len );
+
+	PGPError
+PGPberGetIndex(
+	PGPberElementRef	ber,
+	PGPUInt32 *			index );
+
+	PGPError
+PGPberSetIndex(
+	PGPberElementRef	ber,
+	PGPUInt32			index );
+
+	PGPError
+PGPberReadResponse(
+	PGPberElementRef	ber,
+	PGPSocketRef		sock );
+
+	PGPError
+PGPberSetData(
+	PGPberElementRef	ber,
+	PGPByte *			data,
+	PGPSize				len );
+
+
+#endif /* ] Included_pgpBER_h */
+
+
+/*__Editor_settings____
+
+    Local Variables:
+    tab-width: 4
+    End:
+    vi: ts=4 sw=4
+    vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBase.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBase.h
new file mode 100644
index 0000000000..53a1df46e7
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBase.h
@@ -0,0 +1,451 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file deals with system dependencies to derive our very basic data
+	types.  It should not contain any higher level types.
+
+
+	$Id: pgpBase.h,v 1.30 2004/02/09 23:30:31 vinnie Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpBase_h	/* [ */
+#define Included_pgpBase_h
+
+#include "pgpPFLConfig.h"
+
+#if !( defined(PGP_MACINTOSH) || defined(PGP_UNIX) || defined(PGP_WIN32) )
+#error one of {PGP_MACINTOSH, PGP_UNIX, PGP_WIN32} must be defined
+#endif
+
+#if PGP_MACINTOSH
+#include <stddef.h>
+#if __MWERKS__ && ! defined( __dest_os )
+	#include <ansi_parms.h>
+	#define __dest_os __mac_os
+#endif
+#else
+	/* aCC bars on <sys/time.h> if this file is not included first */
+	#if PGP_COMPILER_HPUX
+		#include <sys/sigevent.h>
+	#endif /* PGP_COMPILER_HPUX */
+	#include <sys/types.h>
+#endif
+
+#if PGP_WIN32
+#include <stddef.h>		/* For size_t */
+#endif
+
+#if ! NO_LIMITS_H
+#include <limits.h>
+#endif
+
+#ifndef PGP_UNICODE
+#define PGP_UNICODE		0
+#endif
+
+#if PGP_WIN32
+	/* check for inconsistent usage of UNICODE symbols */
+	#if PGP_UNICODE
+		#if !defined(UNICODE) || !defined(_UNICODE)
+			#error UNICODE and _UNICODE must be defined
+		#endif
+	#else
+		#if defined(UNICODE) || defined(_UNICODE)
+			#error UNICODE and _UNICODE should not be defined
+		#endif
+	#endif
+#endif
+
+
+/*____________________________________________________________________________
+	PGP basic types
+____________________________________________________________________________*/
+
+typedef unsigned char	PGPBoolean;		/* can be TRUE or FALSE */
+
+#ifndef TRUE
+#define TRUE	1
+#endif
+
+#ifndef FALSE
+#define FALSE	0
+#endif
+
+/* PGPUInt8, PGPInt8 */
+#if UCHAR_MAX == 0xff
+
+typedef unsigned char	PGPUInt8;
+typedef signed char		PGPInt8;
+#define MAX_PGPUInt8	UCHAR_MAX
+#define MAX_PGPInt8		SCHAR_MAX
+
+#else
+#error This machine has no 8-bit type
+#endif
+
+
+/* PGPUInt16, PGPInt16 */
+#if UINT_MAX == 0xffff
+
+typedef unsigned int	PGPUInt16;
+typedef int				PGPInt16;
+#define MAX_PGPUInt16	UINT_MAX
+#define MAX_PGPInt16	INT_MAX
+
+#elif USHRT_MAX == 0xffff
+
+typedef unsigned short	PGPUInt16;
+typedef short			PGPInt16;
+#define MAX_PGPUInt16	USHRT_MAX
+#define MAX_PGPInt16	SHRT_MAX
+
+#else
+#error This machine has no 16-bit type
+#endif
+
+
+/* PGPUInt32, PGPInt32 */
+#if UINT_MAX == 0xfffffffful
+
+typedef unsigned int	PGPUInt32;
+typedef int				PGPInt32;
+#define MAX_PGPUInt32	UINT_MAX
+#define MAX_PGPInt32	INT_MAX
+
+#elif ULONG_MAX == 0xfffffffful
+
+typedef unsigned long	PGPUInt32;
+typedef long			PGPInt32;
+#define MAX_PGPUInt32	ULONG_MAX
+#define MAX_PGPInt32	LONG_MAX
+
+#elif USHRT_MAX == 0xfffffffful
+
+typedef unsigned short	PGPUInt32;
+typedef short			PGPInt32;
+#define MAX_PGPUInt32	USHRT_MAX
+#define MAX_PGPInt32	SHRT_MAX
+
+#else
+#error This machine has no 32-bit type
+#endif
+
+
+/*____________________________________________________________________________
+	PGPUInt64, PGPInt64
+	
+	Find a 64-bit data type, if possible.
+	The conditions here are more complicated to avoid using numbers that
+	will choke lesser preprocessors (like 0xffffffffffffffff) unless
+	we're reasonably certain that they'll be acceptable.
+ 
+	Some *preprocessors* choke on constants that long even if the
+	compiler can accept them, so it doesn't work reliably to test values.
+	So cross our fingers and hope that it's a 64-bit type.
+	
+	GCC uses ULONG_LONG_MAX.  Solaris uses ULLONG_MAX.
+	IRIX uses ULONGLONG_MAX.  Are there any other names for this?
+____________________________________________________________________________*/
+
+
+#if ULONG_MAX > 0xfffffffful
+#if ULONG_MAX == 0xfffffffffffffffful
+
+typedef ulong		PGPUInt64;
+typedef long		PGPInt64;
+#define PGP_HAVE64	1
+
+#endif
+#endif
+
+
+#ifndef PGP_HAVE64
+
+#if defined(ULONG_LONG_MAX) || defined (ULLONG_MAX) || defined(ULONGLONG_MAX) || defined(__LONG_LONG_MAX__)
+typedef unsigned long long	PGPUInt64;
+typedef long long			PGPInt64;
+#define PGP_HAVE64			1
+
+#endif
+#endif
+
+/*____________________________________________________________________________
+	This was added because for some reason or another, __LONG_LONG_MAX__ is 
+	not defined on Linux 6.1.  Hopefully this doesn't break older versions of
+	Linux but you never know.....
+____________________________________________________________________________*/
+#if defined(PGP_UNIX_LINUX) && !defined(PGP_HAVE64)
+typedef long long			PGPInt64;
+typedef unsigned long long	PGPUInt64;
+#define PGP_HAVE64			1
+#endif
+
+
+#ifndef PGP_HAVE64
+#if defined(__MWERKS__)
+#if __option( longlong )
+
+typedef unsigned long long	PGPUInt64;
+typedef long long			PGPInt64;
+#define PGP_HAVE64			1
+
+#endif
+#endif
+#endif
+
+#if PGP_HAVE64
+/* too painful to test all the variants above, so just do it this way */
+#define MAX_PGPUInt64	((PGPUInt64)0xfffffffffffffffful)
+#define MAX_PGPInt64	((PGPInt64)0x7fffffffffffffff)
+#endif
+
+
+/*____________________________________________________________________________
+	PGPInt, PGPUInt, PGPLong, PGPULong
+	
+	Architecture-specific data types. 
+
+	PGPLong will be 64 bits on 64-bit architectures (Linux on AMD64 or WIN64). 
+	PGPLong is hardware-supported integeral type such that 
+	sizeof(PGPULong)==sizeof(void*)
+
+	PGPInt is the most efficient harware-supported integeral type that is at 
+	least 32 bit long. It should be the main type for internal counters, sizes, 
+	offsets etc unless possibly the larger space of PGPSize is required.
+____________________________________________________________________________*/
+
+/* note that this should be changed for 16 bit platform */
+typedef int				PGPInt;
+typedef unsigned int	PGPUInt;
+
+#if PGP_WIN32
+	#if defined(_WIN64)
+	#if PGP_HAVE_64_HARDWARE==0
+	#error "Configuration error: PGP_HAVE_64_HARDWARE must be 1 for WIN64"
+	#endif
+	typedef __int64			PGPLong;
+	typedef unsigned __int64 PGPULong;
+	#else
+	#ifndef _W64
+	/* (this definition is only need  for WINNT) */
+	#define _W64
+	#endif
+	typedef _W64 __int32	PGPLong;
+	typedef _W64 unsigned __int32 PGPULong;
+	#endif
+#else
+	typedef unsigned long	PGPULong;
+	typedef long			PGPLong;
+#endif
+
+#if INT_MAX == 0x7FFFFFFFL
+#define PGPENUM_TYPEDEF( enumName, typeName )	typedef enum enumName typeName
+#else
+#define PGPENUM_TYPEDEF( enumName, typeName )	typedef PGPInt32 typeName
+#endif
+#define kPGPEnumMaxValue		INT_MAX
+
+#define PGP_ENUM_FORCE( enumName )		\
+		k ## enumName ## force = kPGPEnumMaxValue
+
+
+typedef PGPUInt8			PGPByte;
+
+typedef PGPInt32			PGPError;
+
+/* a simple value sufficient to hold any numeric or pointer type */
+typedef void *				PGPUserValue;
+
+/* A PGPSize refers to in memory sizes. Use PGPFileOffset for file offsets */
+typedef size_t				PGPSize;
+#define MAX_PGPSize			( ~(PGPSize)0 )
+
+/* An offset or size of a file */
+#if PGP_UNIX
+#ifdef HAVE_64BIT_FILES
+typedef off64_t				PGPFileOffset;
+#else /* !HAVE_64BIT_FILES	*/
+typedef off_t				PGPFileOffset;
+#endif /* HAVE_64BIT_FILES	*/
+#else
+#if PGP_HAVE64
+typedef PGPInt64			PGPFileOffset;
+#else
+typedef PGPInt32			PGPFileOffset;
+#endif
+#endif
+
+typedef PGPUInt32			PGPFlags;
+typedef time_t				PGPTime;
+typedef PGPULong			PGPTimeInterval;	/* In milliseconds */
+
+#define kPGPMaxTimeInterval (~(PGPTimeInterval)0)
+
+typedef struct PGPVersion
+{
+	PGPUInt16	majorVersion;
+	PGPUInt16	minorVersion;
+	
+} PGPVersion;
+
+/* character types useful for Unicode issues */
+typedef	char				PGPChar8;
+typedef	PGPUInt16			PGPChar16;
+typedef	PGPUInt32			PGPChar32;
+typedef	unsigned char		PGPUTF8;
+
+#if PGP_UNICODE
+typedef	PGPUInt16			PGPChar;
+#else
+typedef	char				PGPChar;
+#endif
+
+typedef char				PFLChar;
+typedef char				SDKUIChar;
+
+
+/*____________________________________________________________________________
+	These macros should surround all C declarations in public
+	header files which define function or data symbols.
+____________________________________________________________________________*/
+
+#ifdef __cplusplus	/* [ */
+
+#define PGP_BEGIN_C_DECLARATIONS	extern "C" {
+#define PGP_END_C_DECLARATIONS		}
+
+#else	/* ] __cplusplus [ */
+
+#define PGP_BEGIN_C_DECLARATIONS
+#define PGP_END_C_DECLARATIONS
+
+#endif	/* ] __cplusplus */
+
+
+#ifndef pgpMin
+#define pgpMin(x,y) (((x)<(y)) ? (x) : (y))
+#endif
+
+#ifndef pgpMax
+#define pgpMax(x,y) (((x)>(y)) ? (x) : (y))
+#endif
+
+#ifndef PGP_DEPRECATED
+#define PGP_DEPRECATED		1
+#endif
+
+#if PGP_WIN32
+# define BIG_ENDIAN		123
+# define LITTLE_ENDIAN	321
+# define BYTE_ORDER		LITTLE_ENDIAN
+#endif
+
+#if BYTE_ORDER == BIG_ENDIAN
+#	define PGP_WORDSBIGENDIAN		1
+#	define PGP_WORDSLITTLEENDIAN	0
+#elif BYTE_ORDER == LITTLE_ENDIAN
+#	define PGP_WORDSBIGENDIAN		0
+#	define PGP_WORDSLITTLEENDIAN	1
+#else
+#	error define your byte order
+#endif
+
+/*____________________________________________________________________________
+ * The PGP equivalent of the MS "TEXT" macro.  PGPTEXT wraps a string literal
+ * and causes it to compile as 8 or 16 bit characters on the basis of the
+ * PGP_UNICODE symbol. 
+ */
+#if PGP_UNICODE
+  #define PGPTEXT(literal)				L##literal
+#else
+  #define PGPTEXT(literal)				literal
+#endif
+
+/*____________________________________________________________________________
+ * Macros for wrapping text literals.  These macros serve two purposes:
+ * (a) to indicate to the reader of the source code the way in which the
+ * literal is used (and therefore why the string should not be externalized
+ * and localized), and (b) to indicate to the compiler whether the literal 
+ * should be compiled as 8-bit or 16-bit characters.
+ *
+ * To the right of each macro is the abbreviation to use when naming 
+ * string resources.
+ */
+ 
+/* PGPTXT_USER should be used for strings which are to be displayed
+ * to the user, but which we have decided not to translate, for whatever 
+ * reason.
+ */
+#define PGPTXT_USER(literal)			PGPTEXT(literal)	/* USR */
+#define PGPTXT_USER8(literal)			literal
+#define PGPTXT_USER16(literal)			L##literal
+
+/* PGPTXT_ADMIN is for messages to be seen by an admin; we may choose to 
+ * translate these in the future.
+ */
+#define PGPTXT_ADMIN(literal)			PGPTEXT(literal)	/* ADM */
+
+/* PGPTXT_MACHINE strings are meant to be read by a machine.  That is, 
+ * the usual usage would be that this string is never seen by anyone, 
+ * neither users, developers, admins nor qa; it is only seen by programs.  
+ * This includes textual material in tables where that is meant to be 
+ * compared against hardcoded strings looking for a match.  Explicit
+ * 8- and 16-bit versions are provided.
+ */
+#define PGPTXT_MACHINE(literal)			PGPTEXT(literal)	/* MAC */
+#define PGPTXT_MACHINE8(literal)		literal
+#define PGPTXT_MACHINE16(literal)		L##literal
+
+#define PFLTXT_MACHINE					PGPTXT_MACHINE8
+#define SDKUITXT_MACHINE	 			PGPTXT_DEBUG8
+#define SDKUITXT_USER					PGPTXT_MACHINE8
+
+/* String literals in obsolete sections of code may be left in for
+ * clarity or historical reasons.  They should be marked with the
+ * PGPTXT_OBSOLETE macro.
+ */
+#define PGPTXT_OBSOLETE(literal)		literal				/* OBS */
+
+/* PGPTXT_FIXBEFORESHIP is for strings for which the tagger is not sure 
+ * what to do with them, but which will need to be decided eventually. 
+ */
+#define PGPTXT_FIXBEFORESHIP(literal)	literal				/* FIX */
+
+/* PGPTXT_DEBUG should be used for strings which are to be seen only by
+ * developers or testers.  This would include compiled-out self-test
+ * code, debugging code, printf's, messageboxes, debug logs, and asserts.
+ */
+#define PGPTXT_DEBUG(literal)			PGPTEXT(literal)	/* DBG */
+#define PGPTXT_DEBUG8(literal)			literal
+#define PGPTXT_DEBUG16(literal)			L##literal
+
+#define PFLTXT_DEBUG 					PGPTXT_DEBUG8
+#define SDKUITXT_DEBUG	 				PGPTXT_DEBUG8
+
+/* PGPTXT_DEFERRED is used to mark text for which externalization
+ * has been deferred because the text is not actually used in the
+ * current implementation but it may be someday.  Externalizing
+ * such text would create unnecessary work for the localizers at
+ * this point in time.  
+ */
+#define PGPTXT_DEFERRED(literal)		PGPTEXT(literal)
+#define PGPTXT_DEFERRED8(literal)		literal
+#define PGPTXT_DEFERRED16(literal)		L##literal
+
+#if defined(__GNUC__) && (__GNUC__ >= 3) && (__GNUC_MINOR__ >= 1) && PGP_OSX
+#define PGP_WEAK_IMPORT  __attribute__((weak_import))
+#else
+#define PGP_WEAK_IMPORT 
+#endif
+
+#endif /* ] Included_pgpBase_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBigNum.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBigNum.h
new file mode 100644
index 0000000000..fdc65e2017
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpBigNum.h
@@ -0,0 +1,177 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpBigNum.h,v 1.7 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpBigNum_h
+#define Included_pgpBigNum_h
+
+#include "pgpBase.h"
+#include "pgpUtilities.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+typedef struct PGPBigNum *		PGPBigNumRef;
+#define kPGPInvalidBigNumRef	( (PGPBigNumRef)NULL )
+
+/*____________________________________________________________________________
+	Bignum basics
+____________________________________________________________________________*/
+PGPError	PGPNewBigNum( PGPContextRef context, PGPBoolean secure,
+					PGPBigNumRef *newBN );
+
+PGPError	PGPFreeBigNum( PGPBigNumRef bn );
+
+PGPError 	PGPCopyBigNum( PGPBigNumRef src, PGPBigNumRef * dest );
+PGPError 	PGPAssignBigNum( PGPBigNumRef src, PGPBigNumRef dest );
+PGPError	PGPSwapBigNum( PGPBigNumRef a, PGPBigNumRef b);
+
+/*
+** Move bytes between the given buffer and the given BigNum encoded in
+** base 256.  I.e. after either of these, the buffer will be equal to
+** (bn / 256^lsbyte) % 256^len.  The difference is which is altered to
+** match the other!
+*/
+PGPError	PGPBigNumExtractBigEndianBytes( PGPBigNumRef bn,
+					PGPByte *dest, PGPUInt32 lsbyte, PGPUInt32	len );
+				
+PGPError	PGPBigNumInsertBigEndianBytes(PGPBigNumRef bn,
+					PGPByte const *src, PGPUInt32 lsbyte, PGPUInt32 len );
+
+/* The same, but the buffer is little-endian. */
+PGPError	PGPBigNumExtractLittleEndianBytes( PGPBigNumRef bn,
+					PGPByte *dest, PGPUInt32 lsbyte, PGPUInt32	len );
+				
+PGPError	PGPBigNumInsertLittleEndianBytes(PGPBigNumRef bn,
+					PGPByte const *src, PGPUInt32 lsbyte, PGPUInt32 len );
+
+/* Return the least-significant bits (at least 16) of the BigNum */
+PGPUInt16	PGPBigNumGetLSWord( PGPBigNumRef bn );
+
+/*
+ * Return the number of significant bits in the BigNum.
+ * 0 or 1+floor(log2(src))
+ */
+PGPUInt32	PGPBigNumGetSignificantBits( PGPBigNumRef bn );
+
+/*
+ * Adds two bignums into dest.  Faster if dest is same as lhs or rhs.
+ */
+PGPError	PGPBigNumAdd( PGPBigNumRef lhs, PGPBigNumRef rhs,
+					PGPBigNumRef dest );
+
+/*
+ * lhs-rhs.  dest and src may be the same, but bnSetQ(dest, 0) is faster.
+ * if dest < src, returns error and dest is undefined.
+ */
+PGPError	PGPBigNumSubtract( PGPBigNumRef lhs, PGPBigNumRef rhs,
+					PGPBigNumRef dest, PGPBoolean *underflow );
+
+/* Return sign (-1, 0, +1) of a-b.  a <=> b --> bnCmpQ(a, b) <=> 0 */
+PGPInt32	PGPBigNumCompareQ( PGPBigNumRef bn, PGPUInt16 sm );
+
+/* dest = src, where 0 <= src < 2^16. */
+PGPError	PGPBigNumSetQ( PGPBigNumRef dest, PGPUInt16 sm );
+
+/* dest = bn + sm, where 0 <= sm < 2^16 */
+PGPError	PGPBigNumAddQ( PGPBigNumRef bn, PGPUInt16 sm,
+					PGPBigNumRef dest);
+
+/* dest = bn + sm, where 0 <= sm < 2^16 */
+PGPError	PGPBigNumSubtractQ( PGPBigNumRef bn, PGPUInt16 sm,
+					PGPBigNumRef dest, PGPBoolean *underflow);
+
+/* Return sign (-1, 0, +1) of a-b.  a <=> b --> bnCmp(a, b) <=> 0 */
+PGPInt32	PGPBigNumCompare( PGPBigNumRef lhs, PGPBigNumRef rhs);
+
+/* dest = src * src.  dest may be the same as src, but it costs time. */
+PGPError	PGPBigNumSquare( PGPBigNumRef src, PGPBigNumRef dest);
+
+/* dest = a * b.  dest may be the same as a or b, but it costs time. */
+PGPError	PGPBigNumMultiply( PGPBigNumRef lhs, PGPBigNumRef rhs,
+					PGPBigNumRef dest);
+
+/* dest = a * b, where 0 <= b < 2^16.  dest and a may be the same. */
+PGPError	PGPBigNumMultiplyQ( PGPBigNumRef lhs, PGPUInt16 sm,
+					PGPBigNumRef dest);
+
+/*
+ * q = n/d, r = n%d.  r may be the same as n, but not d,
+ * and q may not be the same as n or d.
+ * re-entrancy issue: this temporarily modifies d, but restores
+ * it for return.
+ */
+PGPError	PGPBigNumDivide( PGPBigNumRef numerator, PGPBigNumRef denominator,
+					PGPBigNumRef quotient, PGPBigNumRef remainder);
+/*
+ * dest = n % d.  dest and src may be the same, but not dest and d.
+ * re-entrancy issue: this temporarily modifies d, but restores
+ * it for return.
+ */
+PGPError	PGPBigNumMod( PGPBigNumRef numerator, PGPBigNumRef denominator,
+					PGPBigNumRef dest );
+
+/* return src % d, where 0 <= d < 2^16.  */
+PGPUInt16	PGPBigNumModQ( PGPBigNumRef numerator, PGPUInt16 denominator );
+
+/* n = n^exp, modulo "mod"   "mod" *must* be odd */
+PGPError	PGPBigNumExpMod( PGPBigNumRef n, PGPBigNumRef exponent,
+					PGPBigNumRef mod, PGPBigNumRef dest );
+
+/*
+ * dest = n1^e1 * n2^e2, modulo "mod".  "mod" *must* be odd.
+ * dest may be the same as n1 or n2.
+ */
+PGPError	PGPBigNumDoubleExpMod( PGPBigNumRef n1, PGPBigNumRef exponent1,
+					PGPBigNumRef n2, PGPBigNumRef exponent2,
+					PGPBigNumRef mod, PGPBigNumRef dest );
+
+/* dest = 2^exp, modulo "mod"   "mod" *must* be odd */
+PGPError	PGPBigNumTwoExpMod( PGPBigNumRef exponent, PGPBigNumRef mod,
+					PGPBigNumRef dest );
+
+/* dest = gcd(a, b).  The inputs may overlap arbitrarily. */
+PGPError	PGPBigNumGCD( PGPBigNumRef a, PGPBigNumRef b, PGPBigNumRef dest );
+
+/* dest = src^-1, modulo "mod".  dest may be the same as src. */
+PGPError	PGPBigNumInv( PGPBigNumRef src, PGPBigNumRef mod,
+					PGPBigNumRef dest );
+
+
+/* Shift dest left "amt" places */
+PGPError	PGPBigNumLeftShift( PGPBigNumRef dest, PGPUInt32 amt );
+
+/* Shift dest right "amt" places, discarding low-order bits */
+PGPError	PGPBigNumRightShift( PGPBigNumRef dest, PGPUInt32 amt );
+
+/* right shift all low order 0-bits, return number of bits shifted */
+PGPUInt16	PGPBigNumMakeOdd( PGPBigNumRef dest );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif	/* Included_pgpBigNum_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCBC.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCBC.h
new file mode 100644
index 0000000000..26ae61d57f
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCBC.h
@@ -0,0 +1,82 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpCBC.h,v 1.6 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpCBC_h	/* [ */
+#define Included_pgpCBC_h
+
+#include "pgpSymmetricCipher.h"
+
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	A CBC context requires use of a symmetric cipher which has been created
+	and whose key has been set. An error will be returned if this is not
+	the case.
+	
+	After the call, the CBCContextRef "owns" the
+	symmetric ref and will dispose of it properly (even if an error
+	occurs).  The caller should no longer reference it.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewCBCContext( PGPSymmetricCipherContextRef ref,
+					PGPCBCContextRef *outRef );
+
+/*____________________________________________________________________________
+	Disposal clears all data in memory before releasing it.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreeCBCContext( PGPCBCContextRef ref );
+
+/*____________________________________________________________________________
+	Make an exact copy, including current state.  Original is not changed.
+____________________________________________________________________________*/
+
+PGPError 	PGPCopyCBCContext( PGPCBCContextRef ref, PGPCBCContextRef *outRef );
+
+/*____________________________________________________________________________
+	IV size is implicit (same size as the symmetric cipher block size).
+	IV is *copied*.
+	Caller may want to destroy the original after passing it in.
+____________________________________________________________________________*/
+
+PGPError 	PGPInitCBC( PGPCBCContextRef ref, const void *key,
+					const void *initializationVector );
+
+/*____________________________________________________________________________
+	Call repeatedly to process arbitrary amounts of data.  Each call must
+	have bytesIn be a multiple of the cipher block size.
+____________________________________________________________________________*/
+
+PGPError 	PGPCBCEncrypt( PGPCBCContextRef ref, const void *in,
+					PGPSize bytesIn, void *out );
+					
+PGPError 	PGPCBCDecrypt( PGPCBCContextRef ref, const void *in,
+					PGPSize bytesIn, void *out );
+
+/*____________________________________________________________________________
+	Get the symmetric cipher being used for this CBC context.
+	You can use this to determine useful things about the underlying cipher
+	such as its block size.
+____________________________________________________________________________*/
+
+PGPError 	PGPCBCGetSymmetricCipher( PGPCBCContextRef ref,
+					PGPSymmetricCipherContextRef *outRef );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpCBC_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCFB.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCFB.h
new file mode 100644
index 0000000000..9745f969ec
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpCFB.h
@@ -0,0 +1,115 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpCFB.h,v 1.6 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpCFB_h	/* [ */
+#define Included_pgpCFB_h
+
+#include "pgpSymmetricCipher.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	A CFB context requires use of a symmetric cipher which has been created
+	and whose key has been set. An error will be returned if this is not
+	the case.
+	
+	After the call, the CFBRef "owns" the symmetric ref and will
+	dispose of it properly (even if an error occurs).
+	The caller should no longer reference it.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewCFBContext( PGPSymmetricCipherContextRef ref,
+					PGPUInt16 interleaveFactor,
+					PGPCFBContextRef *outRef );
+
+/*____________________________________________________________________________
+	Disposal clears all data in memory before releasing it.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreeCFBContext( PGPCFBContextRef ref );
+
+/*____________________________________________________________________________
+	Make an exact copy, including current state.  Original is not changed.
+____________________________________________________________________________*/
+
+PGPError 	PGPCopyCFBContext( PGPCFBContextRef ref,
+					PGPCFBContextRef *outRef );
+
+/*____________________________________________________________________________
+	IV size is implicit (same size as the symmetric cipher block size).
+	IV is *copied*.
+	Caller may want to destroy the original after passing it in.
+	Calling this implicitly calls PGPResetCFB().
+____________________________________________________________________________*/
+
+PGPError 	PGPInitCFB( PGPCFBContextRef ref, const void *key,
+					const void *initializationVector );
+
+/*____________________________________________________________________________
+	Call repeatedly to process arbitrary amounts of data.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBEncrypt( PGPCFBContextRef ref, const void *in,
+					PGPSize bytesIn, void *out );
+					
+PGPError 	PGPCFBDecrypt( PGPCFBContextRef ref, const void *in,
+					PGPSize bytesIn, void *out );
+
+/*____________________________________________________________________________
+	Get the symmetric cipher being used for this CFB context.
+	You can use this to determine useful things about the underlying cipher
+	such as its block size.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBGetSymmetricCipher(PGPCFBContextRef ref,
+					PGPSymmetricCipherContextRef *outRef );
+					
+/*____________________________________________________________________________
+	Reset the feedback mechanism to use whatever we have so far, plus previous
+	bytes for a total of the cipher block size bytes.  This effectively
+	changes the cipher block boundary.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBSync( PGPCFBContextRef ref );
+
+/*____________________________________________________________________________
+	Fetch random bytes from the cipher.  Returns the actual number of
+	random bytes obtained.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBGetRandom( PGPCFBContextRef ref, PGPSize requestCount,
+					void *out, PGPSize *outCount);
+					
+/*____________________________________________________________________________
+	Make more random bytes available using the supplied salt, which must
+	be the same as the symmetric cipher block size.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBRandomCycle( PGPCFBContextRef ref, const void *salt);
+
+/*____________________________________________________________________________
+	Make more random bytes available using the supplied salt, which must
+	be the same as the symmetric cipher block size.
+____________________________________________________________________________*/
+
+PGPError 	PGPCFBRandomWash( PGPCFBContextRef ref, const void *in,
+					PGPSize bytesIn );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpCFB_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpConfig.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpConfig.h
new file mode 100644
index 0000000000..f2e9f883a1
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpConfig.h
@@ -0,0 +1,96 @@
+/*
+ * pgpConfig.h -- Configuration for the PGPsdk.  This file contains
+ * the configuration information for the PGPsdk, and it should be
+ * included in all PGPsdk source files.
+ *
+ * $Id: pgpConfig.h,v 1.1.1.1 1999/08/08 19:38:33 heller Exp $
+ */
+
+/* Define to empty if the compiler does not support 'const' variables. */
+/* #undef const */
+
+/* Define to `long' if <sys/types.h> doesn't define.  */
+/* #undef off_t */
+
+/* Define to `unsigned' if <sys/types.h> doesn't define.  */
+/* #undef size_t */
+
+
+#ifndef Included_pgpConfig_h	/* [ */
+#define Included_pgpConfig_h
+
+#include "pgpPFLConfig.h"
+
+
+
+
+
+#ifndef Included_pgpPFLConfig_h	/* [ */
+
+#define HAVE_STDARG_H	1
+#define HAVE_STDLIB_H	1
+#define HAVE_UNISTD_H	0
+#define HAVE_USHORT		0
+#define HAVE_UINT		0
+#define HAVE_ULONG		0
+#define NO_LIMITS_H		0
+#define NO_POPEN		1
+
+#if defined( _MSC_VER )
+#define PGP_HAVE64		1
+typedef __int64				PGPInt64;
+typedef unsigned __int64	PGPUInt64;
+
+#elif  defined( __MWERKS__ )
+
+#define PGP_HAVE64		0
+	
+#endif
+
+
+
+#endif /*Included_pgpPFLConfig_h*/	/* ] */
+
+
+/* Checks for various types */
+#define HAVE_UCHAR 0
+
+/* Define if you have the ANSI C header files.  */
+#define STDC_HEADERS 1
+
+/* Checks for various specific header files */
+#define HAVE_FCNTL_H 1
+#define HAVE_LIMITS_H 1
+#define HAVE_SYS_IOCTL_H 0
+#define HAVE_SYS_TIME_H 0
+#define HAVE_SYS_TIMEB_H 1
+#define HAVE_SYS_PARAM_H 0
+
+/* Check if <sys/time.h> is broken and #includes <time.h> wrong */
+#define TIME_WITH_SYS_TIME 0
+
+/* Checks for various functions */
+#define HAVE_GETHRTIME 0
+#define HAVE_CLOCK_GETTIME 0
+#define HAVE_CLOCK_GETRES 0
+#define HAVE_GETTIMEOFDAY 0
+#define HAVE_GETITIMER 0
+#define HAVE_SETITIMER 0
+#define HAVE_FTIME 1
+#define HAVE_MKSTEMP 0
+
+
+#if  defined( __MWERKS__ )
+
+#define PGPTTYE	 /* nothing */
+	
+#elif defined( _MSC_VER )
+
+/* Tags for exported functions, needed for dynamic linking on some platforms */
+#define PGPTTYE	 /* nothing */
+
+#endif
+
+
+
+#endif /* ] Included_pgpConfig_h */
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEC.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEC.h
new file mode 100644
index 0000000000..c12ded4444
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEC.h
@@ -0,0 +1,78 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpEC.h,v 1.12 2003/12/13 01:20:39 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef PGP_EC_PUB_H
+#define PGP_EC_PUB_H
+
+PGP_BEGIN_C_DECLARATIONS
+
+/* Wrapper for the ec* routines and data types. 
+   These are exported functions from PGPsdk
+ */
+
+typedef signed char ** PGPECContextRef;
+typedef signed short ** PGPECPointRef;
+typedef signed int ** PGPECScalarRef;
+
+enum PGPECMemoryUsage_
+{	
+	kPGPECMemoryMedium = 0,
+	kPGPECMemoryHigh = 1,
+
+	PGP_ENUM_FORCE( PGPECMemoryUsage_ )
+};
+PGPENUM_TYPEDEF( PGPECMemoryUsage_, PGPECMemoryUsage );
+
+PGPError PGPECCreate2mContext( PGPMemoryMgrRef memoryMgr, 
+	PGPSize bitsize, PGPECMemoryUsage memUsage, 
+	PGPECContextRef *c );
+
+PGPError PGPECFreeContext( PGPECContextRef p );
+
+PGPError PGPECSetEC2mParamA( PGPECContextRef c, const unsigned *a );
+PGPError PGPECSetEC2mParamB( PGPECContextRef c, const unsigned *b );
+PGPError PGPECSetEC2mParamAInt( PGPECContextRef c, unsigned a );
+PGPError PGPECSetEC2mParamBInt( PGPECContextRef c, unsigned b );
+
+PGPError PGPECGetBufferSize( PGPECContextRef c, 
+		PGPSize *coordinateSize,	PGPSize *scalarSize,
+		PGPSize *pointDecomprSize,	PGPSize *pointComprSize );
+
+PGPError PGPECScalarCreate( PGPECContextRef c, PGPECScalarRef *s, PGPBoolean isSecure );
+PGPError PGPECScalarFree( PGPECScalarRef s );
+PGPError PGPECScalarInsertBytes( PGPECScalarRef s, 
+						const PGPByte *scalar /*network order*/, PGPECScalarRef G_ord );
+
+PGPError PGPECPointCreate( PGPECContextRef c, PGPECPointRef *p );
+PGPError PGPECPointFree( PGPECPointRef p );
+
+PGPError PGPECPointExtractBytes( PGPECPointRef p, PGPByte *out, unsigned flags );
+PGPError PGPECPointExtractXYBytes( PGPECPointRef p, PGPByte *out_x, PGPByte *out_y, unsigned flags );
+PGPError PGPECPointInsertBytes( PGPECPointRef p, const PGPByte *in, unsigned flags );
+
+PGPError PGPECPointAssignContext( PGPECPointRef p, PGPECContextRef c );
+
+PGPError PGPECPointPrefBasis( PGPECPointRef p );
+
+PGPError PGPECPointMul( PGPECPointRef p, 
+	PGPECScalarRef scalar, 
+	PGPBoolean isPrecomputed, /* PGPECPointPrecomp already called */
+	PGPECPointRef out );
+
+PGPError PGPECPointAdd( PGPECPointRef p0, const PGPECPointRef p1, PGPECPointRef sum );
+
+PGPError PGPECPointSetZero( PGPECPointRef p );
+PGPBoolean PGPECPointIsZero( PGPECPointRef p );
+
+PGPBoolean PGPECPointIsConsistent( PGPECPointRef p );
+
+PGPError PGPECPointCompress( PGPECPointRef p );
+PGPError PGPECPointDecompress( PGPECPointRef p );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* PGP_EC_PUB_H */
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEncode.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEncode.h
new file mode 100644
index 0000000000..9f2830ddf0
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpEncode.h
@@ -0,0 +1,306 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file contains the prototypes for functions which encode/decode files
+	and buffers.
+
+	$Id: pgpEncode.h,v 1.20 2003/09/24 03:09:32 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpEncode_h	/* [ */
+#define Included_pgpEncode_h
+
+#include "pgpPubTypes.h"
+#include "pgpTLS.h"
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k
+#endif
+
+/*____________________________________________________________________________
+	PGP Events
+	
+	The PGPEvent structure is used to notify clients of the encode API of
+	various events. Each event is denoted by an event type:
+____________________________________________________________________________*/
+
+enum PGPEventType_
+{
+	kPGPEvent_NullEvent			=  0,		/* Nothing happened */
+	kPGPEvent_InitialEvent		=  1,		/* Final event */
+	kPGPEvent_FinalEvent		=  2,		/* Final event */
+	kPGPEvent_ErrorEvent		=  3,		/* An error occurred */
+	kPGPEvent_WarningEvent		=  4,		/* Warning event */
+	kPGPEvent_EntropyEvent		=  5,		/* More entropy is needed */
+	kPGPEvent_PassphraseEvent	=  6,		/* A passphrase is needed */
+	kPGPEvent_InsertKeyEvent	=  7,		/* Smart card must be inserted */
+	kPGPEvent_AnalyzeEvent		=  8,		/* Initial analysis event,
+											   before any output */
+	kPGPEvent_RecipientsEvent	=  9,		/* Recipient list report,
+											   before any output */
+	kPGPEvent_KeyFoundEvent		= 10,		/* Key packet found */
+	kPGPEvent_OutputEvent		= 11,		/* Output specification needed */
+	kPGPEvent_SignatureEvent	= 12,		/* Signature status report */
+	kPGPEvent_BeginLexEvent		= 13,		/* Initial event per lexical unit*/
+	kPGPEvent_EndLexEvent		= 14,		/* Final event per lexical unit */
+	kPGPEvent_RecursionEvent	= 15,		/* Notification of recursive
+											   job creation */
+	kPGPEvent_DetachedSignatureEvent = 16,	/* Need input for verification of
+											   detached signature */
+	kPGPEvent_KeyGenEvent		= 17,		/* Key generation progress */
+	
+	kPGPEvent_KeyServerEvent	= 18,		/* Key Server progress */
+	kPGPEvent_KeyServerSignEvent= 19,		/* Key Server passphrase */
+	kPGPEvent_KeyServerTLSEvent	= 20,		/* Key Server TLS event */
+	kPGPEvent_KeyServerIdleEvent= 21,		/* Idle during keyserver call */
+	
+	kPGPEvent_SocketsIdleEvent	= 22,		/* Idle during sockets */
+	kPGPEvent_DecryptionEvent	= 23,		/* Decryption data report */
+	kPGPEvent_EncryptionEvent	= 24,		/* Encryption data report */
+
+	kPGPEvent_ToBeSignedEvent	= 25,		/* To-be-signed hash */
+
+	PGP_ENUM_FORCE( PGPEventType_ )
+};
+PGPENUM_TYPEDEF( PGPEventType_, PGPEventType );
+
+
+/* PGP Analyze event callback codes */
+
+enum PGPAnalyzeType_
+{
+	kPGPAnalyze_Encrypted			=  0,	/* Encrypted message */
+	kPGPAnalyze_Signed				=  1,	/* Signed message */
+	kPGPAnalyze_DetachedSignature	=  2,	/* Detached signature */
+	kPGPAnalyze_Key					=  3,	/* Key data */
+	kPGPAnalyze_Unknown				=  4,	/* Non-pgp message */
+	kPGPAnalyze_X509Certificate		=  5,	/* X.509 certificate */
+	kPGPAnalyze_SMIMEBody			=  6,	/* SMIME body */
+
+	PGP_ENUM_FORCE( PGPAnalyzeType_ )
+};
+PGPENUM_TYPEDEF( PGPAnalyzeType_, PGPAnalyzeType );
+
+/* Individual event information structs, combined as a union in PGPEvent */
+
+typedef struct PGPEventNullData_
+{
+	PGPFileOffset			bytesWritten;
+	PGPFileOffset			bytesTotal;
+} PGPEventNullData;
+
+typedef struct PGPEventErrorData_
+{
+	PGPError				error;
+	void				   *errorArg;
+} PGPEventErrorData;
+
+typedef struct PGPEventWarningData_
+{
+	PGPError				warning;
+	void				   *warningArg;
+} PGPEventWarningData;
+
+typedef struct PGPEventEntropyData_
+{
+	PGPUInt32				entropyBitsNeeded;
+} PGPEventEntropyData;
+
+typedef struct PGPEventPassphraseData_
+{
+	PGPBoolean				fConventional;
+	PGPKeySetRef			keyset;
+	const PGPByte			*ESKs;
+	PGPSize					ESKsLength;
+} PGPEventPassphraseData;
+
+typedef struct PGPEventRecipientsData_
+{
+	PGPKeySetRef			recipientSet;
+	PGPUInt32				conventionalPassphraseCount;
+	PGPUInt32				keyCount;
+	PGPKeyID const *		keyIDArray;
+} PGPEventRecipientsData;
+
+typedef struct PGPEventKeyFoundData_
+{
+	PGPKeyDBRef				keyDB;
+} PGPEventKeyFoundData;
+
+typedef struct PGPEventSignatureData_
+{
+	PGPKeyID				signingKeyID;
+	PGPKeyDBObjRef			signingKey;
+	PGPBoolean				checked;
+	PGPBoolean				verified;
+	PGPBoolean				keyRevoked;
+	PGPBoolean				keyDisabled;
+	PGPBoolean				keyExpired;
+	PGPBoolean				keyMeetsValidityThreshold;
+	PGPValidity				keyValidity;
+	PGPTime					creationTime;
+	PGPUInt32				expirationPeriod;
+} PGPEventSignatureData;
+
+typedef struct PGPEventDecryptionData_
+{
+	PGPCipherAlgorithm		cipherAlgorithm;
+	PGPByte					*sessionKey;
+	PGPSize					sessionKeyLength;
+	PGPUInt32				keyCount;	/* keyids of keys that can decrypt, */
+	PGPKeyID const *		keyIDArray;	/* a subset of keys in PGPEventRecipientsData */
+} PGPEventDecryptionData;
+
+typedef struct PGPEventEncryptionData_
+{
+	PGPCipherAlgorithm		cipherAlgorithm;
+	PGPByte					*sessionKey;
+	PGPSize					sessionKeyLength;
+} PGPEventEncryptionData;
+
+typedef struct PGPEventAnalyzeData_
+{
+	PGPAnalyzeType			sectionType;
+} PGPEventAnalyzeData;
+
+typedef struct PGPEventOutputData_
+{
+	PGPUInt32				messageType;
+	PGPChar8			   *suggestedName;
+	PGPBoolean				forYourEyesOnly;
+} PGPEventOutputData;
+
+typedef struct PGPEventBeginLexData_
+{
+	PGPUInt32				sectionNumber;
+	PGPSize					sectionOffset;
+} PGPEventBeginLexData;
+
+typedef struct PGPEventEndLexData_
+{
+	PGPUInt32				sectionNumber;
+} PGPEventEndLexData;
+
+typedef struct PGPEventKeyGenData_
+{
+	PGPUInt32				state;
+} PGPEventKeyGenData;
+
+typedef struct PGPEventKeyServerData_
+{
+	PGPKeyServerRef			keyServerRef;
+	PGPUInt32				state;			/* PGPKeyServerState */
+} PGPEventKeyServerData;
+
+typedef struct PGPEventKeyServerSignData_
+{
+	PGPKeyServerRef			keyServerRef;
+} PGPEventKeyServerSignData;
+
+typedef struct PGPEventKeyServerTLSData_
+{
+	PGPKeyServerRef			keyServerRef;
+	PGPUInt32				state;			/* PGPKeyServerState */
+	PGPtlsSessionRef		tlsSession;
+} PGPEventKeyServerTLSData;
+
+typedef struct PGPEventKeyServerIdleData_
+{
+	PGPKeyServerRef			keyServerRef;
+} PGPEventKeyServerIdleData;
+
+typedef struct PGPEventToBeSignedData_
+{
+	PGPKeyID				keyID;
+	PGPHashAlgorithm		hashAlg;
+	PGPByte					hash[512/8];
+	PGPSize					hashSize;
+} PGPEventToBeSignedData;
+
+/*
+ * The following events have no event-specific data defined for them:
+ *	kPGPEvent_InsertKeyEvent
+ *	kPGPEvent_RecursionEvent
+ *	kPGPEvent_DetachedSignatureEvent
+ *	kPGPEvent_InitialEvent
+ *	kPGPEvent_FinalEvent
+ *	kPGPEvent_SocketsIdleEvent
+ */
+
+/* Union of all event data structures above */
+typedef union PGPEventData_
+{
+	PGPEventNullData			nullData;
+	PGPEventErrorData			errorData;
+	PGPEventWarningData			warningData;
+	PGPEventEntropyData			entropyData;
+	PGPEventPassphraseData		passphraseData;
+	PGPEventRecipientsData		recipientsData;
+	PGPEventKeyFoundData		keyFoundData;
+	PGPEventSignatureData		signatureData;
+	PGPEventDecryptionData		decryptionData;
+	PGPEventEncryptionData		encryptionData;
+	PGPEventAnalyzeData			analyzeData;
+	PGPEventOutputData			outputData;
+	PGPEventBeginLexData		beginLexData;
+	PGPEventEndLexData			endLexData;
+	PGPEventKeyGenData			keyGenData;
+	PGPEventKeyServerData		keyServerData;
+	PGPEventKeyServerSignData	keyServerSignData;
+	PGPEventKeyServerTLSData	keyServerTLSData;
+	PGPEventKeyServerIdleData	keyServerIdleData;
+	PGPEventToBeSignedData		tbsData;
+} PGPEventData;
+
+/* Refs to internal "job" structure */
+typedef struct PGPJob *				PGPJobRef;
+
+#define	kInvalidPGPJobRef			((PGPJobRef) NULL)
+#define PGPJobRefIsValid( ref )		( (ref) != kInvalidPGPJobRef )
+
+/* PGPEvent structure */
+
+struct PGPEvent
+{
+	PGPVersion				 version;		/* Version of event structure */
+	struct PGPEvent_		*nextEvent;		/* Allow lists of events */
+	PGPJobRef				 job;			/* Associated with what job */
+	PGPEventType			 type;			/* Type of event */
+	PGPEventData			 data;			/* Event specific data */
+};
+typedef struct PGPEvent PGPEvent;
+
+
+#if PGP_MACINTOSH
+#pragma options align=reset
+#endif
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*
+**	Functions to encode and decode. The variable parameters are one or more
+**	PGPOptionListRef's which describe the inputs, outputs, and options.
+*/
+
+PGPError 		PGPEncode(PGPContextRef context,
+							PGPOptionListRef firstOption, ...);
+PGPError 		PGPDecode(PGPContextRef context,
+							PGPOptionListRef firstOption, ...);
+
+PGPError 		PGPAddJobOptions(PGPJobRef job,
+							PGPOptionListRef firstOption, ...);
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpEncode_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpErrors.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpErrors.h
new file mode 100644
index 0000000000..7174b0a9e6
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpErrors.h
@@ -0,0 +1,393 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	Error codes for all PGPsdk errors can be found in this file.
+
+	$Id: pgpErrors.h,v 1.28 2004/04/26 21:23:53 vinnie Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpErrors_h	/* [ */
+#define Included_pgpErrors_h
+
+#include "pgpPubTypes.h"
+
+
+#include "pgpPFLErrors.h"
+
+#define kPGPErrorRange		1000
+
+enum PGPError_
+{
+	/*
+		NOTE: error code values must not be changed;
+		compiled client code depends on them.
+	*/
+	kPGPError_FirstError		= -11500,
+	kPGPError_Last				= -10500,
+
+	kPGPError_BadPassphrase		= -11500,
+	kPGPError_OptionNotFound	= -11499,
+
+/* Errors from pgpEncode */
+	kPGPError_RedundantOptions	= -11498,
+	kPGPError_KeyRevoked		= -11497,
+	kPGPError_KeyExpired		= -11496,
+	kPGPError_KeyDisabled		= -11495,
+	kPGPError_KeyInvalid		= -11494,
+	kPGPError_KeyUnusableForEncryption			= -11493,
+	kPGPError_KeyUnusableForSignature			= -11492,
+	kPGPError_OutputBufferTooSmall				= -11491,
+	kPGPError_InconsistentEncryptionAlgorithms	= -11490, 
+	kPGPError_MissingPassphrase					= -11489,
+	kPGPError_CombinedConventionalAndPublicEncryption= -11488, 
+	kPGPError_DetachedSignatureWithoutSigningKey= -11487, 
+	kPGPError_DetachedSignatureWithEncryption	= -11486, 
+	kPGPError_NoInputOptions					= -11485,
+	kPGPError_MultipleInputOptions				= -11484,
+	kPGPError_InputFile							= -11483,
+	kPGPError_NoOutputOptions					= -11482,
+	kPGPError_MultipleOutputOptions				= -11481,
+	kPGPError_MissingEventHandler				= -11480,
+	kPGPError_MissingKeyDB						= -11479,
+	kPGPError_DetachedSignatureFound			= -11478,
+	kPGPError_NoDecryptionKeyFound				= -11477,
+	kPGPError_CorruptSessionKey					= -11476,
+	kPGPError_SkipSection						= -11475,
+	kPGPError_Interrupted						= -11474,
+	kPGPError_TooManyARRKs						= -11473,
+	kPGPError_KeyUnusableForDecryption			= -11472,
+	kPGPError_KeygenTimedOut					= -11471,
+	
+	kPGPError_IncompatibleAPI					= -11460,
+
+/* misc errors */
+	kPGPError_CompressionFailed					= -11453,
+	kPGPError_UnTARFailed						= -11452,
+	kPGPError_MinorUnTARError					= -11451,
+	kPGPError_NotMacBinary						= -11450,
+	kPGPError_NoMacBinaryTranslationAvailable	= -11449,
+	kPGPError_BadSignature						= -11448,
+	kPGPError_CAPIUnsupportedKey				= -11447,
+	kPGPError_SelfTestFailed					= -11446,
+	kPGPError_SelfTestsNotExecuted				= -11445,
+	kPGPError_BadIntegrity						= -11444,
+	kPGPError_DeCompressionFailed				= -11443,
+	kPGPError_DeletingSelfSig					= -11442,
+	
+/* filter errors */
+
+	kPGPError_InconsistentFilterClasses			= -11440,
+	kPGPError_UnsupportedLDAPFilter				= -11439,
+	kPGPError_UnsupportedHKPFilter				= -11438,
+	kPGPError_UnknownFilterType					= -11437,
+	kPGPError_InvalidFilterParameter			= -11436,
+	kPGPError_UnsupportedNetToolsCAFilter		= -11435,
+	
+/* old errors: */
+
+	kPGPError_OutOfRings						= -11420,
+	kPGPError_BadHashNumber						= -11419,
+	kPGPError_BadCipherNumber					= -11418,
+	kPGPError_BadKeyLength						= -11417,
+	kPGPError_SizeAdviseFailure					= -11416,
+	kPGPError_ConfigParseFailure				= -11415,
+	kPGPError_ConfigParseFailureBadFunction		= -11414,
+	kPGPError_ConfigParseFailureBadOptions		= -11413,
+	kPGPError_KeyIsLocked						= -11412,
+	kPGPError_CantDecrypt						= -11411,
+	kPGPError_UnknownString2Key					= -11410,
+	kPGPError_BadSessionKeySize					= -11409,
+	kPGPError_UnknownVersion					= -11408,
+	kPGPError_BadSessionKeyAlgorithm			= -11407,
+	kPGPError_UnknownSignatureType				= -11406,
+	kPGPError_BadSignatureSize					= -11405,
+	kPGPError_SignatureBitsWrong				= -11404,
+	kPGPError_ExtraDateOnSignature				= -11403,
+	kPGPError_SecretKeyNotFound					= -11402,
+	kPGPError_AdditionalRecipientRequestKeyNotFound	= -11401,
+	kPGPError_InvalidCommit						= -11400,
+	kPGPError_CantHash							= -11399,
+	kPGPError_UnbalancedScope					= -11398,
+	kPGPError_WrongScope						= -11397,
+	kPGPError_FIFOReadError						= -11396,
+	kPGPError_RandomSeedTooSmall				= -11395,
+	kPGPError_EnvPriorityTooLow					= -11394,
+	kPGPError_UnknownCharMap					= -11393,
+	kPGPError_AsciiParseIncomplete				= -11392,
+	kPGPError_BadPacket							= -11391,
+
+	kPGPError_TroubleKeySubKey					= -11390,
+	kPGPError_TroubleSigSubKey					= -11389,
+	kPGPError_TroubleBadTrust					= -11388,
+	kPGPError_TroubleUnknownPacketByte			= -11387,
+	kPGPError_TroubleUnexpectedSubKey			= -11386,
+	kPGPError_TroubleUnexpectedName				= -11385,
+	kPGPError_TroubleUnexpectedSignature		= -11384,
+	kPGPError_TroubleUnexpectedUnknown			= -11383,
+	kPGPError_TroubleUnexpectedTrust			= -11382,
+	kPGPError_TroubleKeyTooBig					= -11381,
+	kPGPError_TroubleSecretKeyTooBig			= -11380,
+	kPGPError_TroubleNameTooBig					= -11379,
+	kPGPError_TroubleSignatureTooBig			= -11378,
+	kPGPError_TroubleUnknownTooBig				= -11377,
+	kPGPError_TroubleDuplicateKeyID				= -11376,
+	kPGPError_TroubleDuplicateKey				= -11375,
+	kPGPError_TroubleDuplicateSecretKey			= -11374,
+	kPGPError_TroubleDuplicateName				= -11373,
+	kPGPError_TroubleDuplicateSignature			= -11372,
+	kPGPError_TroubleDuplicateUnknown			= -11371,
+	kPGPError_TroubleBareKey					= -11370,
+	kPGPError_TroubleVersionBugPrev				= -11369,
+	kPGPError_TroubleVersionBugCur				= -11368,
+	kPGPError_TroubleOldSecretKey				= -11367,
+	kPGPError_TroubleNewSecretKey				= -11366,
+	kPGPError_TroubleImportingNonexportableSignature= -11365,
+	kPGPError_TroubleDuplicateCRL				= -11364,
+	kPGPError_TroubleCRLTooBig					= -11363,
+
+	kPGPError_BadCompressionNumber				= -11362,
+
+	/*
+	 * The set of errors in this range are the ones which will NOT abort
+	 * a keyring check operation.  These errors just make us skip the key
+	 * and go on to the next.
+	 */
+kPGPError_KEY_MIN								= -11350,
+	kPGPError_KEY_LONG							= kPGPError_KEY_MIN,
+	kPGPError_KeyPacketTruncated				= -11349,
+	kPGPError_UnknownKeyVersion					= -11348,
+	kPGPError_UnknownPublicKeyAlgorithm			= -11347,
+	kPGPError_MalformedKeyModulus				= -11346,
+	kPGPError_MalformedKeyExponent				= -11345,
+	kPGPError_RSAPublicModulusIsEven			= -11344,
+	kPGPError_RSAPublicExponentIsEven			= -11343,
+	kPGPError_MalformedKeyComponent				= -11342,
+	kPGPError_KeyTooLarge						= -11341,
+	kPGPError_PublicKeyTooSmall					= -11340,
+	kPGPError_PublicKeyTooLarge					= -11339,
+	kPGPError_PublicKeyUnimplemented			= -11338,
+	kPGPError_CRLPacketTruncated				= -11337,
+	kPGPError_CorruptPrivateKey					= -11336,
+	kPGPError_UnknownPaddingType				= -11335,
+kPGPError_KEY_MAX				= kPGPError_CorruptPrivateKey,
+
+
+/* kPGPError_SIG_MAX */
+	kPGPError_SIG_LONG							= -11330,
+	kPGPError_TruncatedSignature				= -11329,
+	kPGPError_MalformedSignatureInteger			= -11328,
+	kPGPError_UnknownSignatureAlgorithm			= -11327,
+	kPGPError_ExtraSignatureMaterial			= -11326,
+	kPGPError_UnknownSignatureVersion			= -11325,
+	kPGPError_RevocationKeyNotFound				= -11324,
+/* kPGPError_SIG_MIN */
+
+/*  kPGPError_KEYDB_MAX */
+	kPGPError_OutOfEntropy						= -11320,
+	kPGPError_ItemIsReadOnly					= -11319,
+	kPGPError_InvalidProperty					= -11318,
+	kPGPError_FileCorrupt						= -11317,
+	kPGPError_DuplicateCert						= -11316,
+	kPGPError_DuplicateUserID					= -11315,
+	kPGPError_CertifyingKeyDead					= -11314,
+	kPGPError_ItemWasDeleted					= -11313,
+	kPGPError_KeyDBMismatch						= -11312,
+/* kPGPError_KEYDB_MIN = kPGPError_KeyDBMismatch */
+
+/* kPGPError_SERVER_MAX */
+	kPGPError_ServerInProgress					= -11300,
+	kPGPError_ServerOperationNotSupported		= -11299,
+	kPGPError_ServerInvalidProtocol				= -11298,
+	kPGPError_ServerRequestFailed				= -11297,
+	kPGPError_ServerOpen						= -11296,
+	kPGPError_ServerNotOpen						= -11295,
+	kPGPError_ServerKeyAlreadyExists			= -11294,
+	kPGPError_ServerNotInitialized				= -11293,
+	kPGPError_ServerPartialAddFailure			= -11292,
+	kPGPError_ServerCorruptKeyBlock				= -11291,
+	kPGPError_ServerUnknownResponse				= -11290,
+	kPGPError_ServerTimedOut					= -11289,
+	kPGPError_ServerOpenFailed					= -11288,
+	kPGPError_ServerAuthorizationRequired		= -11287,
+	kPGPError_ServerAuthorizationFailed			= -11286,
+	kPGPError_ServerSearchFailed				= -11285,
+	kPGPError_ServerPartialSearchResults		= -11284,
+	kPGPError_ServerBadKeysInSearchResults		= -11283,
+	kPGPError_ServerKeyFailedPolicy				= -11282,
+	kPGPError_ServerOperationRequiresTLS		= -11281,
+	kPGPError_ServerNoStaticStorage				= -11280,
+	kPGPError_ServerCertNotFound				= -11279,
+
+/* TLS errors */
+	kPGPError_TLSUnexpectedClose				= -11250,
+	kPGPError_TLSProtocolViolation				= -11249,
+	kPGPError_TLSVersionUnsupported				= -11248,
+	kPGPError_TLSWrongState						= -11247,
+	kPGPError_TLSAlertReceived					= -11246,
+	kPGPError_TLSKeyUnusable					= -11245,
+	kPGPError_TLSNoCommonCipher					= -11244,
+	kPGPError_TLSWouldBlock						= -11243,
+	kPGPError_TLSRcvdHandshakeRequest			= -11242,
+
+/* X509 certificate errors */
+	kPGPError_X509NeededCertNotAvailable		= -11240,
+	kPGPError_X509SelfSignedCert				= -11239,
+	kPGPError_X509InvalidCertificateSignature	= -11238,
+	kPGPError_X509InvalidCertificateFormat		= -11237,
+	kPGPError_X509InvalidCertificateTree		= -11236,
+
+/* Key Splitting errors */
+	kPGPError_SplitNotEnoughSharesInObject		= -11230,
+	kPGPError_SplitDifferentSplitKeys			= -11229,
+	kPGPError_SplitDifferentSharePool			= -11228,
+	kPGPError_SplitIdenticalShares				= -11227,
+	kPGPError_SKEPRejectedAuthentication		= -11226,
+	kPGPError_SKEPIncorrectVersion				= -11225,	
+
+/* SECSH errors */
+	kPGPError_SECSHUnexpectedClose				= -11220,
+	kPGPError_SECSHProtocolViolation			= -11219,
+	kPGPError_SECSHVersionUnsupported			= -11218,
+	kPGPError_SECSHWrongState					= -11217,
+	kPGPError_SECSHAlertReceived				= -11216,
+	kPGPError_SECSHKeyUnusable					= -11215,
+	kPGPError_SECSHNoCommonCipher				= -11214,
+	kPGPError_SECSHWouldBlock					= -11213,
+	kPGPError_SECSHRcvdHandshakeRequest			= -11212,
+
+	kPGPError_BigNumNoInverse					= -11150,
+	
+/* PGPSockets errors */
+	kPGPError_SocketsNetworkDown				= -11100,
+	kPGPError_SocketsNotInitialized				= -11099,
+	kPGPError_SocketsInProgress					= -11098,
+	kPGPError_SocketsNotConnected				= -11097,
+	kPGPError_SocketsNotBound					= -11096,
+	kPGPError_SocketsOperationNotSupported		= -11095,
+	kPGPError_SocketsProtocolNotSupported		= -11094,
+	kPGPError_SocketsAddressFamilyNotSupported	= -11093,
+	kPGPError_SocketsNotASocket					= -11092,
+	kPGPError_SocketsAddressInUse				= -11091,
+	kPGPError_SocketsBufferOverflow				= -11090,
+	kPGPError_SocketsListenQueueFull			= -11089,
+	kPGPError_SocketsAddressNotAvailable		= -11088,
+	kPGPError_SocketsAlreadyConnected			= -11087,
+	kPGPError_SocketsTimedOut					= -11086,
+	kPGPError_SocketsNoStaticStorage			= -11085,
+	
+	kPGPError_SocketsHostNotFound				= -11050,
+	kPGPError_SocketsDomainServerError			= -11049,
+
+/* Errors from X.509 layer */
+    kPGPError_X509AttributeNotSupported			= -10999,
+    kPGPError_InvalidPKCS7Encoding				= -10998,
+    kPGPError_CMSInitialization					= -10997,
+    kPGPError_InvalidDistinguishedName			= -10996,
+    kPGPError_CertRequestCreationFailure		= -10995,
+    kPGPError_MissingX509Certificate			= -10994,
+    kPGPError_PKCS7SignFailure					= -10993,
+    kPGPError_ASNPackFailure					= -10992,
+    kPGPError_InvalidInputFormat				= -10991,
+    kPGPError_InvalidOutputFormat				= -10990,
+	kPGPError_InvalidCertificateExtension		= -10989,
+	kPGPError_PublicKeyNotFound					= -10988,
+
+	kPGPError_CRSMissingRequiredAttribute		= -10979,
+	kPGPError_CRSInvalidCharacter				= -10978,
+	kPGPError_CRSInvalidAttributeType			= -10977,
+	kPGPError_CRSInvalidCertType				= -10976,
+	kPGPError_CRSInvalidAttributeValueLength	= -10975,
+	kPGPError_CRSInvalidAuthenticateValue		= -10974,
+
+	kPGPError_X509CertificateParseError			= -10973,
+	kPGPError_PKCS7EncryptFailure				= -10972,
+	kPGPError_PKCS7DecryptFailure				= -10971,
+
+	kPGPError_InvalidCertificateFormat 			= -11970,
+
+/* LDAP Errors */
+kPGPError_LDAPMIN								= -10950,
+	kPGPError_LDAPOperationsError				= kPGPError_LDAPMIN,
+	kPGPError_LDAPProtocolError					= -10949,
+	kPGPError_LDAPTimelimitExceeded				= -10948,
+	kPGPError_LDAPSizelimitExceeded				= -10947,
+	kPGPError_LDAPStrongAuthNotSupported		= -10946,
+	kPGPError_LDAPStrongAuthRequired			= -10945,
+	kPGPError_LDAPPartialResults				= -10944,
+	kPGPError_LDAPNoSuchAttribute				= -10943,
+	kPGPError_LDAPUndefinedType					= -10942,
+	kPGPError_LDAPInappropriateMatching			= -10941,
+	kPGPError_LDAPConstraintViolation			= -10940,
+	kPGPError_LDAPTypeOrValueExists				= -10939,
+	kPGPError_LDAPInvalidSyntax					= -10938,
+	kPGPError_LDAPNoSuchObject 					= -10937,
+	kPGPError_LDAPAliasProblem 					= -10936,
+	kPGPError_LDAPInvalidDNSyntax				= -10935,
+	kPGPError_LDAPIsLeaf						= -10934,
+	kPGPError_LDAPAliasDerefProblem				= -10933,
+	kPGPError_LDAPInappropriateAuth				= -10932,
+	kPGPError_LDAPInvalidCredentials			= -10931,
+	kPGPError_LDAPInsufficientAccess			= -10930,
+	kPGPError_LDAPBusy 							= -10929,
+	kPGPError_LDAPUnavailable					= -10928,
+	kPGPError_LDAPUnwillingToPerform			= -10927,
+	kPGPError_LDAPLoopDetect					= -10926,
+	kPGPError_LDAPNamingViolation				= -10925,
+	kPGPError_LDAPObjectClassViolation 			= -10924,
+	kPGPError_LDAPNotAllowedOnNonleaf			= -10923,
+	kPGPError_LDAPNotAllowedOnRDN				= -10922,
+	kPGPError_LDAPAlreadyExists					= -10921,
+	kPGPError_LDAPNoObjectClassMods				= -10920,
+	kPGPError_LDAPResultsTooLarge				= -10919,
+	kPGPError_LDAPOther							= -10918,
+	kPGPError_LDAPServerDown					= -10917,
+	kPGPError_LDAPLocalError					= -10916,
+	kPGPError_LDAPEncodingError					= -10915,
+	kPGPError_LDAPDecodingError					= -10914,
+	kPGPError_LDAPTimeout						= -10913,
+	kPGPError_LDAPAuthUnknown					= -10912,
+	kPGPError_LDAPFilterError					= -10911,
+	kPGPError_LDAPUserCancelled					= -10910,
+	kPGPError_LDAPParamError					= -10909,
+	kPGPError_LDAPConnectError 					= -10908,
+	/* Reserve errors -10907 through -10881 for future LDAP versions */
+	kPGPError_LDAPNotLDAPURL					= -10880,
+	kPGPError_LDAPNoDN							= -10879,
+	kPGPError_LDAPBadScope						= -10878,
+kPGPError_LDAPMAX								= kPGPError_LDAPBadScope,
+
+	/* Smart Card Errors */
+	kPGPError_SmartCardError					= -10850,
+	kPGPError_SmartCardOutOfMemory				= -10849,
+	kPGPError_SmartCardKeyNotFound				= -10848,
+    kPGPError_SmartCardX509Exists			    = -10847,
+	kPGPError_SmartCardKeyExists			    = -10846,
+	kPGPError_SmartCardPinLocked			    = -10845,
+	kPGPError_SmartCardNotFound					= -10844,
+
+	kPGPError_DummyEnumValue
+	/* kPGPError_Last */
+} ;
+
+
+PGP_BEGIN_C_DECLARATIONS
+
+#undef PGPGetErrorString
+PGPError 	PGPGetErrorString( PGPError theError,
+				PGPSize bufferSize, PGPChar8 * theString );
+
+PGP_END_C_DECLARATIONS
+
+
+#endif /* ] Included_pgpErrors_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpFeatures.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpFeatures.h
new file mode 100644
index 0000000000..ad628a283b
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpFeatures.h
@@ -0,0 +1,143 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	Determine which features are present in the PGPsdk.  This is the only
+	way to correctly determine which features are present.  The version
+	number may be the same for different builds that lack some features.
+
+	$Id: pgpFeatures.h,v 1.13 2004/03/15 19:18:55 vinnie Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpFeatures_h	/* [ */
+#define Included_pgpFeatures_h
+
+#include "pgpPubTypes.h"
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k	/* [ */
+#endif
+
+/*____________________________________________________________________________
+	Each selector designates a PGPFlags word, which can be obtained via
+	PGPGetFeatureFlags().  The flags can be tested using the 
+	supplied masks.  We can add more selectors as needed.  The masks
+	are not intended to be restricted to a single bit.
+	Flags should not be used for attributes that have unknown length.
+	
+	A kPGPError_ItemNotFound will be returned if the caller specifies
+	a selector which is not recognized by the PGPsdk.  This could
+	occur if an app links to an older version of the SDK.
+____________________________________________________________________________*/
+
+/* selectors which are passed to PGPGetFeatureFlags */
+enum PGPFeatureSelector_
+{
+	kPGPFeatures_GeneralSelector		= 1,
+	kPGPFeatures_ImplementationSelector	= 2,
+
+	PGP_ENUM_FORCE( PGPFeatureSelector_ )
+};
+PGPENUM_TYPEDEF( PGPFeatureSelector_, PGPFeatureSelector );
+
+
+/* flags for kPGPFeatures_GeneralSelector */
+enum
+{
+	kPGPFeatureMask_CanEncrypt			= (1UL << 0),
+	kPGPFeatureMask_CanDecrypt			= (1UL << 1),
+	kPGPFeatureMask_CanSign				= (1UL << 2),
+	kPGPFeatureMask_CanVerify			= (1UL << 3),
+	kPGPFeatureMask_CanGenerateKey		= (1UL << 4),
+	kPGPFeatureMask_RngHardware			= (1UL << 5),
+	kPGPFeatureMask_FIPSmode			= (1UL << 6)
+};
+
+/* flags for kPGPFeatures_ImplementationSelector */
+enum
+{
+	kPGPFeatureMask_IsDebugBuild	= (1UL << 0),
+	kPGPFeatureMask_HasTimeout		= (1UL << 0)
+};
+
+#define kPGPAlgorithmInfoFlags_FIPS		(PGPFlags)(1UL << 1 )
+
+typedef struct PGPAlgorithmInfo
+{
+	PGPChar8	shortName[ 32 ];
+	PGPChar8	longName[ 96 ];
+	PGPChar8	copyright[ 128 ];
+	PGPFlags	flags;			 
+	PGPUInt32	reserved[ 16 ];	/* reserved; 0 for now */
+	
+} PGPAlgorithmInfo;
+
+typedef struct PGPPublicKeyAlgorithmInfo
+{
+	PGPAlgorithmInfo		info;
+	
+	PGPPublicKeyAlgorithm	algID;
+	
+	PGPBoolean				canEncrypt;
+	PGPBoolean				canDecrypt;
+	PGPBoolean				canSign;
+	PGPBoolean				canVerify;
+	PGPBoolean				canGenerateKey;
+	PGPBoolean				reserved1;
+	PGPBoolean				reserved2;
+	PGPBoolean				reserved3;
+	
+	PGPUInt32				reserved[ 8 ];
+	
+} PGPPublicKeyAlgorithmInfo;
+
+typedef struct PGPSymmetricCipherInfo
+{
+	PGPAlgorithmInfo	info;
+	PGPCipherAlgorithm	algID;
+	
+	PGPUInt32			reserved[ 8 ];
+	
+} PGPSymmetricCipherInfo;
+
+#if PGP_MACINTOSH
+#pragma options align=reset			/* ] */
+#endif
+
+PGP_BEGIN_C_DECLARATIONS
+
+/* return a flags word for the feature selector */
+PGPError 	PGPGetFeatureFlags( PGPFeatureSelector selector,
+					PGPFlags *flags );
+
+/* use this to test whether a feature exists after getting flags */
+#define PGPFeatureExists( flags, maskValue ) ( ( (flags) & (maskValue) ) != 0 )
+
+
+/*____________________________________________________________________________
+	Routines to determine which algorithms are present.
+	
+	To determine if a specific algorithm is available, you will need to
+	index through the available algorithms and check the algorithm ID.
+____________________________________________________________________________*/
+
+PGPError	PGPCountPublicKeyAlgorithms( PGPUInt32 *numPKAlgs );
+PGPError	PGPGetIndexedPublicKeyAlgorithmInfo( PGPUInt32 theIndex,
+				PGPPublicKeyAlgorithmInfo *info);
+				
+PGPError	PGPCountSymmetricCiphers( PGPUInt32 *numPKAlgs );
+PGPError	PGPGetIndexedSymmetricCipherInfo( PGPUInt32 theIndex,
+				PGPSymmetricCipherInfo *info);
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpFeatures_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpGroups.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpGroups.h
new file mode 100644
index 0000000000..2f6ebd07af
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpGroups.h
@@ -0,0 +1,315 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpGroups.h,v 1.12 2003/08/08 04:40:39 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpGroups_h	/* [ */
+#define Included_pgpGroups_h
+
+/*____________________________________________________________________________
+	Note: All functions in this file have been deprecated and will be
+	replaced in the future with equivalent functionality.
+____________________________________________________________________________*/
+
+#include "pgpPubTypes.h"
+#include "pgpEncode.h"
+
+#if PGP_DEPRECATED	/* [ */
+
+#if PGP_MACINTOSH
+#include <Files.h>
+#endif
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k
+#endif
+
+#define kPGPMaxGroupNameLength				63
+#define kPGPMaxGroupDescriptionLength		63
+
+typedef PGPChar8	PGPGroupName[ kPGPMaxGroupNameLength + 1 ];
+typedef PGPChar8	PGPGroupDescription[ kPGPMaxGroupDescriptionLength + 1 ];
+
+
+typedef struct PGPGroupSet *		PGPGroupSetRef;
+typedef struct PGPGroupIter *		PGPGroupItemIterRef;
+
+#define	kInvalidPGPGroupSetRef			((PGPGroupSetRef) NULL)
+#define	kInvalidPGPGroupItemIterRef		((PGPGroupItemIterRef) NULL)
+
+#define PGPGroupSetRefIsValid(ref)		((ref) != kInvalidPGPGroupSetRef)
+#define PGPGroupItemIterRefIsValid(ref)	((ref) != kInvalidPGPGroupItemIterRef)
+
+/* any type will do that is distinct */
+typedef PGPUInt32				PGPGroupID;
+#define kPGPInvalidGroupID		( (PGPGroupID)0 )
+
+enum PGPGroupItemType_
+{
+	kPGPGroupItem_KeyID = 1,
+	kPGPGroupItem_Group,
+	
+	PGP_ENUM_FORCE( PGPGroupItemType_)
+};
+PGPENUM_TYPEDEF( PGPGroupItemType_, PGPGroupItemType );
+
+/*____________________________________________________________________________
+	A run-time group item, used when iterating through a group.
+	For client use; not necessarily the internal storage format.
+	
+	'userValue' is *not* saved to disk.
+____________________________________________________________________________*/
+
+typedef struct PGPGroupItem
+{
+	PGPGroupItemType	type;
+	PGPUserValue		userValue;
+	
+	union
+	{
+		PGPGroupID	groupID;
+		PGPKeyID	keyID;
+	} u;
+} PGPGroupItem;
+
+
+typedef PGPInt32	(*PGPGroupItemCompareProc)( PGPGroupItem *,
+							PGPGroupItem *, PGPUserValue userValue );
+
+/*____________________________________________________________________________
+	Info obtained via PGPGetGroupInfo.
+____________________________________________________________________________*/
+
+typedef struct PGPGroupInfo
+{
+	PGPGroupID		id;
+	PGPGroupName	name;
+	PGPGroupName	description;
+	PGPUserValue	userValue;
+	
+} PGPGroupInfo;
+
+
+typedef PGPFlags	PGPGroupItemIterFlags;
+/* flag (1UL << 0 ) is reserved */
+#define kPGPGroupIterFlags_Recursive	(PGPFlags)(1UL << 1 )
+#define kPGPGroupIterFlags_Keys			(PGPFlags)(1UL << 2 )
+#define kPGPGroupIterFlags_Groups		(PGPFlags)(1UL << 3 )
+
+#define kPGPGroupIterFlags_AllKeysRecursive			\
+	( kPGPGroupIterFlags_Recursive | kPGPGroupIterFlags_Keys )
+	
+#define kPGPGroupIterFlags_AllGroupsRecursive			\
+	( kPGPGroupIterFlags_Recursive | kPGPGroupIterFlags_Groups )
+	
+#define kPGPGroupIterFlags_AllItems			\
+	( kPGPGroupIterFlags_Keys | kPGPGroupIterFlags_Groups )
+	
+#define kPGPGroupIterFlags_AllRecursive	\
+	( kPGPGroupIterFlags_Recursive | kPGPGroupIterFlags_AllItems )
+	
+	
+
+#if PGP_MACINTOSH
+#pragma options align=reset
+#endif
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Manipulating pgp group sets (PGPGroupSetRef)
+____________________________________________________________________________*/
+/* create a new, empty groups collection */
+PGPError	PGPNewGroupSet( PGPContextRef context, PGPGroupSetRef *outRef );
+
+/* file is *not* left open; all data is loaded into memory */
+PGPError	PGPNewGroupSetFromFile( PGPContextRef context,
+				PGPFileSpecRef file,
+				PGPGroupSetRef *outRef );
+
+#if PGP_MACINTOSH || PGP_OSX
+PGPError	PGPNewGroupSetFromFSSpec( PGPContextRef context,
+				const struct FSSpec *spec, PGPGroupSetRef *outRef );
+#endif
+
+/* overwrites existing.  Don't bother unless PGPGroupSetNeedsCommit() */
+PGPError	PGPSaveGroupSetToFile( PGPGroupSetRef set, PGPFileSpecRef file );
+
+/* free all data structures; be sure to save first if you want */
+PGPError	PGPFreeGroupSet( PGPGroupSetRef set );
+
+
+/* has the group changed? */
+PGPBoolean		PGPGroupSetNeedsCommit( PGPGroupSetRef set );
+
+PGPContextRef	PGPGetGroupSetContext( PGPGroupSetRef set );
+		
+/* export the groupset to a buffer. Use PGPFreeData to free the buffer */
+PGPError	PGPExportGroupSetToBuffer( PGPGroupSetRef set, void **buffer,
+				PGPSize *bufferSize );
+
+/* import a groupset from a buffer */
+PGPError	PGPImportGroupSetFromBuffer(PGPContextRef context, void *buffer,
+				PGPSize bufSize, PGPGroupSetRef *outSet );
+		
+/*____________________________________________________________________________
+	Manipulating groups
+	
+	Groups are always referred to by IDs which remain valid until the set
+	is disposed.
+____________________________________________________________________________*/
+
+/* initial parent ID is kPGPInvalidGroupID */
+PGPError	PGPNewGroup( PGPGroupSetRef set,
+				const PGPChar8 * name, const PGPChar8 *description,
+				PGPGroupID *id );
+
+PGPError	PGPCountGroupsInSet( PGPGroupSetRef set,
+				PGPUInt32 *numGroups);
+PGPError	PGPGetIndGroupID( PGPGroupSetRef set,
+				PGPUInt32 groupIndex, PGPGroupID *id );
+
+/* delete this group from the set */
+/* All references to it are removed in all sets */
+PGPError	PGPDeleteGroup( PGPGroupSetRef set, PGPGroupID id );
+
+/* delete the indexed item from the group */
+/* the item may be a group or a key */
+PGPError	PGPDeleteIndItemFromGroup( PGPGroupSetRef set,
+				PGPGroupID	id, PGPUInt32 item );
+
+/* same as PGPDeleteIndItemFromGroup, but accepts an item */
+PGPError	PGPDeleteItemFromGroup( PGPGroupSetRef set,
+				PGPGroupID id, PGPGroupItem const *item );
+
+
+PGPError	PGPGetGroupInfo( PGPGroupSetRef set,
+				PGPGroupID id, PGPGroupInfo *info );
+				
+PGPError	PGPSetGroupName( PGPGroupSetRef set,
+				PGPGroupID id, const PGPChar8 * name );
+PGPError	PGPSetGroupUserValue( PGPGroupSetRef set,
+				PGPGroupID id, PGPUserValue userValue );
+PGPError	PGPSetGroupDescription( PGPGroupSetRef set,
+				PGPGroupID id, const PGPChar8 * name );
+
+/* 'item' specifies a group or a key id */
+/* you must fill the item in completely */
+PGPError	PGPAddItemToGroup( PGPGroupSetRef set,
+				PGPGroupItem const *item, PGPGroupID group );
+
+
+PGPError	PGPMergeGroupIntoDifferentSet( PGPGroupSetRef fromSet,
+				PGPGroupID fromID, PGPGroupSetRef toSet );
+
+PGPError	PGPMergeGroupSets( PGPGroupSetRef fromSet,
+				PGPGroupSetRef intoSet );
+
+PGPError	PGPCopyGroupSet(PGPGroupSetRef sourceSet,
+				PGPGroupSetRef *destSet);
+	
+/*____________________________________________________________________________
+	Manipulating group items
+____________________________________________________________________________*/
+
+/* count how many items there are in a group */
+/* totalItems includes keys and groups */
+PGPError	PGPCountGroupItems( PGPGroupSetRef set,
+					PGPGroupID id, PGPBoolean recursive,
+					PGPUInt32 * numKeys,
+					PGPUInt32 * totalItems );
+
+/* non-recursive call; index only applies to group itself */
+PGPError	PGPGetIndGroupItem( PGPGroupSetRef set,
+				PGPGroupID id, PGPUInt32 groupIndex, PGPGroupItem * item );
+
+/* use PGPGetIndGroupItem() if you want to get the user value */
+PGPError	PGPSetIndGroupItemUserValue( PGPGroupSetRef set,
+				PGPGroupID id, PGPUInt32 groupIndex, PGPUserValue userValue );
+
+PGPError	PGPSortGroupItems( PGPGroupSetRef set, PGPGroupID id,
+				PGPGroupItemCompareProc, PGPUserValue userValue );
+				
+PGPError	PGPSortGroupSet( PGPGroupSetRef set,
+				PGPGroupItemCompareProc, PGPUserValue userValue );
+
+/*____________________________________________________________________________
+	PGPGroupItemIterRef--iterator through group items.
+	
+	Special note: this is not a full-fledged iterator.  You may *not* add
+	or delete items while iterating and you may only move forward.  However,
+	you may change the values of items.
+____________________________________________________________________________*/
+
+PGPError	PGPNewGroupItemIter( PGPGroupSetRef set, PGPGroupID id,
+				PGPGroupItemIterFlags flags, PGPGroupItemIterRef *iter );
+				
+PGPError	PGPFreeGroupItemIter( PGPGroupItemIterRef iter );
+
+/* returns kPGPError_EndOfIteration when done */
+PGPError	PGPGroupItemIterNext( PGPGroupItemIterRef iter,
+				PGPGroupItem * item );
+
+/*____________________________________________________________________________
+	Group utilities
+____________________________________________________________________________*/
+
+/*____________________________________________________________________________
+	Return the lowest validity of any item in the group
+	keyset should contain all keys available
+	It is not an error if keys can't be found; you may want to check
+	the not found count.
+	
+	The lowest validity is kPGPValidity_Invalid and kPGPValidity_Unknown
+	is never returned.
+____________________________________________________________________________*/
+PGPError	PGPGetGroupLowestValidity( PGPGroupSetRef set, PGPGroupID id,
+				PGPKeyDBRef keyDB, PGPValidity * lowestValidity,
+				PGPUInt32 * numKeysNotFound);
+
+/*____________________________________________________________________________
+	All all the keys in the group (and its subgroups) to the keyset
+____________________________________________________________________________*/
+PGPError	PGPNewKeySetFromGroup( PGPGroupSetRef set, PGPGroupID id,
+				PGPKeyDBRef keyDB, PGPKeySetRef * resultSet,
+				PGPUInt32 * numKeysNotFound);
+
+/*____________________________________________________________________________
+	Create a simple, flattened group of unique key IDs from the source group.
+	Note that sourceSet and destSet must be different.
+____________________________________________________________________________*/
+PGPError	PGPNewFlattenedGroupFromGroup(PGPGroupSetRef sourceSet,
+				PGPGroupID sourceID, PGPGroupSetRef destSet,
+				PGPGroupID *destID);
+
+/*____________________________________________________________________________
+	Perform a "standard" sort on a group
+____________________________________________________________________________*/
+PGPError	PGPSortGroupSetStd( PGPGroupSetRef set, PGPKeyDBRef keydb );
+				
+
+PGP_END_C_DECLARATIONS
+
+#endif	/* ] PGP_DEPRECATED */
+
+#endif /* ] Included_pgpGroups_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
+
+
+
+
+
+
+
+
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHMAC.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHMAC.h
new file mode 100644
index 0000000000..3dc58a6ff9
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHMAC.h
@@ -0,0 +1,67 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpHMAC.h,v 1.6 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpHMAC_h	/* [ */
+#define Included_pgpHMAC_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Create a new HMAC of the specified algorithm.
+	
+	If the algorithm is not available then kPGPError_AlgorithmNotAvailable is
+	returned.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewHMACContext( PGPContextRef context,
+					PGPHashAlgorithm algorithm, PGPByte *secret,
+					PGPSize secretLen, PGPHMACContextRef *outRef );
+
+/*____________________________________________________________________________
+	Any existing intermediate HMAC is lost.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreeHMACContext( PGPHMACContextRef ref );
+
+/*____________________________________________________________________________
+	Reset an HMAC as if it had been created anew.  Any existing intermediate
+	hash is lost.
+____________________________________________________________________________*/
+
+PGPError 	PGPResetHMAC( PGPHMACContextRef ref );
+
+/*____________________________________________________________________________
+	Continue the HMAC, accumulating an intermediate result
+____________________________________________________________________________*/
+
+PGPError 	PGPContinueHMAC( PGPHMACContextRef ref, const void *in,
+					PGPSize numBytes );
+
+/*____________________________________________________________________________
+	Finalize the HMAC, depositing the result into 'hmacOut'.
+	
+	This size of the output will be the same size as the hash
+	algorithm output.
+____________________________________________________________________________*/
+
+PGPError 	PGPFinalizeHMAC( PGPHMACContextRef ref, void *hmacOut );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpHMAC_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHash.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHash.h
new file mode 100644
index 0000000000..44225347ee
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHash.h
@@ -0,0 +1,86 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpHash.h,v 1.6 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpHashing_h	/* [ */
+#define Included_pgpHashing_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Create a new hash of the specified algorithm.
+	
+	If the algorithm is not available then kPGPError_AlgorithmNotAvailable is
+	returned.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewHashContext( PGPContextRef context,
+					PGPHashAlgorithm algorithm,
+					PGPHashContextRef *	outRef );
+					
+/*____________________________________________________________________________
+	Any existing intermediate hash is lost.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreeHashContext( PGPHashContextRef ref );
+
+/*____________________________________________________________________________
+	An exact duplicate of the hash is made.
+____________________________________________________________________________*/
+
+PGPError 	PGPCopyHashContext( PGPHashContextRef ref,
+					PGPHashContextRef * outRef);
+
+/*____________________________________________________________________________
+	Reset a hash as if it had been created anew.  Any existing intermediate
+	hash is lost.
+____________________________________________________________________________*/
+
+PGPError 	PGPResetHash( PGPHashContextRef ref );
+
+/*____________________________________________________________________________
+	Continue the hash, accumulating an intermediate result
+____________________________________________________________________________*/
+
+PGPError 	PGPContinueHash( PGPHashContextRef ref, const void *in,
+					PGPSize numBytes );
+
+/*____________________________________________________________________________
+	Finalize the hash, depositing the result into 'hashOut'.
+	
+	After calling this routine, the hash is reset via PGPResetHash().
+	If you want an intermediate result, use PGPCopyHash() and finalize the
+	copy.
+____________________________________________________________________________*/
+
+PGPError 	PGPFinalizeHash( PGPHashContextRef ref, void *hashOut );
+
+/*____________________________________________________________________________
+	Determine size of resulting hash in bytes e.g. a 160 bit hash yields 20.
+	Used for generic code which may not know how big a hash is being produced.
+	
+	Question: can we reasonably assume 8 bits per byte?  If not, how does
+	PGPFinalizeHash return its result?
+____________________________________________________________________________*/
+
+PGPError 	PGPGetHashSize( PGPHashContextRef ref, PGPSize *hashSize );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpHashing_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHashWords.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHashWords.h
new file mode 100644
index 0000000000..4c3c82cb8b
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpHashWords.h
@@ -0,0 +1,40 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpHashWords.h,v 1.2 2004/01/03 02:25:31 bgaiser Exp $
+____________________________________________________________________________*/
+#ifndef HASHWORDLIST_H
+#define HASHWORDLIST_H
+
+#include "pgpBase.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Hash word list types
+____________________________________________________________________________*/
+enum PGPHashWordList_
+{
+	kPGPHashWordList_Even					= 0,
+	kPGPHashWordList_Odd					= 1,
+	
+	PGP_ENUM_FORCE( PGPHashWordList_ )
+};
+PGPENUM_TYPEDEF( PGPHashWordList_, PGPHashWordList );
+
+/*____________________________________________________________________________
+	Hash word functions
+____________________________________________________________________________*/
+
+	PGPError 
+PGPGetHashWordString(
+	PGPUInt32			index,
+	PGPHashWordList		list,
+	PGPChar8			hashWordString[ 12 ]);
+
+
+PGP_END_C_DECLARATIONS
+
+#endif
+
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpIKE.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpIKE.h
new file mode 100644
index 0000000000..23a28c8bc2
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpIKE.h
@@ -0,0 +1,784 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpIKE.h,v 1.39 2003/09/24 03:09:32 ajivsov Exp $
+____________________________________________________________________________*/
+#ifndef Included_PGPike_h	/* [ */
+#define Included_PGPike_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+#if PGP_WIN32
+# pragma pack(push, 8)
+#endif
+
+#ifdef _MSC_VER
+#pragma warning (disable:4200)
+#endif
+
+typedef struct PGPikeContext *			PGPikeContextRef;
+
+#define	kInvalidPGPikeContextRef		((PGPikeContextRef) NULL)
+#define PGPikeContextRefIsValid( ref )	( (ref) != kInvalidPGPikeContextRef )
+
+#define kPGPike_CommonPort				500
+#define kPGPike_AuthMaximumKeySize		(512/8)
+#define kPGPike_ESPMaximumKeySize		32		/* 256 bits */
+#define kPGPike_MaxExplicitIVSize		16
+#define kPGPike_MaxTransforms			3
+#define kPGPike_DefaultKBLife			1048576	/* 1GB */
+#define kPGPike_DefaultSecLife			86400	/* 1 Day */
+#define kPGPike_UserDataSize			96
+#define kPGPike_XAuthStringLen			128
+#define kPGPike_XAuthMessageLen			256
+
+typedef PGPByte	PGPipsecSPI[4];
+
+enum PGPikeDOI_
+{
+	kPGPike_DOI_IKE				= 0,
+	kPGPike_DOI_IPSEC			= 1,
+
+	PGP_ENUM_FORCE( PGPikeDOI_ )
+};
+PGPENUM_TYPEDEF( PGPikeDOI_, PGPikeDOI );
+
+enum PGPikeAlert_
+{
+	kPGPike_AL_None						= 0,
+	
+	/* Error Types */
+	kPGPike_AL_InvalidPayload			= 1,
+	kPGPike_AL_DOIUnsupported			= 2,
+	kPGPike_AL_SituationUnsupported		= 3,
+	kPGPike_AL_InvalidCookie			= 4,
+	kPGPike_AL_InvalidMajorVersion		= 5,
+	kPGPike_AL_InvalidMinorVersion		= 6,
+	kPGPike_AL_InvalidExchange			= 7,
+	kPGPike_AL_InvalidFlags				= 8,
+	kPGPike_AL_InvalidMessageID			= 9,
+	kPGPike_AL_InvalidProtocolID		= 10,
+	kPGPike_AL_InvalidSPI				= 11,
+	kPGPike_AL_InvalidTransform			= 12,
+	kPGPike_AL_InvalidAttribute			= 13,
+	kPGPike_AL_NoProposalChoice			= 14,
+	kPGPike_AL_BadProposal				= 15,
+	kPGPike_AL_PayloadMalformed			= 16,
+	kPGPike_AL_InvalidKey				= 17,
+	kPGPike_AL_InvalidID				= 18,
+	kPGPike_AL_InvalidCertEncoding		= 19,
+	kPGPike_AL_InvalidCert				= 20,
+	kPGPike_AL_UnsupportedCert			= 21,
+	kPGPike_AL_InvalidCertAuthority		= 22,
+	kPGPike_AL_InvalidHash				= 23,
+	kPGPike_AL_AuthenticationFailed		= 24,
+	kPGPike_AL_InvalidSignature			= 25,
+	kPGPike_AL_AddressNotification		= 26,
+	kPGPike_AL_NotifySALifetime			= 27,
+	kPGPike_AL_CertUnavailable			= 28,
+	kPGPike_AL_UnsupportedExchange		= 29,
+	kPGPike_AL_UnequalPayloadLengths	= 30,
+	
+	kPGPike_AL_NATTranslationFailure	= 16300,
+	kPGPike_AL_LastErrorType			= 16301,
+	
+	/* Status Types */
+	kPGPike_AL_Connected				= 16384,
+	kPGPike_AL_ResponderLifetime		= 24576,	/* IPSEC DOI */
+	kPGPike_AL_ReplayStatus				= 24577,	/* IPSEC DOI */
+	kPGPike_AL_InitialContact			= 24578,	/* IPSEC DOI */
+
+	PGP_ENUM_FORCE( PGPikeAlert_ )
+};
+PGPENUM_TYPEDEF( PGPikeAlert_, PGPikeAlert );
+
+enum PGPikeInternalAlert_
+{
+	kPGPike_IA_None						= 0,
+	
+	kPGPike_IA_ResponseTimeout			= 1,
+	kPGPike_IA_NoProposals				= 2,
+	kPGPike_IA_NewPhase1SA				= 3,
+	kPGPike_IA_NewPhase2SA				= 4,
+	kPGPike_IA_DeadPhase1SA				= 5,
+	kPGPike_IA_DeadPhase2SA				= 6,
+	kPGPike_IA_TooManyExchanges			= 7,
+	kPGPike_IA_XAuthSuccess				= 8,
+	kPGPike_IA_XAuthFailed				= 9,
+
+	PGP_ENUM_FORCE( PGPikeInternalAlert_ )
+};
+PGPENUM_TYPEDEF( PGPikeInternalAlert_, PGPikeInternalAlert );
+
+enum PGPikePref_
+{
+	kPGPike_PF_None						= 0,
+	
+	kPGPike_PF_Expiration				= 1,
+	kPGPike_PF_AllowedAlgorithms		= 2,
+	kPGPike_PF_IKEProposals				= 3,
+	kPGPike_PF_IPSECProposals			= 4,
+
+	PGP_ENUM_FORCE( PGPikePref_ )
+};
+PGPENUM_TYPEDEF( PGPikePref_, PGPikePref );
+
+enum PGPipsecEncapsulation_
+{
+	kPGPike_PM_None							= 0,
+	
+	kPGPike_PM_Tunnel						= 1,
+	kPGPike_PM_Transport					= 2,
+	kPGPike_PM_UDPencapsulatedTunnel		= 61443,
+	kPGPike_PM_UDPencapsulatedTransport		= 61444,
+
+	PGP_ENUM_FORCE( PGPipsecEncapsulation_ )
+};
+PGPENUM_TYPEDEF( PGPipsecEncapsulation_, PGPipsecEncapsulation );
+
+enum PGPikeLifeType_
+{
+	kPGPike_LT_None				= 0,
+	
+	kPGPike_LT_Seconds			= 1,
+	kPGPike_LT_Kilobytes		= 2,
+
+	PGP_ENUM_FORCE( PGPikeLifeType_ )
+};
+PGPENUM_TYPEDEF( PGPikeLifeType_, PGPikeLifeType );
+
+enum PGPipsecIdentity_
+{
+	kPGPike_ID_None				= 0,
+	
+	kPGPike_ID_IPV4_Addr,
+	kPGPike_ID_FQDN,
+	kPGPike_ID_UserFQDN,
+	kPGPike_ID_IPV4_Addr_Subnet,
+	kPGPike_ID_IPV6_Addr,
+	kPGPike_ID_IPV6_Addr_Subnet,
+	kPGPike_ID_IPV4_Addr_Range,
+	kPGPike_ID_IPV6_Addr_Range,
+	kPGPike_ID_DER_ASN1_DN,
+	kPGPike_ID_DER_ASN1_GN,
+	kPGPike_ID_Key_ID,				/* used for PGP fingerprint */
+
+	PGP_ENUM_FORCE( PGPipsecIdentity_ )
+};
+PGPENUM_TYPEDEF( PGPipsecIdentity_, PGPipsecIdentity );
+
+/* If it doesn't say supported, it isn't. */
+enum PGPipsecAHTransformID_
+{
+	kPGPike_AH_None				= 0,
+	
+	kPGPike_AH_MD5				= 2,	/* supported */
+	kPGPike_AH_SHA				= 3,	/* supported */
+	kPGPike_AH_DES				= 4,
+	kPGPike_AH_SHA2_256			= 5,	/* supported */
+	kPGPike_AH_SHA2_384			= 6,	/* supported */
+	kPGPike_AH_SHA2_512			= 7,	/* supported */
+
+	PGP_ENUM_FORCE( PGPipsecAHTransformID_ )
+};
+PGPENUM_TYPEDEF( PGPipsecAHTransformID_, PGPipsecAHTransformID );
+
+enum PGPipsecAuthAttribute_
+{
+	kPGPike_AA_None				= 0,
+	
+	kPGPike_AA_HMAC_MD5			= 1,	/* supported */
+	kPGPike_AA_HMAC_SHA			= 2,	/* supported */
+	kPGPike_AA_DES_MAC			= 3,
+	kPGPike_AA_KPDK				= 4,
+	kPGPike_AA_HMAC_SHA2_256	= 5,	/* supported */
+	kPGPike_AA_HMAC_SHA2_384	= 6,	/* supported */
+	kPGPike_AA_HMAC_SHA2_512	= 7,	/* supported */
+
+	PGP_ENUM_FORCE( PGPipsecAuthAttribute_ )
+};
+PGPENUM_TYPEDEF( PGPipsecAuthAttribute_, PGPipsecAuthAttribute );
+
+enum PGPipsecESPTransformID_
+{
+	kPGPike_ET_DES_IV64			= 1,	/* supported */
+	kPGPike_ET_DES				= 2,	/* supported */
+	kPGPike_ET_3DES				= 3,	/* supported */
+	kPGPike_ET_RC5				= 4,
+	kPGPike_ET_IDEA				= 5,
+	kPGPike_ET_CAST				= 6,	/* supported */
+	kPGPike_ET_Blowfish			= 7,
+	kPGPike_ET_3IDEA			= 8,
+	kPGPike_ET_DES_IV32			= 9,
+	kPGPike_ET_RC4				= 10,
+	kPGPike_ET_NULL				= 11,	/* supported */
+	kPGPike_ET_AES				= 12,
+	
+	PGP_ENUM_FORCE( PGPipsecESPTransformID_ )
+};
+PGPENUM_TYPEDEF( PGPipsecESPTransformID_, PGPipsecESPTransformID );
+
+/* IPCOMP is not supported by this version of PGPike */
+enum PGPipsecIPCOMPTransformID_
+{
+	kPGPike_IC_None			= 0,
+	
+	kPGPike_IC_OUI			= 1,
+	kPGPike_IC_Deflate		= 2,		/* supported */
+	kPGPike_IC_LZS			= 3,		/* supported */
+	kPGPike_IC_V42bis		= 4,
+
+	PGP_ENUM_FORCE( PGPipsecIPCOMPTransformID_ )
+};
+PGPENUM_TYPEDEF( PGPipsecIPCOMPTransformID_, PGPipsecIPCOMPTransformID );
+
+enum PGPipsecProtocol_
+{
+	kPGPike_PR_None			= 0,
+	kPGPike_PR_IKE			= 1,
+	kPGPike_PR_AH			= 2,
+	kPGPike_PR_ESP			= 3,
+	kPGPike_PR_IPCOMP		= 4,
+
+	PGP_ENUM_FORCE( PGPipsecProtocol_ )
+};
+PGPENUM_TYPEDEF( PGPipsecProtocol_, PGPipsecProtocol );
+
+enum PGPikeGroupID_
+{
+	kPGPike_GR_None					= 0,	/* supported */
+	
+	kPGPike_GR_MODPOne				= 1,	/* supported */
+	kPGPike_GR_MODPTwo				= 2,	/* supported */
+	kPGPike_GR_MODPFive				= 5,	/* supported */
+
+	kPGPike_GR_ECSix				= 6,	/* supported */
+	kPGPike_GR_ECSeven				= 7,	/* supported */
+
+	kPGPike_GR_ECEight				= 8,	/* supported */
+	kPGPike_GR_ECNine				= 9,	/* supported */
+
+	kPGPike_GR_MODP2048				= 42048,/* unassigned */
+	kPGPike_GR_MODP3072				= 43072,/* unassigned */
+	kPGPike_GR_MODP4096				= 44096,/* unassigned */
+	kPGPike_GR_MODP6144				= 46144,/* unassigned */
+	kPGPike_GR_MODP8192				= 48192,/* unassigned */
+	
+	PGP_ENUM_FORCE( PGPikeGroupID_ )
+};
+PGPENUM_TYPEDEF( PGPikeGroupID_, PGPikeGroupID );
+
+enum PGPikeCipher_
+{
+	kPGPike_SC_None				= 0,
+	
+	kPGPike_SC_DES_CBC			= 1,	/* supported */
+	kPGPike_SC_IDEA_CBC			= 2,
+	kPGPike_SC_Blowfish_CBC		= 3,
+	kPGPike_SC_RC5_R16_B64_CBC	= 4,
+	kPGPike_SC_3DES_CBC			= 5,	/* supported */
+	kPGPike_SC_CAST_CBC			= 6,	/* supported */
+	kPGPike_SC_AES_CBC			= 7,
+	
+	PGP_ENUM_FORCE( PGPikeCipher_ )
+};
+PGPENUM_TYPEDEF( PGPikeCipher_, PGPikeCipher );
+
+enum PGPikeHash_
+{
+	kPGPike_HA_None				= 0,
+	
+	kPGPike_HA_MD5				= 1,	/* supported */
+	kPGPike_HA_SHA1				= 2,	/* supported */
+	kPGPike_HA_Tiger			= 3,
+	kPGPike_HA_SHA2_256			= 4,
+	kPGPike_HA_SHA2_384			= 5,
+	kPGPike_HA_SHA2_512			= 6,
+	
+	PGP_ENUM_FORCE( PGPikeHash_ )
+};
+PGPENUM_TYPEDEF( PGPikeHash_, PGPikeHash );
+
+enum PGPikeAuthMethod_
+{
+	kPGPike_AM_None							= 0,
+	
+	kPGPike_AM_PreSharedKey					= 1,	/* supported */
+	kPGPike_AM_DSS_Sig						= 2,	/* supported */
+	kPGPike_AM_RSA_Sig						= 3,	/* supported */
+	kPGPike_AM_RSA_Encrypt					= 4,
+	kPGPike_AM_RSA_Encrypt_R				= 5,
+	
+	kPGPike_AM_HAuth_InitRSA				= 64221,
+	kPGPike_AM_HAuth_RespRSA				= 64222,
+	kPGPike_AM_HAuth_InitDSS				= 64223,
+	kPGPike_AM_HAuth_RespDSS				= 64224,
+	
+	kPGPike_AM_XAuth_InitPreShared			= 65001,
+	kPGPike_AM_XAuth_RespPreShared			= 65002,
+	kPGPike_AM_XAuth_InitDSS				= 65003,
+	kPGPike_AM_XAuth_RespDSS				= 65004,
+	kPGPike_AM_XAuth_InitRSA				= 65005,
+	kPGPike_AM_XAuth_RespRSA				= 65006,
+	kPGPike_AM_XAuth_InitRSAEncryption		= 65007,
+	kPGPike_AM_XAuth_RespRSAEncryption		= 65008,
+	kPGPike_AM_XAuth_InitRSAREncryption		= 65009,
+	kPGPike_AM_XAuth_RespRSAREncryption		= 65010,
+	
+	PGP_ENUM_FORCE( PGPikeAuthMethod_ )
+};
+PGPENUM_TYPEDEF( PGPikeAuthMethod_, PGPikeAuthMethod );
+
+enum PGPikeAuthStyle_
+{
+	kPGPike_AS_Normal						= 0,
+	
+	kPGPike_AS_XAuth						= 1,
+	kPGPike_AS_HybridAuth					= 2,
+	
+	PGP_ENUM_FORCE( PGPikeAuthStyle_ )
+};
+PGPENUM_TYPEDEF( PGPikeAuthStyle_, PGPikeAuthStyle );
+
+enum PGPikeXAuthType_
+{
+	kPGPike_XT_Generic						= 0,
+	
+	kPGPike_XT_RADIUS_CHAP					= 1,
+	kPGPike_XT_OTP							= 2,
+	kPGPike_XT_SKEY							= 3,
+	
+	PGP_ENUM_FORCE( PGPikeXAuthType_ )
+};
+PGPENUM_TYPEDEF( PGPikeXAuthType_, PGPikeXAuthType );
+
+enum PGPikeEncapsulateMode_
+{
+	kPGPike_EM_Auto							= 0,
+	
+	kPGPike_EM_Always						= 1,
+	kPGPike_EM_Never						= 2,
+	
+	PGP_ENUM_FORCE( PGPikeEncapsulateMode_ )
+};
+PGPENUM_TYPEDEF( PGPikeEncapsulateMode_, PGPikeEncapsulateMode );
+
+typedef struct PGPipsecESPTransform
+{
+	PGPipsecESPTransformID		cipher;
+	PGPUInt32					keyLength;
+		/* cipher key bit size, must be 0 for all except AES */ 
+	PGPipsecAuthAttribute		authAttr;
+	PGPipsecEncapsulation		mode;
+} PGPipsecESPTransform;
+
+typedef struct PGPipsecAHTransform
+{
+	PGPipsecAHTransformID		authAlg;
+	PGPipsecAuthAttribute		authAttr;
+	PGPipsecEncapsulation		mode;
+} PGPipsecAHTransform;
+
+typedef struct PGPipsecIPCOMPTransform
+{
+	PGPipsecIPCOMPTransformID	compAlg;
+} PGPipsecIPCOMPTransform;
+
+typedef struct PGPikeTransform
+{
+	PGPikeAuthMethod		authMethod;
+	PGPikeHash				hash;
+	PGPikeCipher			cipher;
+	PGPUInt32				keyLength;	/* cipher key bit size, must be 0 for all except AES */ 
+	PGPikeGroupID			groupID;
+} PGPikeTransform;
+
+typedef struct PGPipsecTransform
+{
+	PGPBoolean				useESP;
+	PGPipsecESPTransform	esp;
+	
+	PGPBoolean				useAH;
+	PGPipsecAHTransform		ah;
+	
+	PGPBoolean				useIPCOMP;
+	PGPipsecIPCOMPTransform	ipcomp;
+	
+	PGPikeGroupID			groupID;
+} PGPipsecTransform;
+
+typedef struct PGPipsecDOIParams
+{
+	PGPipsecSPI				inSPI;
+	PGPipsecSPI				outSPI;
+	PGPipsecProtocol		protocol;
+
+	union
+	{
+		struct
+		{
+			PGPipsecAHTransform		t;
+			PGPByte					inAuthKey[kPGPike_AuthMaximumKeySize];
+			PGPByte					outAuthKey[kPGPike_AuthMaximumKeySize];
+		} ah;
+		
+		struct
+		{
+			PGPipsecESPTransform	t;
+			PGPByte					inESPKey[kPGPike_ESPMaximumKeySize];
+			PGPByte					outESPKey[kPGPike_ESPMaximumKeySize];
+			PGPByte					inAuthKey[kPGPike_AuthMaximumKeySize];
+			PGPByte					outAuthKey[kPGPike_AuthMaximumKeySize];
+			PGPByte					explicitIV[kPGPike_MaxExplicitIVSize];
+		} esp;
+		
+		struct
+		{
+			PGPipsecIPCOMPTransform	t;
+		} ipcomp;
+	} u;	
+} PGPipsecDOIParams;
+
+typedef struct PGPipsecSA
+{
+	struct PGPipsecSA *		nextSA;				/* INTERNAL USE ONLY */
+	struct PGPipsecSA *		prevSA;				/* INTERNAL USE ONLY */
+	PGPUInt32				ipAddress;			/* PreNATted(Original) IP Address */
+	PGPBoolean				destIsRange;		/* dest is IP range */
+	PGPUInt32				ipAddrStart;		/* IP address */
+	PGPUInt32				ipMaskEnd;			/* mask or end range IP address */
+	PGPByte					ipProtocol;			/* 0 if all protocols */
+	PGPUInt16				ipPort;				/* 0 if all ports */
+	
+	PGPBoolean				bNATTraversal;		/* NAT Encapsulation is enabled if true */
+	PGPBoolean				bIsLocalIPNAT;		/* if non-zero, our local IP is natted */
+	PGPBoolean				bIsRemoteIPNAT;		/* if non-zero, remote IP is NATed */
+	PGPUInt32				natIPAddress;		/* NATed Dest IP Address, 0 if not NATed */
+	PGPUInt16				nboNATPort;			/* NATed Dest Port value */
+
+	PGPUInt32				assignedIP;			/* if non-zero, use as tunnel IP */
+	PGPUInt32				assignedDNS;		/* if non-zero, use as tunnel DNS */
+	PGPUInt32				assignedWINS;		/* if non-zero, use as tunnel WINS */
+	
+	PGPBoolean				initiator;			/* was this SA initiated locally */
+	PGPBoolean				activeIn;			/* use for inbound data */
+	PGPBoolean				activeOut;			/* use for outbound data */
+	PGPUInt32				kbLifeTime;			/* max KB to be sent on this SA */
+	PGPUInt32				secLifeTime;		/* max seconds this SA will live */
+												/* 0 means no limit for either */
+	PGPTime					birthTime;
+	
+	PGPUInt16				numTransforms;
+	PGPipsecDOIParams		transform[kPGPike_MaxTransforms];
+	
+	PGPTime					termSchedule;	/* SA will be terminated, private */
+	PGPByte					userData[kPGPike_UserDataSize];/* for your use */
+} PGPipsecSA;
+
+/*	When sent a kPGPike_MT_SARequest, pgpIKE will expect that
+	all fields below will be filled in.  The approved member is
+	irrelevant in that case.
+	
+	When you are called with kPGPike_MT_PolicyCheck, pgpIKE will
+	set everything to 0 except the IP address.  You are expected
+	to fill in the other fields with local policy.  The PolicyCheck
+	is used for remote-initiated SA negotiation.  Since you cannot
+	predict which remote network might be trying to communicate
+	with us, you should leave the destIsRange/ipAddrStart/ipMaskEnd
+	and ipPort/ipProtocol fields set to 0 for this message.  You
+	will be called to check those later with the ClientIDCheck.
+*/
+typedef struct PGPikeMTSASetup
+{
+	PGPBoolean				approved;			/* >  */
+	
+	PGPUInt32				ipAddress;			/* destination */
+	PGPUInt32				localIPAddress;		/* source */
+	PGPByte					ipProtocol;
+	PGPUInt16				ipPort;
+	PGPByte *				sharedKey;			/* null if none, data will be copied */
+	PGPSize					sharedKeySize; 		/* w/o NULL-terminate */
+	PGPBoolean				aggressive;			/* set for aggressive mode */
+	PGPBoolean				lightweight;		/* only for SARequest, set to
+													TRUE for only 1 retry */
+	/* set the fields below to use tunnel mode */
+	PGPBoolean				destIsRange;
+	PGPUInt32				ipAddrStart;
+	PGPUInt32				ipMaskEnd;
+	
+	PGPBoolean				virtualIP;			/* whether to use mode-cfg */
+	PGPikeAuthStyle			authStyle;			/* whether to use xauth/hybrid */
+	PGPikeEncapsulateMode	encapsulateMode;	/* Force NAT Traversal mode */
+	
+	PGPipsecIdentity		idType;				/* only useful in shared key mode */
+	PGPByte *				idData;				/* data will be copied */
+	PGPSize					idDataSize;			/* this is the Phase 1 ID */
+} PGPikeMTSASetup;
+
+/*	
+	When you are called with a kPGPike_MT_ClientIDCheck, all fields
+	will be set appropriately.  If the destIsRange/ipAddrStart/ipMaskEnd
+	triad is permitted to be represented by the IP address, set
+	the approved field to true.  This message is only sent in the case
+	where the remote side is the initiator and you have already been
+	called with a kPGPike_MT_PolicyCheck message.
+*/
+typedef struct PGPikeMTClientIDCheck
+{
+	PGPBoolean				approved;		/* >  */
+	
+	PGPUInt32				ipAddress;
+	PGPByte					ipProtocol;
+	PGPUInt16				ipPort;
+	
+	PGPBoolean				destIsRange;
+	PGPUInt32				ipAddrStart;
+	PGPUInt32				ipMaskEnd;
+} PGPikeMTClientIDCheck;
+
+typedef struct PGPikeMTSAEstablished
+{
+	PGPipsecSA *			sa;
+	PGPBoolean				remoteValid;
+	PGPByte *				remoteAuthKey;		/* binary exported key data */
+	PGPSize					remoteAuthKeySize;
+} PGPikeMTSAEstablished;
+
+typedef struct PGPikeMTSAFailed
+{
+	PGPUInt32				ipAddress;		/* destination */
+	PGPByte					ipProtocol;
+	PGPUInt16				ipPort;
+	
+	PGPBoolean				destIsRange;
+	PGPUInt32				ipAddrStart;
+	PGPUInt32				ipMaskEnd;
+	
+} PGPikeMTSAFailed;
+
+typedef struct PGPikeMTCert
+{
+	PGPUInt32				ipAddress;		/*  < */
+	PGPKeyDBRef				baseKeyDB;		/* >  */
+	PGPKeyDBObjRef			authObj;		/* >  PGP key or X.509 cert */
+	
+	PGPBoolean				isPassKey;		/* >  */
+	void *					pass;			/* >  null-term if passphrase, Unicode, copied */
+	PGPSize					passLength;		/* >  in PGPChar8s */
+} PGPikeMTCert;
+
+typedef struct PGPikeMTRemoteCert
+{
+	PGPBoolean				approved;		/* >  */
+	PGPBoolean				valid;			/* >  */
+	PGPUInt32				ipAddress;		/*  < */
+	PGPKeyDBObjRef			remoteObj;		/*  < PGPkey or X.509 cert */
+	PGPKeyDBRef				remoteKeyDB;	/*  < any other keys/certs are part of
+													this cert's chain */
+} PGPikeMTRemoteCert;
+
+typedef struct PGPikeMTPacket
+{
+	PGPUInt32				ipAddress;	/* source or destination */
+	PGPUInt16				port;		/* usually UDP 500, but might not be */
+	PGPSize					packetSize;
+	PGPByte *				packet;		/* msg *sender* must free this */
+} PGPikeMTPacket;
+
+typedef struct PGPikeMTIdentity
+{
+	PGPBoolean				active;			/* TRUE = set it, FALSE= dead */
+	PGPUInt32				ipAddress;		/* Gateway IP */
+	PGPUInt32				assignedIP;
+	PGPUInt32				assignedDNS;
+	PGPUInt32				assignedWINS;
+} PGPikeMTIdentity;
+
+typedef struct PGPikeMTAlert
+{
+	PGPikeAlert				alert;
+	PGPUInt32				ipAddress;
+	PGPikeInternalAlert		value;	/* used if alert is kPGPike_AL_None */
+	PGPBoolean				remoteGenerated;
+} PGPikeMTAlert;
+
+typedef PGPUInt32 PGPikeAESKeyLengthMask;
+
+#define kPGPike_AESKeyLength128 1
+#define kPGPike_AESKeyLength192 2
+#define kPGPike_AESKeyLength256 4
+#define kPGPike_AESKeyLengthAll	7
+
+typedef struct PGPikeAllowedAlgorithms
+{
+	PGPBoolean				cast5;
+	PGPBoolean				tripleDES;
+	PGPBoolean				singleDES;
+	PGPikeAESKeyLengthMask	aes;
+	PGPBoolean				espNULL;
+	
+	PGPBoolean				sha1;
+	PGPBoolean				md5;
+	PGPBoolean				sha2_256;
+	PGPBoolean				sha2_384;
+	PGPBoolean				sha2_512;
+	PGPBoolean				noAuth;
+		
+	PGPBoolean				lzs;
+	PGPBoolean				deflate;
+	
+	PGPBoolean				modpOne768;
+	PGPBoolean				modpTwo1024;
+	PGPBoolean				modpFive1536;
+
+	PGPBoolean				ec2n163;
+	PGPBoolean				ec2n283;
+
+	PGPBoolean				modp2048;
+	PGPBoolean				modp3072;
+	PGPBoolean				modp4096;
+	PGPBoolean				modp6144;
+	PGPBoolean				modp8192;
+
+} PGPikeAllowedAlgorithms;
+
+typedef struct PGPikeMTPref
+{
+	PGPikePref					pref;
+	
+	union
+	{
+		struct
+		{
+			PGPUInt32			kbLifeTimeIKE;
+			PGPUInt32			secLifeTimeIKE;
+			PGPUInt32			kbLifeTimeIPSEC;
+			PGPUInt32			secLifeTimeIPSEC;
+		} expiration;			/* kPGPike_PF_Expiration */
+		
+		struct
+		{
+			PGPUInt32			numTransforms;
+			PGPikeTransform *	t;
+		} ikeProposals;			/* kPGPike_PF_IKEProposals */
+
+		
+		struct
+		{
+			PGPUInt32			numTransforms;
+			PGPipsecTransform *	t;
+		} ipsecProposals;		/* kPGPike_PF_IPSECProposals */
+		
+		PGPikeAllowedAlgorithms	allowedAlgorithms;
+			/*kPGPike_PF_AllowedAlgorithms*/
+	} u;
+} PGPikeMTPref;
+
+/* This message will be sent to check extended authentication. The buffer
+	will be freed after your callback is called, so if you need it,
+	copy the data elsewhere. You must retrieve the information and then
+	send an AuthCheck message back to IKE with the contents filled in,
+	and all contents preserved other than what you filled in. The message
+	you send back is your memory, IKE will not free it. */
+typedef struct PGPikeMTAuthCheck
+{
+	PGPBoolean			success;		/* set to true unless user aborts */
+	PGPUInt32			gatewayIP;
+	PGPikeXAuthType		xauthType;
+	PGPUInt16			transactionID;	/* private */
+	PGPBoolean			includeType;	/* private */
+	
+	PGPBoolean			useUserName;
+	PGPBoolean			usePassword;
+	PGPBoolean			usePasscode;
+	PGPBoolean			useMessage;
+	PGPBoolean			useChallenge;
+	PGPBoolean			useDomain;
+	
+	PGPChar8			userName[kPGPike_XAuthStringLen];
+	PGPChar8			password[kPGPike_XAuthStringLen];
+	PGPChar8			passcode[kPGPike_XAuthStringLen];
+	PGPChar8			message[kPGPike_XAuthMessageLen];
+	PGPChar8			challenge[kPGPike_XAuthStringLen];
+	PGPChar8			domain[kPGPike_XAuthStringLen];
+	PGPSize				challengeSize;
+} PGPikeMTAuthCheck;
+
+enum PGPikeMessageType_
+{
+	/*
+		Message types followed by ">" may be sent to PGPike
+		Message typed followed by "<" may be sent by PGPike
+	*/
+	kPGPike_MT_Idle			= 0,	/* >  call this often		*/
+	kPGPike_MT_SARequest,			/* >  PGPikeMTSASetup		*/
+	kPGPike_MT_SARequestFailed,		/*  < PGPikeMTSAFailed		*/
+	kPGPike_MT_SAEstablished,		/*  < PGPikeMTSAEstablished	*/
+	kPGPike_MT_SARekey,				/* >  PGPipsecSA			*/
+	kPGPike_MT_SADied,				/* >< PGPipsecSA			*/
+	kPGPike_MT_SAUpdate,			/*  < PGPipsecSA			*/
+	kPGPike_MT_SAKillAll,			/* >  none					*/
+	
+	kPGPike_MT_PolicyCheck,			/*  < PGPikeMTSASetup		*/
+	kPGPike_MT_ClientIDCheck,		/*  < PGPikeMTClientIDCheck	*/
+	kPGPike_MT_AuthCheck,			/* >< PGPikeMTAuthCheck		*/	
+	kPGPike_MT_LocalPGPCert,		/*  < PGPikeMTCert			*/
+	kPGPike_MT_LocalX509Cert,		/*  < PGPikeMTCert			*/
+	kPGPike_MT_RemoteCert,			/*  < PGPikeMTRemoteCert	*/
+	kPGPike_MT_Identity,			/*  < PGPikeMTIdentity		*/
+	
+	kPGPike_MT_Packet,				/* >< PGPikeMTPacket		*/
+	kPGPike_MT_Alert,				/*  < PGPikeMTAlert			*/
+	
+	kPGPike_MT_Pref,				/* >  PGPikeMTPref			*/
+	
+	kPGPike_MT_DebugLog,			/*  < PGPChar8 *			*/
+
+	PGP_ENUM_FORCE( PGPikeMessageType_ )
+};
+PGPENUM_TYPEDEF( PGPikeMessageType_, PGPikeMessageType );
+
+typedef PGPError (* PGPikeMessageProcPtr)(
+					PGPikeContextRef		ike,
+					void *					inUserData,
+					PGPikeMessageType		msg,
+					void *					data );
+
+PGPError 	PGPNewIKEContext(
+					PGPContextRef			context,
+					PGPikeMessageProcPtr	ikeMessageProc,
+					void *					inUserData,
+					PGPikeContextRef *		outRef );
+
+PGPError 	PGPFreeIKEContext(
+					PGPikeContextRef		ref );
+
+/*	Any error from PGPikeProcessMessage is fatal.  Non-fatal
+	errors are sent through the kPGPike_MT_Alert message.  */
+
+PGPError	PGPikeProcessMessage(
+					PGPikeContextRef		ref,
+					PGPikeMessageType		msg,
+					void *					data );
+
+
+#if PGP_WIN32
+# pragma pack(pop)
+#endif
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_PGPike_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeyServer.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeyServer.h
new file mode 100644
index 0000000000..27594ea8b1
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeyServer.h
@@ -0,0 +1,339 @@
+/*____________________________________________________________________________
+        Copyright (C) 2002 PGP Corporation
+        All rights reserved.
+
+        $Id: pgpKeyServer.h,v 1.20 2004/01/23 08:12:49 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpKeyServer_h
+#define Included_pgpKeyServer_h
+
+#include "pgpOptionList.h"
+#include "pgpErrors.h"
+#include "pgpGroups.h"
+#include "pgpTLS.h"
+
+
+enum PGPKeyServerState_
+{
+	kPGPKeyServerState_Invalid						= 0,
+	kPGPKeyServerState_Opening						= 1,
+	kPGPKeyServerState_Querying						= 2,
+	kPGPKeyServerState_ReceivingResults				= 3,
+	kPGPKeyServerState_ProcessingResults			= 4,
+	kPGPKeyServerState_Uploading					= 5,
+	kPGPKeyServerState_Deleting						= 6,
+	kPGPKeyServerState_Disabling					= 7,
+	kPGPKeyServerState_Closing						= 8,
+
+	kPGPKeyServerState_TLSUnableToSecureConnection	= 9,
+	kPGPKeyServerState_TLSConnectionSecured			= 10,
+
+	PGP_ENUM_FORCE(PGPKeyServerState_)
+};
+
+PGPENUM_TYPEDEF(PGPKeyServerState_, PGPKeyServerState);
+
+enum PGPKeyServerProtocol_
+{
+	kPGPKeyServerProtocol_Invalid			= 0,
+	kPGPKeyServerProtocol_LDAP				= 1,
+	kPGPKeyServerProtocol_HTTP				= 2,
+	kPGPKeyServerProtocol_LDAPS				= 3,
+	kPGPKeyServerProtocol_HTTPS				= 4,
+	
+	PGP_ENUM_FORCE( PGPKeyServerProtocol_ )
+};
+
+PGPENUM_TYPEDEF( PGPKeyServerProtocol_, PGPKeyServerProtocol );
+
+enum PGPKeyServerClass_
+{
+	kPGPKeyServerClass_Invalid		= 0,
+	kPGPKeyServerClass_PGP			= 1,
+	kPGPKeyServerClass_LDAPX509		= 2,
+	kPGPKeyServerClass_LDAPPGP		= 3,	/* deprecated, use kPGPKeyServerClass_PGP instead */
+
+	/* CA types */
+	kPGPKeyServerClass_NetToolsCA	= 10,
+	kPGPKeyServerClass_Verisign		= 11,
+	kPGPKeyServerClass_Entrust		= 12,
+	kPGPKeyServerClass_Netscape		= 13,
+	kPGPKeyServerClass_Microsoft	= 14,
+	
+	PGP_ENUM_FORCE( PGPKeyServerClass_ )
+};
+
+PGPENUM_TYPEDEF( PGPKeyServerClass_, PGPKeyServerClass );
+
+enum PGPKeyServerKeySpace_ /* These are only valid for LDAP keyservers */
+{
+	kPGPKeyServerKeySpace_Invalid	= 0,
+	kPGPKeyServerKeySpace_Default	= 1,
+	kPGPKeyServerKeySpace_Normal	= 2,
+	kPGPKeyServerKeySpace_Pending	= 3,
+
+	PGP_ENUM_FORCE( PGPKeyServerKeySpace_ )
+};
+
+PGPENUM_TYPEDEF( PGPKeyServerKeySpace_, PGPKeyServerKeySpace );
+
+enum PGPKeyServerAccessType_ /* These are only valid for LDAP keyservers */
+{
+	kPGPKeyServerAccessType_Invalid			= 0,
+	kPGPKeyServerAccessType_Default			= 1,
+	kPGPKeyServerAccessType_Normal			= 2,
+	kPGPKeyServerAccessType_Administrator	= 3,
+
+	PGP_ENUM_FORCE( PGPKeyServerAccessType_ )
+};
+
+PGPENUM_TYPEDEF( PGPKeyServerAccessType_, PGPKeyServerAccessType );
+
+enum PGPProxyServerType_
+{
+	kPGPProxyServerType_Invalid     = 0,
+	kPGPProxyServerType_HTTP        = 1,
+	kPGPProxyServerType_HTTPS       = 2,
+
+	PGP_ENUM_FORCE(PGPProxyServerType_)
+};
+
+PGPENUM_TYPEDEF(PGPProxyServerType_, PGPProxyServerType);
+
+/*	PGPKeyServerMonitorValues are null terminated linked lists.
+	The values member is a null terminated array of char*s.
+*/
+
+typedef struct PGPKeyServerMonitorValues
+{
+	PGPChar8 *							name;
+	PGPChar8 **							values;
+	struct PGPKeyServerMonitorValues *	next;
+} PGPKeyServerMonitorValues;
+
+typedef struct PGPKeyServerMonitor 
+{
+	PGPKeyServerRef				keyServerRef;
+	PGPKeyServerMonitorValues *	valuesHead;
+} PGPKeyServerMonitor;
+
+
+typedef struct PGPKeyServerThreadStorage *	PGPKeyServerThreadStorageRef;
+# define kInvalidPGPKeyServerThreadStorageRef				\
+			((PGPKeyServerThreadStorageRef) NULL)
+#define PGPKeyServerThreadStorageRefIsValid(ref)			\
+			((ref) != kInvalidPGPKeyServerThreadStorageRef)
+
+PGP_BEGIN_C_DECLARATIONS
+
+
+/*	Use the idle event handler to receive periodic idle events during
+	network calls. Usually this is used only in non-preemptive multi-tasking
+	OSes to allow yielding in threads. Pre-emptive multi-tasking systems
+	should probably not use the call as it interrupts the efficient wait state
+	of threads waiting on network calls.
+	
+	Idle event handlers need to be added on a per thread basis.
+	
+	Returning an error from the idle event handler will cause the keyserver
+	to quit processing and to return a kPGPError_UserAbort. */
+PGPError			PGPSetKeyServerIdleEventHandler(
+						PGPEventHandlerProcPtr inCallback,
+						PGPUserValue inUserData);
+
+PGPError			PGPGetKeyServerIdleEventHandler(
+						PGPEventHandlerProcPtr * outCallback,
+						PGPUserValue * outUserData);
+
+/* Network library options */
+
+#undef			PGPONetURL
+PGPOptionListRef	PGPONetURL(PGPContextRef context, const PGPChar8 *url);
+
+#undef			PGPONetHostName
+PGPOptionListRef	PGPONetHostName(PGPContextRef context,
+							const PGPChar8 *hostName, PGPUInt16 port);
+
+PGPOptionListRef	PGPONetHostAddress(PGPContextRef context,
+							PGPUInt32 hostAddress, PGPUInt16 port);
+
+PGPOptionListRef	PGPONetConnectTimeout(PGPContextRef context,
+							PGPUInt32 timeout);
+
+PGPOptionListRef	PGPONetReadTimeout(PGPContextRef context,
+							PGPUInt32 timeout);
+
+PGPOptionListRef	PGPONetWriteTimeout(PGPContextRef context,
+							PGPUInt32 timeout);
+
+PGPOptionListRef	PGPOKeyServerProtocol(PGPContextRef context,
+							PGPKeyServerProtocol serverProtocol);
+
+PGPOptionListRef	PGPOKeyServerKeySpace(PGPContextRef context,
+							PGPKeyServerKeySpace serverSpace);
+
+#undef			PGPOKeyServerKeyStoreDN
+PGPOptionListRef	PGPOKeyServerKeyStoreDN(PGPContextRef context,
+							const PGPChar8 *szKeyStoreDn);
+
+PGPOptionListRef	PGPOKeyServerAccessType(PGPContextRef context,
+							PGPKeyServerAccessType accessType);
+							
+PGPOptionListRef	PGPOKeyServerCAKey(PGPContextRef context,
+							PGPKeyDBObjRef caKeyDBObjRef);
+
+PGPOptionListRef	PGPOKeyServerRequestKey(PGPContextRef context,
+							PGPKeyDBObjRef requestKeyDBObjRef);
+
+PGPOptionListRef	PGPOKeyServerSearchKey(PGPContextRef context,
+							PGPKeyDBObjRef searchKeyDBObjRef);
+							
+PGPOptionListRef	PGPOKeyServerSearchFilter(PGPContextRef context,
+							PGPFilterRef searchFilter);
+
+/* Static storage creation */
+PGPError		PGPKeyServerCreateThreadStorage(
+					PGPKeyServerThreadStorageRef * outPreviousStorage);
+PGPError		PGPKeyServerDisposeThreadStorage(
+					PGPKeyServerThreadStorageRef inPreviousStorage);
+					
+/* Initialize and close the keyserver library */
+PGPError			PGPKeyServerInit(void);
+
+PGPError			PGPKeyServerCleanup(void);
+
+
+/*	Creating and freeing a keyserver ref. */
+PGPError			PGPNewKeyServer(
+						PGPContextRef 			inContext,
+						PGPKeyServerClass		inClass,
+						PGPKeyServerRef 		*outKeyServerRef,
+						PGPOptionListRef		firstOption,
+						... );
+						
+PGPError 			PGPFreeKeyServer(PGPKeyServerRef inKeyServerRef);
+PGPError			PGPIncKeyServerRefCount(PGPKeyServerRef inKeyServerRef);
+
+
+/*	Set and get the keyserver's event handler. Note that returning an error
+	for a keyserver event will abort the current call. */
+PGPError			PGPSetKeyServerEventHandler(
+						PGPKeyServerRef inKeyServerRef,
+						PGPEventHandlerProcPtr inCallback,
+						PGPUserValue inUserData);
+
+PGPError			PGPGetKeyServerEventHandler(
+						PGPKeyServerRef inKeyServerRef,
+						PGPEventHandlerProcPtr * outCallback,
+						PGPUserValue * outUserData);
+						
+						
+/*	Canceling a call to a keyserver. This is the only call that can be made
+	to a keyserver that is currently in another call. Also, once you have
+	returned from a canceled call, you may only close the keyserver. */
+PGPError			PGPCancelKeyServerCall(PGPKeyServerRef inKeyServerRef);
+						
+						
+/*	Opening and closing the keyserver. A keyserver ref can be opened and
+	closed multiple times as necessary. */
+PGPError			PGPKeyServerOpen(PGPKeyServerRef inKeyServerRef,
+						PGPtlsSessionRef inTLSSessionRef);
+
+PGPError			PGPKeyServerClose(PGPKeyServerRef inKeyServerRef);
+
+
+/*	Get keyserver info. */
+PGPError			PGPGetKeyServerTLSSession(PGPKeyServerRef inKeyServerRef,
+						PGPtlsSessionRef * outTLSSessionRef);
+
+PGPError			PGPGetKeyServerProtocol(PGPKeyServerRef inKeyServerRef,
+						PGPKeyServerProtocol * outType);
+
+PGPError			PGPGetKeyServerAccessType(PGPKeyServerRef inKeyServerRef,
+						PGPKeyServerAccessType * outAccessType);
+
+PGPError			PGPGetKeyServerKeySpace(PGPKeyServerRef inKeyServerRef,
+						PGPKeyServerKeySpace * outKeySpace);
+
+PGPError			PGPGetKeyServerPort(PGPKeyServerRef inKeyServerRef,
+						PGPUInt16 * outPort);
+
+#undef				PGPGetKeyServerHostName
+PGPError			PGPGetKeyServerHostName(PGPKeyServerRef inKeyServerRef,
+						PGPChar8 ** outHostName); /* Use PGPFreeData to free */
+
+PGPError			PGPGetKeyServerAddress(PGPKeyServerRef inKeyServerRef,
+						PGPUInt32 * outAddress);
+					
+#undef				PGPGetKeyServerPath
+PGPError			PGPGetKeyServerPath(PGPKeyServerRef inKeyServerRef,
+						PGPChar8 ** outPath); /* Use PGPFreeData to free */
+
+PGPContextRef		PGPGetKeyServerContext(PGPKeyServerRef inKeyServerRef);
+
+/*	If there was an error string returned from the server, you can get it with
+	this function. Note that if there is no string, the function will return
+	kPGPError_NoErr and *outErrorString will be	NULL */
+#undef				PGPGetLastKeyServerErrorString
+PGPError			PGPGetLastKeyServerErrorString(
+						PGPKeyServerRef inKeyServerRef,
+						PGPChar8 ** outErrorString); /* Use PGPFreeData to free */
+
+
+/* These functions may be used with both HTTP and LDAP keyservers */
+PGPError 			PGPQueryKeyServer(PGPKeyServerRef inKeyServerRef, 
+						PGPFilterRef inFilterRef, 
+						PGPKeyDBRef *searchResultsDB);
+
+PGPError 			PGPUploadToKeyServer(PGPKeyServerRef inKeyServerRef, 
+						PGPKeySetRef inKeysToUpload, 
+						PGPKeySetRef * outKeysThatFailed);
+						
+
+/* These functions may only be used with LDAP keyservers */
+PGPError			PGPDeleteFromKeyServer(PGPKeyServerRef inKeyServerRef,
+						PGPKeySetRef inKeysToDelete,
+						PGPKeySetRef * outKeysThatFailed);
+
+PGPError			PGPDisableFromKeyServer(PGPKeyServerRef inKeyServerRef,
+						PGPKeySetRef inKeysToDisable,
+						PGPKeySetRef * outKeysThatFailed);
+						
+PGPError			PGPSendGroupsToServer(PGPKeyServerRef inKeyServerRef,
+						PGPGroupSetRef inGroupSetRef);
+						
+PGPError			PGPRetrieveGroupsFromServer(
+						PGPKeyServerRef inKeyServerRef,
+						PGPGroupSetRef * outGroupSetRef);
+
+PGPError			PGPNewServerMonitor(PGPKeyServerRef inKeyServerRef,
+						PGPKeyServerMonitor ** outMonitor);
+						
+PGPError			PGPFreeServerMonitor(PGPKeyServerMonitor * inMonitor);
+
+/* X.509 Certificate Request functions */
+
+PGPError			PGPSendCertificateRequest( 
+						PGPKeyServerRef 	inKeyServerRef,
+						PGPOptionListRef	firstOption,
+						... );
+
+PGPError			PGPRetrieveCertificate( 
+						PGPKeyServerRef 	inKeyServerRef,
+						PGPOptionListRef	firstOption,
+						... );
+
+PGPError			PGPRetrieveCertificateRevocationList( 
+						PGPKeyServerRef 	inKeyServerRef,
+						PGPOptionListRef	firstOption,
+						... );
+/* Queries HTTP proxy information. proxyAddress must be freed with PGPFreeData */
+#undef				PGPGetProxyServer
+PGPError 			PGPGetProxyServer(
+						PGPContextRef context, PGPProxyServerType type,
+						PGPChar8 **proxyAddress, PGPUInt16 *proxyPort );
+												
+PGP_END_C_DECLARATIONS
+
+#endif
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeys.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeys.h
new file mode 100644
index 0000000000..8700cee34e
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpKeys.h
@@ -0,0 +1,831 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpKeys.h,v 1.76 2004/05/19 00:09:07 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpKeys_h	/* [ */
+#define Included_pgpKeys_h
+
+#include "pgpPubTypes.h"
+#include "pgpHash.h"
+#include "pgpOptionList.h"
+
+/* Key ordering */
+
+enum PGPKeyOrdering_
+{
+	kPGPKeyOrdering_Invalid				= 0,
+	kPGPKeyOrdering_Any					= 1,
+	kPGPKeyOrdering_UserID				= 2,
+	kPGPKeyOrdering_KeyID				= 3,
+	kPGPKeyOrdering_Validity			= 4,
+	kPGPKeyOrdering_Trust				= 5,
+	kPGPKeyOrdering_EncryptionKeySize	= 6,
+	kPGPKeyOrdering_SigningKeySize		= 7,
+	kPGPKeyOrdering_CreationDate		= 8,
+	kPGPKeyOrdering_ExpirationDate		= 9,
+	
+	PGP_ENUM_FORCE( PGPKeyOrdering_ )
+} ;
+PGPENUM_TYPEDEF( PGPKeyOrdering_, PGPKeyOrdering );
+
+
+/* Key properties */
+
+enum PGPKeyDBObjProperty_
+{
+	kPGPKeyDBObjProperty_Invalid 				= 0,
+	
+	/* Generic numeric properties */
+	kPGPKeyDBObjProperty_ObjectType				= 20,
+	
+	/* Key boolean properties */	
+	kPGPKeyProperty_IsSecret 					= 100,
+	kPGPKeyProperty_IsAxiomatic					= 101,
+	kPGPKeyProperty_IsRevoked					= 102,
+	kPGPKeyProperty_IsDisabled					= 103,
+	kPGPKeyProperty_IsNotCorrupt				= 104,
+	kPGPKeyProperty_IsExpired					= 105,
+	kPGPKeyProperty_NeedsPassphrase				= 106,
+	kPGPKeyProperty_HasUnverifiedRevocation		= 107,
+	kPGPKeyProperty_CanEncrypt					= 108,
+	kPGPKeyProperty_CanDecrypt					= 109,
+	kPGPKeyProperty_CanSign						= 110,
+	kPGPKeyProperty_CanVerify					= 111,
+	kPGPKeyProperty_IsEncryptionKey				= 112,
+	kPGPKeyProperty_IsSigningKey				= 113,
+	kPGPKeyProperty_IsSecretShared				= 114,
+	kPGPKeyProperty_IsRevocable					= 115,
+	kPGPKeyProperty_HasThirdPartyRevocation		= 116,
+	kPGPKeyProperty_HasCRL						= 117,
+	kPGPKeyProperty_IsOnToken					= 118,
+	kPGPKeyProperty_IsStubKey					= 119,	/* used to filter dummy keys from inclusive key set */
+
+	/* Key numeric properties */	
+	kPGPKeyProperty_AlgorithmID 				= 200,
+	kPGPKeyProperty_Bits						= 201,	
+	kPGPKeyProperty_Trust						= 202,
+	kPGPKeyProperty_Validity					= 203,
+	kPGPKeyProperty_LockingAlgorithmID			= 204,
+	kPGPKeyProperty_LockingBits					= 205,
+	kPGPKeyProperty_Flags						= 206,
+	kPGPKeyProperty_HashAlgorithmID				= 207,
+	kPGPKeyProperty_Version						= 208,
+	kPGPKeyProperty_KeyServerPreferences		= 209,
+	kPGPKeyProperty_TokenNum					= 210,
+	kPGPKeyProperty_Features					= 211,	
+
+	/* Key time properties */	
+	kPGPKeyProperty_Creation 					= 300,
+	kPGPKeyProperty_Expiration					= 301,
+	kPGPKeyProperty_CRLThisUpdate				= 302,
+	kPGPKeyProperty_CRLNextUpdate				= 303,
+
+	/* Key data (variable sized) properties */
+	kPGPKeyProperty_Fingerprint					= 401,
+	kPGPKeyProperty_KeyID						= 402,
+	kPGPKeyProperty_PreferredAlgorithms			= 403,
+	kPGPKeyProperty_ThirdPartyRevocationKeyID 	= 404,
+	kPGPKeyProperty_KeyData						= 405,
+	kPGPKeyProperty_X509MD5Hash					= 406,
+	kPGPKeyProperty_PreferredKeyServer			= 407,
+	kPGPKeyProperty_PreferredCompressionAlgorithms = 408,
+	
+	/* SubKey boolean properties */	
+	kPGPSubKeyProperty_IsRevoked				= 501,
+	kPGPSubKeyProperty_IsNotCorrupt				= 502,
+	kPGPSubKeyProperty_IsExpired				= 503,
+	kPGPSubKeyProperty_NeedsPassphrase			= 504,
+	kPGPSubKeyProperty_HasUnverifiedRevocation	= 505,
+	kPGPSubKeyProperty_IsRevocable				= 506,
+	kPGPSubKeyProperty_HasThirdPartyRevocation	= 507,
+	kPGPSubKeyProperty_IsOnToken				= 508,
+
+	/* SubKey numeric properties */
+	kPGPSubKeyProperty_AlgorithmID 				= 600,
+	kPGPSubKeyProperty_Bits						= 601,	
+	kPGPSubKeyProperty_LockingAlgorithmID		= 602,
+	kPGPSubKeyProperty_LockingBits				= 603,
+	kPGPSubKeyProperty_Version					= 604,
+	kPGPSubKeyProperty_Flags					= 605,
+
+	/* SubKey time properties */	
+	kPGPSubKeyProperty_Creation 				= 700,
+	kPGPSubKeyProperty_Expiration				= 701,
+
+	/* SubKey data (variable sized) properties */	
+	kPGPSubKeyProperty_KeyData					= 800,
+	kPGPSubKeyProperty_KeyID					= 801,
+
+	/* User ID boolean properties */	
+	kPGPUserIDProperty_IsAttribute				= 900,
+	kPGPUserIDProperty_IsRevoked				= 901,
+
+	/* User ID numeric properties */	
+	kPGPUserIDProperty_Validity 				= 1000,
+	kPGPUserIDProperty_Confidence				= 1001,
+	kPGPUserIDProperty_AttributeType			= 1002,
+
+	/* No User ID time properties */	
+
+	/* User ID data (variable sized) properties */
+	kPGPUserIDProperty_Name 					= 1200,
+	kPGPUserIDProperty_AttributeData			= 1201,
+	kPGPUserIDProperty_CommonName				= 1202,
+	kPGPUserIDProperty_EmailAddress				= 1203,
+	kPGPUserIDProperty_SMIMEPreferredAlgorithms	= 1204,
+	
+	/* Signature boolean properties */
+	kPGPSigProperty_IsRevoked 					= 1300,
+	kPGPSigProperty_IsNotCorrupt				= 1301,
+	kPGPSigProperty_IsTried						= 1302,
+	kPGPSigProperty_IsVerified					= 1303,
+	kPGPSigProperty_IsMySig						= 1304,
+	kPGPSigProperty_IsExportable				= 1305,
+	kPGPSigProperty_HasUnverifiedRevocation		= 1306,
+	kPGPSigProperty_IsExpired					= 1307,
+	kPGPSigProperty_IsX509						= 1308,
+
+	/* Signature numeric properties */
+	kPGPSigProperty_AlgorithmID					= 1400,
+	kPGPSigProperty_TrustLevel					= 1401,
+	kPGPSigProperty_TrustValue					= 1402,
+	
+	/* Signature time properties */
+	kPGPSigProperty_Creation 					= 1500,
+	kPGPSigProperty_Expiration					= 1501,
+
+	/* Signature data (variable sized) properties */
+	kPGPSigProperty_KeyID 						= 1600,
+	kPGPSigProperty_X509Certificate				= 1601,
+	kPGPSigProperty_X509IASN					= 1602,
+	kPGPSigProperty_X509LongName				= 1603,
+	kPGPSigProperty_X509IssuerLongName			= 1604,
+	kPGPSigProperty_X509DNSName					= 1605,
+	kPGPSigProperty_X509IPAddress				= 1606,
+	kPGPSigProperty_X509DERDName				= 1607,
+	kPGPSigProperty_RegularExpression			= 1608,
+
+	PGP_ENUM_FORCE( PGPKeyDBObjProperty_ )
+} ;
+PGPENUM_TYPEDEF( PGPKeyDBObjProperty_, PGPKeyDBObjProperty );
+
+
+/* For kPGPKeyProperty_Version */
+enum PGPKeyVersion_
+{
+	kPGPKeyVersion_V3					= 3,
+	kPGPKeyVersion_V4					= 4,
+	
+	PGP_ENUM_FORCE( PGPKeyVersion_ )
+} ;
+PGPENUM_TYPEDEF( PGPKeyVersion_, PGPKeyVersion );
+
+
+/* kPGPKeyPropFlags bits */
+
+enum	/* PGPKeyPropertyFlags */
+{
+	kPGPKeyPropertyFlags_UsageSignUserIDs			= (1UL << 0 ),
+	kPGPKeyPropertyFlags_UsageSignMessages			= (1UL << 1 ),
+	kPGPKeyPropertyFlags_UsageEncryptCommunications	= (1UL << 2 ),
+	kPGPKeyPropertyFlags_UsageEncryptStorage		= (1UL << 3 ),
+
+	kPGPKeyPropertyFlags_PrivateSplit				= (1UL << 4 ),
+	kPGPKeyPropertyFlags_PrivateShared				= (1UL << 7 )
+} ;
+typedef PGPFlags		PGPKeyPropertyFlags;
+#define kPGPKeyPropertyFlags_UsageSign \
+					(kPGPKeyPropertyFlags_UsageSignUserIDs | \
+					 kPGPKeyPropertyFlags_UsageSignMessages)
+#define kPGPKeyPropertyFlags_UsageEncrypt \
+					(kPGPKeyPropertyFlags_UsageEncryptCommunications | \
+					 kPGPKeyPropertyFlags_UsageEncryptStorage)
+#define kPGPKeyPropertyFlags_UsageSignEncrypt \
+					(kPGPKeyPropertyFlags_UsageSign | \
+					 kPGPKeyPropertyFlags_UsageEncrypt)
+
+/* Attribute types, for use with kPGPUserIDPropAttributeType */
+enum PGPAttributeType_
+{
+	kPGPAttribute_Image						= 1,
+	kPGPAttribute_IPAddress					= 10,
+	kPGPAttribute_DNSName					= 11,
+	kPGPAttribute_Notation					= 20,
+
+	PGP_ENUM_FORCE( PGPAttributeType_ )
+} ;
+PGPENUM_TYPEDEF( PGPAttributeType_, PGPAttributeType );
+
+/* kPGPKeyPropFlags bits */
+
+enum	/* PGPKeyServerPreferencesFlags */
+{
+	kPGPKeyServerPreferences_NoModify			= (1UL << 7 )
+} ;
+typedef PGPFlags		PGPKeyServerPreferencesFlags;
+
+/* Implementation features like Modification Detection support */
+
+enum
+{
+	kPGPKeyFeatures_ModificationDetection	= 1
+} ;
+typedef PGPFlags		PGPKeyFeaturesFlags;
+
+
+/* Key DB object types for the property kPGPKeyDBObjProperty_ObjectType */ 
+enum PGPKeyDBObjType_
+{
+	kPGPKeyDBObjType_Invalid	= 0,
+	kPGPKeyDBObjType_Key		= (1UL << 0),
+	kPGPKeyDBObjType_SubKey		= (1UL << 1),
+	kPGPKeyDBObjType_UserID		= (1UL << 2),
+	kPGPKeyDBObjType_Signature	= (1UL << 3),
+#ifdef __MVS__
+	kPGPKeyDBObjType_Any		= -1,
+#else
+	kPGPKeyDBObjType_Any		= 0xFFFFFFFF,
+#endif
+
+	PGP_ENUM_FORCE( PGPKeyDBObjType_ )
+} ;
+PGPENUM_TYPEDEF( PGPKeyDBObjType_, PGPKeyDBObjType );
+	
+/*
+ * Used by filtering functions to specify type of match.
+ */
+
+enum PGPMatchCriterion_
+{
+	kPGPMatchCriterion_Equal 			= 1,	/* searched == val */
+	kPGPMatchCriterion_GreaterOrEqual	= 2,	/* searched >= val */
+	kPGPMatchCriterion_LessOrEqual 		= 3,	/* searched <= val */
+	kPGPMatchCriterion_SubString 		= 4,	/* searched is contained in supplied */
+
+	PGP_ENUM_FORCE( PGPMatchCriterion_ )
+} ;
+PGPENUM_TYPEDEF( PGPMatchCriterion_, PGPMatchCriterion );
+
+
+/* This is the value of the expiration time which means "never expires" */
+#define kPGPExpirationTime_Never	( (PGPTime)0 )
+
+enum PGPOpenKeyDBFileOptions_
+{
+	kPGPOpenKeyDBFileOptions_None		= 0,
+	kPGPOpenKeyDBFileOptions_Mutable	= (1UL << 0 ),
+	kPGPOpenKeyDBFileOptions_Create		= (1UL << 1 ),
+
+	PGP_ENUM_FORCE( PGPOpenKeyDBFileOptions_ )
+} ;
+
+PGPENUM_TYPEDEF( PGPOpenKeyDBFileOptions_, PGPOpenKeyDBFileOptions );
+
+/* Public entry points */
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Key DB functions
+____________________________________________________________________________*/
+
+/* Creat a new, in-memory temporary key DB */
+PGPError	PGPNewKeyDB( PGPContextRef context, PGPKeyDBRef *keyDBRef );
+
+/* Open a (possibly) existing key ring pair on disk */
+PGPError	PGPOpenKeyDBFile( PGPContextRef context,
+					PGPOpenKeyDBFileOptions options,
+					PGPFileSpecRef pubKeysFileSpec,
+					PGPFileSpecRef privKeysFileSpec,
+					PGPKeyDBRef *keyDBRef );
+ 
+PGPError	PGPFreeKeyDB( PGPKeyDBRef keyDBRef );
+
+PGPError	PGPFlushKeyDB( PGPKeyDBRef keyDBRef );
+
+PGPError	PGPIncKeyDBRefCount( PGPKeyDBRef keyDBRef );
+
+PGPBoolean	PGPKeyDBIsMutable( PGPKeyDBRef keyDBRef );
+
+PGPError 	PGPFindKeyByKeyID( PGPKeyDBRef keyDBRef, const PGPKeyID * keyID,
+					PGPKeyDBObjRef *keyRef);
+
+PGPError 	PGPCountKeysInKeyDB( PGPKeyDBRef keyDBRef, PGPUInt32 *numKeys );
+
+PGPError	PGPKeyDBIsUpdated( PGPKeyDBRef keyDBRef, PGPBoolean *isUpdated );
+
+/* Cache a keydb in memory for specified number of seconds */
+PGPError	PGPCacheKeyDB( PGPKeyDBRef keyDBRef, PGPUInt32 timeoutSeconds );
+
+/* Remove all cached keydbs from memory */
+PGPError	PGPPurgeKeyDBCache( PGPContextRef context );
+
+/*____________________________________________________________________________
+	Key set functions
+____________________________________________________________________________*/
+
+/* Create a new key set containing all of the keys in the key DB */
+PGPError  	PGPNewKeySet( PGPKeyDBRef keyDB, PGPKeySetRef *keySet );
+						
+/* Create a new, empty key set */
+PGPError  	PGPNewEmptyKeySet( PGPKeyDBRef keyDB, PGPKeySetRef *keySet );
+
+/* Create a new key set containing a single key */
+PGPError  	PGPNewOneKeySet( PGPKeyDBObjRef key, PGPKeySetRef *keySet );
+
+/* Like PGPNewKeySet but allows certain stub key objects */
+PGPError	PGPNewEmptyInclusiveKeySet( PGPKeyDBRef keyDB, PGPKeySetRef *pset );
+
+/* Like PGPNewOneKeySet but allows certain stub key objects */
+PGPError  	PGPNewOneInclusiveKeySet( PGPKeyDBObjRef key, PGPKeySetRef *keySet );
+
+PGPError 	PGPFreeKeySet( PGPKeySetRef keys);
+
+PGPError 	PGPIncKeySetRefCount( PGPKeySetRef keys);
+
+PGPBoolean 	PGPKeySetIsMember( PGPKeyDBObjRef key, PGPKeySetRef set );
+
+PGPError 	PGPCountKeys( PGPKeySetRef keys, PGPUInt32 *numKeys );
+
+PGPError 	PGPAddKey( PGPKeyDBObjRef keyToAdd, PGPKeySetRef set );
+
+PGPError 	PGPAddKeys( PGPKeySetRef keysToAdd, PGPKeySetRef set );
+
+PGPKeyDBRef		PGPPeekKeySetKeyDB( PGPKeySetRef keySet );
+PGPKeySetRef	PGPPeekKeyDBRootKeySet( PGPKeyDBRef keyDB );
+
+/*____________________________________________________________________________
+	Key DB object properties
+____________________________________________________________________________*/
+
+PGPError	PGPGetKeyDBObjBooleanProperty( PGPKeyDBObjRef key,
+					PGPKeyDBObjProperty whichProperty, PGPBoolean *prop );
+
+PGPError 	PGPGetKeyDBObjNumericProperty( PGPKeyDBObjRef key,
+					PGPKeyDBObjProperty whichProperty, PGPInt32 *prop );
+
+PGPError 	PGPGetKeyDBObjTimeProperty( PGPKeyDBObjRef key,
+					PGPKeyDBObjProperty whichProperty, PGPTime *prop);
+/*
+**	Get the data for a binary property. Returns kPGPError_BufferTooSmall if
+**	the buffer is too small. Both buffer and dataSize can be NULL.
+*/
+
+#undef		PGPGetKeyDBObjDataProperty
+PGPError 	PGPGetKeyDBObjDataProperty( PGPKeyDBObjRef key,
+					PGPKeyDBObjProperty whichProperty, void *buffer,
+					PGPSize bufferSize, PGPSize *dataSize);
+/*
+**	Get the data for a binary property using an allocated output buffer. The
+**	allocated buffer must be freed with PGPFreeData(). For convenience, the
+**	allocated buffer is null-terminated. The terminating null byte is NOT included
+**	is the output dataSize parameter.
+*/
+
+PGPError 	PGPGetKeyDBObjAllocatedDataProperty( PGPKeyDBObjRef key,
+					PGPKeyDBObjProperty whichProperty, void **buffer,
+					PGPSize *dataSize);
+
+PGPError 	PGPSetKeyEnabled( PGPKeyDBObjRef key, PGPBoolean enable );
+
+PGPError	PGPSetKeyAxiomatic( PGPKeyDBObjRef key, PGPBoolean setAxiomatic,
+					PGPOptionListRef firstOption, ...);
+
+/*____________________________________________________________________________
+	Key DB object property convenience functions
+____________________________________________________________________________*/
+
+/* Get the key ID of a key or subkey key DB object */
+PGPError	PGPGetKeyID( PGPKeyDBObjRef key, PGPKeyID *keyID );
+
+PGPError  	PGPGetPrimaryUserID( PGPKeyDBObjRef key, PGPKeyDBObjRef *outRef );
+
+PGPError	PGPGetPrimaryAttributeUserID (PGPKeyDBObjRef key,
+						PGPAttributeType attributeType, PGPKeyDBObjRef *outRef);
+
+PGPError 	PGPGetPrimaryUserIDValidity(PGPKeyDBObjRef key,
+				PGPValidity *validity);
+
+PGPError 	PGPGetPrimaryUserIDName(PGPKeyDBObjRef key, void *buffer,
+					PGPSize bufferSize, PGPSize *dataSize);
+
+PGPError 	PGPGetKeyForUsage( PGPKeyDBObjRef key, PGPUInt32 usageFlags,
+					PGPKeyDBObjRef *outRef );
+
+
+				
+/*____________________________________________________________________________
+	Key filters
+____________________________________________________________________________*/
+
+PGPError 	PGPNewKeyDBObjBooleanFilter( PGPContextRef context,
+					PGPKeyDBObjProperty whichProperty, PGPBoolean match,
+					PGPFilterRef *outFilter );
+
+PGPError 	PGPNewKeyDBObjNumericFilter( PGPContextRef context,
+					PGPKeyDBObjProperty whichProperty, PGPUInt32 matchValue,
+					PGPMatchCriterion matchCriteria, PGPFilterRef *outFilter );
+
+PGPError 	PGPNewKeyDBObjTimeFilter( PGPContextRef context,
+					PGPKeyDBObjProperty whichProperty, PGPTime matchValue,
+					PGPMatchCriterion matchCriteria, PGPFilterRef *outFilter );
+
+PGPError 	PGPNewKeyDBObjDataFilter( PGPContextRef context,
+					PGPKeyDBObjProperty whichProperty, const void *matchData,
+					PGPSize matchDataSize, PGPMatchCriterion matchCriteria,
+					PGPFilterRef *outFilter );
+
+PGPError 	PGPFreeFilter( PGPFilterRef filter );
+
+PGPError 	PGPIncFilterRefCount( PGPFilterRef filter );
+
+PGPError 	PGPFilterChildObjects( PGPFilterRef filter,
+					PGPBoolean filterChildren );
+
+/* freeing outfilter will call PGPFreeFilter on filter */
+PGPError 	PGPNegateFilter( PGPFilterRef filter, PGPFilterRef *outFilter);
+
+/* freeing outfilter will call PGPFreeFilter on filter1, filter2 */
+PGPError 	PGPIntersectFilters( PGPFilterRef filter1, PGPFilterRef filter2,
+					PGPFilterRef *outFilter);
+
+/* freeing outfilter will call PGPFreeFilter on filter1, filter2 */
+PGPError 	PGPUnionFilters( PGPFilterRef filter1, PGPFilterRef filter2,
+					PGPFilterRef *outFilter);
+
+PGPError 	PGPFilterKeySet( PGPKeySetRef origSet, PGPFilterRef filter,
+					PGPKeySetRef *resultSet );
+
+PGPError	PGPFilterKeyDB( PGPKeyDBRef keyDB, PGPFilterRef filter,
+					PGPKeySetRef *resultSet );
+
+/* Keyserver filter functions */
+#undef		PGPLDAPQueryFromFilter
+PGPError 	PGPLDAPQueryFromFilter( PGPFilterRef filter, PGPChar8 **queryOut );
+
+#undef		PGPLDAPX509QueryFromFilter
+PGPError	PGPLDAPX509QueryFromFilter( PGPFilterRef filter,
+					PGPChar8 **queryOut );
+
+#undef		PGPHKSQueryFromFilter
+PGPError 	PGPHKSQueryFromFilter( PGPFilterRef	filter, PGPChar8 **queryOut );
+
+#undef		PGPNetToolsCAHTTPQueryFromFilter
+PGPError	PGPNetToolsCAHTTPQueryFromFilter( PGPFilterRef filter,
+					PGPChar8 **queryOut );
+
+/*____________________________________________________________________________
+	Key/signature validation
+____________________________________________________________________________*/
+
+PGPError	PGPCalculateTrust( PGPKeySetRef keySet, PGPKeyDBRef optionalKeyDB);
+
+PGPError 	PGPCheckKeyRingSigs( PGPKeySetRef keysToCheck,
+					PGPKeyDBRef optionalSigningKeyDB, PGPBoolean checkAll,
+					PGPEventHandlerProcPtr eventHandler,
+					PGPUserValue eventHandlerData );
+
+/*____________________________________________________________________________
+	Key DB object creation/deletion
+____________________________________________________________________________*/
+
+PGPError	PGPGenerateKey( PGPContextRef context, PGPKeyDBObjRef *key,
+					PGPOptionListRef firstOption, ...);
+					
+PGPError	PGPGenerateSubKey( PGPContextRef context, PGPKeyDBObjRef *subkey,
+					PGPOptionListRef firstOption, ...);
+					
+PGPUInt32	PGPGetKeyEntropyNeeded( PGPContextRef context,
+					PGPOptionListRef firstOption, ...);
+
+#undef		PGPAddUserID
+PGPError	PGPAddUserID( PGPKeyDBObjRef key, PGPChar8 const *userID,
+					PGPOptionListRef firstOption, ...);
+
+PGPError	PGPAddAttributeUserID( PGPKeyDBObjRef key,
+					PGPAttributeType attributeType,
+					PGPByte *attributeData, PGPSize attributeLength,
+					PGPOptionListRef firstOption, ...);
+						
+PGPError	PGPCertifyUserID( PGPKeyDBObjRef userID,
+					PGPKeyDBObjRef certifyingKey,
+					PGPOptionListRef firstOption, ...);
+
+PGPError 	PGPCopyKeyDBObj( PGPKeyDBObjRef keyDBObj, PGPKeyDBRef destKeyDB,
+					PGPKeyDBObjRef *destKeyDBObj );
+
+PGPError 	PGPCopyKeys( PGPKeySetRef keySet, PGPKeyDBRef destKeyDB,
+					PGPKeySetRef *destKeySet );
+
+PGPError 	PGPDeleteKeyDBObj( PGPKeyDBObjRef keyDBObj );
+
+PGPError 	PGPDeleteKeys( PGPKeySetRef keySet );
+
+/*____________________________________________________________________________
+	Key manipulation
+____________________________________________________________________________*/
+
+PGPError 	PGPSetPrimaryUserID( PGPKeyDBObjRef userID,
+					PGPOptionListRef firstOption, ...);
+
+PGPError 	PGPGetSigCertifierKey( PGPKeyDBObjRef cert,
+					PGPKeyDBRef searchKeyDB, PGPKeyDBObjRef *certkey);
+
+PGPError 	PGPGetSigX509CertifierSig( PGPKeyDBObjRef cert,
+					PGPKeyDBRef searchKeyDB, PGPKeyDBObjRef *certsig);
+
+PGPError	PGPGetSigX509TopSig( PGPKeyDBObjRef sig,
+				    PGPKeyDBRef otherdb, PGPKeyDBRef cadb, 
+					PGPBoolean *knownCA, PGPKeyDBObjRef *certsig );
+
+PGPError	PGPGetKnownX509CAs( PGPContextRef context, PGPKeyDBRef *keydbout );
+
+PGPError	PGPX509MatchNetworkName( PGPKeyDBObjRef sig, const PGPByte *networkName,
+					PGPBoolean *matched );
+
+PGPError	PGPCountAdditionalRecipientRequests( PGPKeyDBObjRef basekey,
+					PGPUInt32 * numARKeys);
+					
+PGPError 	PGPGetIndexedAdditionalRecipientRequestKey( PGPKeyDBObjRef basekey,
+					PGPUInt32 nth, PGPKeyDBObjRef *arkey,
+					PGPKeyID *arkeyid, PGPByte *arclass );
+
+PGPError	PGPGetAdditionalRecipientRequests( PGPKeyDBObjRef basekey,
+					PGPKeySetRef keySet );
+
+PGPError	PGPCountRevocationKeys( PGPKeyDBObjRef basekey,
+					PGPUInt32 * numRevKeys);
+
+PGPError 	PGPGetIndexedRevocationKey( PGPKeyDBObjRef basekey, PGPUInt32 nth,
+					PGPKeyDBObjRef *revkey, PGPKeyID *revkeyid );
+						
+PGPError 	PGPGetRevocationKeys( PGPKeyDBObjRef basekey, PGPKeySetRef keySet );
+
+PGPError	PGPGetCRLDistributionPoints( PGPKeyDBObjRef cakey,
+					PGPUInt32 *pnDistPoints, PGPByte **pDpoints,
+					PGPSize **pdpointLengths );
+
+PGPError	PGPGetCRLDistributionPointsPrintable( PGPKeyDBObjRef cakey,
+				    PGPUInt32 *pnDistPoints, PGPByte **pDpoints );
+
+PGPError	PGPExport( PGPContextRef context,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPImport( PGPContextRef context, PGPKeyDBRef *importedKeysDB,
+					PGPOptionListRef firstOption, ...);
+
+PGPError	PGPRevokeSig( PGPKeyDBObjRef cert,
+					PGPOptionListRef firstOption, ...);
+					
+PGPError	PGPRevoke( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+					
+PGPError	PGPChangePassphrase( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+					
+PGPBoolean	PGPPassphraseIsValid( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+
+PGPError	PGPPurgePassphraseCache( PGPContextRef context );
+
+PGPError	PGPCountCachedPassphrases( PGPContextRef context,
+					PGPUInt32 *pnLocal, PGPUInt32 *pnGlobal,
+					PGPUInt32 *pnOtherLocal );
+
+PGPBoolean	PGPTokenAuthIsValid( PGPContextRef context, 
+					PGPOptionListRef firstOption, ... );
+
+/*
+ * Trust values for PGPSetKeyTrust and kPGPKeyPropTrust property:
+ * 
+ * kPGPKeyTrust_Undefined	(do not pass to PGPSetKeyTrust)
+ * kPGPKeyTrust_Unknown		(unknown)
+ * kPGPKeyTrust_Never		(never)
+ * kPGPKeyTrust_Marginal	(sometimes)
+ * kPGPKeyTrust_Complete	(always)
+ * kPGPKeyTrust_Ultimate	(do not pass to PGPSetKeyTrust)
+ */
+
+PGPError 	PGPSetKeyTrust( PGPKeyDBObjRef key, PGPUInt32 trust);
+
+PGPInt32 	PGPCompareKeys( PGPKeyDBObjRef a, PGPKeyDBObjRef b,
+						PGPKeyOrdering order );
+
+#undef		PGPCompareUserIDStrings
+PGPInt32 	PGPCompareUserIDStrings(PGPChar8 const *a, PGPChar8 const *b);
+
+/*____________________________________________________________________________
+	Key lists
+____________________________________________________________________________*/
+
+PGPError  	PGPOrderKeySet( PGPKeySetRef src, PGPKeyOrdering order,
+						PGPBoolean reverseOrder, PGPKeyListRef *outRef );
+
+PGPError 	PGPIncKeyListRefCount( PGPKeyListRef keys);
+
+PGPError 	PGPFreeKeyList( PGPKeyListRef keys );
+
+/*____________________________________________________________________________
+	Key list iteration
+____________________________________________________________________________*/
+
+PGPError 	PGPNewKeyIter( PGPKeyListRef keys, PGPKeyIterRef *outRef);
+
+PGPError 	PGPNewKeyIterFromKeySet( PGPKeySetRef keys, PGPKeyIterRef *outRef);
+
+PGPError 	PGPNewKeyIterFromKeyDB( PGPKeyDBRef keyDB, PGPKeyIterRef *outRef);
+
+PGPError 	PGPCopyKeyIter( PGPKeyIterRef orig, PGPKeyIterRef *outRef);
+	
+PGPError 	PGPFreeKeyIter( PGPKeyIterRef iter);
+
+PGPInt32 	PGPKeyIterIndex( PGPKeyIterRef iter);
+
+PGPError 	PGPKeyIterRewind( PGPKeyIterRef iter, PGPKeyDBObjType objectType);
+
+PGPInt32 	PGPKeyIterSeek( PGPKeyIterRef iter, PGPKeyDBObjRef key);
+
+PGPError 	PGPKeyIterMove( PGPKeyIterRef iter, PGPInt32 relOffset,
+					PGPKeyDBObjRef *outRef);
+
+PGPError 	PGPKeyIterNextKeyDBObj( PGPKeyIterRef iter,
+					PGPKeyDBObjType objectType, PGPKeyDBObjRef *outRef);
+
+PGPError 	PGPKeyIterPrevKeyDBObj( PGPKeyIterRef iter,
+					PGPKeyDBObjType objectType, PGPKeyDBObjRef *outRef);
+
+PGPError 	PGPKeyIterGetKeyDBObj( PGPKeyIterRef iter,
+					PGPKeyDBObjType objectType, PGPKeyDBObjRef *outRef);
+
+
+/*____________________________________________________________________________
+	Get/set user value
+____________________________________________________________________________*/
+
+PGPError 	PGPSetKeyDBObjUserValue( PGPKeyDBObjRef key,
+					PGPUserValue userValue);
+
+PGPError 	PGPGetKeyDBObjUserValue( PGPKeyDBObjRef key,
+					PGPUserValue *userValue);
+
+/* Passphrase conversion to passkeybuffer */
+/* The size of the output buffer is from the kPGPKeyPropLockingBits property */
+
+PGPError	PGPGetPasskeyBuffer ( PGPKeyDBObjRef key,
+					void *passkeyBuffer, PGPOptionListRef firstOption,...);
+
+/* Change key options which are stored in self signatures internally */
+
+PGPError	PGPAddKeyOptions( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+
+PGPError	PGPRemoveKeyOptions( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+
+PGPError	PGPUpdateKeyOptions( PGPKeyDBObjRef key,
+					PGPOptionListRef firstOption, ...);
+
+/*____________________________________________________________________________
+	Key IDs
+____________________________________________________________________________*/
+
+PGPError 	PGPNewKeyID( const PGPByte *keyIDBytes, PGPSize numKeyIDBytes,
+					PGPPublicKeyAlgorithm pkalg, PGPKeyID *id );
+#undef		PGPNewKeyIDFromString
+PGPError 	PGPNewKeyIDFromString( const PGPChar8 *string,
+					PGPPublicKeyAlgorithm pkalg, PGPKeyID *id );
+PGPError 	PGPGetKeyIDAlgorithm( const PGPKeyID *keyID,
+					PGPPublicKeyAlgorithm *pkalg );
+					
+enum PGPKeyIDStringType_
+{
+	kPGPKeyIDString_Abbreviated 	= 1,
+	kPGPKeyIDString_Full 			= 2,
+	
+	PGP_ENUM_FORCE( PGPKeyIDStringType_ )
+};
+PGPENUM_TYPEDEF( PGPKeyIDStringType_, PGPKeyIDStringType );
+
+
+#define kPGPMaxKeyIDStringSize		( 127 + 1 )
+#undef		PGPGetKeyIDString
+PGPError 	PGPGetKeyIDString( PGPKeyID const * ref, PGPKeyIDStringType type,
+					PGPChar8 outString[ kPGPMaxKeyIDStringSize ] );
+
+/* returns 0 if equal, -1 if key1 < key2, 1 if key1 > key2 */
+PGPInt32 	PGPCompareKeyIDs( PGPKeyID const * key, PGPKeyID const * key2);
+
+/*____________________________________________________________________________
+	Token functions
+____________________________________________________________________________*/
+
+PGPError	PGPCountTokens( PGPContextRef context, PGPUInt32 *numTokens );
+
+PGPError	PGPDeleteKeyOnToken( PGPKeyDBObjRef key, 
+					PGPUInt32 tokNumber /*-1 for any token*/, 
+					const PGPByte *pin, PGPSize pinLen );
+PGPError	PGPWipeToken( PGPContextRef context, PGPUInt32 tokNumber,
+					PGPByte const *passphrase, PGPSize passphraseLength );
+PGPError	PGPFormatToken( PGPContextRef context, PGPUInt32 tokNumber,
+					PGPByte const *	adminPin,	PGPSize	adminPinLen, 
+					PGPByte const *	newUserPin,	PGPSize	newUserPinLen );
+PGPError	PGPTokenPassphraseIsValid( PGPContextRef context,
+					PGPUInt32 tokNumber, PGPByte const *passphrase,
+					PGPSize passphraseLength );
+
+#undef		PGPSetPKCS11DrvFile
+PGPError    PGPSetPKCS11DrvFile( PGPChar8 *module );
+
+PGPError    PGPSyncTokenKeys( PGPContextRef context, PGPUInt32 tokenNum, 
+					PGPKeyDBRef destKeyDB, PGPBoolean *hadChanges );
+
+PGPError	PGPGetTokenInfoBooleanProperty( PGPContextRef context,
+					PGPUInt32 tokenNumber, PGPTokenProperty prop,
+					PGPBoolean *value );
+PGPError	PGPGetTokenInfoNumericProperty( PGPContextRef context,
+					PGPUInt32 tokenNumber, PGPTokenProperty prop,
+					PGPUInt32 *value );
+#undef		PGPGetTokenInfoDataProperty
+PGPError	PGPGetTokenInfoDataProperty( PGPContextRef context,
+					PGPUInt32 tokenNumber, PGPTokenProperty prop,
+					void *value, PGPSize size, PGPSize *sizeout );
+
+/* Deprecated, use PGPGetTokenInfo*() */
+PGPError	PGPGetTokenInfo( PGPContextRef context, 
+                    PGPUInt32 tokNumber, PGPTokenInfo *tokenInfo);
+
+/*____________________________________________________________________________
+	Getting contexts back from key related items.
+____________________________________________________________________________*/
+
+PGPContextRef	PGPPeekKeyDBContext( PGPKeyDBRef ref );
+PGPContextRef	PGPPeekKeyDBObjContext( PGPKeyDBObjRef ref );
+PGPContextRef	PGPPeekKeyListContext( PGPKeyListRef ref );
+PGPContextRef	PGPPeekKeySetContext( PGPKeySetRef ref );
+PGPContextRef	PGPPeekKeyIterContext( PGPKeyIterRef ref );
+
+/*____________________________________________________________________________
+	Getting parent objects from key related items.  If the input is invalid,
+	you get kInvalidPGPKeyDBObjRef back.
+____________________________________________________________________________*/
+
+PGPKeyDBRef		PGPPeekKeyDBObjKeyDB( PGPKeyDBObjRef ref );
+PGPKeyDBObjRef	PGPPeekKeyDBObjKey( PGPKeyDBObjRef ref );
+PGPKeyDBObjRef	PGPPeekKeyDBObjUserID( PGPKeyDBObjRef ref );
+
+/*____________________________________________________________________________
+    Secret sharing functionality
+____________________________________________________________________________*/
+
+PGPError	PGPSecretShareData(PGPContextRef context,
+					void const * input, PGPSize inputBytes,
+					PGPUInt32 threshold, PGPUInt32 nShares, void * output);
+
+PGPError	PGPSecretReconstructData(PGPContextRef context,
+					void * input, PGPSize outputBytes,
+					PGPUInt32 nShares, void * output);
+
+/*____________________________________________________________________________
+    X509 certificate specific
+____________________________________________________________________________*/
+
+PGPError	PGPVerifyX509CertificateChain (PGPContextRef context,
+					PGPByte *certchain, PGPByte *rootcerts);
+
+#undef		PGPCreateDistinguishedName
+PGPError	PGPCreateDistinguishedName( PGPContextRef context,
+					PGPChar8 const *str, PGPByte **pdname, PGPSize *pdnamelen );
+
+PGPError	PGPCreateX509Certificate(PGPKeyDBObjRef signingSig,
+					PGPKeyDBObjRef signedKey, PGPKeyDBObjRef *newSig,
+					PGPOptionListRef firstOption, ...);
+
+/* Pass PKCS-10 format request in PGPOInput.... */
+PGPError	PGPCreateX509CertificateFromRequest(PGPKeyDBObjRef signingSig,
+					PGPKeyDBObjRef *newSig, PGPOptionListRef firstOption, ...);
+
+PGPError	PGPCreateSelfSignedX509Certificate(PGPKeyDBObjRef signingKey,
+					PGPKeyDBObjRef *newSig, PGPOptionListRef firstOption, ...);
+
+PGPError	PGPCreateX509CRL(PGPKeyDBObjRef signingKey,
+					PGPKeySetRef revokedSigs,
+					PGPOptionListRef firstOption, ...);
+
+
+
+PGP_END_C_DECLARATIONS
+
+
+#endif /* ] Included_pgpKeys_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpLDAP.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpLDAP.h
new file mode 100644
index 0000000000..1cdce41630
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpLDAP.h
@@ -0,0 +1,722 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpLDAP.h,v 1.24 2004/01/23 08:12:49 dallen Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpLDAP_h	/* [ */
+#define Included_pgpLDAP_h
+
+#include "pgpBase.h"
+#include "pgpPubTypes.h"
+#include "pgpMemoryMgr.h"
+#include "pgpSockets.h"
+#include "pgpBER.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/* LDAP parameters and constants */
+#define kPGPldap_DefaultPort		389
+#define kPGPldap_DefaultSecurePort  636
+#define kPGPldap_DefaultVersion		2
+
+#define kPGPldapScopeString_Base		PGPTXT_MACHINE8("base")
+#define kPGPldapScopeString_OneLevel	PGPTXT_MACHINE8("one")
+#define kPGPldapScopeString_Subtree		PGPTXT_MACHINE8("sub")
+
+#define kPGPldap_DefaultFilterString	PGPTXT_MACHINE8("(objectclass=*)")
+
+
+
+/* Session options */
+#define kPGPldapOpt_Deref			1
+#define kPGPldapOpt_Sizelimit		2
+#define kPGPldapOpt_Timelimit		3
+#define kPGPldapOpt_Desc			4
+
+#define kPGPldapOpt_ON				((void *) 1)
+#define kPGPldapOpt_OFF 			((void *) 0)
+
+enum PGPldapResult_
+{
+	kPGPldapResult_Success						= 0x00,
+	kPGPldapResult_OperationsError				= 0x01,
+	kPGPldapResult_ProtocolError				= 0x02,
+	kPGPldapResult_TimelimitExceeded			= 0x03,
+	kPGPldapResult_SizelimitExceeded			= 0x04,
+	kPGPldapResult_CompareFalse 				= 0x05,
+	kPGPldapResult_CompareTrue					= 0x06,
+	kPGPldapResult_StrongAuthNotSupported		= 0x07,
+	kPGPldapResult_StrongAuthRequired			= 0x08,
+	kPGPldapResult_PartialResults				= 0x09,
+	kPGPldapResult_NoSuchAttribute				= 0x10,
+	kPGPldapResult_UndefinedType				= 0x11,
+	kPGPldapResult_InappropriateMatching		= 0x12,
+	kPGPldapResult_ConstraintViolation			= 0x13,
+	kPGPldapResult_TypeOrValueExists			= 0x14,
+	kPGPldapResult_InvalidSyntax				= 0x15,
+	kPGPldapResult_NoSuchObject 				= 0x20,
+	kPGPldapResult_AliasProblem 				= 0x21,
+	kPGPldapResult_InvalidDNSyntax				= 0x22,
+	kPGPldapResult_IsLeaf						= 0x23,
+	kPGPldapResult_AliasDerefProblem			= 0x24,
+	kPGPldapResult_InappropriateAuth			= 0x30,
+	kPGPldapResult_InvalidCredentials			= 0x31,
+	kPGPldapResult_InsufficientAccess			= 0x32,
+	kPGPldapResult_Busy 						= 0x33,
+	kPGPldapResult_Unavailable					= 0x34,
+	kPGPldapResult_UnwillingToPerform			= 0x35,
+	kPGPldapResult_LoopDetect					= 0x36,
+	kPGPldapResult_NamingViolation				= 0x40,
+	kPGPldapResult_ObjectClassViolation 		= 0x41,
+	kPGPldapResult_NotAllowedOnNonleaf			= 0x42,
+	kPGPldapResult_NotAllowedOnRDN				= 0x43,
+	kPGPldapResult_AlreadyExists				= 0x44,
+	kPGPldapResult_NoObjectClassMods			= 0x45,
+	kPGPldapResult_ResultsTooLarge				= 0x46,
+	kPGPldapResult_Other						= 0x50,
+	kPGPldapResult_ServerDown					= 0x51,
+	kPGPldapResult_LocalError					= 0x52,
+	kPGPldapResult_EncodingError				= 0x53,
+	kPGPldapResult_DecodingError				= 0x54,
+	kPGPldapResult_Timeout						= 0x55,
+	kPGPldapResult_AuthUnknown					= 0x56,
+	kPGPldapResult_FilterError					= 0x57,
+	kPGPldapResult_UserCancelled				= 0x58,
+	kPGPldapResult_ParamError					= 0x59,
+	kPGPldapResult_NoMemory 					= 0x5a,
+	kPGPldapResult_ConnectError 				= 0x5b,
+	
+	kPGPldapResult_None							= 0xFFFFFFFF
+};
+PGPENUM_TYPEDEF (PGPldapResult_, PGPldapResult);
+
+enum PGPldapType_
+{
+	kPGPldapType_None				= 0,
+
+	kPGPldapRequest_Bind			= 0x60, /* application + constructed */
+	kPGPldapRequest_Unbind			= 0x42, /* application + primitive	 */
+	kPGPldapRequest_Search			= 0x63, /* application + constructed */
+	kPGPldapRequest_Modify			= 0x66, /* application + constructed */
+	kPGPldapRequest_Add 			= 0x68, /* application + constructed */
+	kPGPldapRequest_Delete			= 0x4A, /* application + primitive	 */
+	kPGPldapRequest_ModifyRDN		= 0x6C, /* application + constructed */
+	kPGPldapRequest_Compare 		= 0x6E, /* application + constructed */
+	kPGPldapRequest_Abandon 		= 0x50, /* application + primitive	 */
+
+	kPGPldapResponse_Bind			= 0x61, /* application + constructed */
+	kPGPldapResponse_SearchEntry	= 0x64, /* application + constructed */
+	kPGPldapResponse_SearchResult	= 0x65, /* application + constructed */
+	kPGPldapResponse_Modify 		= 0x67, /* application + constructed */
+	kPGPldapResponse_Add			= 0x69, /* application + constructed */
+	kPGPldapResponse_Delete 		= 0x6B, /* application + constructed */
+	kPGPldapResponse_ModifyRDN		= 0x6D, /* application + constructed */
+	kPGPldapResponse_Compare		= 0x6F, /* application + constructed */
+
+	kPGPldapResponse_Any			= 0xFFFFFFFF
+};
+PGPENUM_TYPEDEF (PGPldapType_, PGPldapType);
+
+enum PGPldapScope_
+{
+	kPGPldapScope_Base			= 0,
+	kPGPldapScope_OneLevel		= 1,
+	kPGPldapScope_Subtree		= 2,
+
+	kPGPldapScope_None			= -1
+};
+PGPENUM_TYPEDEF (PGPldapScope_, PGPldapScope);
+
+enum PGPldapDeref_
+{
+	kPGPldapDeref_Never 		= 0,
+	kPGPldapDeref_Searching 	= 1,
+	kPGPldapDeref_Finding		= 2,
+	kPGPldapDeref_Always		= 3
+};
+PGPENUM_TYPEDEF (PGPldapDeref_, PGPldapDeref);
+
+enum PGPldapAuth_
+{
+	kPGPldapAuth_Simple 		= 0x80	/* context-specific + primitive, tag = 0 */
+	/* Not implemented -- kPGPldapAuth_Kerb41		  = 0x81, */
+	/* Not implemented -- kPGPldapAuth_Kerb42		  = 0x82  */
+};
+PGPENUM_TYPEDEF (PGPldapAuth_, PGPldapAuth);
+
+enum PGPldapFilter_
+{
+	kPGPldapFilter_And			= 0xA0,	/* context specific + constructed, tag = 0 */
+	kPGPldapFilter_Or			= 0xA1,	/* context specific + constructed, tag = 1 */
+	kPGPldapFilter_Not			= 0xA2,	/* context specific + constructed, tag = 2 */
+	kPGPldapFilter_Equal		= 0xA3,	/* context specific + constructed, tag = 3 */
+	kPGPldapFilter_Substrings	= 0xA4,	/* context specific + constructed, tag = 4 */
+	kPGPldapFilter_GE			= 0xA5,	/* context specific + constructed, tag = 5 */
+	kPGPldapFilter_LE			= 0xA6,	/* context specific + constructed, tag = 6 */
+	kPGPldapFilter_Present		= 0x87,	/* context specific + primitive,   tag = 7 */
+	kPGPldapFilter_Approx		= 0xA8,	/* context specific + constructed, tag = 8 */
+
+	kPGPldapFilter_None			= (-1L)
+};
+PGPENUM_TYPEDEF( PGPldapFilter_, PGPldapFilter );
+
+enum PGPldapSubstring_
+{
+	kPGPldapSubstring_Initial	= 0x80,	/* context specific + primitive, tag = 0 */
+	kPGPldapSubstring_Any		= 0x81,	/* context specific + primitive, tag = 1 */
+	kPGPldapSubstring_Final		= 0x82,	/* context specific + primitive, tag = 2 */
+
+	kPGPldapSubstring_None		= (-1L)
+};
+PGPENUM_TYPEDEF( PGPldapSubstring_, PGPldapSubstring );
+
+enum PGPldapModOp_
+{
+	kPGPldapModOp_Add			= 0x00,
+	kPGPldapModOp_Delete		= 0x01,
+	kPGPldapModOp_Replace		= 0x02,
+
+	kPGPldapModOp_None			= (-1L)
+};
+PGPENUM_TYPEDEF( PGPldapModOp_, PGPldapModOp );
+
+#define kPGPldapModOpMask_UseBERValues	0x10
+
+
+/* LDAP Data types: typedefs, structs, and whatnot */
+
+typedef PGPUInt32 PGPldapMessageID;
+
+#define kPGPldapMessageID_Any		( (PGPldapMessageID) -1 )
+#define kInvalidPGPldapMessageID	( (PGPldapMessageID)  0 )
+#define PGPldapMessageIDIsValid(messageID) \
+			( (messageID) != kInvalidPGPldapMessageID )
+#define PGPValidateLDAPMessageID(messageID) \
+			PGPValidateParam( PGPldapMessageIDIsValid( messageID ) )
+
+typedef struct PGPldapContext *	PGPldapContextRef;
+
+#define kInvalidPGPldapContextRef		( (PGPldapContextRef) NULL )
+#define PGPldapContextRefIsValid(pgpLDAP)	\
+			( (pgpLDAP) != kInvalidPGPldapContextRef )
+#define PGPValidateLDAPContextRef(context) \
+			PGPValidateParam( PGPldapContextRefIsValid( context ) )
+
+typedef struct PGPldapMessage *	PGPldapMessageRef;
+
+#define kInvalidPGPldapMessageRef		( (PGPldapMessageRef) NULL)
+#define PGPldapMessageRefIsValid(message)	\
+			( (message) != kInvalidPGPldapMessageRef )
+#define PGPValidateLDAPMessageRef(message) \
+			PGPValidateParam( PGPldapMessageRefIsValid( message ) )
+
+
+#define IsPGPldapError(err) \
+			( ( (err) >= kPGPError_LDAPMIN ) && ( (err) <= kPGPError_LDAPMAX ) )
+
+
+/* Callbacks for using LDAP functions in multithreaded apps */
+typedef struct PGPldapThreadFns
+{
+	void *		(*pgpLDAPThread_MutexAlloc) 	(void);
+	void		(*pgpLDAPThread_MutexFree)		(void *);
+	PGPError	(*pgpLDAPThread_MutexLock)		(void *);
+	PGPError	(*pgpLDAPThread_MutexUnlock)	(void *);
+	void		(*pgpLDAPThread_SetErrno)		(int);
+	PGPError	(*pgpLDAPThread_GetErrno)		(void);
+	void		(*pgpLDAPThread_SetLDAPErrno)	(PGPInt32, PGPChar8 *, PGPChar8 *);
+	PGPInt32	(*pgpLDAPThread_GetLDAPErrno)	(PGPChar8 **, PGPChar8 **);
+} PGPldapThreadFns;
+
+typedef struct PGPldapMod
+{
+	PGPldapModOp	op;
+	PGPChar8 *		type;
+
+    PGPChar8 **		value;
+    PGPberValue **	bvalue;
+} PGPldapMod;
+
+typedef struct PGPldapURLDesc
+{
+	PGPChar8 *		host;
+	PGPUInt16		port;
+
+	PGPChar8 *		dn;
+	PGPChar8 **		attrs;
+
+	PGPldapScope	scope;
+	PGPChar8 *		filter;
+
+} PGPldapURLDesc;
+
+typedef PGPError (* PGPldapRebindProcPtr )(
+						PGPldapContextRef	pgpLDAP,
+						PGPChar8 **			dnp,
+						PGPChar8 **			pwp,
+						PGPInt32 *			method,
+						PGPBoolean			freeIt,
+						PGPChar8 *			arg );
+
+
+/* LDAP function prototypes */
+/*
+ * Above each function is the name of the analogous function
+ * in the UMich or Netscape LDAP SDK.  While there are some subtle
+ * differences, for the most part, each function works basically
+ * the same as it's UMich/Netscape SDK counterpart.
+ */
+
+/* Memory management functions */
+	PGPError
+PGPNewLDAPContext(
+	PGPContextRef		context,
+	PGPldapContextRef	*pgpLDAP );
+
+	PGPError
+PGPNewLDAPMessage(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef *	message );
+
+	PGPError
+PGPFreeLDAPContext(
+	PGPldapContextRef	pgpLDAP );
+
+	PGPError
+PGPFreeLDAPMessage(
+	PGPldapMessageRef	message );
+
+	/* ldap_value_free */
+	PGPError
+PGPFreeLDAPValues(
+	PGPChar8 **			vals );
+
+	/* ldap_value_free_len */
+	PGPError
+PGPFreeLDAPValuesLen( 
+	PGPberValue **		bvals );
+
+	PGPError
+PGPFreeLDAPURLDesc(
+	PGPldapURLDesc *	lud );
+
+
+/* Result-handling functions */
+	/* ldap_get_lderrno */
+	PGPError 
+PGPldapGetErrno(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 **			matched,
+	PGPChar8 **			message,
+	PGPldapResult *		result );
+
+	PGPError
+PGPldapResultToError(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapResult		result );
+
+/* LDAP option functions */
+	/* ldap_set_option */
+	PGPError
+PGPldapSetOption(
+	PGPldapContextRef	pgpLDAP, 
+	PGPUInt32			option,
+	void *				value );
+
+	/* ldap_get_option */
+	PGPError
+PGPldapGetOption(
+	PGPldapContextRef	pgpLDAP,
+	PGPUInt32			option,
+	void *				value );
+
+
+/* Connection starting and stopping functions */
+	/* ldap_open */
+	PGPError
+PGPldapOpen(
+	PGPldapContextRef		pgpLDAP,
+	PGPChar8 *				host, 
+	PGPUInt16				port );
+
+	PGPError
+PGPldapOpenTimeout(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			host,
+	PGPUInt16			port,
+	PGPSocketsTimeValue	*tv );
+
+	/* ldap_simple_bind_s */
+	PGPError 
+PGPldapSimpleBindSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			password );
+
+	/* ldap_simple_bind_st (extension) */
+	PGPError
+PGPldapSimpleBindSyncTimeout(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			password,
+	PGPSocketsTimeValue *tv);
+
+	/* ldap_simple_bind */
+	PGPError
+PGPldapSimpleBind(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			password,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_bind_s */
+	PGPError
+PGPldapBindSync(
+	PGPldapContextRef	pgpLDAP, 
+	PGPChar8 *			dn,
+	PGPChar8 *			password,
+	PGPldapAuth			method );
+
+	/* ldap_bind */
+	PGPError
+PGPldapBind(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			password,
+	PGPldapAuth			method,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_unbind */
+	PGPError
+PGPldapUnbind(
+	PGPldapContextRef	pgpLDAP );
+
+
+/* Searching functions */
+	/* ldap_search_s */
+	PGPError 
+PGPldapSearchSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			base,
+	PGPldapScope		scope,
+	PGPChar8 *			filter,
+	PGPChar8 *			attrs[],
+	PGPBoolean			attrsOnly,
+	PGPldapMessageRef	resultMessage );
+
+	/* ldap_search_st */
+	PGPError
+PGPldapSearchSyncTimeout(
+	PGPldapContextRef		pgpLDAP,
+	PGPChar8 *				base,
+	PGPldapScope			scope,
+	PGPChar8 *				filter,
+	PGPChar8 *				attrs[],
+	PGPBoolean				attrsOnly,
+	PGPSocketsTimeValue *	tv,
+	PGPldapMessageRef		resultMessage );
+
+	/* ldap_search */
+	PGPError 
+PGPldapSearch(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			base,
+	PGPldapScope		scope,
+	PGPChar8 *			filter,
+	PGPChar8 *			attrs[],
+	PGPBoolean			attrsOnly,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_count_entries */
+	PGPError
+PGPldapCountEntries(
+	PGPldapContextRef	pgpLDAP, 
+	PGPldapMessageRef	result,
+	PGPInt32 *			num );
+
+	/* ldap_first_entry */
+	PGPError
+PGPldapFirstEntry(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	result,
+	PGPldapMessageRef *	outMessage );
+
+	/* ldap_next_entry */
+	PGPError
+PGPldapNextEntry(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	prevEntry,
+	PGPldapMessageRef *	outMessage );
+
+	/* ldap_get_dn */
+	PGPError
+PGPldapGetDN(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	entry,
+	PGPChar8 **			dn );	/* Should be freed by PGPFreeData */
+
+	/* ldap_first_attribute */
+	PGPError
+PGPldapFirstAttribute( 
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	entry,
+	PGPberElementRef *	ber,
+	PGPChar8 **				attr );	/* Should be freed by PGPFreeData */
+
+	/* ldap_next_attribute */
+	PGPError
+PGPldapNextAttribute(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	entry,
+	PGPberElementRef	ber,
+	PGPChar8 **				attr );	/* Should be freed by PGPFreeData */
+
+	/* ldap_get_values */
+	PGPError
+PGPldapGetValues(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	entry,
+	PGPChar8 *			attr,
+	PGPChar8 ***		values );	/* Should be freed by PGPFreeLDAPValues */
+
+	/* ldap_get_values_len */
+	PGPError
+PGPldapGetValuesLen(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	entry,
+	PGPChar8 *			attr,
+	PGPberValue ***		values );	/* Should be freed by PGPFreeLDAPValuesLen */
+
+	/* ldap_count_values */
+	PGPError
+PGPldapCountValues(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 **			values,
+	PGPSize *			num );
+
+	/* ldap_count_values_len */
+	PGPError
+PGPldapCountValuesLen(
+	PGPldapContextRef	pgpLDAP,
+	PGPberValue **		values,
+	PGPSize *			num );
+
+
+/* Update functions */
+
+	/* ldap_modify */
+	PGPError
+PGPldapModify(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[],
+	PGPldapMessageID *	messageID );
+
+	/* ldap_modify_s */
+	PGPError
+PGPldapModifySync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[] );
+
+	/* ldap_modify_st (extension) */
+	PGPError
+PGPldapModifySyncTimeout(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[],
+	PGPSocketsTimeValue *tv);
+
+	/* ldap_add */
+	PGPError
+PGPldapAdd(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[],
+	PGPldapMessageID *	messageID );
+
+	/* ldap_add_s */
+	PGPError
+PGPldapAddSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[] );
+
+	/* ldap_add_st (extension) */
+	PGPError
+PGPldapAddSyncTimeout(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMod *		mod[],
+	PGPSocketsTimeValue	*tv );
+
+	/* ldap_delete */
+	PGPError
+PGPldapDelete(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_delete_s */
+	PGPError
+PGPldapDeleteSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn );
+
+	/* ldap_delete_st (extension) */
+	PGPError
+PGPldapDeleteSyncTimeout(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPSocketsTimeValue *tv);
+
+	/* ldap_modrdn2 */
+	PGPError
+PGPldapModifyRDN(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			newRDN,
+	PGPBoolean			deleteOldRDN,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_modrdn2_s */
+	PGPError
+PGPldapModifyRDNSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			newRDN,
+	PGPBoolean			deleteOldRDN );
+
+	/* ldap_compare */
+	PGPError
+PGPldapCompare(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			type,
+	PGPChar8 *			value,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_compare_s */
+	PGPError
+PGPldapCompareSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPChar8 *			type,
+	PGPChar8 *			value,
+	PGPBoolean *		equal );
+
+	PGPError
+PGPldapGetCompareResult(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageID	messageID,
+	PGPBoolean *		equal );
+
+
+/* Other functions */
+	/* ldap_result */
+	PGPError
+PGPldapGetResult(
+	PGPldapContextRef		pgpLDAP,
+	PGPldapMessageID		messageID,
+	PGPBoolean				all,
+	PGPSocketsTimeValue *	timeout,
+	PGPldapMessageRef		result,
+	PGPldapType *			messageType );
+
+	/* ldap_abandon */
+	PGPError
+PGPldapAbandon(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageID	messageID );
+
+	/* ldap_msgid */
+	PGPError
+PGPldapGetMessageID(
+	PGPldapContextRef	pgpLDAP, 
+	PGPldapMessageRef	result,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_is_ldap_url */
+	PGPError
+PGPldapIsLDAPURL(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			url,
+	PGPBoolean *		isURL );
+
+	/* ldap_url_parse */
+	PGPError
+PGPldapURLParse( 
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			url,
+	PGPldapURLDesc **	outLDAPDesc );	/* Should be freed by PGPFreeLDAPURLDesc */
+
+	/* ldap_url_search */
+	PGPError
+PGPldapURLSearch(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			url,
+	PGPBoolean			attrsOnly,
+	PGPldapMessageID *	messageID );
+
+	/* ldap_url_search */
+	PGPError
+PGPldapURLSearchSync(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			url,
+	PGPBoolean			attrsOnly,
+	PGPldapMessageRef	resultMessage );
+
+	/* ldap_url_search */
+	PGPError
+PGPldapURLSearchSyncTimeout(
+	PGPldapContextRef		pgpLDAP,
+	PGPChar8 *				url,
+	PGPBoolean				attrsOnly,
+	PGPSocketsTimeValue *	tv,
+	PGPldapMessageRef		resultMessage );
+
+	/* ldap_explode_dn */
+	PGPError
+PGPldapExplodeDN(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 *			dn,
+	PGPBoolean			noTypes,
+	PGPChar8 ***		components );	/* Should be freed by PGPFreeLDAPValues */
+
+	/* ldap_sort_entries */
+	PGPError
+PGPldapSortEntries(
+	PGPldapContextRef	pgpLDAP,
+	PGPldapMessageRef	chain,
+	PGPChar8 *			attr,
+	PGPInt32			(*compare)( PGPChar8 ** a, PGPChar8 ** b ),
+	PGPldapMessageRef	sortedChain );
+
+	/* ldap_sort_values */
+	PGPError
+PGPldapSortValues(
+	PGPldapContextRef	pgpLDAP,
+	PGPChar8 **			vals,
+	PGPInt32			(*compare)( PGPChar8 ** a, PGPChar8 ** b ),
+	PGPChar8 ***		sortedVals );
+
+	/* ldap_sort_strcasecmp */
+	PGPInt32
+PGPldapCompareStringsIgnoreCase(
+	PGPChar8 **			s1,
+	PGPChar8 **			s2 );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpLDAP_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpMemoryMgr.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpMemoryMgr.h
new file mode 100644
index 0000000000..1a86a22a46
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpMemoryMgr.h
@@ -0,0 +1,220 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpMemoryMgr.h,v 1.9 2003/11/08 04:04:49 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpMemoryMgr_h	/* [ */
+#define Included_pgpMemoryMgr_h
+
+#include "pgpBase.h"
+
+/*____________________________________________________________________________
+	Mini-tutorial:
+	
+	A PGPMemoryMgr is an object which implements memory management, including
+	allocation, reallocation, deallocation, and secure versions of the same.
+	
+	*** Using it ***
+	A typical sequence of calls is as follows:
+		PGPNewMemoryMgr
+		...
+		PGPNewData or PGPNewSecureData
+		PGPFreeData
+		...
+		PGPFreeMemoryMgr
+	
+	Typically, a program will create one PGPMemoryMgr per thread at
+	thread creation time and use that memory mgr until the thread dies.
+	Generally, an individual PGPMemoryMgr instance is not thread-safe;
+	you must either synchronize or use one PGPMemoryMgr per thread.
+	
+	
+	*** Custom Allocators ***
+	
+	Default allocators are supplied, but the client can create a custom
+	PGPMemoryMgr using PGPNewMemoryMgrCustom() which uses client-supplied
+	routines.
+	Custom routines need only concern themselves with the actual
+	allocation and deallocation.
+	The following should be kept in mind for user supplied routines:
+		- they can ignore the allocation flags passed
+		- leaks, memory clearing, etc is done by the PGPMemoryMgr
+		- secure allocator must set 'isNonPageable' to TRUE only if the
+		memory really can't be paged.
+		- the user value is not interpreted by the PGPMemoryMgr. Typically,
+		it would be a pointer to some data the allocation routines use
+		to store state.
+	
+	
+	*** Secure memory allocation ***
+	
+	Blocks can be allocated as "Secure" blocks.  Secure blocks are guaranteed
+	to be wiped when they are deallocated.  Additionally, if the operating
+	system and the current conditions allow, the block will be allocated
+	in non-pageable memory.  You can determine the attributes of a block using
+	PGPGetMemoryMgrDataInfo().
+	
+	
+	*** Leaks tracking ***
+	
+	Leaks tracking is implemented when debugging is on,
+	but currently reporting is limited to reporting the number of leaks
+	outstanding when the PGPMemoryMgr is disposed.
+	
+	
+	*** Debugging ***
+	
+	For debugging purposes, blocks may be larger in debug mode to accomodate
+	various schemes to detect stray pointers, etc.
+____________________________________________________________________________*/
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k
+#endif
+
+enum 
+{
+	kPGPMemoryMgrFlags_None		=	0,
+	kPGPMemoryMgrFlags_Clear	=	1
+};
+
+typedef PGPFlags	PGPMemoryMgrFlags;
+
+typedef struct PGPMemoryMgr	*	PGPMemoryMgrRef;
+
+#define	kInvalidPGPMemoryMgrRef			((PGPMemoryMgrRef) NULL)
+#define PGPMemoryMgrRefIsValid(ref)		((ref) != kInvalidPGPMemoryMgrRef)
+
+typedef	void	*(*PGPMemoryMgrAllocationProc)( PGPMemoryMgrRef mgr,
+						PGPUserValue userValue,
+						PGPSize requestSize, PGPMemoryMgrFlags flags );
+
+/* realloc not be implemented using PGPNewData() */
+typedef	PGPError (*PGPMemoryMgrReallocationProc)( PGPMemoryMgrRef mgr,
+						PGPUserValue userValue,
+						void **allocation, PGPSize newAllocationSize,
+						PGPMemoryMgrFlags flags, PGPSize existingSize );
+
+typedef	PGPError (*PGPMemoryMgrDeallocationProc)( PGPMemoryMgrRef mgr,
+						PGPUserValue userValue,
+						void *allocation, PGPSize allocationSize );
+
+
+typedef	void	*(*PGPMemoryMgrSecureAllocationProc)( PGPMemoryMgrRef mgr,
+						PGPUserValue userValue,
+						PGPSize requestSize, PGPMemoryMgrFlags flags,
+						PGPBoolean *isNonPageable );
+						
+
+/* deallocation proc need not clear the memory upon deallocation since
+	PGPFreeData() does it automatically */
+typedef	PGPError (*PGPMemoryMgrSecureDeallocationProc)( PGPMemoryMgrRef mgr,
+						PGPUserValue userValue,
+						void *allocation, PGPSize allocationSize,
+						PGPBoolean	wasLocked );
+
+typedef struct PGPNewMemoryMgrStruct
+{
+	/* sizeofStruct must be inited to sizeof( PGPNewMemoryMgrStruct ) */
+	PGPUInt32		sizeofStruct;
+	PGPFlags		reservedFlags;
+	
+	PGPMemoryMgrAllocationProc		allocProc;
+	PGPMemoryMgrReallocationProc	reallocProc;
+	PGPMemoryMgrDeallocationProc	deallocProc;
+	
+	PGPMemoryMgrSecureAllocationProc		secureAllocProc;
+	void *									reserved;	/* MUST be zeroed */
+	PGPMemoryMgrSecureDeallocationProc		secureDeallocProc;
+	
+	PGPUserValue					customValue;
+	void *							pad[ 8 ];	/* MUST be zeroed */
+} PGPNewMemoryMgrStruct;
+
+PGP_BEGIN_C_DECLARATIONS
+
+
+/*____________________________________________________________________________
+	Memory Mgr routines
+____________________________________________________________________________*/
+
+PGPError	PGPNewMemoryMgr( PGPFlags reserved, PGPMemoryMgrRef *newMemoryMgr );
+
+PGPError	PGPNewMemoryMgrCustom( PGPNewMemoryMgrStruct const * custom,
+				PGPMemoryMgrRef *newMemoryMgr );
+
+PGPError	PGPFreeMemoryMgr( PGPMemoryMgrRef mgr );
+
+PGPError	PGPGetMemoryMgrCustomValue( PGPMemoryMgrRef mgr,
+					PGPUserValue *customValue );
+PGPError	PGPSetMemoryMgrCustomValue( PGPMemoryMgrRef mgr,
+				PGPUserValue customValue );
+
+PGPError	PGPValidateMemoryMgr( PGPMemoryMgrRef mgr );
+
+/* allocate a block of the specified size */
+void *  	PGPNewData( PGPMemoryMgrRef mgr,
+				PGPSize requestSize, PGPMemoryMgrFlags flags );
+				
+/* allocate a block of the specified size in non-pageable memory */
+/* *isSecure is TRUE if the block definitely can't be paged */
+void *  	PGPNewSecureData( PGPMemoryMgrRef mgr,
+				PGPSize requestSize, PGPMemoryMgrFlags flags );
+
+/* properly reallocs secure or non-secure blocks */
+/* WARNING: the block may move, even if its size is being reduced */
+PGPError  	PGPReallocData( PGPMemoryMgrRef mgr,
+					void **allocation, PGPSize newAllocationSize,
+					PGPMemoryMgrFlags flags );
+					
+/* properly frees secure or non-secure blocks */
+PGPError 	PGPFreeData( void *allocation );
+
+
+/*____________________________________________________________________________
+	Block Info:
+		kPGPMemoryMgrBlockInfo_Valid		it's a valid block
+		kPGPMemoryMgrBlockInfo_Secure		block is a secure allocation
+		kPGPMemoryMgrBlockInfo_NonPageable	block cannot be paged by VM
+		
+	Secure blocks are always wiped before being disposed,
+	but may or may not be pageable, depending on the OS facilities.  Some
+	OSs may not provide the ability to make blocks non-pageable.
+	
+	You should check these flags if the information matters to you.
+____________________________________________________________________________*/
+#define kPGPMemoryMgrBlockInfo_Valid		( ((PGPFlags)1) << 0 )
+#define kPGPMemoryMgrBlockInfo_Secure		( ((PGPFlags)1) << 1 )
+#define kPGPMemoryMgrBlockInfo_NonPageable	( ((PGPFlags)1) << 2 )
+PGPFlags		PGPGetMemoryMgrDataInfo( void *allocation );
+
+
+/*____________________________________________________________________________
+	Default memory manager routines:
+____________________________________________________________________________*/
+
+PGPMemoryMgrRef	PGPGetDefaultMemoryMgr(void);
+PGPError		PGPSetDefaultMemoryMgr(PGPMemoryMgrRef memoryMgr);
+
+
+PGP_END_C_DECLARATIONS
+
+
+
+#if PGP_MACINTOSH
+#pragma options align=reset
+#endif
+
+
+#endif /* ] Included_pgpMemoryMgr_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpOptionList.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpOptionList.h
new file mode 100644
index 0000000000..a0ef6ceab6
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpOptionList.h
@@ -0,0 +1,542 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file contains the types and prototypes for functions which manipulate
+	PGPOptionList data structures.
+
+	$Id: pgpOptionList.h,v 1.43 2004/05/15 02:48:39 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpOptionList_h	/* [ */
+#define Included_pgpOptionList_h
+
+#include <stdarg.h>
+
+#include "pgpPubTypes.h"
+
+#if PGP_MACINTOSH
+#include <Files.h>
+#elif PGP_OSX
+	struct FSSpec;
+#endif
+
+/* Standard event callback declaration */
+struct PGPEvent;
+typedef PGPError (*PGPEventHandlerProcPtr)(PGPContextRef context,
+						struct PGPEvent *event, PGPUserValue userValue);
+
+/* Export formats for exporting functions */
+enum PGPExportFormat_
+{
+	kPGPExportFormat_Basic				= 1,
+	kPGPExportFormat_Complete			= 255,
+
+    kPGPExportFormat_TokenKeyContainer  = 256,
+	
+	kPGPExportFormat_X509Cert			= 10000,
+	kPGPExportFormat_PKCS8,
+
+	kPGPExportFormat_X509CertReq		= 11000,
+	kPGPExportFormat_NetToolsCAV1_CertReq,
+	kPGPExportFormat_VerisignV1_CertReq,
+	kPGPExportFormat_EntrustV1_CertReq,
+	kPGPExportFormat_NetscapeV1_CertReq,
+	kPGPExportFormat_MicrosoftV1_CertReq,
+
+	kPGPExportFormat_X509GetCertInitial	= 11010,
+	kPGPExportFormat_NetToolsCAV1_GetCertInitial,
+	kPGPExportFormat_VerisignV1_GetCertInitial,
+	kPGPExportFormat_EntrustV1_GetCertInitial,
+	kPGPExportFormat_NetscapeV1_GetCertInitial,
+	kPGPExportFormat_MicrosoftV1_GetCertInitial,
+	
+	kPGPExportFormat_X509GetCRL	= 11020,
+	kPGPExportFormat_NetToolsCAV1_GetCRL,
+	kPGPExportFormat_VerisignV1_GetCRL,
+	kPGPExportFormat_EntrustV1_GetCRL,
+	kPGPExportFormat_NetscapeV1_GetCRL,
+	kPGPExportFormat_MicrosoftV1_GetCRL,
+
+	PGP_ENUM_FORCE( PGPExportFormat_ )
+};
+PGPENUM_TYPEDEF( PGPExportFormat_, PGPExportFormat );
+
+/* Input formats for PGPOInputFormat */
+enum PGPInputFormat_
+{
+	kPGPInputFormat_Unknown 		= 0,
+	kPGPInputFormat_PGP 			= 1,
+	
+	kPGPInputFormat_X509DataInPKCS7 = 10000,
+	kPGPInputFormat_NetToolsCAV1_DataInPKCS7,
+	kPGPInputFormat_VerisignV1_DataInPKCS7,
+	kPGPInputFormat_EntrustV1_DataInPKCS7,
+	kPGPInputFormat_MicrosoftV1_DataInPKCS7,
+	kPGPInputFormat_NetscapeV1_DataInPKCS7,
+
+	kPGPInputFormat_PEMEncodedX509Cert,
+	kPGPInputFormat_NetToolsCAV1_PEMEncoded,
+	kPGPInputFormat_VerisignV1_PEMEncoded,
+	kPGPInputFormat_EntrustV1_PEMEncoded,
+	kPGPInputFormat_MicrosoftV1_PEMEncoded,
+	kPGPInputFormat_NetscapeV1_PEMEncoded,
+
+	/* Input formats for X.509 private keys */
+	kPGPInputFormat_PrivateKeyInfo,
+	kPGPInputFormat_PKCS12,
+
+	kPGPInputFormat_SMIMEBody = 12000,
+	kPGPInputFormat_SMIMEBodySignedData = 12001,
+	kPGPInputFormat_SMIMEBodyEncryptedData = 12002,
+
+	PGP_ENUM_FORCE( PGPInputFormat_ )
+};
+PGPENUM_TYPEDEF( PGPInputFormat_, PGPInputFormat );
+
+/* Output formats for PGPOOutputFormat */
+enum PGPOutputFormat_
+{
+	kPGPOutputFormat_Unknown 			= 0,
+	kPGPOutputFormat_PGP 				= 1,
+	
+	kPGPOutputFormat_X509CertReqInPKCS7 = 10000,
+	kPGPOutputFormat_NetToolsCAV1_CertReqInPKCS7,
+	kPGPOutputFormat_VerisignV1_CertReqInPKCS7,
+	kPGPOutputFormat_EntrustV1_CertReqInPKCS7,
+	kPGPOutputFormat_NetscapeV1_CertReqInPKCS7,
+	kPGPOutputFormat_MicrosoftV1_CertReqInPKCS7,
+
+	kPGPOutputFormat_X509GetCertInitialInPKCS7 = 10010,
+	kPGPOutputFormat_NetToolsCAV1_GetCertInitialInPKCS7,
+	kPGPOutputFormat_VerisignV1_GetCertInitialInPKCS7,
+	kPGPOutputFormat_EntrustV1_GetCertInitialInPKCS7,
+	kPGPOutputFormat_NetscapeV1_GetCertInitialInPKCS7,
+	kPGPOutputFormat_MicrosoftV1_GetCertInitialInPKCS7,
+
+	kPGPOutputFormat_X509GetCRLInPKCS7 = 10020,
+	kPGPOutputFormat_NetToolsCAV1_GetCRLInPKCS7,
+	kPGPOutputFormat_VerisignV1_GetCRLInPKCS7,
+	kPGPOutputFormat_EntrustV1_GetCRLInPKCS7,
+	kPGPOutputFormat_NetscapeV1_GetCRLInPKCS7,
+	kPGPOutputFormat_MicrosoftV1_GetCRLInPKCS7,
+
+	kPGPOutputFormat_SMIMEBodySignedData = 12001,
+	kPGPOutputFormat_SMIMEBodyEncryptedData = 12002,
+	
+	PGP_ENUM_FORCE( PGPOutputFormat_ )
+};
+PGPENUM_TYPEDEF( PGPOutputFormat_, PGPOutputFormat );
+
+/* Attribute-Value structure for PGPOAttributeValue */
+enum PGPAVAttribute_
+{
+	/* Pointer properties */
+	kPGPAVAttributeFirstPointer = 0,
+	kPGPAVAttribute_CommonName = kPGPAVAttributeFirstPointer,
+	kPGPAVAttribute_Email,
+	kPGPAVAttribute_OrganizationName,
+	kPGPAVAttribute_OrganizationalUnitName,
+	kPGPAVAttribute_SurName,
+	kPGPAVAttribute_SerialNumber,
+	kPGPAVAttribute_Country,
+	kPGPAVAttribute_Locality,
+	kPGPAVAttribute_State,
+	kPGPAVAttribute_StreetAddress,
+	kPGPAVAttribute_Title,
+	kPGPAVAttribute_Description,
+	kPGPAVAttribute_PostalCode,
+	kPGPAVAttribute_POBOX,
+	kPGPAVAttribute_PhysicalDeliveryOfficeName,
+	kPGPAVAttribute_TelephoneNumber,
+	kPGPAVAttribute_X121Address,
+	kPGPAVAttribute_ISDN,
+	kPGPAVAttribute_DestinationIndicator,
+	kPGPAVAttribute_Name,
+	kPGPAVAttribute_GivenName,
+	kPGPAVAttribute_Initials,
+	kPGPAVAttribute_HouseIdentifier,
+	kPGPAVAttribute_DirectoryManagementDomain,
+	kPGPAVAttribute_DomainComponent,
+	kPGPAVAttribute_UnstructuredName,
+	kPGPAVAttribute_UnstructuredAddress,
+	kPGPAVAttribute_RFC822Name,
+	kPGPAVAttribute_DNSName,
+	kPGPAVAttribute_AnotherName,
+	kPGPAVAttribute_IPAddress,
+	kPGPAVAttribute_CertificateExtension,
+	kPGPAVAttribute_SCEPChallenge,
+
+	/* Verisign specific */
+	kPGPAVAttribute_Challenge,
+	kPGPAVAttribute_CertType,
+    kPGPAVAttribute_MailFirstName,
+    kPGPAVAttribute_MailMiddleName,
+    kPGPAVAttribute_MailLastName,
+    kPGPAVAttribute_EmployeeID,
+    kPGPAVAttribute_MailStop,
+    kPGPAVAttribute_AdditionalField4,
+    kPGPAVAttribute_AdditionalField5,
+    kPGPAVAttribute_AdditionalField6,
+    kPGPAVAttribute_Authenticate,
+
+	/* Generic pointer properties continue */
+	kPGPAVAttribute_KeyID = kPGPAVAttribute_Authenticate+100,
+
+	kPGPAVAttributeLastPointer = kPGPAVAttribute_KeyID,
+
+	/* Boolean properties */
+	kPGPAVAttributeFirstBoolean = 1000,
+
+	/* Verisign specific */
+    kPGPAVAttribute_EmbedEmail,
+
+
+	/* Numeric (PGPUInt32) properties */
+	kPGPAVAttributeFirstNumber = 2000,
+
+	PGP_ENUM_FORCE( PGPAVAttribute_ )
+} ;
+PGPENUM_TYPEDEF( PGPAVAttribute_, PGPAVAttribute );
+
+typedef struct PGPAttributeValue
+{
+	PGPAVAttribute	attribute;
+	PGPUInt32			size;
+	union
+	{
+		PGPBoolean  booleanvalue;
+		PGPUInt32   longvalue;
+		void       *pointervalue;
+		
+	} value;      
+	    
+	PGPUInt32	 	unused;
+} PGPAttributeValue ;
+
+enum PGPSMIMEMatchCriterion_
+{
+	kPGPSMIMEMatchCriterion_Exact	= 1,	/* exact matching per SMIME spec (default) */
+	kPGPSMIMEMatchCriterion_Related	= 2,	/* use Issuer from IASN, use Exact first then Any for keyIdentifier */
+	kPGPSMIMEMatchCriterion_Any		= 3,	/* try all */
+
+	PGP_ENUM_FORCE( PGPSMIMEMatchCriterion_ )
+} ;
+PGPENUM_TYPEDEF( PGPSMIMEMatchCriterion_, PGPSMIMEMatchCriterion );
+
+PGP_BEGIN_C_DECLARATIONS
+
+
+PGPError	PGPNewOptionList( PGPContextRef context, PGPOptionListRef *outList );
+PGPError 	PGPAppendOptionList( PGPOptionListRef optionList,
+					PGPOptionListRef firstOption, ... );
+PGPError 	PGPBuildOptionList( PGPContextRef context,
+					PGPOptionListRef *outList,
+					PGPOptionListRef firstOption, ... );
+PGPError	PGPCopyOptionList( PGPOptionListRef optionList,
+					PGPOptionListRef *outList );
+PGPError 	PGPFreeOptionList( PGPOptionListRef optionList );
+
+/*
+**	The following functions are used to create PGPOptionListRef's for
+**	specifying the various options to several SDK functions. The
+**	functions can be used as inline parameters in a temporary manner or
+**	used with PGPBuildOptionList() to create persistent lists.
+*/
+
+/*
+** Special PGPOptionListRef to mark last option passed to those functions
+** which take variable lists of PGPOptionListRef's:
+*/
+
+PGPOptionListRef	PGPOLastOption( PGPContextRef context );
+
+/* Special PGPOptionListRef which is always ignored: */
+
+PGPOptionListRef	PGPONullOption( PGPContextRef context);
+
+/* Data input (required): */
+
+PGPOptionListRef 	PGPOInputFile( PGPContextRef context,
+							PGPFileSpecRef fileRef );
+PGPOptionListRef 	PGPOInputBuffer( PGPContextRef context,
+							void const *buffer, PGPSize bufferSize );
+#if PGP_MACINTOSH || PGP_OSX
+PGPOptionListRef 	PGPOInputFileFSSpec( PGPContextRef context,
+							const struct FSSpec *fileSpec );
+#endif
+	
+/* Data output (optional, generates event if missing): */
+
+PGPOptionListRef 	PGPOOutputFile( PGPContextRef context,
+							PGPFileSpecRef fileRef );
+PGPOptionListRef 	PGPOOutputBuffer( PGPContextRef context,
+							void *buffer, PGPSize bufferSize,
+							PGPSize *outputDataLength );
+PGPOptionListRef 	PGPOOutputDirectory( PGPContextRef context,
+							PGPFileSpecRef fileRef );
+#if PGP_MACINTOSH || PGP_OSX
+PGPOptionListRef 	PGPOOutputFileFSSpec( PGPContextRef context,
+							const struct FSSpec *fileSpec );
+#endif
+
+/* Filepath modifiers (used for Archiving )*/
+
+PGPOptionListRef	PGPORelativePath( PGPContextRef context,
+							PGPFileSpecRef dirRef );
+							
+PGPOptionListRef	PGPORootPath( PGPContextRef context, 
+							PGPFileSpecRef dirRef );
+
+/* '*buffer' must be disposed of via PGPFreeData() */
+/* maximum memory usage will be no more than maximumBufferSize */
+PGPOptionListRef 	PGPOAllocatedOutputBuffer(PGPContextRef context,
+							void **buffer, PGPSize maximumBufferSize,
+							PGPSize *actualBufferSize);
+PGPOptionListRef 	PGPOAppendOutput( PGPContextRef context,
+							PGPBoolean appendOutput );
+PGPOptionListRef 	PGPODiscardOutput( PGPContextRef context,
+							PGPBoolean discardOutput );
+PGPOptionListRef    PGPOAllocatedOutputKeyContainer(PGPContextRef context,
+	                        void **keyContName, PGPSize maximumKeyContNameSize, 
+                            PGPSize *actualKeyContNameSize );
+
+/* Encrypting and signing */
+
+PGPOptionListRef 		PGPOEncryptToKeyDBObj( PGPContextRef context,
+							PGPKeyDBObjRef keyDBObjRef);
+PGPOptionListRef 		PGPOEncryptToKeySet( PGPContextRef context,
+							PGPKeySetRef keySetRef);
+PGPOptionListRef 		PGPOIntegrityProtection( PGPContextRef context,
+							PGPBoolean integrity);
+PGPOptionListRef 		PGPOSignWithKey( PGPContextRef context,
+							PGPKeyDBObjRef keyDBObjRef,
+							PGPOptionListRef firstOption, ...);
+PGPOptionListRef 		PGPOConventionalEncrypt( PGPContextRef context,
+							PGPOptionListRef firstOption,
+								...);
+#undef 					PGPOPassphraseBuffer
+PGPOptionListRef 		PGPOPassphraseBuffer( PGPContextRef context,
+							const PGPChar8 *passphrase,
+							PGPSize passphraseLength);
+#undef					PGPOPassphrase
+PGPOptionListRef 		PGPOPassphrase( PGPContextRef context,
+							const PGPChar8 *passphrase);
+PGPOptionListRef 		PGPOPasskeyBuffer( PGPContextRef context,
+							const void *passkey, PGPSize passkeyLength);
+
+PGPOptionListRef 		PGPOCachePassphrase( PGPContextRef context,
+							PGPUInt32 timeOutSeconds, PGPBoolean globalCache);
+PGPOptionListRef 		PGPOSessionKey( PGPContextRef context,
+							const void *sessionKey, PGPSize sessionKeyLength);
+PGPOptionListRef		PGPOSignedHash( PGPContextRef context,
+							void const *hash, PGPSize hashSize );
+PGPOptionListRef 		PGPOAllowBareESKs( PGPContextRef context,
+							PGPBoolean allowBareESKs );
+PGPOptionListRef 		PGPOAskUserForEntropy( PGPContextRef context,
+							PGPBoolean askUserForEntropy );
+PGPOptionListRef 		PGPORawPGPInput( PGPContextRef context,
+							PGPBoolean rawPGPInput );
+PGPOptionListRef 		PGPOCompression( PGPContextRef context,
+							PGPBoolean compression );
+
+PGPOptionListRef		PGPOLocalEncoding( PGPContextRef context,
+							PGPLocalEncodingFlags localEncode);
+PGPOptionListRef		PGPOOutputLineEndType(PGPContextRef context,
+							PGPLineEndType lineEnd);
+#undef					PGPOPGPMIMEEncoding
+PGPOptionListRef		PGPOPGPMIMEEncoding(PGPContextRef context,
+							PGPBoolean mimeEncoding, PGPSize *mimeBodyOffset,
+							PGPChar8 mimeSeparator[ kPGPMimeSeparatorSize ]);
+PGPOptionListRef		PGPOOmitMIMEVersion( PGPContextRef context,
+							PGPBoolean omitVersion);
+PGPOptionListRef		PGPOX509Encoding( PGPContextRef context,
+							PGPBoolean x509Encoding);
+							
+PGPOptionListRef 		PGPODetachedSig( PGPContextRef context,
+							PGPOptionListRef firstOption,
+								...);
+
+PGPOptionListRef 		PGPOCipherAlgorithm( PGPContextRef context,
+							PGPCipherAlgorithm algorithm);
+PGPOptionListRef 		PGPOHashAlgorithm( PGPContextRef context,
+							PGPHashAlgorithm algorithm);
+PGPOptionListRef 		PGPOCompressionAlgorithm( PGPContextRef context,
+							PGPCompressionAlgorithm algorithm);
+
+PGPOptionListRef 		PGPOFailBelowValidity( PGPContextRef context,
+							PGPValidity minValidity);
+PGPOptionListRef 		PGPOWarnBelowValidity( PGPContextRef context,
+							PGPValidity minValidity);
+
+
+PGPOptionListRef 		PGPOEventHandler( PGPContextRef context,
+							PGPEventHandlerProcPtr eventHandler,
+								PGPUserValue eventHandlerData);
+PGPOptionListRef 		PGPOSendNullEvents( PGPContextRef context,
+							PGPTimeInterval approxInterval);
+	
+PGPOptionListRef 		PGPOArmorOutput( PGPContextRef context,
+							PGPBoolean armorOutput );
+PGPOptionListRef 		PGPODataIsASCII( PGPContextRef context,
+							PGPBoolean dataIsASCII );
+PGPOptionListRef 		PGPOClearSign( PGPContextRef context,
+							PGPBoolean clearSign );
+PGPOptionListRef 		PGPOForYourEyesOnly( PGPContextRef context,
+							PGPBoolean forYourEyesOnly );
+PGPOptionListRef 		PGPOKeyDBRef( PGPContextRef context,
+							PGPKeyDBRef keydbRef);
+
+PGPOptionListRef 		PGPOExportKeySet( PGPContextRef context,
+							PGPKeySetRef keysetRef);
+PGPOptionListRef 		PGPOExportKeyDBObj( PGPContextRef context,
+							PGPKeyDBObjRef keyDBObjRef);
+
+PGPOptionListRef 		PGPOImportKeysTo( PGPContextRef context,
+							PGPKeyDBRef keydbRef);
+PGPOptionListRef 		PGPOSendEventIfKeyFound( PGPContextRef context,
+							PGPBoolean sendEventIfKeyFound );
+PGPOptionListRef 		PGPOPassThroughIfUnrecognized( PGPContextRef context,
+							PGPBoolean passThroughIfUnrecognized );
+PGPOptionListRef 		PGPOPassThroughClearSigned( PGPContextRef context,
+							PGPBoolean passThroughClearSigned );
+PGPOptionListRef 		PGPOPassThroughKeys( PGPContextRef context,
+							PGPBoolean passThroughKeys );
+PGPOptionListRef 		PGPORecursivelyDecode( PGPContextRef context,
+							PGPBoolean recurse );
+
+PGPOptionListRef		PGPOKeyGenParams( PGPContextRef context,
+							PGPPublicKeyAlgorithm pubKeyAlg,
+							PGPUInt32 bits);
+								
+#undef					PGPOKeyGenName
+PGPOptionListRef		PGPOKeyGenName( PGPContextRef context,
+							const void *name, PGPSize nameLength);
+							
+PGPOptionListRef		PGPOCreationDate( PGPContextRef context,
+							PGPTime creationDate);
+PGPOptionListRef		PGPOExpiration( PGPContextRef context,
+							PGPUInt32 expirationDays);
+							
+PGPOptionListRef		PGPOAdditionalRecipientRequestKeySet(
+							PGPContextRef context, 
+							PGPKeySetRef arKeySetRef, PGPByte arkClass);
+								
+PGPOptionListRef		PGPORevocationKeySet(PGPContextRef	context,
+							PGPKeySetRef raKeySetRef);
+
+PGPOptionListRef		PGPOKeyGenMasterKey( PGPContextRef context,
+							PGPKeyDBObjRef masterKeyDBObjRef);
+							
+PGPOptionListRef		PGPOPreferredAlgorithms(
+							PGPContextRef context, 
+							PGPCipherAlgorithm const *prefAlg,
+							PGPUInt32 numAlgs);
+								
+#undef					PGPOPreferredKeyServer
+PGPOptionListRef		PGPOPreferredKeyServer(
+							PGPContextRef context,
+							PGPChar8 const * server );
+								
+PGPOptionListRef		PGPOKeyFeatures( PGPContextRef context,
+							PGPUInt32 features);
+
+PGPOptionListRef		PGPOKeyFlags( PGPContextRef context,
+							PGPUInt32 flags);
+							
+PGPOptionListRef		PGPOKeyServerPreferences( PGPContextRef context,
+							PGPUInt32 preferences);
+							
+PGPOptionListRef		PGPOKeyGenFast( PGPContextRef context,
+							PGPBoolean fastGen);
+						
+PGPOptionListRef		PGPOTokenNumber( PGPContextRef context,
+							PGPUInt32 tokenID);
+#define					PGPOKeyGenOnToken PGPOTokenNumber
+
+PGPOptionListRef        PGPOOutputToken( PGPContextRef context, PGPUInt32 token );
+
+PGPOptionListRef        PGPOKeyContainer( PGPContextRef context, 
+                            const PGPByte *keyContainerName, 
+                            PGPSize keyContainerNameSize );
+							
+PGPOptionListRef		PGPOKeyGenUseExistingEntropy( PGPContextRef context,
+							PGPBoolean useExistingEntropy);
+							
+PGPOptionListRef		PGPOPreferredCompressionAlgorithms(
+							PGPContextRef context, 
+							PGPCompressionAlgorithm const *prefAlg,
+							PGPUInt32 numAlgs);
+
+#undef					PGPOCommentString
+PGPOptionListRef		PGPOCommentString( PGPContextRef context,
+							PGPChar8 const *comment);
+
+#undef					PGPOVersionString
+PGPOptionListRef		PGPOVersionString( PGPContextRef context,
+							PGPChar8 const *version);
+							
+#undef					PGPOFileNameString
+PGPOptionListRef		PGPOFileNameString( PGPContextRef context,
+							PGPChar8 const *fileName);
+							
+#undef					PGPOSigRegularExpression
+PGPOptionListRef		PGPOSigRegularExpression(PGPContextRef context,
+							PGPChar8 const *regularExpression);
+							
+PGPOptionListRef		PGPOExportPrivateKeys( PGPContextRef context,
+							PGPBoolean exportKeys);
+							
+PGPOptionListRef		PGPOExportPrivateSubkeys( PGPContextRef context,
+							PGPBoolean exportSubkeys);
+							
+PGPOptionListRef		PGPOExportFormat(PGPContextRef context,
+							PGPExportFormat exportFormat);
+
+PGPOptionListRef		PGPOExportable( PGPContextRef context,
+							PGPBoolean exportable);
+							
+PGPOptionListRef		PGPOSigTrust( PGPContextRef context,
+							PGPUInt32 trustLevel,
+							PGPUInt32 trustValue);
+
+PGPOptionListRef		PGPOInputFormat( PGPContextRef context,
+							PGPInputFormat inputFormat );
+
+PGPOptionListRef		PGPOOutputFormat( PGPContextRef context,
+							PGPOutputFormat outputFormat );
+
+PGPOptionListRef		PGPOAttributeValue( PGPContextRef context,
+							PGPAttributeValue *attributeValue,
+							PGPUInt32 attributeValueCount);
+
+PGPOptionListRef		PGPOInputTARCache( PGPContextRef context,
+							PGPFileSpecRef cacheFileRef, 
+	   						const PGPByte *sessionKey, 
+							PGPSize sessionKeySize );
+
+PGPOptionListRef		PGPOOutputTARCache( PGPContextRef context,
+							PGPFileSpecRef cacheFileRef );
+
+PGPOptionListRef		PGPOIssueRevocations( PGPContextRef context,
+							PGPBoolean issueRevocations );
+
+PGPOptionListRef		PGPOSMIMEMatchCriterion( PGPContextRef context,
+							PGPSMIMEMatchCriterion criterion );
+
+PGPOptionListRef		PGPOSMIMESigner( PGPContextRef context,
+							PGPKeyDBObjRef signer );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpOptionList_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLConfig.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLConfig.h
new file mode 100644
index 0000000000..8474d66aa0
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLConfig.h
@@ -0,0 +1,52 @@
+/*____________________________________________________________________________
+	pgpPFLConfig.h  (Win32 version)
+	
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file contains the Win32 version of the configuration file
+	normally generated by the automatic configure script on Unix.
+
+	$Id: pgpPFLConfig.h,v 1.3 2002/08/06 20:10:45 dallen Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpPFLConfig_h	/* [ */
+#define Included_pgpPFLConfig_h
+
+#define HAVE_STDARG_H	1
+#define HAVE_STDLIB_H	1
+#define HAVE_SYS_STAT_H	1
+#define HAVE_UNISTD_H	0
+#define HAVE_USHORT		0
+#define HAVE_UINT		0
+#define HAVE_ULONG		0
+#define NO_LIMITS_H		0
+#define NO_POPEN		1
+
+#if  defined( __MWERKS__ )
+
+	#define PGP_HAVE64		0
+	
+	
+#elif defined( _MSC_VER )
+	// wjb-for FileOffsets to be 64 bit
+	#define	PGP_HAVE64 1
+	typedef __int64				PGPInt64;
+	typedef unsigned __int64	PGPUInt64;
+	
+	
+	
+#endif
+
+
+
+
+#endif /* ] Included_pgpPFLConfig_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLErrors.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLErrors.h
new file mode 100644
index 0000000000..f0264cafd0
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPFLErrors.h
@@ -0,0 +1,116 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpPFLErrors.h,v 1.20 2004/04/25 03:31:03 bzhao Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpPFLErrors_h	/* [ */
+#define Included_pgpPFLErrors_h
+
+#include "pgpBase.h"
+
+#define kPGPPFLErrorBase	-12000
+#define kPGPPFLErrorRange	500
+
+enum
+{
+	/*
+	NOTE: error numbers must not be changed as compile clients depend on them.
+	*/
+	
+	kPGPError_NoErr				= 0,
+	
+	kPGPError_BadParams			= -12000,
+	kPGPError_OutOfMemory		= -11999,
+	kPGPError_BufferTooSmall	= -11998,
+	
+	kPGPError_FileNotFound		= -11997,
+	kPGPError_CantOpenFile		= -11996,
+	kPGPError_FilePermissions	= -11995,
+	kPGPError_FileLocked		= -11994,
+	/* Unused					= -11993,	*/
+	kPGPError_IllegalFileOp		= -11992,
+	kPGPError_FileOpFailed		= -11991,
+	kPGPError_ReadFailed		= -11990,
+	kPGPError_WriteFailed		= -11989,
+	kPGPError_EOF				= -11988,
+	
+	kPGPError_UserAbort			= -11987,
+	kPGPError_UnknownRequest	= -11986,
+	kPGPError_LazyProgrammer	= -11985,
+	kPGPError_ItemNotFound		= -11984,
+	kPGPError_ItemAlreadyExists	= -11983,
+	kPGPError_AssertFailed		= -11982,
+	kPGPError_BadMemAddress		= -11981,
+	kPGPError_UnknownError		= -11980,
+	
+	kPGPError_PrefNotFound		= -11979,
+	kPGPError_EndOfIteration	= -11978,
+	kPGPError_ImproperInitialization	= -11977,
+	kPGPError_CorruptData				= -11976,
+	kPGPError_FeatureNotAvailable		= -11975,
+	kPGPError_MatchNotFound				= -11974,
+	kPGPError_ResourceUnavailable		= -11973,
+	kPGPError_InsufficientPrivileges	= -11972,
+	kPGPError_AlreadyInUse				= -11971,
+	kPGPError_Deadlocked				= -11970,
+	kPGPError_NotConnected				= -11969,
+	kPGPError_BufferTooLarge			= -11968,
+	kPGPError_SizeTooLarge				= -11967,
+	
+	kPGPError_DiskFull			= -11960,
+	kPGPError_DiskLocked		= -11959,
+	
+	kPGPError_GraphicsOpFailed	= -11956,
+	kPGPError_MemoryOpFailed	= -11955,
+	kPGPError_NetworkOpFailed	= -11954,
+	kPGPError_SecurityOpFailed	= -11953,
+	kPGPError_StringOpFailed	= -11952,
+	kPGPError_SyncObjOpFailed	= -11951,
+	kPGPError_ThreadOpFailed	= -11950,
+	kPGPError_VolumeOpFailed	= -11949,
+	
+	kPGPError_NTDrvIopOpFailed		= -11947,
+	kPGPError_NTDrvObjectOpFailed	= -11946,
+
+	kPGPError_Win32COMOpFailed		= -11945,
+	kPGPError_Win32CommCtrlOpFailed	= -11944,
+	kPGPError_Win32DllOpFailed		= -11943,
+	kPGPError_Win32RegistryOpFailed	= -11942,
+	kPGPError_Win32ResourceOpFailed	= -11941,
+	kPGPError_Win32WindowOpFailed	= -11940,
+	kPGPError_RPCFailed				= -11939,
+	kPGPError_RPCGarbledMsg			= -11938,
+	kPGPError_NoUnicodeEquivalent	= -11937,
+	
+	kPGPError_NetLARefused = -11936,
+	kPGPError_NetLAMismatch = -11935,
+	kPGPError_NetLATooManyRetrievals = -11934,
+	kPGPError_LNCorrupt	= -11933,
+	kPGPError_LACorrupt	= -11932,
+	kPGPError_LNInvalid	= -11931,
+	kPGPError_NetInvalidProdID = -11930,
+	// PGPwde error code
+	kPGPError_DiskNotFound = -11929,
+	kPGPError_LastPFLError = kPGPPFLErrorBase + kPGPPFLErrorRange - 1
+};
+
+#define IsPGPError( err )		( (err) != kPGPError_NoErr )
+#define IsntPGPError( err )		( (err) == kPGPError_NoErr )
+
+PGP_BEGIN_C_DECLARATIONS
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpPFLErrors_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPubTypes.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPubTypes.h
new file mode 100644
index 0000000000..6082d4bb62
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPubTypes.h
@@ -0,0 +1,350 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpPubTypes.h,v 1.22 2004/04/13 20:50:53 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpPubTypes_h	/* [ */
+#define Included_pgpPubTypes_h
+
+#include "pgpConfig.h"
+#include "pgpBase.h"
+
+/*____________________________________________________________________________
+	General data types used by PGPsdk
+____________________________________________________________________________*/
+
+typedef struct PGPContext *		PGPContextRef;
+typedef struct PGPFileSpec *	PGPFileSpecRef;
+typedef struct PGPOptionList * 	PGPOptionListRef;
+
+/*____________________________________________________________________________
+	Data types used by the key manipulation functions
+____________________________________________________________________________*/
+
+typedef struct PGPKeyDB *		PGPKeyDBRef;
+typedef struct PGPKeyDBObj *	PGPKeyDBObjRef;
+typedef struct PGPKeySet *		PGPKeySetRef;
+typedef struct PGPKeyList *		PGPKeyListRef;
+typedef struct PGPKeyIter *		PGPKeyIterRef;
+typedef struct PGPFilter *		PGPFilterRef;
+
+typedef struct PGPKeyID
+{
+	/* do not attempt to interpret these bytes; they *will* change */
+	PGPByte		opaqueBytes[ 36 ];
+} PGPKeyID;
+
+/*____________________________________________________________________________
+	Data types used by symmetric ciphers, cipher modes, hashing
+____________________________________________________________________________*/
+
+typedef struct PGPHashContext *				PGPHashContextRef;
+typedef struct PGPHMACContext *				PGPHMACContextRef;
+typedef struct PGPPublicKeyContext *		PGPPublicKeyContextRef;
+typedef struct PGPPrivateKeyContext *		PGPPrivateKeyContextRef;
+typedef struct PGPCBCContext *				PGPCBCContextRef;
+typedef struct PGPCFBContext *				PGPCFBContextRef;
+typedef struct PGPSymmetricCipherContext *	PGPSymmetricCipherContextRef;
+
+/*____________________________________________________________________________
+Disk Wiping Patterns	
+____________________________________________________________________________*/
+
+typedef struct PGPWipePatternContext *		PGPWipePatternContextRef;
+
+/*____________________________________________________________________________
+PGP Tar Cache, Objects and Iterators
+____________________________________________________________________________*/
+typedef struct PGPTARCache *				PGPTARCacheRef;
+typedef struct PGPTARCacheIter *			PGPTARCacheIterRef;
+typedef struct PGPTARCacheObj *				PGPTARCacheObjRef;
+  
+/*____________________________________________________________________________
+	Data types used by keyserver code
+____________________________________________________________________________*/
+
+typedef struct PGPKeyServer *	PGPKeyServerRef;
+
+/*____________________________________________________________________________
+	Invalid values for each of the "ref" data types. Use these for assignment
+	and initialization only. Use the PGPXXXRefIsValid macros (below) to test
+	for valid/invalid values.
+____________________________________________________________________________*/
+
+#define	kInvalidPGPContextRef		((PGPContextRef) NULL)
+#define	kInvalidPGPFileSpecRef		((PGPFileSpecRef) NULL)
+#define	kInvalidPGPOptionListRef	((PGPOptionListRef) NULL)
+#define	kInvalidPGPKeyDBRef			((PGPKeyDBRef) NULL)
+#define	kInvalidPGPKeyDBObjRef		((PGPKeyDBObjRef) NULL)
+#define	kInvalidPGPKeySetRef		((PGPKeySetRef) NULL)
+#define	kInvalidPGPKeyListRef		((PGPKeyListRef) NULL)
+#define	kInvalidPGPKeyIterRef		((PGPKeyIterRef) NULL)
+#define	kInvalidPGPFilterRef		((PGPFilterRef) NULL)
+#define	kInvalidPGPKeyServerRef		((PGPKeyServerRef) NULL)
+#define	kInvalidPGPHashContextRef	((PGPHashContextRef) NULL)
+#define	kInvalidPGPHMACContextRef	((PGPHMACContextRef) NULL)
+#define	kInvalidPGPCFBContextRef	((PGPCFBContextRef) NULL)
+#define	kInvalidPGPCBCContextRef	((PGPCBCContextRef) NULL)
+
+#define	kInvalidPGPSymmetricCipherContextRef		\
+			((PGPSymmetricCipherContextRef) NULL)
+#define kInvalidPGPPublicKeyContextRef		\
+			((PGPPublicKeyContextRef) NULL)
+#define kInvalidPGPPrivateKeyContextRef		\
+			((PGPPrivateKeyContextRef) NULL)
+#define	kInvalidPGWipePatternContextRef		\
+            ((PGPWipePatternContextRef) NULL)
+#define	kInvalidPGPTARCacheRef				\
+			((PGPTARCacheRef) NULL)
+#define	kInvalidPGPTARCacheIterRef			\
+			((PGPTARCacheIterRef) NULL)
+#define	kInvalidPGPTARCacheObjRef			\
+			((PGPTARCacheObjRef) NULL)
+
+
+/*____________________________________________________________________________
+	Macros to test for ref validity. Use these in preference to comparing
+	directly with the kInvalidXXXRef values.
+____________________________________________________________________________*/
+
+#define PGPContextRefIsValid( ref )		( (ref) != kInvalidPGPContextRef )
+#define PGPFileSpecRefIsValid( ref )	( (ref) != kInvalidPGPFileSpecRef )
+#define PGPOptionListRefIsValid( ref )	( (ref) != kInvalidPGPOptionListRef )
+#define PGPKeyDBRefIsValid( ref )		( (ref) != kInvalidPGPKeyDBRef )
+#define PGPKeyDBObjRefIsValid( ref )	( (ref) != kInvalidPGPKeyDBObjRef )
+#define PGPKeySetRefIsValid( ref )		( (ref) != kInvalidPGPKeySetRef )
+#define PGPKeyListRefIsValid( ref )		( (ref) != kInvalidPGPKeyListRef )
+#define PGPKeyIterRefIsValid( ref )		( (ref) != kInvalidPGPKeyIterRef )
+#define PGPFilterRefIsValid( ref )		( (ref) != kInvalidPGPFilterRef )
+#define PGPKeyServerRefIsValid( ref )	( (ref) != kInvalidPGPKeyServerRef )
+#define PGPHashContextRefIsValid( ref )	( (ref) != kInvalidPGPHashContextRef )
+#define PGPHMACContextRefIsValid( ref )	( (ref) != kInvalidPGPHMACContextRef )
+#define PGPCFBContextRefIsValid( ref )	( (ref) != kInvalidPGPCFBContextRef )
+#define PGPCBCContextRefIsValid( ref )	( (ref) != kInvalidPGPCBCContextRef )
+
+#define PGPSymmetricCipherContextRefIsValid( ref )				\
+			( (ref) != kInvalidPGPSymmetricCipherContextRef )
+#define PGPPublicKeyContextRefIsValid( ref )				\
+			( (ref) != kInvalidPGPPublicKeyContextRef )
+#define PGPPrivateKeyContextRefIsValid( ref )				\
+			( (ref) != kInvalidPGPPrivateKeyContextRef )
+#define PGPWipePatternContextRefIsValid( ref )				\
+           ( (ref) != kInvalidPGWipePatternContextRef )
+ #define PGPTARCacheRefIsValid( ref )						\
+			( (ref) != kInvalidPGPTARCacheRef )
+#define PGPTARCacheObjRefIsValid( ref )						\
+			( (ref) != kInvalidPGPTARCacheObjRef )
+#define PGPTARCacheIterRefIsValid( ref)						\
+			( (ref) != kInvalidPGPTARCacheIterRef )
+
+/*____________________________________________________________________________
+	Symmetric Ciphers
+____________________________________________________________________________*/
+
+enum PGPCipherAlgorithm_
+{
+	kPGPCipherAlgorithm_None		= 0,
+	kPGPCipherAlgorithm_IDEA		= 1,
+	kPGPCipherAlgorithm_3DES		= 2,
+	kPGPCipherAlgorithm_CAST5		= 3,
+	kPGPCipherAlgorithm_Blowfish	= 4,
+	kPGPCipherAlgorithm_AES128		= 7,
+	kPGPCipherAlgorithm_AES192		= 8,
+	kPGPCipherAlgorithm_AES256		= 9,
+	kPGPCipherAlgorithm_Twofish256	= 10,
+	
+	PGP_ENUM_FORCE( PGPCipherAlgorithm_ )
+};
+PGPENUM_TYPEDEF( PGPCipherAlgorithm_, PGPCipherAlgorithm );
+
+/*____________________________________________________________________________
+	Hash algorithms
+____________________________________________________________________________*/
+
+enum PGPHashAlgorithm_
+{
+	kPGPHashAlgorithm_Invalid		= 0,
+	kPGPHashAlgorithm_MD5			= 1,
+	kPGPHashAlgorithm_SHA			= 2,
+	kPGPHashAlgorithm_RIPEMD160		= 3,
+	kPGPHashAlgorithm_SHA256		= 8,	/* from draft-ietf-openpgp-rfc2440bis-03.txt */
+	kPGPHashAlgorithm_SHA384		= 9,
+	kPGPHashAlgorithm_SHA512		= 10,
+
+	PGP_ENUM_FORCE( PGPHashAlgorithm_ )
+};
+PGPENUM_TYPEDEF( PGPHashAlgorithm_, PGPHashAlgorithm );
+
+/*____________________________________________________________________________
+	Public/Private key algorithms
+____________________________________________________________________________*/
+enum PGPPublicKeyAlgorithm_
+{
+#ifdef __MVS__
+	kPGPPublicKeyAlgorithm_Invalid			= -1,
+#else
+	kPGPPublicKeyAlgorithm_Invalid			= 0xFFFFFFFF,
+#endif
+	kPGPPublicKeyAlgorithm_RSA				= 1,
+	kPGPPublicKeyAlgorithm_RSAEncryptOnly	= 2,
+	kPGPPublicKeyAlgorithm_RSASignOnly		= 3,
+	kPGPPublicKeyAlgorithm_ElGamal			= 0x10, /* A.K.A.Diffie-Hellman */
+	kPGPPublicKeyAlgorithm_DSA				= 0x11,
+	kPGPPublicKeyAlgorithm_ECEncrypt		= 0x12,
+	kPGPPublicKeyAlgorithm_ECSign			= 0x13,
+	
+	PGP_ENUM_FORCE( PGPPublicKeyAlgorithm_ )
+};
+PGPENUM_TYPEDEF( PGPPublicKeyAlgorithm_, PGPPublicKeyAlgorithm );
+
+/*____________________________________________________________________________
+	Trust values, used to set validity values
+____________________________________________________________________________*/
+
+#define kPGPKeyTrust_Mask       	0x7u
+#define kPGPKeyTrust_Undefined		0x0u
+#define kPGPKeyTrust_Unknown		0x1u
+#define kPGPKeyTrust_Never			0x2u
+#define kPGPKeyTrust_Marginal		0x5u
+#define kPGPKeyTrust_Complete		0x6u
+#define kPGPKeyTrust_Ultimate		0x7u
+
+#define kPGPUserIDTrust_Mask		0x3u
+#define kPGPUserIDTrust_Unknown		0x0u
+#define kPGPUserIDTrust_Untrusted	0x1u
+#define kPGPUserIDTrust_Marginal	0x2u
+#define kPGPUserIDTrust_Complete	0x3u
+
+/*____________________________________________________________________________
+	Validity levels, used for thresholds in options
+____________________________________________________________________________*/
+
+enum PGPValidity_
+{
+	kPGPValidity_Unknown	= kPGPUserIDTrust_Unknown,
+	kPGPValidity_Invalid	= kPGPUserIDTrust_Untrusted,
+	kPGPValidity_Marginal	= kPGPUserIDTrust_Marginal,
+	kPGPValidity_Complete	= kPGPUserIDTrust_Complete,
+
+	PGP_ENUM_FORCE( PGPValidity_ )
+} ;
+PGPENUM_TYPEDEF( PGPValidity_, PGPValidity );
+
+/*____________________________________________________________________________
+	Line endings types
+____________________________________________________________________________*/
+
+enum PGPLineEndType_
+{
+	kPGPLineEnd_Default	= 0,
+	kPGPLineEnd_LF		= 1,
+	kPGPLineEnd_CR		= 2,
+	kPGPLineEnd_CRLF	= (kPGPLineEnd_LF | kPGPLineEnd_CR),
+	
+	PGP_ENUM_FORCE( PGPLineEndType_ )
+};
+PGPENUM_TYPEDEF( PGPLineEndType_, PGPLineEndType );
+
+/*____________________________________________________________________________
+	Local encoding types
+	
+	Only one of Force or Auto should be used. The other values are modifiers
+____________________________________________________________________________*/
+
+#define kPGPLocalEncoding_None				0x0	/* nothing on */
+#define kPGPLocalEncoding_Force				0x01
+#define kPGPLocalEncoding_Auto				0x02
+#define kPGPLocalEncoding_NoMacBinCRCOkay	0x04
+
+typedef PGPFlags	PGPLocalEncodingFlags;
+
+
+/* max length is 255; the +1 is for the trailing \0 */
+#define kPGPMaxUserIDSize		( (PGPSize)255 + 1 )
+
+/* Size of buffer for PGP-MIME separator (null terminated) */
+#define kPGPMimeSeparatorSize	81
+
+enum PGPTokenProperty_
+{
+	kPGPTokenProperty_Invalid 				= 0,
+	
+	/* boolean properties */	
+	kPGPTokenProperty_DirectAuth 			= 1,
+	
+	/* numeric properties */
+	kPGPTokenProperty_KeyGenAlgorithm		= 100,
+	kPGPTokenProperty_PrivateKeys			= 101,
+	kPGPTokenProperty_PublicKeys			= 102,
+	kPGPTokenProperty_SlotID				= 103,
+	kPGPTokenProperty_MinPINSize			= 104,
+	kPGPTokenProperty_MaxPINSize			= 105,
+	kPGPTokenProperty_MinKeySize			= 106,
+	kPGPTokenProperty_MaxKeySize			= 107,
+
+	/* string / data properties */
+	kPGPTokenProperty_SerialNumber			= 500,
+	kPGPTokenProperty_Model					= 501,
+	kPGPTokenProperty_ManufacturerID		= 502,
+	kPGPTokenProperty_TokenLabel			= 503,
+	
+    PGP_ENUM_FORCE( PGPTokenProperty_ )
+};
+PGPENUM_TYPEDEF( PGPTokenProperty_, PGPTokenProperty );
+
+/* Token capabilities / information. 4 byte packing. 
+ * Deprecated, use PGPTokenInfoGet*() with PGPTokenProperty
+ * 
+ */
+typedef struct _PGPTokenInfo  {
+	/* The size of the structure, including this field.
+	   Must be the first field */
+	PGPUInt32   size;
+
+	/* Identification information */
+	PGPByte     manufacturerID[32];
+	PGPByte     model[16];
+	PGPByte     serialNumber[16];
+
+	PGPBoolean	bRsa;
+	PGPUInt32	minRsaKeySize;
+	PGPUInt32	maxRsaKeySize;
+
+	/* General capabilities */
+	PGPUInt32   minPinLen;
+	PGPUInt32   maxPinLen;
+
+	/* Number of objects */
+	PGPUInt32	numPrivKeys;	/* Possibly, non-PGP keys */
+	PGPUInt32	numPubKeys;		/* Possibly, non-PGP keys */
+
+	PGPByte		reserved[4];
+} PGPTokenInfo;
+
+/*____________________________________________________________________________
+	Compression algorithms	
+____________________________________________________________________________*/
+
+enum PGPCompressionAlgorithm_
+{
+	kPGPCompressionAlgorithm_None		= 0,
+	kPGPCompressionAlgorithm_ZIP		= 1,
+	kPGPCompressionAlgorithm_ZLIB		= 2,
+	kPGPCompressionAlgorithm_BZIP2		= 3,
+	
+	PGP_ENUM_FORCE( PGPCompressionAlgorithm_ )
+};
+PGPENUM_TYPEDEF( PGPCompressionAlgorithm_, PGPCompressionAlgorithm );
+
+#endif /* ] Included_pgpPubTypes_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPublicKey.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPublicKey.h
new file mode 100644
index 0000000000..8ed1adc9ae
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpPublicKey.h
@@ -0,0 +1,207 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpPublicKey.h,v 1.9 2003/10/03 00:38:40 vinnie Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpPublicKey_h	/* [ */
+#define Included_pgpPublicKey_h
+
+#include "pgpPubTypes.h"
+#include "pgpOptionList.h"
+
+/*____________________________________________________________________________
+	Encryption/Signature Message Formats
+____________________________________________________________________________*/
+
+enum PGPPublicKeyMessageFormat_
+{
+	kPGPPublicKeyMessageFormat_PGP		= 1,
+	kPGPPublicKeyMessageFormat_PKCS1	= 2,
+	kPGPPublicKeyMessageFormat_X509		= 3,
+	kPGPPublicKeyMessageFormat_IKE		= 4,
+
+	kPGPPublicKeyMessageFormat_PKCS1_OAEP = 5,	/* default is MGF1 with SHA1 */
+
+	PGP_ENUM_FORCE( PGPPublicKeyMessageFormat_ )
+};
+PGPENUM_TYPEDEF( PGPPublicKeyMessageFormat_, PGPPublicKeyMessageFormat );
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Public-key operations
+
+	Return a context for public-key operations based on the specified key.
+	The specified message format is used for all operations with this
+	context.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewPublicKeyContext( PGPKeyDBObjRef publicKeyDBObjRef,
+					PGPPublicKeyMessageFormat messageFormat,
+					PGPPublicKeyContextRef *outRef );
+					
+/*____________________________________________________________________________
+	Dispose of a public-key context.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreePublicKeyContext( PGPPublicKeyContextRef ref );
+
+/*____________________________________________________________________________
+	Determine maximum sizes for inputs and outputs.
+____________________________________________________________________________*/
+
+PGPError	PGPGetPublicKeyOperationSizes( PGPPublicKeyContextRef ref,
+					PGPSize *maxDecryptedBufferSize,
+					PGPSize *maxEncryptedBufferSize,
+					PGPSize *maxSignatureSize );
+
+/*____________________________________________________________________________
+	Encrypt one block of data, using PKCS-1 padding.  Output buffer must
+	be of size maxEncryptedBufferSize from PGPGetPublicKeyEncryptionSize.
+	outSize is a return parameter.  For some formatting modes the actual
+	output size may be less than the maximum possible.
+____________________________________________________________________________*/
+
+PGPError	PGPPublicKeyEncrypt( PGPPublicKeyContextRef ref,
+					void const *in, PGPSize inSize, void *out,
+					PGPSize *outSize );
+
+/*____________________________________________________________________________
+	Verify a signature on a message hash.  Returns kPGPError_NoErr on
+	correct verification, else an error code.  The message hash is
+	finalized and freed by this call (and should not have been finalized
+	prior to the call).
+____________________________________________________________________________*/
+	
+PGPError	PGPPublicKeyVerifySignature( PGPPublicKeyContextRef ref,
+					PGPHashContextRef hashContext, void const *signature,
+					PGPSize signatureSize );
+
+/*____________________________________________________________________________
+	Verify a signature on a low-level buffer.  Returns kPGPError_NOErr
+	correct verification, else an error code.  Not valid with
+    kPGPPublicKeyMessageFormat_PGP contexts.
+____________________________________________________________________________*/
+
+PGPError	PGPPublicKeyVerifyRaw( PGPPublicKeyContextRef ref,
+					void const *signedData, PGPSize signedDataSize,
+					void const *signature, PGPSize signatureSize );
+
+/*____________________________________________________________________________
+	Private-key operations
+
+	Return a context for private-key operations based on the specified
+	key (which must have a private part).  The specified message
+	format is used for all operations with this context.  Unlocks key
+	data using passphrase.
+____________________________________________________________________________*/
+	
+PGPError	PGPNewPrivateKeyContext( PGPKeyDBObjRef privateKeyDBObjRef,
+					PGPPublicKeyMessageFormat messageFormat,
+					PGPPrivateKeyContextRef *outRef,
+					PGPOptionListRef firstOption, ...);
+
+/*____________________________________________________________________________
+	Dispose of a private-key context.  All sensitive data is wiped before
+	being deleted.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreePrivateKeyContext( PGPPrivateKeyContextRef ref );
+
+/*____________________________________________________________________________
+	Determine maximum sizes for inputs and outputs.
+____________________________________________________________________________*/
+
+PGPError	PGPGetPrivateKeyOperationSizes( PGPPrivateKeyContextRef ref,
+					PGPSize *maxDecryptedBufferSize,
+					PGPSize *maxEncryptedBufferSize,
+					PGPSize *maxSignatureSize);
+
+/*____________________________________________________________________________
+	Decrypt one block of data.  Output buffer must be of size at least
+	maxDecryptedBufferSize from PGPGetPrivateKeyDecryptionSize.
+	outSize is a return parameter.  For some formatting modes the actual
+	output size may be less than the maximum possible.
+____________________________________________________________________________*/
+
+PGPError	PGPPrivateKeyDecrypt( PGPPrivateKeyContextRef ref, void const *in,
+					PGPSize inSize, void *out, PGPSize *outSize );
+
+/*____________________________________________________________________________
+	Sign a message hash.  Output signature buffer must be of size at
+	least maxSignatureSize from PGPGetPrivateKeyDecryptionSize.
+	signatureSize is a return parameter.  For some formatting modes
+	the actual signature size may be less than the maximum possible.
+	The message hash is finalized and freed by this call (and should
+	not have been finalized prior to the call).
+____________________________________________________________________________*/
+	
+PGPError	PGPPrivateKeySign( PGPPrivateKeyContextRef ref,
+					PGPHashContextRef hashContext, void *signature,
+					PGPSize *signatureSize );
+
+/*____________________________________________________________________________
+	Sign a low level signedData buffer.  Output signature buffer must be
+    of size at least maxSignatureSize from PGPGetPrivateKeyDecryptionSize.
+	signatureSize is a return parameter.  Not valid with
+    kPGPPublicKeyMessageFormat_PGP contexts.
+____________________________________________________________________________*/
+
+PGPError	PGPPrivateKeySignRaw( PGPPrivateKeyContextRef ref,
+					void const *signedData, PGPSize signedDataSize,
+					void *signature, PGPSize *signatureSize );
+
+/*____________________________________________________________________________
+	Miscellaneous operations
+____________________________________________________________________________*/
+
+/*____________________________________________________________________________
+	Given the size of a prime modulus in bits, this returns an appropriate
+	size for an exponent in bits, such that the work factor to find a
+	discrete log modulo the modulus is approximately equal to half the
+	length of the exponent.  This makes the exponent an appropriate size
+	for a subgroup in a discrete log signature scheme.  For encryption
+	schemes, where decryption attacks can be stealthy and undetected, we
+	use 3/2 times the returned exponent size.
+____________________________________________________________________________*/
+
+PGPError	PGPDiscreteLogExponentBits( PGPUInt32 modulusBits,
+					PGPUInt32 *exponentBits );
+
+
+/*____________________________________________________________________________
+    Low level Function used for verifying FIPS 186-2 DSA signatures
+    using P, Q, G, Y key values.  
+____________________________________________________________________________*/
+
+PGPError 	PGPDSAKeyVerifyRaw(
+				   PGPContextRef   context,
+				   PGPByte const*	P,
+				   PGPSize 			PLen,
+				   PGPByte const*	Q,
+				   PGPSize 			QLen,
+				   PGPByte const*	G,
+				   PGPSize 			GLen,
+				   PGPByte const*	Y,
+				   PGPSize 			YLen,
+				   PGPByte const*	sig,
+				   PGPSize         	sigLen,
+				   PGPByte const * 	hash,
+				   PGPSize         	hashLen);
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpPublicKey_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpRandomPool.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpRandomPool.h
new file mode 100644
index 0000000000..b965b498d3
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpRandomPool.h
@@ -0,0 +1,46 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpRandomPool.h,v 1.7 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpRandomPool_h	/* [ */
+#define Included_pgpRandomPool_h
+
+#include "pgpBase.h"
+#include "pflTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+PGPError	PGPSetRandSeedFile( PFLFileSpecRef randSeedFile );
+
+PGPUInt32 	PGPGlobalRandomPoolAddKeystroke( PGPInt32 event);
+PGPUInt32 	PGPGlobalRandomPoolMouseMoved(void);
+PGPError	PGPGlobalRandomPoolAddSystemState(void);
+PGPBoolean	PGPGlobalRandomPoolHasIntelRNG(void);
+
+/* Extra functions for entropy estimation */
+PGPUInt32 	PGPGlobalRandomPoolGetEntropy( void );
+PGPUInt32 	PGPGlobalRandomPoolGetSize( void );
+PGPUInt32	PGPGlobalRandomPoolGetMinimumEntropy( void );
+PGPBoolean	PGPGlobalRandomPoolHasMinimumEntropy( void );
+
+
+#if PGP_DEPRECATED
+PGPUInt32 	PGPGlobalRandomPoolAddMouse( PGPUInt32 x, PGPUInt32 y);
+#endif
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpRandomPool_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpReconstruct.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpReconstruct.h
new file mode 100644
index 0000000000..756a19619e
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpReconstruct.h
@@ -0,0 +1,117 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpReconstruct.h,v 1.1 2003/12/29 08:12:20 wprice Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpReconstruct_h	/* [ */
+#define Included_pgpReconstruct_h
+
+#include "pgpPubTypes.h"
+#include "pgpKeyServer.h"
+
+#define kPGPRecon_NumShares			5
+#define kPGPRecon_Threshold			3
+#define kPGPRecon_MaxPromptLen		( 96 - 1 )
+#define kPGPRecon_MaxURLLen			( 256 - 1 )
+#define kPGPRecon_MaxPassLen		( 256 - 1 )
+#define kPGPRecon_MaxUserNameLen	( 128 - 1 )
+#define kPGPRecon_MaxPasswordLen	( 128 - 1 )
+
+
+typedef struct PGPReconContext *			PGPReconContextRef;
+
+#define	kInvalidPGPReconContextRef			((PGPReconContextRef) NULL)
+#define PGPReconContextRefIsValid( ref )	( (ref) != kInvalidPGPReconContextRef )
+
+typedef char PGPReconPrompts[kPGPRecon_NumShares][kPGPRecon_MaxPromptLen + 1];
+
+typedef char PGPReconPasses[kPGPRecon_NumShares][kPGPRecon_MaxPassLen + 1];
+
+typedef PGPError (*PGPReconstructEventHandler)(PGPContextRef recon,
+				PGPEvent *event, PGPUserValue userValue);
+
+/*	inAuthUser and inAuthPass are not needed if the server class
+	is kPGPKeyServerClass_PGP.	*/
+	PGPError
+PGPNewReconstruct(
+	PGPKeyDBObjRef				inTargetKey,
+	PGPUTF8						*inAuthUser,		/* can be NULL */
+	PGPUTF8						*inAuthPass,		/* can be NULL */
+	PGPReconstructEventHandler	inHandler,
+	PGPUserValue				inUserValue,
+	PGPReconContextRef			*outRef );
+
+/*	This is only needed if you have to change the event handler after
+	allocating the PGPReconContextRef */
+	PGPError
+PGPSetReconstructionEventHandler(
+	PGPReconContextRef			reconRef,
+	PGPReconstructEventHandler	inHandler,
+	PGPUserValue				inUserValue );
+	
+
+/*	I don't think it makes sense to support split keys for reconstruction,
+	so we only take a passphrase below */
+	PGPError
+PGPMakeReconstruction(
+	PGPReconContextRef			reconRef,
+	PGPReconPrompts 			inPromptInfo,
+	PGPReconPasses				inPassInfo,
+	PGPUTF8						*inPassphrase );
+
+	PGPError
+PGPGetReconstruction(
+	PGPReconContextRef			reconRef,
+	PGPByte 					**reconData,	/* must be freed by caller */
+	PGPSize 					*reconDataSize );
+
+	PGPError
+PGPSendReconstruction(
+	PGPReconContextRef			reconRef );
+
+	PGPError
+PGPGetReconstructionPrompts(
+	PGPReconContextRef			reconRef,
+	PGPReconPrompts				outPromptInfo );
+
+	PGPError
+PGPGetReconstructionData(
+	PGPReconContextRef			reconRef,
+	PGPReconPasses				inPassInfo,
+	PGPByte						**outReconData,	/* must be freed by caller */
+	PGPSize						*outReconSize );
+
+/*	Reconstructed private key will be returned in
+	outReconstructedKey if successful.  The imported
+	key will have no passphrase and thus the user must
+	then be forced to choose a new passphrase.		*/
+	PGPError
+PGPReconstruct(
+	PGPReconContextRef			reconRef,
+	PGPReconPasses				inPassInfo,
+	PGPByte						*inReconData,
+	PGPSize						inReconDataSize,
+	PGPKeyDBRef					*outReconstructedKey );
+
+	PGPError
+PGPFreeReconstruct(
+	PGPReconContextRef			reconRef );
+
+	PGPError
+PGPSetReconstructionServerURL(
+	PGPReconContextRef			reconRef,
+	PGPUTF8						*pszServerURL,
+	PGPKeyServerClass			dwServerType );
+
+#endif /* ] Included_pgpReconstruct_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSECSH.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSECSH.h
new file mode 100644
index 0000000000..4a964f40ed
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSECSH.h
@@ -0,0 +1,308 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpSECSH.h,v 1.5 2002/08/06 20:11:16 dallen Exp $
+____________________________________________________________________________*/
+#ifndef Included_PGPsecsh_h	/* [ */
+#define Included_PGPsecsh_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+
+/* Message Types */
+#define	kPGPsecsh_Msg_None						0
+#define	kPGPsecsh_Msg_Disconnect				1
+#define	kPGPsecsh_SMsg_PublicKey				2
+#define	kPGPsecsh_CMsg_SessionKey				3
+#define	kPGPsecsh_CMsg_User						4
+#define	kPGPsecsh_CMsg_AuthRHosts				5
+#define	kPGPsecsh_CMsg_AuthRSA					6
+#define	kPGPsecsh_SMsg_AuthRSAChallenge			7
+#define	kPGPsecsh_CMsg_AuthRSAResponse			8
+#define	kPGPsecsh_CMsg_AuthRSAPassword			9
+#define	kPGPsecsh_CMsg_RequestPTY				10
+#define	kPGPsecsh_CMsg_WindowSize				11
+#define	kPGPsecsh_CMsg_ExecShell				12
+#define	kPGPsecsh_CMsg_ExecCommand				13
+#define	kPGPsecsh_SMsg_Success					14
+#define	kPGPsecsh_SMsg_Failure					15
+#define	kPGPsecsh_CMsg_StdinData				16
+#define	kPGPsecsh_SMsg_StdoutData				17
+#define	kPGPsecsh_SMsg_StderrData				18
+#define	kPGPsecsh_CMsg_EOF						19
+#define	kPGPsecsh_SMsg_ExitStatus				20
+#define	kPGPsecsh_Msg_ChannelOpenConfirm		21
+#define	kPGPsecsh_Msg_ChannelOpenFailure		22
+#define	kPGPsecsh_Msg_ChannelData				23
+#define	kPGPsecsh_Msg_ChannelClose				24
+#define	kPGPsecsh_Msg_ChannelCloseConfirm		25
+#define	kPGPsecsh_SMsg_X11Open					27
+#define	kPGPsecsh_CMsg_PortForwardRequest		28
+#define	kPGPsecsh_Msg_PortOpen					29
+#define	kPGPsecsh_CMsg_AgentRequestForwarding	30
+#define	kPGPsecsh_SMsg_AgentOpen				31
+#define	kPGPsecsh_Msg_Ignore					32
+#define	kPGPsecsh_CMsg_ExitConfirm				33
+#define	kPGPsecsh_CMsg_X11RequestForwarding		34
+#define	kPGPsecsh_CMsg_AuthRHostsRSA			35
+#define	kPGPsecsh_SMsg_Debug					36
+#define	kPGPsecsh_CMsg_RequestCompression		37
+#define	kPGPsecsh_CMsg_MaxPacketSize			38
+#define	kPGPsecsh_CMsg_AuthTIS					39
+#define	kPGPsecsh_SMsg_AuthTISChallenge			40
+#define	kPGPsecsh_CMsg_AuthTISResponse			41
+#define	kPGPsecsh_CMsg_AuthKerberos				42
+#define	kPGPsecsh_SMsg_AuthKerberosResponse		43
+#define	kPGPsecsh_CMsg_HaveKerberosTgt			44
+
+
+typedef struct PGPsecshContext *			PGPsecshContextRef;
+typedef const struct PGPsecshContext *		PGPsecshConstContextRef;
+
+#define	kInvalidPGPsecshContextRef			((PGPsecshContextRef) NULL)
+#define PGPsecshContextRefIsValid( ref )	( (ref) != kInvalidPGPsecshContextRef )
+
+typedef struct PGPsecshSession *			PGPsecshSessionRef;
+typedef const struct PGPsecshSession *		PGPsecshConstSessionRef;
+
+#define	kInvalidPGPsecshSessionRef			((PGPsecshSessionRef) NULL)
+#define PGPsecshSessionRefIsValid( ref )	( (ref) != kInvalidPGPsecshSessionRef )
+
+
+typedef PGPFlags		PGPsecshFlags;
+#define kPGPsecshFlags_ServerSide				0x01
+#define kPGPsecshFlags_ClientSide				0x02
+#define kPGPsecshFlags_NonBlockingIO			0x04
+
+typedef PGPFlags		PGPsecshProtocolFlags;
+#define kPGPsecshProtocolFlags_ScreenNumber				0x01
+#define kPGPsecshProtocolFlags_HostInFwdOpen			0x02
+
+enum PGPsecshProtocolState_
+{
+	kPGPsecsh_IdleState				= 0,
+	kPGPsecsh_FatalErrorState		= 1,
+	kPGPsecsh_ClosedState			= 2,
+	kPGPsecsh_HandshakeState		= 3,
+	kPGPsecsh_ReadyState			= 4,
+
+	PGP_ENUM_FORCE( PGPsecshProtocolState_ )
+};
+PGPENUM_TYPEDEF( PGPsecshProtocolState_, PGPsecshProtocolState );
+
+enum PGPsecshAlert_
+{
+	kPGPsecsh_AT_CloseNotify			= 0,
+	kPGPsecsh_AT_UnexpectedMessage		= 10,	/* FATAL */
+	kPGPsecsh_AT_BadRecordCRC			= 20,	/* FATAL */
+	kPGPsecsh_AT_DecryptionFailed		= 21,	/* FATAL */
+	kPGPsecsh_AT_RecordOverflow			= 22,	/* FATAL */
+	kPGPsecsh_AT_DecompressionFailure	= 30,	/* FATAL */
+	kPGPsecsh_AT_HandshakeFailure		= 40,	/* FATAL */
+	kPGPsecsh_AT_IDFailure				= 41,
+	kPGPsecsh_AT_UnsupportedVersion		= 42,
+	kPGPsecsh_AT_UnsupportedCert		= 43,
+	kPGPsecsh_AT_CertRevoked			= 44,
+	kPGPsecsh_AT_CertExpired			= 45,
+	kPGPsecsh_AT_CertUnknown			= 46,
+	kPGPsecsh_AT_IllegalParameter		= 47,	/* FATAL */
+	kPGPsecsh_AT_UnknownCA				= 48,	/* FATAL */
+	kPGPsecsh_AT_AccessDenied			= 49,	/* FATAL */
+	kPGPsecsh_AT_DecodeError			= 50,	/* FATAL */
+	kPGPsecsh_AT_DecryptError			= 51,
+	kPGPsecsh_AT_ExportRestriction		= 60,	/* FATAL */
+	kPGPsecsh_AT_ProtocolVersion		= 70,	/* FATAL */
+	kPGPsecsh_AT_InsufficientSecurity	= 71,	/* FATAL */
+	kPGPsecsh_AT_InternalError			= 80,	/* FATAL */
+	kPGPsecsh_AT_UserCancelled			= 90,
+	kPGPsecsh_AT_NoRenegotiation		= 100,
+	
+	kPGPsecsh_AT_None					= 255,
+
+	PGP_ENUM_FORCE( PGPsecshAlert_ )
+};
+PGPENUM_TYPEDEF( PGPsecshAlert_, PGPsecshAlert );
+
+/* The Send and Receive function pointers should return
+	kPGPError_SECSHWouldBlock when the socket is non-blocking and the
+	call would block.  The Send and Receive functions passed in will
+	need to translate the platform-specific socket error in appropriate
+	cases by using calls such as WSAGetLastError() on Win32.  Remember
+	to call PGPsecshSendQueueIdle for non-blocking sockets also if
+	kPGPError_SECSHWouldBlock is returned from a send on a non-blocking
+	socket. */
+
+typedef PGPInt32 (* PGPsecshReceiveProcPtr)(void *inData, void *outBuffer,
+											PGPInt32 inBufferSize);
+typedef PGPInt32 (* PGPsecshSendProcPtr)(void *inData, const void *inBuffer,
+											PGPInt32 inBufferLength);
+
+
+PGPError 	PGPNewSECSHContext( PGPContextRef context,
+					PGPsecshContextRef *outRef );
+
+PGPError 	PGPFreeSECSHContext( PGPsecshContextRef ref );
+
+/*____________________________________________________________________________
+	The following function activates or deactivates the session key cache
+	for SECSH sessions.  This defaults to on but can be deactivated with this
+	function to force all connections to proceed through the entire
+	handshake.
+____________________________________________________________________________*/
+PGPError	PGPsecshSetCache( PGPsecshContextRef ref, PGPBoolean useCache );
+
+PGPError	PGPsecshClearCache( PGPsecshContextRef ref );
+
+PGPError	PGPNewSECSHSession( PGPsecshContextRef ref, PGPsecshSessionRef *outRef );
+
+PGPError 	PGPFreeSECSHSession( PGPsecshSessionRef ref );
+
+PGPError	PGPCopySECSHSession( PGPsecshSessionRef ref, PGPsecshSessionRef *outRef );
+
+/* Default options are: client side, no protocol flags */
+PGPError	PGPsecshSetProtocolOptions( PGPsecshSessionRef ref,
+					PGPsecshFlags 			options,
+					PGPsecshProtocolFlags	pflags );
+					
+
+/*____________________________________________________________________________
+	The following function must be called to cleanly close a SECSH
+	connection.  If it is not called, the session will not be able
+	to be resumed from the session cache.
+	
+	In the event the application determines any problem with the
+	connection such as the remote key not being valid, call this
+	function with dontCache set to true in order to not cache the
+	session keys.
+____________________________________________________________________________*/
+PGPError	PGPsecshClose( PGPsecshSessionRef	ref,
+					PGPBoolean				dontCache );
+
+/*____________________________________________________________________________
+	The following function must be called to initiate the PGPsecsh session.
+	Once a SECSH session has been assigned to a socket, no data can be sent
+	over that socket by the application until the handshake is completed.
+	Handshake completion is indicated by completion of this call without
+	error or by checking the state of the PGPsecshSession.  It will be
+	kPGPsecsh_ReadyState when the application layer may send and receive
+	data securely.
+	
+	This function performs all negotiation of the SECSH connection.
+____________________________________________________________________________*/
+PGPError	PGPsecshHandshake( PGPsecshSessionRef ref );
+
+/*____________________________________________________________________________
+	The following function sets the local private authenticating key,
+	as well as other relevant data.
+	
+	The passphrase, key etc. are retained in memory.
+	It is an error not to specify a key.
+	This function must be passed either PGPOPassphrase or PGPOPasskeyBuffer.
+	inKeyObject must be in a PGP private key.  inHostKeys should be a keyset
+	where the host key of the remote system is found, if we are checking
+	for consistency of that key.  See PGPsecshGetRemoteAuthenticatedKey
+	for how to learn what host key was used.
+	inUserName is used to log in on the remote system.
+	inHostName is used for the username on the host key if it isn't found
+	on the inHostKeys keyset.
+____________________________________________________________________________*/
+PGPError	PGPsecshSetLocalPrivateKey( PGPsecshSessionRef ref,
+					char *				inUserName,
+					PGPKeyDBObjRef		inKeyObject,
+					char *				inHostName,
+					PGPKeySetRef		inHostKeys,
+					PGPOptionListRef	firstOption, ... );
+					
+/*____________________________________________________________________________
+	The following function gets the authenticated remote host key after a
+	successful handshake.  You can call this function after a successful
+	handshake to verify that the remote key is authorized to make the
+	connection.  The key returned will be on the inHostKeys keyset if it
+	matched one of the keys there; if it is a new host key which was not
+	in that keyset then it will be in a keyset & keydb of its own.
+____________________________________________________________________________*/
+PGPError	PGPsecshGetRemoteAuthenticatedKey( PGPsecshSessionRef ref,
+					PGPKeyDBObjRef *outKey,
+					PGPKeyDBRef *	outKeyDB );
+
+/*____________________________________________________________________________
+	The following function exports a PGP key in SECSH format.  The resulting
+	line can be copied into the SECSH host file.  inKey is the key to
+	export, and inUserName is the name which is put at the end of the line,
+	which is used only as a convenient label by SECSH software.
+	The data is returned in a null-terminated allocated buffer which the
+	caller should free.
+____________________________________________________________________________*/
+	PGPError
+PGPsecshExportPublicKey(
+					PGPKeyDBObjRef			inKey,
+					char *					inUserName,
+					char **					outBuffer,
+					PGPSize *				outLength);
+
+/*____________________________________________________________________________
+	The following two functions process data through SECSH.
+	
+	It is an error to call these functions without having set a
+	Read function pointer or Write function pointer.
+____________________________________________________________________________*/
+PGPError	PGPsecshReceive( PGPsecshSessionRef ref,
+					PGPByte *		outType,
+					void **			outBuffer,
+					PGPSize *		bufferSize );
+
+PGPError	PGPsecshSend( PGPsecshSessionRef ref,
+					PGPByte			pktType,
+					const void *	inBuffer,
+					PGPSize 		inBufferLength );
+					
+/*____________________________________________________________________________
+	The following two functions set the callbacks which do the actual I/O.
+
+	The inData parameter is passed to the callback and may be e.g. a socket
+	handle.
+____________________________________________________________________________*/
+PGPError	PGPsecshSetReceiveCallback( PGPsecshSessionRef	ref,
+					PGPsecshReceiveProcPtr	secshReceiveProc,
+					void *					inData );
+
+PGPError	PGPsecshSetSendCallback( PGPsecshSessionRef ref,
+					PGPsecshSendProcPtr		secshSendProc,
+					void *					inData );
+
+
+/*____________________________________________________________________________
+	The following function is necessary *only* on a non-blocking socket.
+	If a call to PGPsecshSend returns kPGPError_SECSHWouldBlock, call
+	the following function repeatedly until that error is no longer
+	returned in order to make sure data is sent.  Another call to
+	PGPsecshSend will also call this function automatically and queue
+	any new data if necessary.
+____________________________________________________________________________*/
+PGPError	PGPsecshSendQueueIdle( PGPsecshSessionRef ref );
+
+PGPSize		PGPsecshReceiveBufferSize( PGPsecshSessionRef	ref );
+
+/*____________________________________________________________________________
+	The following function gets the ID of the fatal alert which caused
+	the SECSH session to abort and go into the kPGPsecsh_FatalErrorState.
+____________________________________________________________________________*/
+PGPError	PGPsecshGetAlert( PGPsecshSessionRef ref, PGPsecshAlert *outAlert );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_PGPsecsh_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSKEP.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSKEP.h
new file mode 100644
index 0000000000..217c88e1b8
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSKEP.h
@@ -0,0 +1,120 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpSKEP.h,v 1.1 2004/04/01 11:45:40 wprice Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpSKEP_h	/* [ */
+#define Included_pgpSKEP_h
+
+#include "pgpConfig.h"
+#include "pgpBase.h"
+#include "pgpErrors.h"
+#include "pgpShare.h"
+#include "pgpKeys.h"
+#include "pgpTLS.h"
+
+typedef struct PGPskep *	PGPskepRef;
+
+#define	kInvalidPGPskepRef			((PGPskepRef) NULL)
+#define PGPskepRefIsValid( ref )	( (ref) != kInvalidPGPskepRef )
+
+typedef enum _PGPskepEventType
+{
+	kPGPskepEvent_NullEvent			= 0,	/* Nothing is happening */
+	kPGPskepEvent_ListenEvent		= 1,	/* Listening for data */
+	kPGPskepEvent_ConnectEvent		= 2,	/* Connection established */
+	kPGPskepEvent_AuthenticateEvent = 3,	/* Remote site authenticated */
+	kPGPskepEvent_ProgressEvent		= 4,	/* Data flow progress */
+	kPGPskepEvent_CloseEvent		= 5,	/* Connection closing */
+	kPGPskepEvent_ShareEvent		= 6,	/* Share received */
+	kPGPskepEvent_PassphraseEvent	= 7		/* Passphrase needed */
+} PGPskepEventType;
+
+typedef struct _PGPskepEventAuthenticateData
+{
+	PGPKeyDBObjRef			remoteKey;
+	const char *			remoteHostname;
+	const char *			remoteIPAddress;
+	PGPtlsCipherSuiteNum	tlsCipher;
+} PGPskepEventAuthenticateData;
+
+typedef struct _PGPskepEventProgressData
+{
+	PGPUInt32	bytesSoFar;
+	PGPUInt32	bytesTotal;
+} PGPskepEventProgressData;
+
+typedef struct _PGPskepEventShareData
+{
+	PGPShareRef	shares;
+} PGPskepEventShareData;
+
+typedef struct _PGPskepEventPassphraseData
+{
+	char *		passphrase;
+	PGPByte *	passkey;
+	PGPSize		passkeySize;
+} PGPskepEventPassphraseData;
+
+typedef union _PGPskepEventData
+{
+	PGPskepEventAuthenticateData	ad;
+	PGPskepEventProgressData		pd;
+	PGPskepEventShareData			sd;
+	PGPskepEventPassphraseData		ppd;
+} PGPskepEventData;
+
+typedef struct _PGPskepEvent
+{
+	PGPskepEventType	type;
+	PGPskepEventData	data;
+} PGPskepEvent;
+
+typedef PGPError (*PGPskepEventHandler)(PGPskepRef skep,
+						PGPskepEvent *event, PGPUserValue userValue);
+
+
+PGP_BEGIN_C_DECLARATIONS
+
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import on
+#endif
+
+PGPError 		PGPNewSKEP(PGPContextRef context, 
+						PGPtlsContextRef tlsContext,
+						PGPskepRef *skep);
+
+PGPError		PGPskepSetEventHandler(PGPskepRef skep,
+						PGPskepEventHandler handler, PGPUserValue userValue);
+
+PGPError 		PGPskepSendShares(PGPskepRef skep, PGPKeyDBObjRef authKey,
+						const char *passphrase, PGPShareRef shares,
+						const char *destSocketAddress);
+
+PGPError 		PGPskepReceiveShares(PGPskepRef skep, PGPKeyDBObjRef authKey,
+						const char *passphrase);
+
+PGPError 		PGPskepCancel(PGPskepRef skep);
+
+PGPError 		PGPFreeSKEP(PGPskepRef skep);
+
+PGPContextRef	PGPGetSKEPContext(PGPskepRef skep);
+
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import reset
+#endif
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpSKEP_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShare.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShare.h
new file mode 100644
index 0000000000..04d6da569c
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShare.h
@@ -0,0 +1,80 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpShare.h,v 1.1 2004/04/01 11:45:40 wprice Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpShare_h	/* [ */
+#define Included_pgpShare_h
+
+#include "pgpConfig.h"
+#include "pgpBase.h"
+#include "pgpKeys.h"
+
+typedef struct PGPShare *	PGPShareRef;
+
+typedef struct PGPShareID_
+{
+	PGPByte 	data[8];
+} PGPShareID;
+
+#define	kInvalidPGPShareRef			((PGPShareRef) NULL)
+#define PGPShareRefIsValid( ref )	( (ref) != kInvalidPGPShareRef )
+
+PGP_BEGIN_C_DECLARATIONS
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import on
+#endif
+
+PGPError PGPCreateShares(PGPContextRef context, PGPKeyDBObjRef key, 
+				PGPUInt32 threshold, PGPUInt32 numShares, 
+				PGPShareRef *share);
+
+/* The passkey needs to be freed with PGPFreeData(passkey) */
+PGPError PGPGetPasskeyFromShares(PGPShareRef share, PGPByte **passkey,
+				PGPSize *passkeySize);
+
+PGPError PGPSplitShares(PGPShareRef share, PGPUInt32 numShares, 
+				PGPShareRef *splitShares);
+
+/* The share objects being combined are NOT freed by this function */
+PGPError PGPCombineShares(PGPShareRef firstShare, PGPShareRef secondShare,
+				PGPShareRef *combinedShares);
+
+PGPError PGPFreeShares(PGPShareRef share);
+
+PGPError PGPGetKeyIDFromShares(PGPShareRef share, PGPKeyID *id);
+
+PGPError PGPGetShareID(PGPShareRef share, PGPShareID *id);
+
+PGPUInt32 PGPGetShareThreshold(PGPShareRef share);
+
+/* This is the number of shares contained in the share object */
+PGPUInt32 PGPGetNumberOfShares(PGPShareRef share);
+
+/* The share object may contain less than the total number of shares */
+PGPUInt32 PGPGetTotalNumberOfShares(PGPShareRef share);
+
+PGPBoolean IsSamePGPShares(PGPShareRef firstShare, PGPShareRef secondShare);
+
+/* If firstID < secondID, -1 */
+/* If firstID > secondID,  1 */
+/* If firstID = secondID,  0 */
+PGPInt32 PGPCompareShareIDs(PGPShareID firstID, PGPShareID secondID);
+
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import reset
+#endif
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpShare_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShareFile.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShareFile.h
new file mode 100644
index 0000000000..4a7aa3e920
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpShareFile.h
@@ -0,0 +1,95 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpShareFile.h,v 1.1 2004/04/01 11:45:40 wprice Exp $
+____________________________________________________________________________*/
+#ifndef Included_pgpShareFile_h	/* [ */
+#define Included_pgpShareFile_h
+
+#include "pgpConfig.h"
+#include "pgpBase.h"
+#include "pgpErrors.h"
+#include "pgpPubTypes.h"
+#include "pflTypes.h"
+#include "pgpShare.h"
+
+typedef struct PGPShareFile *	PGPShareFileRef;
+
+#define	kInvalidPGPShareFileRef			((PGPShareFileRef) NULL)
+#define PGPShareFileRefIsValid( ref )	( (ref) != kInvalidPGPShareFileRef )
+
+PGP_BEGIN_C_DECLARATIONS
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import on
+#endif
+
+PGPError PGPNewShareFile(PFLFileSpecRef shareFileSpec, 
+				PGPShareFileRef *shareFileRef);
+
+PGPError PGPFreeShareFile(PGPShareFileRef shareFileRef);
+
+/* The share object needs to be freed with PGPFreeShares(shares) */
+PGPError PGPCopySharesFromFile(PGPContextRef context, 
+				PGPShareFileRef shareFileRef, PGPOptionListRef optionList,
+				PGPShareRef *shares);
+
+PGPError PGPCopySharesToFile(PGPContextRef context, 
+				PGPShareFileRef shareFileRef, PGPOptionListRef optionList,
+				PGPShareRef shares);
+
+PGPError PGPGetShareFileUserID(PGPShareFileRef shareFileRef,
+				PGPSize bufferSize, PGPUTF8 *userID, PGPSize *fullSize);
+
+PGPError PGPSetShareFileUserID(PGPShareFileRef shareFileRef,
+				const PGPUTF8 *userID);
+
+PGPError PGPOpenShareFile(PFLFileSpecRef shareFileSpec, 
+				PGPShareFileRef *shareFileRef);
+
+PGPError PGPSaveShareFile(PGPShareFileRef shareFileRef);
+
+PGPError PGPGetShareFileSpec(PGPShareFileRef shareFileRef,
+				PFLFileSpecRef *shareFileSpec);
+
+PGPError PGPGetShareFileShareID(PGPShareFileRef shareFileRef, 
+				PGPShareID *id);
+
+PGPError PGPGetShareFileOwnerKeyID(PGPShareFileRef shareFileRef, 
+				PGPKeyID *id);
+
+PGPError PGPSetShareFileOwnerKeyID(PGPShareFileRef shareFileRef, 
+				const PGPKeyID id);
+
+PGPError PGPGetShareFileOwnerFingerprint(PGPShareFileRef shareFileRef, 
+				PGPSize bufferSize, void *fingerprint, PGPSize *fullSize);
+
+PGPError PGPSetShareFileOwnerFingerprint(PGPShareFileRef shareFileRef,
+				PGPSize bufferSize, const void *fingerprint);
+
+PGPError PGPGetShareFileSharedKeyID(PGPShareFileRef shareFileRef, 
+				PGPKeyID *id);
+
+PGPUInt32 PGPGetShareThresholdInFile(PGPShareFileRef shareFileRef);
+
+PGPUInt32 PGPGetNumSharesInFile(PGPShareFileRef shareFileRef);
+
+PGPBoolean IsSamePGPSharesInFiles(PGPShareFileRef firstFile, 
+				PGPShareFileRef secondFile);
+
+#if PRAGMA_IMPORT_SUPPORTED
+#pragma import reset
+#endif
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpShareFile_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSockets.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSockets.h
new file mode 100644
index 0000000000..e82ab45026
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSockets.h
@@ -0,0 +1,464 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpSockets.h,v 1.8 2003/12/13 01:20:39 dallen Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpSockets_h	/* [ */
+#define Included_pgpSockets_h
+
+#include <stdio.h>
+
+#include "pgpOptionList.h"
+#include "pgpTLS.h"
+#include "pgpErrors.h"
+
+#if PGP_UNIX
+# include <sys/types.h>
+# include <sys/socket.h>
+# include <sys/time.h>		/* Needed for struct timeval */
+#if PGP_UNIX_LINUX
+# include <sys/ioctl.h>		/* Need FIONREAD */
+#elif PGP_UNIX_SOLARIS || PGP_UNIX_DARWIN
+# include <sys/filio.h>
+#elif PGP_UNIX_AIX
+#include <sys/ioctl.h>
+#endif /* ! PGP_UNIX_LINUX */
+# include <netinet/in.h>
+# include <netdb.h>
+#endif
+
+#if PGP_WIN32
+# include <winsock.h>
+#endif
+
+PGP_BEGIN_C_DECLARATIONS
+
+#if PGP_UNIX
+typedef int							PGPSocketRef;
+#else
+typedef SOCKET						PGPSocketRef;
+#endif
+
+
+/*
+ * Unix and Windows share the same Berkeley socket interface. This isn't
+ * the most efficient Windows implmentation of TCP/IP, but it is
+ * compatible with UNIX berkeley sockets, making cross-platform possible.
+ *
+ * Trying to write cross-platform win32 TCP/IP code using all the fancy
+ * dancy Win32 network functions would be nearly impossible IMHO
+ *
+ * The Mac doesn't have the berkeley stuff, so we roll our own for all
+ * of the structures.
+ *
+ * Start with Unix and Win32
+ */
+#if PGP_UNIX || PGP_WIN32
+
+# define kInvalidPGPSocketRef		((PGPSocketRef) (~0))
+
+ typedef struct hostent		PGPHostEntry;
+ typedef struct protoent	PGPProtocolEntry;
+ typedef struct servent		PGPServiceEntry;
+ typedef struct sockaddr_in	PGPSocketAddressInternet;
+ typedef struct sockaddr	PGPSocketAddress;
+ typedef struct in_addr		PGPInternetAddress;
+ typedef fd_set 			PGPSocketSet;
+ typedef struct timeval		PGPSocketsTimeValue;
+
+# define PGPSOCKETSET_CLEAR(socketRef, set) FD_CLR((int) (socketRef), (set))
+# define PGPSOCKETSET_SET(socketRef, set)   FD_SET((int) (socketRef), (set))
+# define PGPSOCKETSET_ZERO(set)				FD_ZERO((set))
+# define PGPSOCKETSET_ISSET(socketRef, set) FD_ISSET((int) (socketRef), (set))
+
+ /* Address families */
+ enum {
+	kPGPAddressFamilyUnspecified	=	AF_UNSPEC,
+	kPGPAddressFamilyInternet		=	AF_INET
+ };
+
+ /* Protocol families */
+ enum {
+	kPGPProtocolFamilyInternet	=	PF_INET
+ };
+
+ /* Types */
+ enum {
+	kPGPSocketTypeStream			=	SOCK_STREAM,
+	kPGPSocketTypeDatagram			=	SOCK_DGRAM
+ };
+
+ /* Commands for PGPIOControlSocket */
+ enum {
+	kPGPSocketCommandGetUnreadData	=	FIONREAD
+ };
+
+ /* Levels for PGPGetSocketOptions and PGPSetSocketOptions */
+ enum {
+	kPGPSocketOptionLevelSocket	=	SOL_SOCKET
+ };
+
+ /* Options for PGPGetSocketOptions and PGPSetSocketOptions */
+ enum {
+	kPGPSocketOptionAcceptingConnections	=	SO_ACCEPTCONN,
+	kPGPSocketOptionType					=	SO_TYPE
+ };
+
+ /* Protocols */
+ enum {
+	kPGPTCPProtocol	=	IPPROTO_TCP,
+	kPGPUDPProtocol	=	IPPROTO_UDP
+ };
+
+ /* Send flags */
+ enum {
+	kPGPSendFlagNone		=	0
+ };
+
+ /* Receive flags */
+ enum {
+	kPGPReceiveFlagNone		=	0
+ };
+
+ /* Internet Addresses */
+ enum {
+ 	kPGPInternetAddressAny = INADDR_ANY
+ };
+
+#endif /* PGP_UNIX || PGP_WIN32 */
+
+/*
+ * Onto the Mac, where we need to create our own versions of the various
+ * structures.
+ */
+#if PGP_MACINTOSH
+
+# define	kInvalidPGPSocketRef		((PGPSocketRef) NULL)
+
+ typedef struct PGPInternetAddress {
+	union {
+		struct {
+			PGPByte		s_b1;
+			PGPByte		s_b2;
+			PGPByte		s_b3;
+			PGPByte		s_b4;
+		}					S_un_b;
+		struct {
+			PGPUInt16	s_w1;
+			PGPUInt16	s_w2;
+		}					S_un_w;
+		PGPUInt32		S_addr;
+	} S_un;
+# define s_addr	S_un.S_addr
+ } PGPInternetAddress;
+
+ typedef struct PGPSocketAddressInternet {
+	PGPInt16			sin_family;
+	PGPUInt16			sin_port;
+	PGPInternetAddress	sin_addr;
+	PGPByte				sin_zero[8];
+ } PGPSocketAddressInternet;
+
+ typedef struct PGPSocketAddress {
+	PGPUInt16	sa_family;
+	PGPByte		sa_data[14];
+ } PGPSocketAddress;
+
+ typedef struct PGPHostEntry {
+	char *		h_name;
+	char **		unused;
+	PGPInt16	h_addrtype;
+	PGPInt16	h_length;
+	char **		h_addr_list;
+# define h_addr	h_addr_list[0]
+ } PGPHostEntry;
+
+ typedef struct PGPProtocolEntry {
+	char *		p_name;
+	char **		p_aliases;
+	PGPInt16	p_proto;
+ } PGPProtocolEntry;
+
+ typedef struct PGPServiceEntry {
+	char *		s_name;
+	char **		s_aliases;
+	PGPUInt16	s_port;
+	char *		s_proto;
+ } PGPServiceEntry;
+
+ /* Select types and defines */
+# ifndef PGPSOCKETSET_SETSIZE
+#  define PGPSOCKETSET_SETSIZE	64
+# endif
+
+ typedef struct PGPSocketSet {
+	PGPUInt16		fd_count;
+	PGPSocketRef	fd_array[PGPSOCKETSET_SETSIZE];
+ } PGPSocketSet;
+
+# define PGPSOCKETSET_CLEAR(socketRef, set)	do {						\
+    PGPUInt16	__i;													\
+	for (__i = 0; __i < ((PGPSocketSet * (set))->fd_count; __i++) {		\
+		if (((PGPSocketSet *) (set))->fd_array[__i] == socketRef) {		\
+			while (__i < (((PGPSocketSet *) (set))->fd_count - 1)) {	\
+				((PGPSocketSet *) (set))->fd_array[__i] =				\
+					((PGPSocketSet *) (set))->fd_array[__i + 1];		\
+				__i++;													\
+			}															\
+			((PGPSocketSet *) (set))->fd_count--;						\
+			break;														\
+		}																\
+	}																	\
+ } while (0)
+										
+# define PGPSOCKETSET_SET(socketRef, set)	do {					\
+    if (((PGPSocketSet *) (set))->fd_count < PGPSOCKETSET_SETSIZE) {	\
+	    ((PGPSocketSet *) (set))->fd_array[((PGPSocketSet *)			\
+	    (set))->fd_count++] = (socketRef);								\
+    }																	\
+ } while (0)
+
+# define PGPSOCKETSET_ZERO(set)	(((PGPSocketSet *) (set))->fd_count = 0)
+
+ PGPInt32 __PGPSocketsIsSet(PGPSocketRef, PGPSocketSet *);
+	
+# define PGPSOCKETSET_ISSET(socketRef, set)	__PGPSocketsIsSet(	\
+													(socketRef),(set))
+							
+ typedef struct PGPSocketsTimeValue {
+        PGPInt32    tv_sec;         /* seconds */
+        PGPInt32    tv_usec;        /* and microseconds */
+ } PGPSocketsTimeValue;
+
+ /* Address families */
+ enum {
+	kPGPAddressFamilyUnspecified	=	0,
+	kPGPAddressFamilyInternet		=	2
+ };
+
+ /* Protocol families */
+ enum {
+	kPGPProtocolFamilyInternet	=	kPGPAddressFamilyInternet
+ };
+
+ /* Types */
+ enum {
+	kPGPSocketTypeStream			=	1,
+	kPGPSocketTypeDatagram			=	2
+ };
+
+ /* Commands for PGPIOControlSocket */
+ enum {
+	kPGPSocketCommandGetUnreadData	=	(0x40000000
+		| (((long) sizeof(PGPUInt32) & 0x7F) << 16) | ('f' << 8) | 127)
+ };
+
+ /* Levels for PGPGetSocketOptions and PGPSetSocketOptions */
+ enum {
+	kPGPSocketOptionLevelSocket	=	0xFFFFFFFF
+ };
+
+ /* Options for PGPGetSocketOptions and PGPSetSocketOptions */
+ enum {
+	kPGPSocketOptionAcceptingConnections	=	0x00000002,
+	kPGPSocketOptionType					=	0x00001008
+ };
+
+ /* Protocols */
+ enum {
+	kPGPTCPProtocol	=	6,
+	kPGPUDPProtocol	=	17
+ };
+
+ /* Send flags */
+ enum {
+	kPGPSendFlagNone		=	0
+ };
+
+ /* Receive flags */
+ enum {
+	kPGPReceiveFlagNone		=	0
+ };
+
+ /* Internet Addresses */
+ enum {
+	kPGPInternetAddressAny	=	0x00000000
+ };
+
+#endif /* PGP_MACINTOSH */
+
+/*
+ * Some global things for all platforms
+ */
+
+#define PGPSocketRefIsValid(ref)	((ref) != kInvalidPGPSocketRef)
+
+typedef struct PGPSocketsThreadStorage *	PGPSocketsThreadStorageRef;
+# define kInvalidPGPSocketsThreadStorageRef				\
+			((PGPSocketsThreadStorageRef) NULL)
+#define PGPSocketsThreadStorageRefIsValid(ref)			\
+			((ref) != kInvalidPGPSocketsThreadStorageRef)
+
+extern PGPSocketAddressInternet	kPGPAddressAny;
+
+/* Errors */
+#define kPGPSockets_Error	-1
+
+/* Net byte ordering macros (PGP_WORDSBIGENDIAN defined by configure) */
+#if PGP_WORDSBIGENDIAN
+# define PGPHostToNetLong(x)	(x)
+# define PGPHostToNetShort(x)	(x)
+# define PGPNetToHostLong(x)	(x)
+# define PGPNetToHostShort(x)	(x)
+#else
+ PGPInt32	PGPHostToNetLong(PGPInt32 x);
+ PGPInt16	PGPHostToNetShort(PGPInt16 x);
+ PGPInt32	PGPNetToHostLong(PGPInt32 x);
+ PGPInt16	PGPNetToHostShort(PGPInt16 x);
+#endif /* PGP_WORDSBIGENDIAN */
+
+/*
+ * Shared function interface (except for idle handler code)
+ */
+
+/*
+ * Use the idle event handler to receive periodic idle events during
+ * network calls. Usually this is used only in non-preemptive multi-tasking
+ * OSes to allow yielding in threads. Pre-emptive multi-tasking systems
+ * should probably not use the call as it interrupts the efficient wait state
+ * of threads waiting on network calls.
+ *
+ * Idle event handlers need to be added on a per thread basis.
+ *
+ * Returning an error from the idle event handler will cause the socket
+ * that is blocking to close.
+ *
+ */
+PGPError		PGPSetSocketsIdleEventHandler(
+						PGPEventHandlerProcPtr inCallback,
+						PGPUserValue inUserData);
+						
+PGPError		PGPGetSocketsIdleEventHandler(
+						PGPEventHandlerProcPtr * outCallback,
+						PGPUserValue * outUserData);
+
+/* Static storage creation */
+PGPError		PGPSocketsCreateThreadStorage(
+					PGPSocketsThreadStorageRef * outPreviousStorage);
+PGPError		PGPSocketsDisposeThreadStorage(
+					PGPSocketsThreadStorageRef inPreviousStorage);
+					
+/* Stack based class for saving and restoring thread storage */
+#ifdef __cplusplus	/* [ */
+class StPGPPreserveSocketsStorage {
+public:
+			StPGPPreserveSocketsStorage() : mStorage(NULL)
+				{ PGPSocketsCreateThreadStorage(&mStorage); }
+			~StPGPPreserveSocketsStorage()
+				{ PGPSocketsDisposeThreadStorage(mStorage); }
+
+protected:
+	PGPSocketsThreadStorageRef	mStorage;
+};
+#endif	/* ] __cplusplus */
+
+
+/* Initialization and termination */
+PGPError		PGPSocketsInit(void);
+void			PGPSocketsCleanup(void);
+
+/* Socket creation and destruction */
+PGPSocketRef	PGPOpenSocket(PGPInt32 inAddressFamily, PGPInt32 inSocketType,
+							  PGPInt32 inSocketProtocol);
+PGPInt32		PGPCloseSocket(PGPSocketRef inSocketRef);
+
+/* Endpoint binding */
+PGPInt32		PGPBindSocket(PGPSocketRef inSocketRef,
+							  const PGPSocketAddress * inAddress,
+							  PGPInt32 inAddressLength);
+PGPInt32		PGPConnect(PGPSocketRef inSocketRef,
+						   const PGPSocketAddress * inServerAddress,
+						   PGPInt32 inAddressLength);
+
+/* Send functions */
+PGPInt32		PGPSend(PGPSocketRef inSocketRef, const void * inBuffer,
+						PGPInt32 inBufferLength, PGPInt32 inFlags);
+PGPInt32		PGPWrite(PGPSocketRef inSocketRef, const void * inBuffer,
+						 PGPInt32 inBufferLength);
+PGPInt32		PGPSendTo(PGPSocketRef inSocketRef, const void * inBuffer,
+						  PGPInt32 inBufferLength, PGPInt32 inFlags,
+						  PGPSocketAddress * inAddress,
+						  PGPInt32 inAddressLength);
+
+/* Receive functions */
+PGPInt32		PGPReceive(PGPSocketRef inSocketRef, void * outBuffer,
+						   PGPInt32 inBufferSize, PGPInt32 inFlags);
+PGPInt32		PGPRead(PGPSocketRef inSocketRef, void * outBuffer,
+						PGPInt32 inBufferSize);
+PGPInt32		PGPReceiveFrom(PGPSocketRef inSocketRef, void * outBuffer,
+							   PGPInt32 inBufferSize, PGPInt32 inFlags,
+							   PGPSocketAddress * outAddress,
+							   PGPInt32 * ioAddressLength);
+
+/* Server functions */
+PGPInt32		PGPListen(PGPSocketRef inSocketRef, PGPInt32 inMaxBacklog);
+PGPSocketRef	PGPAccept(PGPSocketRef inSocketRef,
+						  PGPSocketAddress * outAddress,
+						  PGPInt32 * ioAddressLength);
+
+/* Select */
+/* Note that inNumSetCount is not used under Mac and Windows */
+PGPInt32 		PGPSelect(PGPInt32 inNumSetCount,
+						  PGPSocketSet * ioReadSet,
+						  PGPSocketSet * ioWriteSet,
+						  PGPSocketSet * ioErrorSet,
+						  const PGPSocketsTimeValue * inTimeout);
+
+/* DNS and protocol services */
+PGPHostEntry *		PGPGetHostByName(const PGPChar8 * inName);
+PGPHostEntry *		PGPGetHostByAddress(const PGPChar8 * inAddress,
+										PGPInt32 inLength,
+										PGPInt32 inType);
+PGPInt32			PGPGetHostName(PGPChar8 * outName, PGPInt32 inNameLength);
+PGPProtocolEntry *	PGPGetProtocolByName(const PGPChar8 * inName);
+PGPProtocolEntry *	PGPGetProtocolByNumber(PGPInt32 inNumber);
+PGPServiceEntry *	PGPGetServiceByName(const PGPChar8 * inName,
+										const PGPChar8 * inProtocol);
+PGPServiceEntry *	PGPGetServiceByPort(PGPInt32 inPort,
+										const PGPChar8 * inProtocol);
+
+/* Error reporting */
+PGPError	PGPGetLastSocketsError(void);
+
+/* Utilities */
+PGPInt32	PGPGetSocketName(PGPSocketRef inSocketRef,
+							 PGPSocketAddress * outName,
+							 PGPInt32 * ioNameLength);
+PGPInt32	PGPGetPeerName(PGPSocketRef inSocketRef,
+						   PGPSocketAddress * outName,
+						   PGPInt32 * ioNameLength);
+PGPUInt32	PGPDottedToInternetAddress(const PGPChar8 * inAddress);
+PGPChar8 *	PGPInternetAddressToDottedString(PGPInternetAddress inAddress);
+
+/* Control and options */
+PGPInt32	PGPIOControlSocket(PGPSocketRef inSocketRef,
+							   PGPInt32 inCommand, PGPUInt32 * ioParam);
+PGPInt32	PGPGetSocketOptions(PGPSocketRef inSocketRef, PGPInt32 inLevel,
+								PGPInt32 inOptionName,
+								PGPChar8 * outOptionValue,
+								PGPInt32 * ioOptionLength);
+PGPInt32	PGPSetSocketOptions(PGPSocketRef inSocketRef, PGPInt32 inLevel,
+								PGPInt32 inOptionName,
+								const PGPChar8 * inOptionValue,
+								PGPInt32 inOptionLength);
+
+/* TLS */
+PGPError	PGPSocketsEstablishTLSSession(PGPSocketRef inSocketRef,
+										  PGPtlsSessionRef inTLSSession);
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* Included_pgpSockets_h */
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSymmetricCipher.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSymmetricCipher.h
new file mode 100644
index 0000000000..61a700e33e
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpSymmetricCipher.h
@@ -0,0 +1,114 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	$Id: pgpSymmetricCipher.h,v 1.7 2003/10/07 01:29:44 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpSymmetricCipher_h	/* [ */
+#define Included_pgpSymmetricCipher_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	Create a new cipher of the specified algorithm.  The cipher cannot be used
+	until PGPInitSymmetricCipher() has been called.
+	
+	If the algorithm is not available then kPGPError_AlgorithmNotAvailable is
+	returned.
+____________________________________________________________________________*/
+
+PGPError 	PGPNewSymmetricCipherContext( PGPContextRef context,
+					PGPCipherAlgorithm algorithm,
+					PGPSymmetricCipherContextRef *outRef );
+
+/*____________________________________________________________________________
+	Disposal clears all data in memory before releasing it.
+____________________________________________________________________________*/
+
+PGPError 	PGPFreeSymmetricCipherContext( PGPSymmetricCipherContextRef ref );
+
+/*____________________________________________________________________________
+	Make an exact copy of the cipher, including the key.
+____________________________________________________________________________*/
+
+PGPError 	PGPCopySymmetricCipherContext( PGPSymmetricCipherContextRef ref,
+					PGPSymmetricCipherContextRef *outRef );
+
+/*____________________________________________________________________________
+	The key must be set before using; a cipher can be repeatedly reset and
+	reused with different keys to avoid having to create and destroy new
+	contexts each time (and it's also cryptographically better not to reuse
+	a key).  
+	Key size is implicit based on algorithm.  'key' is *copied*.  Caller
+	may want to destroy the original after passing it in.
+____________________________________________________________________________*/
+
+PGPError 	PGPInitSymmetricCipher( PGPSymmetricCipherContextRef ref,
+					const void *key );
+					
+/*____________________________________________________________________________
+	Wipe any sensitive data in the cipher.  Cipher remains alive, but
+	key must be set before any data is encrypted.
+____________________________________________________________________________*/
+
+PGPError 	PGPWipeSymmetricCipher( PGPSymmetricCipherContextRef ref );
+
+/*____________________________________________________________________________
+	"Wash" the symmetric cipher
+____________________________________________________________________________*/
+
+PGPError 	PGPWashSymmetricCipher( PGPSymmetricCipherContextRef ref,
+					void const *buf, PGPSize len);
+
+/*____________________________________________________________________________
+	Encrypt or decrypt one "block" of data.  The block size is determined
+	by the cipher (see PGPGetSymmetricCipherSizes()).
+____________________________________________________________________________*/
+
+PGPError 	PGPSymmetricCipherEncrypt( PGPSymmetricCipherContextRef ref,
+					const void *in, void *out );
+					
+PGPError 	PGPSymmetricCipherDecrypt( PGPSymmetricCipherContextRef ref,
+					const void *in, void *out );
+									
+/*____________________________________________________________________________
+	Determine key and block size for specified algorithm.  Stateless routine
+	does not need a context.
+____________________________________________________________________________*/
+PGPError 	PGPGetSymmetricCipherSizes( PGPSymmetricCipherContextRef ref,
+					PGPSize *keySize, PGPSize *blockSize );
+
+/*____________________________________________________________________________
+ * This function integrates stream ciphers into framework of block API. 
+ * To encrypt/decrypt data, the caller works with stream cipher in ECB block 
+ * mode and calls this function before and after the last block. 
+ * There is a feedback between the previous block and the current 
+ * block for stream ciphers, so ECB for stream ciphers is similiar to CBC 
+ * with fixed IV for block ciphers. 
+ *
+ * To indicate the real size of input data the caller must call this function 
+ * with 'size'=0xffffffff before the last block to save a state and then 
+ * call this function again after the last block was encrypted/decrypted 
+ * with the 'size' set to the real number of bytes in the buffer. This
+ * operation is similiar to padding for block ciphers.
+____________________________________________________________________________*/
+PGPError	PGPSymmetricCipherRollback( PGPSymmetricCipherContextRef ref, 
+					PGPSize size );
+
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpSymmetricCipher_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpTLS.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpTLS.h
new file mode 100644
index 0000000000..f901b1b0db
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpTLS.h
@@ -0,0 +1,336 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+
+	$Id: pgpTLS.h,v 1.13 2004/04/06 05:00:58 wprice Exp $
+____________________________________________________________________________*/
+#ifndef Included_PGPtls_h	/* [ */
+#define Included_PGPtls_h
+
+#include "pgpPubTypes.h"
+
+PGP_BEGIN_C_DECLARATIONS
+
+
+typedef struct PGPtlsContext *			PGPtlsContextRef;
+typedef const struct PGPtlsContext *	PGPtlsConstContextRef;
+
+#define	kInvalidPGPtlsContextRef		((PGPtlsContextRef) NULL)
+#define PGPtlsContextRefIsValid( ref )	( (ref) != kInvalidPGPtlsContextRef )
+
+typedef struct PGPtlsSession *			PGPtlsSessionRef;
+typedef const struct PGPtlsSession *	PGPtlsConstSessionRef;
+
+#define	kInvalidPGPtlsSessionRef		((PGPtlsSessionRef) NULL)
+#define PGPtlsSessionRefIsValid( ref )	( (ref) != kInvalidPGPtlsSessionRef )
+
+
+typedef PGPFlags		PGPtlsFlags;
+#define kPGPtlsFlags_ServerSide				0x01
+#define kPGPtlsFlags_ClientSide				0x02
+#define kPGPtlsFlags_RequestClientCert		0x04
+#define kPGPtlsFlags_NonBlockingIO			0x08
+
+enum PGPtlsCipherSuiteNum_
+{
+	kPGPtls_TLS_NULL_WITH_NULL_NULL					= 0,
+	kPGPtls_TLS_PGP_DHE_DSS_WITH_CAST_CBC_SHA		= 1,
+	kPGPtls_TLS_PGP_DHE_RSA_WITH_CAST_CBC_SHA		= 2,
+	kPGPtls_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA		= 3,
+	kPGPtls_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA		= 4,
+	kPGPtls_TLS_RSA_WITH_3DES_EDE_CBC_SHA			= 5,
+	kPGPtls_TLS_RSA_WITH_IDEA_CBC_SHA				= 6,
+	kPGPtls_TLS_PGP_RSA_WITH_CAST_CBC_SHA			= 7,
+	kPGPtls_TLS_PGP_DHE_DSS_WITH_NULL_SHA			= 8,
+	kPGPtls_TLS_DHE_DSS_WITH_NULL_SHA				= 9,
+	kPGPtls_TLS_RSA_WITH_ARC4_128_SHA				= 10,
+
+	kPGPtls_TLS_RSA_WITH_AES_128_CBC_SHA			= 11,
+	kPGPtls_TLS_DHE_DSS_WITH_AES_128_CBC_SHA		= 12,
+	kPGPtls_TLS_DHE_RSA_WITH_AES_128_CBC_SHA		= 13,
+
+	kPGPtls_TLS_RSA_WITH_AES_256_CBC_SHA			= 15,
+	kPGPtls_TLS_DHE_DSS_WITH_AES_256_CBC_SHA		= 16,
+	kPGPtls_TLS_DHE_RSA_WITH_AES_256_CBC_SHA		= 17,
+
+	PGP_ENUM_FORCE( PGPtlsCipherSuiteNum_ )
+};
+PGPENUM_TYPEDEF( PGPtlsCipherSuiteNum_, PGPtlsCipherSuiteNum );
+
+enum PGPtlsProtocolState_
+{
+	kPGPtls_IdleState			= 0,
+	kPGPtls_FatalErrorState		= 1,
+	kPGPtls_ClosedState			= 2,
+	kPGPtls_HandshakeState		= 3,
+	kPGPtls_ReadyState			= 4,
+
+	PGP_ENUM_FORCE( PGPtlsProtocolState_ )
+};
+PGPENUM_TYPEDEF( PGPtlsProtocolState_, PGPtlsProtocolState );
+
+enum PGPtlsPrime_
+{
+	kPGPtls_DHPrime1024		= 0,
+	kPGPtls_DHPrime1536		= 1,
+	kPGPtls_DHPrime2048		= 2,
+	kPGPtls_DHPrime3072		= 3,
+	kPGPtls_DHPrime4096		= 4,
+
+	PGP_ENUM_FORCE( PGPtlsPrime_ )
+};
+PGPENUM_TYPEDEF( PGPtlsPrime_, PGPtlsPrime );
+
+enum PGPtlsAlert_
+{
+	kPGPtls_AT_CloseNotify			= 0,
+	kPGPtls_AT_UnexpectedMessage	= 10,	/* FATAL */
+	kPGPtls_AT_BadRecordMAC			= 20,	/* FATAL */
+	kPGPtls_AT_DecryptionFailed		= 21,	/* FATAL */
+	kPGPtls_AT_RecordOverflow		= 22,	/* FATAL */
+	kPGPtls_AT_DecompressionFailure	= 30,	/* FATAL */
+	kPGPtls_AT_HandshakeFailure		= 40,	/* FATAL */
+	kPGPtls_AT_NoCertificate		= 41,	/* SSL3  */
+	kPGPtls_AT_BadCertificate		= 42,
+	kPGPtls_AT_UnsupportedCert		= 43,
+	kPGPtls_AT_CertRevoked			= 44,
+	kPGPtls_AT_CertExpired			= 45,
+	kPGPtls_AT_CertUnknown			= 46,
+	kPGPtls_AT_IllegalParameter		= 47,	/* FATAL */
+	kPGPtls_AT_UnknownCA			= 48,	/* FATAL */
+	kPGPtls_AT_AccessDenied			= 49,	/* FATAL */
+	kPGPtls_AT_DecodeError			= 50,	/* FATAL */
+	kPGPtls_AT_DecryptError			= 51,
+	kPGPtls_AT_ExportRestriction	= 60,	/* FATAL */
+	kPGPtls_AT_ProtocolVersion		= 70,	/* FATAL */
+	kPGPtls_AT_InsufficientSecurity	= 71,	/* FATAL */
+	kPGPtls_AT_InternalError		= 80,	/* FATAL */
+	kPGPtls_AT_UserCancelled		= 90,
+	kPGPtls_AT_NoRenegotiation		= 100,
+	
+	kPGPtls_AT_None					= 255,
+
+	PGP_ENUM_FORCE( PGPtlsAlert_ )
+};
+PGPENUM_TYPEDEF( PGPtlsAlert_, PGPtlsAlert );
+
+/* The Send and Receive function pointers should return
+	kPGPError_TLSWouldBlock when the socket is non-blocking and the
+	call would block.  The Send and Receive functions passed in will
+	need to translate the platform-specific socket error in appropriate
+	cases by using calls such as WSAGetLastError() on Win32.  Remember
+	to call PGPtlsSendQueueIdle for non-blocking sockets also if
+	kPGPError_TLSWouldBlock is returned from a send on a non-blocking
+	socket. */
+
+typedef PGPInt32 (* PGPtlsReceiveProcPtr)(void *inData, void *outBuffer,
+										PGPInt32 outBufferSize);
+typedef PGPInt32 (* PGPtlsSendProcPtr)(void *inData, const void *inBuffer,
+										PGPInt32 inBufferLength);
+typedef PGPInt32 (* PGPtlsPeekProcPtr)(void *inData, void *outBuffer, 
+										PGPInt32 outBufferSize);
+
+PGPError 	PGPNewTLSContext( PGPContextRef context,
+					PGPtlsContextRef *outRef );
+
+PGPError 	PGPFreeTLSContext( PGPtlsContextRef ref );
+
+/*____________________________________________________________________________
+	The following function activates or deactivates the session key cache
+	for TLS sessions.  This defaults to on but can be deactivated with this
+	function to force all connections to proceed through the entire
+	handshake.
+____________________________________________________________________________*/
+PGPError	PGPtlsSetCache( PGPtlsContextRef ref, PGPBoolean useCache );
+
+PGPError	PGPtlsClearCache( PGPtlsContextRef ref );
+
+PGPError	PGPNewTLSSession( PGPtlsContextRef ref, PGPtlsSessionRef *outRef );
+
+PGPError 	PGPFreeTLSSession( PGPtlsSessionRef ref );
+
+PGPError	PGPCopyTLSSession( PGPtlsSessionRef ref, PGPtlsSessionRef *outRef );
+
+/* Default options are client side and no client cert request */
+PGPError	PGPtlsSetProtocolOptions( PGPtlsSessionRef ref,
+					PGPtlsFlags options );
+					
+
+/*____________________________________________________________________________
+	The following function must be called to cleanly close a TLS
+	connection.  If it is not called, the session will not be able
+	to be resumed from the session cache.
+	
+	In the event the application determines any problem with the
+	connection such as the remote key not being valid, call this
+	function with dontCache set to true in order to not cache the
+	session keys.
+____________________________________________________________________________*/
+PGPError	PGPtlsClose( PGPtlsSessionRef	ref,
+					PGPBoolean				dontCache );
+
+/*____________________________________________________________________________
+	The following function must be called to identify cached TLS session.
+	
+	During a handshake resulting in reused TLS sessions no certificate exchange
+	is taking place, so certificate or certificate chain cannot be queried by 
+	a call to PGPtlsGetRemoteAuthenticatedKey(). Remote peer's authentication 
+	keys are assumed to be authorized by the application when it earlier placed
+   	a session into a cache by calling PGPtlsClose(session, FALSE), so the "TRUE"
+   	return value means "already authorized session".
+
+	There is no need to call this function if no caching is done, for example,  
+   	if PGPtlsClose(session, FALSE) is never called or cache is 
+	disabled / cleared in PGPtlsContextRef.
+____________________________________________________________________________*/
+PGPError	PGPtlsIsReusedSession( PGPtlsSessionRef ref, PGPBoolean *reused );
+
+/*____________________________________________________________________________
+	The following function must be called to initiate the PGPtls session.
+	Once a TLS session has been assigned to a socket, no data can be sent
+	over that socket by the application until the handshake is completed.
+	Handshake completion is indicated by completion of this call without
+	error or by checking the state of the PGPtlsSession.  It will be
+	kPGPtls_ReadyState when the application layer may send and receive
+	data securely.
+	
+	This function performs all negotiation of the TLS connection.
+____________________________________________________________________________*/
+PGPError	PGPtlsHandshake( PGPtlsSessionRef ref );
+
+/*____________________________________________________________________________
+	The following function should be called before PGPtlsHandshake.
+	In the general case, the remoteID will be an IP address.  This
+	is provided to PGPtls in order to allow it to cache the current
+	session and be able to look it up later.  If the remoteID passed
+	into a future session is the same as a previously cached session,
+	PGPtls will attempt to resume the session.
+____________________________________________________________________________*/
+PGPError	PGPtlsSetRemoteUniqueID( PGPtlsSessionRef ref,
+					PGPUInt32 remoteID );
+
+/*____________________________________________________________________________
+	The following function sets the local private authenticating key.
+	
+	The passphrase and key are retained in memory.  By default, no
+	key is specified and a client side session will return no key in the
+	client key exchange message to the server.
+	It is an error not to specify a key on a server side TLS session.
+	This function must be passed either PGPOPassphrase or PGPOPasskeyBuffer.
+	You may pass in just a PGP key, PGP w/ X.509 cert, or both -- and they
+	must be the same -- the cert must be from the key.  For an X.509 cert,
+	the inCertChain keyset must contain the keys of all keys in the
+	certificate chain for that certificate up to the root.  The inCertChain
+	keyset must remain valid for the lifetime of the TLS connection.
+____________________________________________________________________________*/
+PGPError	PGPtlsSetLocalPrivateKey( PGPtlsSessionRef ref,
+					PGPKeyDBObjRef		inKeyObject,
+					PGPKeySetRef		inCertChain,
+					PGPOptionListRef	firstOption, ... );
+					
+/*____________________________________________________________________________
+	The following function sets the preferred cipher suite.
+	
+	There is no guarantee that cipher will actually be negotiated,
+	but it will be attempted in preference to others.
+____________________________________________________________________________*/
+PGPError	PGPtlsSetPreferredCipherSuite( PGPtlsSessionRef ref,
+					PGPtlsCipherSuiteNum cipher );
+
+/*____________________________________________________________________________
+	The following function sets the desired DH prime.
+	
+	The requested primes are drawn from a set of primes hard-coded
+	into PGPtls.  New primes can be added in a fully compatible
+	fashion since the server sends the prime to the client, but this
+	version of the API does not support passing in a desired prime.  The
+	default prime if this function is not called is kPGPtls_DHPrime2048.
+____________________________________________________________________________*/
+PGPError	PGPtlsSetDHPrime( PGPtlsSessionRef ref,
+					PGPtlsPrime prime );
+
+/*____________________________________________________________________________
+	The following function gets the authenticated remote key after a
+	successful handshake.  You must call this function after a successful
+	handshake to verify that the remote key is authorized to make the
+	connection.
+____________________________________________________________________________*/
+PGPError	PGPtlsGetRemoteAuthenticatedKey( PGPtlsSessionRef ref,
+					PGPKeyDBObjRef *outKey,
+					PGPKeyDBRef *	outKeyDB );
+
+/*____________________________________________________________________________
+	The following function returns the negotiated symmetric cipher.
+	
+	This function will return an error if called before a successful
+	handshake.
+____________________________________________________________________________*/
+PGPError	PGPtlsGetNegotiatedCipherSuite( PGPtlsSessionRef ref,
+					PGPtlsCipherSuiteNum *outCipher );
+
+PGPError	PGPtlsGetState( PGPtlsSessionRef ref,
+					PGPtlsProtocolState *outState );
+
+/*____________________________________________________________________________
+	The following two functions process data through TLS.
+	
+	It is an error to call these functions without having set a
+	Read function pointer or Write function pointer.  Most applications
+	will never need to use these functions as the function pointers
+	are automatically configured by PGPsockets, and these functions
+	are automatically called by the PGPsockets implementations of
+	PGPWrite and PGPRead whenever a PGPtlsSessionRef has been set for
+	a given socket.
+____________________________________________________________________________*/
+PGPError	PGPtlsReceive( PGPtlsSessionRef ref,
+					void *			outBuffer,
+					PGPSize *		bufferSize );
+
+PGPError	PGPtlsSend( PGPtlsSessionRef ref,
+					const void *	inBuffer,
+					PGPSize 		inBufferLength );
+					
+PGPError	PGPtlsSetReceiveCallback( PGPtlsSessionRef	ref,
+					PGPtlsReceiveProcPtr	tlsReceiveProc,
+					void *					inData );
+
+PGPError	PGPtlsSetSendCallback( PGPtlsSessionRef ref,
+					PGPtlsSendProcPtr		tlsSendProc,
+					void *					inData );
+
+PGPError	PGPtlsSetPeekCallback( PGPtlsSessionRef	ref,
+					PGPtlsPeekProcPtr		tlsPeekProc,
+					void *					inData );
+
+/*____________________________________________________________________________
+	The following function is necessary *only* on a non-blocking socket.
+	If a call to PGPtlsSend returns kPGPError_TLSWouldBlock, call
+	the following function repeatedly until that error is no longer
+	returned in order to make sure data is sent.  Another call to
+	PGPtlsSend will also call this function automatically and queue
+	any new data if necessary.
+____________________________________________________________________________*/
+PGPError	PGPtlsSendQueueIdle( PGPtlsSessionRef ref );
+
+PGPSize		PGPtlsReceiveBufferSize( PGPtlsSessionRef	ref );
+
+/*____________________________________________________________________________
+	The following function gets the ID of the fatal alert which caused
+	the TLS session to abort and go into the kPGPtls_FatalErrorState.
+____________________________________________________________________________*/
+PGPError		PGPtlsGetAlert( PGPtlsSessionRef ref, PGPtlsAlert *outAlert );
+const PGPChar * PGPtlsGetAlertString( PGPtlsAlert alert );
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_PGPtls_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUserInterface.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUserInterface.h
new file mode 100644
index 0000000000..210f1656f2
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUserInterface.h
@@ -0,0 +1,284 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file contains the prototypes for functions which use UI to interact
+	with the user.
+
+	$Id: pgpUserInterface.h,v 1.21 2003/09/24 03:09:32 ajivsov Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpUserInterface_h	/* [ */
+#define Included_pgpUserInterface_h
+
+#include "pgpPubTypes.h"
+#include "pgpTLS.h"
+
+#if PGP_WIN32
+#include "windows.h"
+#endif
+
+PGP_BEGIN_C_DECLARATIONS
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k
+#endif
+
+enum PGPAdditionalRecipientRequestEnforcement_
+{
+	kPGPARREnforcement_Invalid	= 0,
+	kPGPARREnforcement_None		= 1,
+	kPGPARREnforcement_Warn		= 2,
+	kPGPARREnforcement_Strict	= 3,
+
+	PGP_ENUM_FORCE( PGPAdditionalRecipientRequestEnforcement_ )
+};
+PGPENUM_TYPEDEF( PGPAdditionalRecipientRequestEnforcement_,
+				PGPAdditionalRecipientRequestEnforcement );
+
+enum PGPRecipientSpecType_
+{
+	kPGPRecipientSpecType_Invalid	= 0,
+	kPGPRecipientSpecType_Key		= 1,
+	kPGPRecipientSpecType_UserID	= 2,
+	kPGPRecipientSpecType_KeyID		= 3,
+	
+	PGP_ENUM_FORCE( PGPRecipientSpecType_ )
+};
+PGPENUM_TYPEDEF( PGPRecipientSpecType_, PGPRecipientSpecType );
+
+enum PGPRecipientSpecFlags_
+{
+	kPGPRecipientSpecFlags_Locked	= (1UL << 0),
+	
+	PGP_ENUM_FORCE( PGPRecipientSpecFlags_ )
+};
+
+typedef PGPFlags	PGPRecipientSpecFlags;
+
+typedef struct PGPRecipientSpec
+{
+	PGPRecipientSpecType	type;
+	PGPRecipientSpecFlags	flags;
+	PGPUInt32				reserved32[3];	/* Must be zero */
+	
+	union
+	{
+		PGPKeyDBObjRef	key;
+		PGPChar8			userIDStr[256];		/* Null terminated string */
+		PGPKeyID		keyID;
+	} u;
+
+} PGPRecipientSpec;
+
+typedef struct PGPKeyServerSpec
+{
+	PGPKeyServerRef		server;
+	const PGPChar8		*serverName;	/* Optional */
+	const PGPChar8		*serverDomain;	/* Optional */
+
+} PGPKeyServerSpec;
+
+#if PGP_MACINTOSH
+#pragma options align=reset
+#endif
+
+PGPError	PGPRecipientDialog( PGPContextRef context, PGPKeyDBRef sourceKeys,
+					PGPBoolean alwaysDisplayDialog, PGPKeyDBRef *recipientKeys,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPPassphraseDialog( PGPContextRef context,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPConfirmationPassphraseDialog( PGPContextRef context,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPKeyPassphraseDialog( PGPContextRef context,
+					PGPKeyDBObjRef keyDBObject, PGPOptionListRef firstOption, ... );
+
+PGPError	PGPSigningPassphraseDialog( PGPContextRef context,
+					PGPKeyDBRef sourceKeys, PGPKeyDBObjRef *signingKey,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPDecryptionPassphraseDialog( PGPContextRef context,							
+					PGPKeySetRef recipientKeys, PGPUInt32 keyIDCount,
+					const PGPKeyID keyIDList[], PGPKeyDBObjRef *decryptionKey,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPConventionalEncryptionPassphraseDialog( PGPContextRef context,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPConventionalDecryptionPassphraseDialog( PGPContextRef context,							
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPOptionsDialog( PGPContextRef context,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPCollectRandomDataDialog( PGPContextRef context,
+					PGPUInt32 neededEntropyBits,
+					PGPOptionListRef firstOption, ... );
+
+PGPError	PGPSearchKeyServerDialog(
+					PGPContextRef 			context,
+					PGPUInt32				serverCount,
+					const PGPKeyServerSpec 	serverList[],
+					PGPtlsContextRef		tlsContext,
+					PGPBoolean				searchAllServers,
+					PGPKeyDBRef 			*foundKeys,
+					PGPOptionListRef 		firstOption, ... );
+
+PGPError	PGPSendToKeyServerDialog(
+					PGPContextRef 			context,
+					const PGPKeyServerSpec 	*server,
+					PGPtlsContextRef		tlsContext,
+					PGPKeySetRef 			keysToSend,
+					PGPKeySetRef 			*failedKeys,
+					PGPOptionListRef 		firstOption, ... );
+									
+/*
+** Returns a value in the range 0-100 which crudely estimates
+** the "quality" of a passphrase.
+*/
+
+#undef		PGPEstimatePassphraseQuality
+PGPUInt32	PGPEstimatePassphraseQuality( const PGPChar8 *passphrase );
+
+/* General dialog options */
+
+#undef				PGPOUIDialogPrompt
+PGPOptionListRef	PGPOUIDialogPrompt( PGPContextRef context,
+							const PGPChar8 *prompt );
+
+#undef				PGPOUIWindowTitle
+PGPOptionListRef	PGPOUIWindowTitle( PGPContextRef context,
+							const PGPChar8 *title );
+
+PGPOptionListRef	PGPOUIDialogOptions( PGPContextRef context,
+							PGPOptionListRef firstOption, ... );
+
+PGPOptionListRef	PGPOUIDialogContextHelpButton(PGPContextRef	context,	
+							PGPBoolean		showDialogContextHelpButton);
+
+#if PGP_WIN32
+PGPOptionListRef	PGPOUIParentWindowHandle( PGPContextRef context,
+							HWND hwndParent );
+#endif
+
+/* All passphrase dialogs */
+
+/* Caller should free passphrase with PGPFreeData() */
+#undef				PGPOUIOutputPassphrase
+PGPOptionListRef	PGPOUIOutputPassphrase( PGPContextRef context,
+							PGPChar8 **passphrase );
+
+PGPOptionListRef	PGPOUIMinimumPassphraseQuality( PGPContextRef context,
+							PGPUInt32 minimumPassphraseQuality );
+
+PGPOptionListRef	PGPOUIMinimumPassphraseLength( PGPContextRef context,
+							PGPUInt32 minimumPassphraseLength );
+
+/* Will cause the dialog to cancel if there has been no activity for x seconds */							
+PGPOptionListRef	PGPOUIDialogTimeout( PGPContextRef context,
+							PGPUInt32 seconds);
+
+/* PGPConfirmationPassphraseDialog() options */
+
+PGPOptionListRef	PGPOUIShowPassphraseQuality( PGPContextRef context,
+							PGPBoolean showPassphraseQuality );
+
+/* PGPSigningPassphraseDialog() and PGPDecryptionPassphraseDialog() options */
+
+PGPOptionListRef	PGPOUIDefaultKey( PGPContextRef context,
+							PGPKeyDBObjRef defaultKey );
+
+PGPOptionListRef	PGPOUIVerifyPassphrase( PGPContextRef context,
+							PGPBoolean verifyPassphrase );
+
+PGPOptionListRef	PGPOUIFindMatchingKey( PGPContextRef context,
+							PGPBoolean findMatchingKey );
+
+PGPOptionListRef	PGPOUITextUI( PGPContextRef context, PGPBoolean textUI );
+
+/* PGPRecipientDialog() options: */
+
+PGPOptionListRef	PGPOUIRecipientList( PGPContextRef context,
+							PGPUInt32 *recipientCount,
+							PGPRecipientSpec **recipientList );
+
+PGPOptionListRef	PGPOUIDefaultRecipients( PGPContextRef context,
+							PGPUInt32 recipientCount,
+							const PGPRecipientSpec recipientList[] );
+
+PGPOptionListRef	PGPOUIDisplayMarginalValidity( PGPContextRef context,
+							PGPBoolean displayMarginalValidity );
+
+PGPOptionListRef	PGPOUIIgnoreMarginalValidity( PGPContextRef context,
+							PGPBoolean ignoreMarginalValidity );
+
+PGPOptionListRef	PGPOUIEnforceAdditionalRecipientRequests(
+						PGPContextRef context,
+						PGPAdditionalRecipientRequestEnforcement enforcement,
+						PGPBoolean alwaysDisplayDialogWithARRs);
+
+/* PGPDecryptionPassphraseDialog() and PGPRecipientDialog() only: */
+
+PGPOptionListRef	PGPOUIKeyServerUpdateParams(PGPContextRef context,
+							PGPUInt32 				serverCount,
+							const PGPKeyServerSpec 	serverList[],
+							PGPtlsContextRef 		tlsContext,
+							PGPBoolean 				searchBeforeDisplay,
+							PGPKeyDBRef 			*foundKeys,
+							PGPOptionListRef 		firstOption, ...);
+
+/* Key server search dialog options */
+
+PGPOptionListRef	PGPOUIKeyServerSearchFilter(PGPContextRef context,
+							PGPFilterRef filter);
+
+PGPOptionListRef	PGPOUIKeyServerSearchKey(PGPContextRef context,
+							PGPKeyDBObjRef searchKeyObject);
+
+PGPOptionListRef	PGPOUIKeyServerSearchKeySet(PGPContextRef context,
+							PGPKeySetRef keySet);
+
+PGPOptionListRef	PGPOUIKeyServerSearchKeyIDList(PGPContextRef context,
+							PGPUInt32 keyIDCount, const PGPKeyID keyIDList[] );
+
+/*
+** These options are used to build the options dialog and are only
+** applicable for the PGPOptionsDialog() and PGPOUIDialogOptions() calls.
+** The "description" parameters are optional. 
+*/
+#undef				PGPOUICheckbox
+PGPOptionListRef	PGPOUICheckbox(PGPContextRef context, PGPUInt32 itemID,
+							const PGPChar8 *title, const PGPChar8 *description,
+							PGPUInt32 initialValue, PGPUInt32 *resultPtr,
+							PGPOptionListRef firstOption, ...);
+#undef				PGPOUIPopupList
+PGPOptionListRef	PGPOUIPopupList(PGPContextRef context, PGPUInt32 itemID,
+							const PGPChar8 *title, const PGPChar8 *description,
+							PGPUInt32 listItemCount, const PGPChar8 *listItems[],
+							PGPUInt32 initialValue, PGPUInt32 *resultPtr,
+							PGPOptionListRef firstOption, ...);
+							
+#if PGP_DEPRECATED
+
+#include "pgpGroups.h"
+
+PGPOptionListRef	PGPOUIRecipientGroups(PGPContextRef context,
+							PGPGroupSetRef groupSet);
+#endif
+
+PGP_END_C_DECLARATIONS
+
+#endif /* ] Included_pgpUserInterface_h */
+
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUtilities.h b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUtilities.h
new file mode 100644
index 0000000000..dc1ca20d62
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/include/pgpUtilities.h
@@ -0,0 +1,464 @@
+/*____________________________________________________________________________
+	Copyright (C) 2002 PGP Corporation
+	All rights reserved.
+	
+	This file contains miscellaneous utility functions needed for the PGPsdk.
+
+	$Id: pgpUtilities.h,v 1.54.2.1 2004/05/05 17:02:51 vinnie Exp $
+____________________________________________________________________________*/
+
+#ifndef Included_pgpUtilities_h	/* [ */
+#define Included_pgpUtilities_h
+
+#include <time.h>
+#include "pgpBase.h"
+#include "pflTypes.h"
+#include "pgpPubTypes.h"
+#include "pgpMemoryMgr.h"
+
+#if PGP_MACINTOSH	/* [ */
+#include <Files.h>
+#elif PGP_OSX
+	struct FSSpec;
+#endif	/* ] PGP_MACINTOSH */
+
+#if PGP_MACINTOSH
+#pragma options align=mac68k	/* [ */
+#endif
+
+enum
+{
+	kPGPsdk20APIVersion		= 0x01000000,
+	
+	kPGPsdkAPIVersion		= kPGPsdk20APIVersion
+};
+
+enum PGPNotificationReason_
+{
+	kPGPNotification_KeyDBChanged			= 0,
+	kPGPNotification_PassphraseCacheChanged	= 1,
+	
+	PGP_ENUM_FORCE( PGPNotificationReason_ )
+};
+
+PGPENUM_TYPEDEF( PGPNotificationReason_, PGPNotificationReason );
+
+typedef PFLLanguage PGPLanguage;
+
+enum PGPLanguage_
+{
+	kPGPLanguage_Default     = 0,
+	kPGPLanguage_English     = 1,
+	kPGPLanguage_Japanese    = 2,
+	kPGPLanguage_German      = 3,
+	kPGPLanguage_Spanish     = 4,
+	
+ 	PGP_ENUM_FORCE( PGPLanguage_ )
+};
+
+#if PGP_MACINTOSH || PGP_OSX	/* [ */
+
+#define kPGPMacFileCreator_PGPkeys			'pgpK'
+#define kPGPMacFileCreator_PGPtools			'pgpM'
+#define kPGPMacFileCreator_PGPnet			'PGPn'
+#define kPGPMacFileCreator_PGPdisk			'pgpD'
+#define kPGPMacFileCreator_PGPadmin			'PGPa'
+#define kPGPMacFileCreator_DecryptedBinary	'\?\?\?\?'
+#define kPGPMacFileCreator_DecryptedText	'ttxt'
+
+#define kPGPMacFileType_ArmorFile			'TEXT'
+#define kPGPMacFileType_EncryptedData		'pgEF'
+#define kPGPMacFileType_SignedData			'pgSF'
+#define kPGPMacFileType_DetachedSig			'pgDS'
+#define kPGPMacFileType_RandomSeed			'pgRS'
+#define kPGPMacFileType_PrivRing			'pgRR'
+#define kPGPMacFileType_PubRing				'pgPR'
+#define kPGPMacFileType_Groups				'pgGR'
+#define kPGPMacFileType_NetHosts			'pgHO'
+#define kPGPMacFileType_NetRules			'pgRU'
+#define kPGPMacFileType_Preferences			'pref'
+#define kPGPMacFileType_DecryptedText		'TEXT'
+#define kPGPMacFileType_DecryptedBinary		'BINA'
+#define kPGPMacFileType_KeyShares			'pgSK'
+#define kPGPMacFileType_Exported509Keys		'pgX5'
+
+#endif	/* ] PGP_MACINTOSH */
+
+PGP_BEGIN_C_DECLARATIONS
+
+/*____________________________________________________________________________
+	PGPsdk initialization
+
+	Call PGPsdkXXXInit() before using that particular library.
+	Call PGPsdkXXXCleanup() when you are done (but after disposing of any
+		PGPContexts).
+	
+	You may call PGPsdkXXXInit multiple times (with no effect), but be sure
+	to call the matching PGPsdkXXXCleanup() for each call to PGPsdkXXXInit().
+____________________________________________________________________________*/
+#define kPGPFlags_ForceLocalExecution	0x2
+#define kPGPFlags_SuppressCacheThread	0x4
+
+PGPError	PGPsdkInit( PGPFlags options ) ;
+PGPError	PGPsdkSetLanguage( PGPFileSpecRef langStringsHome, PGPLanguage lang );
+PGPError	PGPsdkCleanup( void );
+
+PGPError	PGPsdkNetworkLibInit( PGPFlags options );
+PGPError	PGPsdkNetworkLibCleanup( void );
+
+PGPError	PGPsdkUILibInit( PGPFlags options );
+PGPError	PGPsdkUILibCleanup( void );
+
+PGPError	PGPLoadPluginModule( PGPContextRef context,
+				PGPFileSpecRef moduleFile, PGPFileSpecRef sigFile,
+				PGPUInt32 *nCipher, PGPUInt32 *nHash, PGPUInt32 *nPubkey );
+
+
+/*____________________________________________________________________________
+	PGPsdk version information
+	
+	A version in the PGPsdk is expressed as follows:
+	
+	Major version (1 byte)
+	Minor version (1 byte)
+	Bug fix revision (1 byte)
+	Reserved (1 byte)
+	
+	example: 1.7.1 = 0x01070100		
+____________________________________________________________________________*/
+
+PGPUInt32	PGPGetPGPsdkVersion( void );
+
+/*____________________________________________________________________________
+	PGPsdk version string
+	
+	Return a C string of the form:
+
+	"PGPsdk 3.0 Copyright (C) 2003 PGP Corporation
+____________________________________________________________________________*/
+
+#undef 		PGPGetPGPsdkVersionString
+PGPError	PGPGetPGPsdkVersionString( PGPChar8 versionString[ 256 ] );
+
+/*____________________________________________________________________________
+	PGPsdk API version information
+	
+	The API version of the PGPsdk is distinct from the externally visible
+	version number. The API version is revised only when API changes are made,
+	while the external version is changed whenever any code is changed, API or
+	otherwise. The format of the API version is identical to the format of the
+	external version. A change in the major API version implies incompatability
+	with previous API versions while a change in the minor version implies API
+	additions which maintain backwards compatability.
+_____________________________________________________________________________*/
+
+PGPUInt32	PGPGetPGPsdkAPIVersion( void );
+
+/*____________________________________________________________________________
+	PGPsdk context manipulation
+_____________________________________________________________________________*/
+	
+typedef struct PGPCustomContextInfo
+{
+	PGPUInt32			sdkAPIVersion;	/* Use kPGPsdkAPIVersion */
+	PGPMemoryMgrRef		memoryMgr;
+	PGPUserValue		userValue;	
+
+} PGPCustomContextInfo;
+
+
+PGPError 	PGPNewContext( PGPUInt32 sdkAPIVersion, PGPContextRef *newContext );
+PGPError 	PGPNewContextCustom( const PGPCustomContextInfo *contextInfo,
+					PGPContextRef *newContext );
+
+PGPError 	PGPFreeContext( PGPContextRef context );
+
+PGPError 	PGPGetContextUserValue( PGPContextRef context,
+					PGPUserValue *userValue );
+PGPError 	PGPSetContextUserValue( PGPContextRef context,
+					PGPUserValue userValue );
+
+PGPError	PGPContextGetRandomBytes(PGPContextRef context,
+					void *buf, PGPSize len );
+
+PGPUInt32	PGPContextReserveRandomBytes(PGPContextRef context,
+					PGPUInt32 minSize );
+
+PGPMemoryMgrRef	PGPPeekContextMemoryMgr( PGPContextRef context );
+
+/*____________________________________________________________________________
+	PGP file management
+	
+	All files in PGP are represented using an opage data type PGPFileSpecRef.
+	These data types are created using a fully qualified path or, on the
+	Macintosh, an FSSpec. The 
+____________________________________________________________________________*/
+
+#if PGP_MACINTOSH || PGP_OSX	/* [ */
+
+PGPError 	PGPNewFileSpecFromFSSpec( PGPContextRef context, const struct FSSpec *spec,
+					PGPFileSpecRef *ref );
+PGPError 	PGPGetFSSpecFromFileSpec( PGPFileSpecRef fileRef, struct FSSpec *spec );
+
+#endif
+
+#if ! PGP_MACINTOSH
+
+#undef 		PGPNewFileSpecFromFullPath
+PGPError 	PGPNewFileSpecFromFullPath( PGPContextRef context,
+					const PGPChar8 *path, PGPFileSpecRef *ref );
+/*
+** The full path is an allocated object which needs to be deallocated with
+** PGPFreeData()
+*/
+
+#undef 		PGPGetFullPathFromFileSpec
+PGPError 	PGPGetFullPathFromFileSpec( PGPFileSpecRef fileRef,
+					PGPChar8 **fullPathPtr);
+
+#endif
+
+PGPError 	PGPCopyFileSpec( PGPFileSpecRef fileRef, PGPFileSpecRef *ref );
+PGPError 	PGPFreeFileSpec( PGPFileSpecRef fileRef );
+
+#undef 		PGPRenameFile
+PGPError	PGPRenameFile( PGPFileSpecRef fileRef, const PGPChar8 *newName );
+PGPError	PGPDeleteFile( PGPFileSpecRef fileRef );
+	
+/*____________________________________________________________________________
+	PGP time/date functions
+____________________________________________________________________________*/
+
+PGPTime 	PGPGetTime(void);
+
+/* these use time_t type as returned by time() in Std C libraries */
+time_t 		PGPGetStdTimeFromPGPTime( PGPTime theTime );
+PGPTime 	PGPGetPGPTimeFromStdTime( time_t theTime );
+
+/* year, month, day may be NULL if desired */
+void 		PGPGetYMDFromPGPTime( PGPTime theTime, PGPUInt16 *year,
+					PGPUInt16 *month, PGPUInt16 *day );
+
+#if PGP_MACINTOSH || PGP_OSX	/* [ */
+
+PGPUInt32 	PGPTimeToMacTime( PGPTime theTime );
+PGPTime 	PGPTimeFromMacTime( PGPUInt32 theTime );
+
+#endif	/* ] PGP_MACINTOSH */
+
+/*____________________________________________________________________________
+	MacBinary support
+
+	Examine the input file to see if it's a MacBinary file.  If it is
+	not a MacBinary file, then the original file is unaltered.
+	Otherwise, the file is converted and the original file is deleted.
+	
+	The resulting file is designated by 'outPGPSpec' and may have a different
+	name than the original.
+	
+	If the file is a TEXT file, appropriate line-end conversion is done.
+	
+	creator and type code pointers may be
+	null but otherwise contain the mac creator and type.
+	
+	This routine can be called on a Mac, but generally doesn't need to be.
+____________________________________________________________________________*/
+
+PGPError	PGPMacBinaryToLocal( PGPFileSpecRef inSpec,
+					PGPFileSpecRef * outSpec, PGPUInt32 * macCreator,
+					PGPUInt32 * macTypeCode );
+
+/*____________________________________________________________________________
+	Notification callbacks on PGPKeyDB changes from SDK Service
+_____________________________________________________________________________*/
+	
+typedef void (*PGPNotificationHandlerProc)( PGPUserValue userValue,
+											PGPNotificationReason reason,
+											PGPUInt32 param1,
+											PGPUInt32 param2 );
+
+PGPError	PGPSetNotificationCallback( PGPNotificationHandlerProc proc,
+					PGPUserValue userValue );
+
+/*____________________________________________________________________________
+Disk and File Wipe Pattern Support
+____________________________________________________________________________*/
+ 
+PGPError PGPNewWipePatternContext ( PGPContextRef				context,
+									PGPInt32					numPasses,
+									PGPWipePatternContextRef 	*outRef);
+
+/* fill a 1024 byte, long word alligned buffer with a pattern to wipe with */
+PGPError PGPWipePatternNext( PGPWipePatternContextRef   ref,
+							 void * buffer, PGPSize bufferSize);
+
+PGPError PGPWipePatternRewind( PGPWipePatternContextRef wipeRef);
+
+PGPError PGPFreeWipePatternContext(PGPWipePatternContextRef ref);
+ 
+PGPError PGPWipeFile( PGPContextRef   	context, 
+					  PGPInt32			numPasses,
+					  PGPOptionListRef 	firstOption, 
+					  ...);
+
+/*____________________________________________________________________________
+	PGP TAR/UnTAR functions that work with TAR cache
+____________________________________________________________________________*/
+ 
+enum PGPTARCacheObjAttributeType_
+{
+	kPGPTARCacheObjAttribute_Invalid	= 0,
+	kPGPTARCacheObjAttribute_File		= 1,
+	kPGPTARCacheObjAttribute_SymLink	= 2,
+ 	kPGPTARCacheObjAttribute_Directory  = 3,
+ 	kPGPTARCacheObjAttribute_Deleted    = 4,
+ 
+	PGP_ENUM_FORCE( PGPTARCacheObjAttributeType_ )
+} ;
+
+PGPENUM_TYPEDEF( PGPTARCacheObjAttributeType_, PGPTARCacheObjAttributeType );
+  
+enum PGPTARCacheObjProperty_
+{
+	kPGPTARCacheObjProperty_Invalid 				= 0,
+	
+	/* string properties */
+	kPGPTARCacheObjProperty_Name					= 100,
+	kPGPTARCacheObjProperty_User					= 101,
+	kPGPTARCacheObjProperty_Group					= 102,
+	kPGPTARCacheObjProperty_Contents				= 103,
+	kPGPTARCacheObjProperty_Link					= 104,
+	kPGPTARCacheObjProperty_Size					= 105,  /* PGPUInt64     */
+	kPGPTARCacheObjProperty_FilePos					= 106,  /* PGPFileOffset */
+
+	/* PGPTime properties */
+	kPGPTARCacheObjProperty_Date					= 200,
+	
+	/* Numeric properties */
+	kPGPTARCacheObjProperty_Mode					= 302,
+	kPGPTARCacheObjProperty_Attribute				= 303,
+
+	PGP_ENUM_FORCE( PGPTARCacheObjProperty_ )
+} ;
+
+PGPENUM_TYPEDEF( PGPTARCacheObjProperty_, PGPTARCacheObjProperty );
+enum PGPOpenTARCacheFileOptions_
+{
+	kPGPOpenTARCacheFileOptions_None		= 0,
+	kPGPOpenTARCacheFileOptions_Mutable		= (1UL << 0 ),
+	kPGPOpenTARCacheFileOptions_Create		= (1UL << 1 ),
+	kPGPOpenTARCacheFileOptions_PreloadAll  = (1UL << 2 ),
+
+	PGP_ENUM_FORCE( PGPOpenTARCacheFileOptions_ )
+} ;
+
+PGPENUM_TYPEDEF( PGPOpenTARCacheFileOptions_, PGPOpenTARCacheFileOptions );
+ 
+ 
+PGPError 	PGPOpenTARCacheFile( PGPContextRef 	context,
+				 PGPOpenTARCacheFileOptions options,
+							PGPFileSpecRef  tarcache,
+							void           	*sessionKey,
+							PGPSize			sessionKeyBufferSize,
+							PGPSize			*sessionKeySize,  /* can be NULL if not kPGPOpenTARCacheFileOptions_Create */ 
+							PGPTARCacheRef  *outRef,
+							PGPOptionListRef 	firstOption, 
+							...);
+
+PGPError	PGPFreeTARCache(PGPTARCacheRef ref);
+
+PGPError 	PGPNewTARCacheIter( PGPTARCacheRef tar, PGPTARCacheIterRef *outRef);
+	
+PGPError 	PGPFreeTARCacheIter( PGPTARCacheIterRef iter);
+
+PGPInt32 	PGPTARCacheIterIndex( PGPTARCacheIterRef iter);
+
+PGPError 	PGPTARCacheIterRewind( PGPTARCacheIterRef iter);
+  
+PGPError 	PGPTARCacheIterMove( PGPTARCacheIterRef iter, PGPInt32 relOffset, PGPTARCacheObjRef *outRef);
+ 
+PGPError 	PGPTARCacheIterNextTARCacheObj( PGPTARCacheIterRef iter, PGPTARCacheObjRef *outRef);
+
+PGPError 	PGPTARCacheIterPrevTARCacheObj( PGPTARCacheIterRef iter, PGPTARCacheObjRef *outRef);
+
+PGPError 	PGPTARCacheIterGetTARCacheObj( PGPTARCacheIterRef iter, PGPTARCacheObjRef *outRef);
+   
+PGPError 	PGPGetTARCacheObjNumericProperty( PGPTARCacheObjRef obj,
+					PGPTARCacheObjProperty whichProperty, PGPInt32 *prop );
+
+PGPError 	PGPGetTARCacheObjTimeProperty( PGPTARCacheObjRef obj,
+					PGPTARCacheObjProperty whichProperty, PGPTime *prop);
+ 
+ PGPError 	PGPGetTARCacheObjDataProperty( PGPTARCacheObjRef obj,
+					PGPTARCacheObjProperty whichProperty, void *buffer,
+					PGPSize bufferSize, PGPSize *dataSize);
+ 
+PGPError 	PGPGetTARCacheObjAllocatedDataProperty( PGPTARCacheObjRef obj,
+					PGPTARCacheObjProperty whichProperty, void **buffer,
+					PGPSize *dataSize);
+
+					
+PGPError 	PGPDeleteTARCacheObj( PGPTARCacheObjRef tarObj );
+ 
+PGPError 	PGPExportTARCacheObj( PGPTARCacheObjRef tarObj,
+								  PGPFileSpecRef  fileRef,
+								  PGPOptionListRef 	firstOption, 
+								  ...);
+
+					
+PGPError	PGPCountObjsInTARCache( PGPTARCacheRef ref, PGPUInt32 *numItems );
+
+PGPError 	PGPImportTARCacheObj( PGPTARCacheRef	tarCache,  
+								  PGPFileSpecRef	fileRef, 
+								  PGPTARCacheObjRef *outRef,
+ 								  PGPOptionListRef 	firstOption, 
+					  				...);
+
+/*____________________________________________________________________________
+FIPS 140-2 Support
+____________________________________________________________________________*/
+
+enum PGPsdkSelfTest_
+{
+	kPGPsdkSelfTest_Invalid		= 0,
+	kPGPsdkSelfTest_FirstTest   = 1,
+
+	kPGPsdkSelfTest_3DES 		= 1,
+	kPGPsdkSelfTest_DSA  		= 2,
+	kPGPsdkSelfTest_AES  		= 3,
+	kPGPsdkSelfTest_RSA  		= 4,
+	kPGPsdkSelfTest_SHA  		= 5,
+	kPGPsdkSelfTest_HMAC  		= 6,
+	kPGPsdkSelfTest_EC  		= 7,
+	kPGPsdkSelfTest_PRNG   		= 8,
+	kPGPsdkSelfTest_Integrity   = 9,
+
+	kPGPsdkSelfTest_LastTest	= kPGPsdkSelfTest_Integrity,
+
+	PGP_ENUM_FORCE( PGPsdkSelfTest_ )
+};
+
+PGPENUM_TYPEDEF( PGPsdkSelfTest_, PGPsdkSelfTest );
+
+PGPError	PGPEnableFIPSMode(void);
+PGPError	PGPGetSDKErrorState(void);
+PGPError	PGPResetSDKErrorState(void);
+PGPError	PGPRunSDKSelfTest(PGPsdkSelfTest whichTest);
+PGPError	PGPRunAllSDKSelfTests(void);
+
+PGP_END_C_DECLARATIONS
+
+#if PGP_MACINTOSH
+#pragma options align=reset			/* ] */
+#endif
+
+#endif /* ] Included_pgpUtilities_h */
+
+/*__Editor_settings____
+
+	Local Variables:
+	tab-width: 4
+	End:
+	vi: ts=4 sw=4
+	vim: si
+_____________________*/
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdk.lib b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdk.lib
new file mode 100644
index 0000000000..c0950deded
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdk.lib
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkNL.lib b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkNL.lib
new file mode 100644
index 0000000000..09b4a3463e
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkNL.lib
diff --git a/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkUI.lib b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkUI.lib
new file mode 100644
index 0000000000..9a9ae7f89c
--- /dev/null
+++ b/plugins/CryptoPP/src/PGPw/sdk8/lib/PGPsdkUI.lib