From a6543cd9f61a6c7f372163e156da698715b7be3e Mon Sep 17 00:00:00 2001
From: TRIKKSS <jansond80@gmail.com>
Date: Fri, 2 Jun 2023 09:38:38 +0200
Subject: [PATCH] first commit

---
 README.md                       |   46 +
 data/crypto_func_name.txt       | 4434 +++++++++++++++++++++++++++++++
 data/findcrypt3.rules           | 1561 +++++++++++
 data/suspicious_symbol_name.txt |    8 +
 findcrypt.py                    |   66 +
 requirements.txt                |    3 +
 6 files changed, 6118 insertions(+)
 create mode 100644 README.md
 create mode 100644 data/crypto_func_name.txt
 create mode 100644 data/findcrypt3.rules
 create mode 100644 data/suspicious_symbol_name.txt
 create mode 100644 findcrypt.py
 create mode 100644 requirements.txt

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..5b4c34e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,46 @@
+# FINDCRYPT - CLI
+
+## Installation
+
+```
+git clone https://github.com/TRIKKSS/findcrypt-cli.git
+cd findcrypt-cli
+python3 -m pip install -r requirements.txt
+```
+
+## Usage
+
+```
+python3 findcrypt.py [options] <file>
+```
+```
+positional arguments:
+  file            file to parse
+
+options:
+  -h, --help      show this help message and exit
+  -o, --offsets   print offsets of values found.
+  -f, --function  search for cryptographic functions (only ELF)
+```
+
+## Examples
+
+```
+python3 findcrypt.py -o ../Downloads/firmware.bin        2 ↵
+[~] parsing ../Downloads/firmware.bin
+[+] CRC32_poly_Constant found
+offsets : { 0x15174 }
+[+] SHA256_Constants found
+offsets : { 0x3c60, 0x3c6c, 0x3c78, 0x3c80, 0x3c88, 0x3c90, 0x3c64, 0x3c98 }
+[+] SHA512_Constants found
+offsets : { 0x14544, 0x1454c, 0x14554, 0x1455c, 0x14540 }
+```
+
+```
+python3 findcrypt.py -fo ../ctf/elf.bin
+[~] parsing ../ctf/elf.bin
+[~] searching for cryptographic functions ...
+  MD5_Final
+  MD5_Update
+  MD5_Init
+```
\ No newline at end of file
diff --git a/data/crypto_func_name.txt b/data/crypto_func_name.txt
new file mode 100644
index 0000000..0e4a83c
--- /dev/null
+++ b/data/crypto_func_name.txt
@@ -0,0 +1,4434 @@
+ASN1_VISIBLESTRING_new
+EVP_MD_CTX_md
+AES_cfb8_encrypt
+i2d_OCSP_RESPONSE
+ASIdentifierChoice_new
+EC_KEY_METHOD_set_verify
+X509_CRL_verify
+EC_KEY_set_public_key
+EVP_seed_cfb128
+TS_CONF_set_certs
+CMS_RecipientInfo_ktri_cert_cmp
+i2d_ADMISSIONS
+EC_KEY_set_enc_flags
+OSSL_STORE_LOADER_get0_engine
+DSA_get_default_method
+X509_STORE_CTX_get1_issuer
+DSO_load
+BN_get_rfc3526_prime_3072
+BN_nist_mod_256
+X509_STORE_CTX_set0_crls
+X509_STORE_CTX_purpose_inherit
+TS_MSG_IMPRINT_get_algo
+BN_rshift1
+EC_GROUP_new_from_ecpkparameters
+TS_REQ_get_version
+OPENSSL_LH_get_down_load
+PEM_write_RSAPublicKey
+OCSP_BASICRESP_it
+BN_X931_generate_prime_ex
+EVP_get_digestbyname
+X509_REQ_extension_nid
+TS_TST_INFO_get_policy_id
+EVP_PBE_alg_add_type
+TS_RESP_get_status_info
+EVP_aria_128_cfb128
+NETSCAPE_SPKAC_it
+OCSP_REQUEST_print
+ECPKPARAMETERS_free
+EVP_aes_192_gcm
+X509V3_add_value_uchar
+X509_VAL_new
+EVP_VerifyFinal
+EVP_PKEY_meth_get_digestverify
+EVP_PKEY_sign_init
+PKCS8_pkey_get0
+OBJ_NAME_get
+EDIPARTYNAME_new
+SCT_new_from_base64
+BN_GF2m_mod_mul_arr
+X509_ALGOR_free
+EVP_PKEY_CTX_ctrl_uint64
+OCSP_BASICRESP_get_ext_by_NID
+ASN1_TIME_print
+OSSL_STORE_LOADER_set_open
+PROFESSION_INFO_get0_addProfessionInfo
+PEM_write_bio_PKCS8_PRIV_KEY_INFO
+INT32_it
+ASN1_PCTX_set_oid_flags
+DIRECTORYSTRING_new
+X509_SIG_INFO_get
+d2i_PKCS12_MAC_DATA
+X509_VERIFY_PARAM_get_inh_flags
+MDC2_Init
+X509_CRL_set_version
+X509_STORE_get_check_revocation
+CRYPTO_cfb128_encrypt
+DIST_POINT_it
+d2i_TS_REQ
+GENERAL_NAMES_free
+ENGINE_get_pkey_meth_engine
+DH_check_params_ex
+CMS_unsigned_delete_attr
+EVP_CIPHER_CTX_buf_noconst
+CT_POLICY_EVAL_CTX_set_time
+RIPEMD160_Update
+TS_REQ_set_version
+X509_REQ_verify
+CONF_imodule_get_name
+EVP_PKEY_add1_attr
+ENGINE_get_static_state
+TS_CONF_set_ess_cert_id_chain
+BIO_socket_ioctl
+X509_VERIFY_PARAM_set_depth
+ASN1_STRING_type
+PKCS7_set_content
+RSA_padding_check_X931
+OPENSSL_1_1_0a
+EVP_PKEY_add1_attr_by_txt
+X509_STORE_CTX_get0_store
+X509_REVOKED_it
+X509_PURPOSE_get0
+EVP_DecodeFinal
+RSA_test_flags
+BIO_connect
+OPENSSL_1_1_0c
+EVP_MD_size
+CMAC_CTX_cleanup
+OPENSSL_1_1_0d
+conf_ssl_name_find
+EVP_MD_meth_get_flags
+OCSP_resp_get0_produced_at
+EVP_PKEY_decrypt_init
+i2d_ESS_CERT_ID
+OPENSSL_1_1_0f
+PEM_read_bio_CMS
+X509v3_get_ext_count
+EC_KEY_METHOD_get_verify
+ASN1_BMPSTRING_new
+OPENSSL_1_1_0g
+BIO_f_null
+OPENSSL_1_1_0h
+TS_MSG_IMPRINT_set_algo
+OPENSSL_1_1_0i
+X509_ATTRIBUTE_count
+SEED_decrypt
+OPENSSL_1_1_0j
+DHparams_print
+X509_STORE_CTX_set_default
+BIO_meth_new
+BF_decrypt
+OCSP_RESPID_match
+ASN1_generate_nconf
+EC_POINT_free
+IPAddressRange_free
+PKCS7_dataVerify
+X509_LOOKUP_free
+X509V3_parse_list
+UI_create_method
+EVP_MD_CTX_set_pkey_ctx
+SCT_set0_signature
+EVP_sm4_cbc
+RSA_meth_set_priv_enc
+EC_POINT_point2buf
+ASN1_ENUMERATED_get
+PBKDF2PARAM_it
+X509_REQ_free
+ERR_load_ASYNC_strings
+ENGINE_pkey_asn1_find_str
+X509_STORE_set_get_issuer
+EVP_PKEY_decrypt
+i2d_TS_MSG_IMPRINT_fp
+EVP_DecodeBlock
+ENGINE_register_DH
+PKCS7_add_recipient_info
+PKCS7_get_signed_attribute
+TS_RESP_dup
+EVP_PKEY_get_raw_private_key
+RAND_DRBG_generate
+X509_CRL_match
+CMS_RecipientInfo_kekri_id_cmp
+CMS_unsigned_get_attr_by_NID
+i2d_ASN1_NULL
+OSSL_STORE_INFO_new_CERT
+X509_NAME_new
+OCSP_ONEREQ_free
+PEM_write_bio
+ERR_load_DSA_strings
+OSSL_STORE_LOADER_set_ctrl
+X509_alias_set1
+X509_OBJECT_new
+ECPKPARAMETERS_new
+SXNET_free
+i2d_ECPrivateKey_bio
+Camellia_set_key
+EVP_CIPHER_meth_free
+OPENSSL_1_1_1b
+X509_LOOKUP_meth_get_free
+ENGINE_remove
+PKCS12_pack_p7data
+DSA_meth_set_bn_mod_exp
+EVP_aes_128_cbc_hmac_sha256
+EVP_CIPHER_block_size
+OPENSSL_1_1_1c
+CONF_dump_bio
+EC_KEY_set_flags
+EC_GROUP_check_discriminant
+OPENSSL_1_1_1d
+RAND_DRBG_set_defaults
+X509_LOOKUP_init
+d2i_PKCS7_fp
+UI_get_ex_data
+OPENSSL_1_1_1e
+EVP_PKEY_asn1_set_siginf
+OCSP_archive_cutoff_new
+PKCS12_SAFEBAG_get0_attr
+d2i_RSAPrivateKey_fp
+X509_PUBKEY_it
+PEM_read_bio
+OPENSSL_1_1_1h
+EVP_PKEY_get0_RSA
+OCSP_cert_status_str
+DES_string_to_2keys
+Camellia_cbc_encrypt
+EVP_rc2_40_cbc
+COMP_CTX_free
+ENGINE_set_table_flags
+SCT_free
+d2i_PKCS8PrivateKey_bio
+X509_NAME_ENTRY_create_by_txt
+EVP_aes_256_ofb
+X509_REQ_add1_attr_by_NID
+X509_REVOKED_set_revocationDate
+i2d_ESS_CERT_ID_V2
+i2o_SCT
+BIO_up_ref
+PKCS12_add_cert
+X509at_get0_data_by_OBJ
+BN_get_rfc3526_prime_8192
+PKCS7_SIGNER_INFO_set
+EVP_add_cipher
+RAND_OpenSSL
+DH_check_ex
+DH_meth_set1_name
+EVP_MD_CTX_clear_flags
+EVP_DecryptFinal
+d2i_RSA_PUBKEY
+X509_CRL_set_default_method
+d2i_PROXY_CERT_INFO_EXTENSION
+EVP_des_cfb1
+X509_VERIFY_PARAM_set1_name
+ENGINE_register_EC
+PKCS12_get_friendlyname
+EVP_cast5_cbc
+BIO_new_fd
+d2i_TS_RESP_fp
+ENGINE_register_all_DSA
+TS_RESP_CTX_set_accuracy
+EVP_PKEY_set_type_str
+OBJ_add_sigid
+X509_LOOKUP_meth_get_init
+EVP_camellia_256_cfb1
+X509_get_ext_by_critical
+DSA_get0_pub_key
+PEM_read_bio_X509_AUX
+OBJ_NAME_cleanup
+TS_STATUS_INFO_print_bio
+X509_NAME_digest
+OCSP_REQ_CTX_add1_header
+EVP_des_cfb8
+i2d_ESS_SIGNING_CERT_V2
+ADMISSION_SYNTAX_set0_admissionAuthority
+UI_set_ex_data
+TS_STATUS_INFO_dup
+TS_CONF_set_policies
+X509_LOOKUP_meth_get_shutdown
+d2i_X509_PUBKEY
+EVP_camellia_256_cfb8
+i2d_re_X509_tbs
+UI_ctrl
+RAND_DRBG_instantiate
+PKCS12_get_attr_gen
+CRYPTO_secure_malloc_initialized
+AES_unwrap_key
+ASN1_ANY_it
+BN_get0_nist_prime_192
+PEM_write_bio_X509_REQ_NEW
+BIO_new_fp
+DES_cbc_encrypt
+OCSP_RESPONSE_print
+IPAddressRange_new
+HMAC_Final
+EVP_CIPHER_CTX_copy
+DSO_bind_func
+BN_mod_exp_mont_consttime
+TS_RESP_CTX_set_serial_cb
+i2d_PKCS7_SIGNER_INFO
+BN_BLINDING_free
+TS_TST_INFO_delete_ext
+ERR_put_error
+OPENSSL_LH_insert
+PBKDF2PARAM_new
+d2i_PROXY_POLICY
+EVP_MD_meth_set_input_blocksize
+X509_REVOKED_set_serialNumber
+PEM_read_RSAPrivateKey
+X509_LOOKUP_meth_set_free
+DSA_meth_set_keygen
+ERR_load_CMS_strings
+EVP_PKEY_meth_get_encrypt
+CT_POLICY_EVAL_CTX_get0_issuer
+v2i_ASN1_BIT_STRING
+X509_CRL_get_meth_data
+DES_cfb64_encrypt
+CMS_decrypt_set1_password
+ASN1_UNIVERSALSTRING_new
+EVP_PKEY_asn1_get0
+BIO_new_file
+PKCS7_add_recipient
+BIO_vsnprintf
+EVP_PKEY_meth_set_verify
+CMS_ContentInfo_it
+CMS_SignerInfo_get0_md_ctx
+CMS_SignerInfo_cert_cmp
+ENGINE_set_default_pkey_meths
+EVP_MD_meth_set_result_size
+EVP_aria_192_ecb
+EVP_rc2_cfb64
+X509at_delete_attr
+TS_X509_ALGOR_print_bio
+OPENSSL_gmtime
+BN_copy
+EVP_CIPHER_CTX_clear_flags
+d2i_PKCS8_PRIV_KEY_INFO_fp
+BN_GF2m_mod_sqrt
+X509_OBJECT_idx_by_subject
+TS_CONF_load_certs
+EVP_PKEY_get0_EC_KEY
+PROXY_POLICY_free
+PEM_write_bio_DSA_PUBKEY
+PEM_read_bio_X509_CRL
+OCSP_ONEREQ_get_ext_count
+BIO_meth_set_write
+EC_curve_nid2nist
+PEM_write_PUBKEY
+EVP_rc2_cbc
+SCT_set_timestamp
+DHparams_print_fp
+X509_email_free
+POLICYINFO_free
+X509_LOOKUP_meth_set_init
+UI_OpenSSL
+OSSL_STORE_INFO_new_PKEY
+RSA_meth_set1_name
+ENGINE_register_all_pkey_asn1_meths
+DSA_meth_set1_name
+X509_TRUST_set
+SHA512_Update
+NCONF_get_number_e
+EC_GROUP_get_ecpkparameters
+WHIRLPOOL_BitUpdate
+DSA_meth_get_paramgen
+ESS_CERT_ID_free
+X509_add_ext
+OSSL_STORE_LOADER_free
+X509_CRL_get_issuer
+EVP_aes_192_cfb1
+ASN1_PCTX_new
+i2s_ASN1_IA5STRING
+ERR_load_OCSP_strings
+OPENSSL_thread_stop
+CT_POLICY_EVAL_CTX_new
+UI_method_get_ex_data
+COMP_get_name
+X509_new
+PEM_def_callback
+BN_ucmp
+RSA_setup_blinding
+CERTIFICATEPOLICIES_free
+ASN1_OBJECT_new
+CRYPTO_xts128_encrypt
+b2i_PrivateKey_bio
+WHIRLPOOL_Init
+EVP_aes_192_cfb8
+TS_REQ_add_ext
+X509_REVOKED_get_ext
+BIO_f_nbio_test
+CMS_RecipientInfo_ktri_get0_signer_id
+X509v3_asid_add_inherit
+X509_get0_authority_issuer
+X509_VERIFY_PARAM_get_auth_level
+EC_GROUP_get0_generator
+BIO_ADDRINFO_protocol
+DH_OpenSSL
+EVP_PKEY_print_private
+d2i_NETSCAPE_SPKAC
+EVP_CIPHER_meth_new
+EVP_MD_CTX_copy
+i2d_PKCS12_SAFEBAG
+BN_BLINDING_unlock
+X509_ALGORS_it
+d2i_OCSP_SIGNATURE
+DSA_meth_get_keygen
+DES_fcrypt
+i2d_PUBKEY
+BIO_ctrl_wpending
+BIO_sock_non_fatal_error
+ASN1_GENERALIZEDTIME_new
+d2i_X509_REVOKED
+EVP_DigestVerify
+X509_set1_notAfter
+X509_REQ_delete_attr
+DH_meth_new
+EVP_PKEY_meth_get_check
+BN_get0_nist_prime_521
+EVP_PKEY_meth_get_verify
+PKCS7_ENVELOPE_it
+TS_REQ_get_ext_count
+i2d_PKCS7_ENCRYPT
+i2v_ASN1_BIT_STRING
+UI_method_set_ex_data
+PKCS12_MAC_DATA_new
+PKCS12_unpack_authsafes
+NCONF_dump_fp
+OCSP_SINGLERESP_get_ext
+UI_construct_prompt
+OSSL_STORE_SEARCH_by_key_fingerprint
+BUF_MEM_new_ex
+EVP_CIPHER_CTX_iv_length
+d2i_OCSP_RESPID
+EVP_MD_meth_set_update
+ERR_set_error_data
+ZUINT64_it
+RAND_DRBG_set_reseed_time_interval
+ENGINE_get_cipher_engine
+RAND_priv_bytes
+RSA_get_method
+ASN1_GENERALIZEDTIME_adj
+PEM_write_RSA_PUBKEY
+ASN1_GENERALIZEDTIME_print
+ERR_add_error_vdata
+ASN1_UTCTIME_check
+d2i_IPAddressOrRange
+X509_STORE_add_crl
+X509_get_version
+X509_ATTRIBUTE_set1_data
+ASN1_STRING_dup
+BN_BLINDING_is_current_thread
+ENGINE_unregister_RSA
+EVP_OpenFinal
+MDC2_Update
+EVP_PKEY_new_raw_private_key
+EVP_PBE_alg_add
+DHparams_it
+AES_ige_encrypt
+X509_VERIFY_PARAM_clear_flags
+BN_MONT_CTX_set_locked
+CRYPTO_cfb128_8_encrypt
+CMAC_CTX_get0_cipher_ctx
+UI_get_input_flags
+PKCS12_BAGS_free
+BN_X931_generate_Xpq
+X509_get_ext_by_OBJ
+CMS_EncryptedData_encrypt
+PEM_read_bio_NETSCAPE_CERT_SEQUENCE
+OCSP_id_get0_info
+d2i_TS_STATUS_INFO
+EC_GROUP_set_curve_GFp
+X509_gmtime_adj
+OCSP_REQUEST_free
+BN_GF2m_mod_sqr
+CONF_get_section
+TS_CONF_set_clock_precision_digits
+i2d_RSA_PUBKEY
+EC_GROUP_get_pentanomial_basis
+d2i_TS_RESP
+PEM_read_bio_DSAPrivateKey
+DSA_get0_engine
+X509_POLICY_NODE_print
+i2d_TS_RESP_fp
+ASN1_BIT_STRING_set_asc
+PKCS12_add_key
+PEM_read_bio_RSAPublicKey
+EVP_camellia_192_ofb
+i2b_PublicKey_bio
+BN_BLINDING_new
+EVP_PKEY_asn1_add0
+PEM_read_bio_DSA_PUBKEY
+MD5_Final
+EC_POINT_bn2point
+PBE2PARAM_new
+PKCS12_SAFEBAG_get_nid
+DSA_sign_setup
+EVP_PKEY_set_alias_type
+ASN1_SEQUENCE_it
+EVP_PKEY_meth_set_public_check
+BIO_meth_get_callback_ctrl
+DH_bits
+BN_mod_lshift1
+EVP_MD_meth_new
+CMS_add1_recipient_cert
+OPENSSL_sk_zero
+CMS_SignerInfo_sign
+X509at_get_attr
+RSA_padding_check_PKCS1_OAEP_mgf1
+ASN1_str2mask
+DSA_set_default_method
+EVP_aes_256_xts
+HMAC_CTX_new
+ERR_get_error
+ADMISSION_SYNTAX_get0_contentsOfAdmissions
+EVP_whirlpool
+ESS_SIGNING_CERT_dup
+CRYPTO_dup_ex_data
+X509_EXTENSION_dup
+BIO_listen
+X509_CRL_sign
+BUF_reverse
+X509_CRL_sign_ctx
+X509_STORE_new
+TS_MSG_IMPRINT_free
+ASN1_STRING_data
+EVP_set_pw_prompt
+X509v3_delete_ext
+BIO_meth_get_puts
+EVP_Cipher
+OCSP_ONEREQ_get_ext_by_NID
+EVP_DigestVerifyInit
+EVP_MD_meth_get_update
+EC_GROUP_method_of
+OPENSSL_sk_delete
+i2d_ASN1_BIT_STRING
+BN_mod_lshift
+IPAddressChoice_it
+X509_CRL_get_ext_d2i
+CMS_RecipientInfo_decrypt
+X509_VERIFY_PARAM_new
+i2d_X509
+BN_get0_nist_prime_384
+d2i_ASN1_BMPSTRING
+BIO_socket
+v2i_GENERAL_NAME_ex
+UI_dup_info_string
+BN_BLINDING_update
+OBJ_NAME_remove
+BIO_pop
+i2d_PKCS8_PRIV_KEY_INFO
+CMS_RecipientInfo_type
+GENERAL_NAME_set0_value
+DSA_print_fp
+EVP_PKEY_get_raw_public_key
+X509_get0_notBefore
+CTLOG_new
+TS_REQ_get_policy_id
+ASN1_PCTX_get_nm_flags
+PKCS7_signatureVerify
+RSA_sign
+EVP_PKEY_asn1_add_alias
+ENGINE_register_RSA
+ASN1_ENUMERATED_it
+OBJ_txt2nid
+X509v3_addr_get_range
+X509_STORE_CTX_set_verify_cb
+OCSP_resp_get0_signature
+EVP_aes_128_cbc
+ASN1_BMPSTRING_free
+d2i_PKCS7_SIGNED
+ENGINE_get_ctrl_function
+i2d_ASN1_GENERALSTRING
+ESS_CERT_ID_dup
+i2d_DHparams
+DSO_global_lookup
+EVP_PKEY_asn1_free
+TXT_DB_read
+EVP_sm4_ecb
+CRYPTO_THREAD_get_local
+EVP_enc_null
+MD4
+TS_RESP_CTX_set_signer_cert
+BASIC_CONSTRAINTS_new
+POLICY_MAPPING_free
+MD5
+X509_VERIFY_PARAM_get_count
+ENGINE_unregister_DH
+ENGINE_register_all_DH
+EC_KEY_up_ref
+OCSP_CERTSTATUS_new
+CONF_get_string
+SRP_Verify_B_mod_N
+NETSCAPE_SPKI_it
+BN_GF2m_mod_inv_arr
+UI_destroy_method
+PEM_read_EC_PUBKEY
+OCSP_BASICRESP_get_ext_by_critical
+EVP_PKEY_CTX_get_data
+TS_ACCURACY_set_millis
+ASN1_mbstring_ncopy
+EVP_DecryptInit
+ASN1_ENUMERATED_to_BN
+EVP_idea_cfb64
+EC_GROUP_get0_order
+X509_NAME_add_entry_by_NID
+i2d_ASRange
+UI_UTIL_wrap_read_pem_callback
+EC_KEY_oct2priv
+NAMING_AUTHORITY_set0_authorityId
+RSA_meth_get_sign
+ASN1_INTEGER_set_uint64
+PEM_ASN1_read
+i2d_ASN1_SEQUENCE_ANY
+BIO_meth_set_puts
+EVP_md5_sha1
+UI_method_set_reader
+d2i_PKCS7_DIGEST
+OBJ_bsearch_ex_
+PEM_do_header
+UI_null
+NAMING_AUTHORITY_get0_authorityURL
+X509_get_proxy_pathlen
+BN_is_odd
+PEM_write_bio_DHparams
+i2d_PKCS7_SIGN_ENVELOPE
+OCSP_basic_add1_status
+ASN1_ITEM_lookup
+SCT_get_log_entry_type
+BN_GF2m_mod_exp_arr
+ASN1_TYPE_set
+i2d_DSA_PUBKEY_fp
+TS_CONF_set_serial
+INT64_it
+_shadow_DES_check_key
+WHIRLPOOL_Final
+EVP_MD_CTX_md_data
+NAME_CONSTRAINTS_check
+PKCS5_PBKDF2_HMAC_SHA1
+DSA_security_bits
+ASN1_STRING_get0_data
+TS_RESP_CTX_set_signer_key
+EC_GFp_nistp256_method
+RSA_X931_derive_ex
+EVP_sm4_cfb128
+i2d_OCSP_CERTSTATUS
+OCSP_REQUEST_get_ext_by_critical
+EVP_MD_type
+ENGINE_set_id
+ENGINE_unregister_EC
+DES_check_key_parity
+EC_POINT_set_affine_coordinates_GF2m
+EVP_PKEY_asn1_set_free
+OCSP_SINGLERESP_delete_ext
+UI_set_method
+LONG_it
+ENGINE_register_all_EC
+PKCS7_ENC_CONTENT_it
+i2d_CMS_bio
+EVP_cast5_ecb
+PKCS7_ENC_CONTENT_free
+PKCS8_encrypt
+X509_NAME_add_entry
+CONF_imodule_set_flags
+ASN1_UTCTIME_cmp_time_t
+PEM_X509_INFO_read_bio
+EVP_aes_128_ccm
+RSA_private_decrypt
+PKCS7_ISSUER_AND_SERIAL_it
+X509_VERIFY_PARAM_move_peername
+ENGINE_set_default_DH
+o2i_ECPublicKey
+d2i_OCSP_CERTID
+EVP_rc4
+X509at_add1_attr_by_OBJ
+RSA_get_ex_data
+o2i_SCT
+TS_RESP_new
+SHA1_Init
+DSA_free
+EVP_PKEY_asn1_set_public_check
+X509_LOOKUP_set_method_data
+EC_KEY_METHOD_get_sign
+X509_verify_cert
+CTLOG_free
+CRYPTO_gcm128_finish
+EVP_aria_192_gcm
+X509_REQ_get_extension_nids
+EVP_PKEY_param_check
+OSSL_STORE_open
+X509_NAME_hash_old
+OSSL_STORE_close
+EVP_aes_192_ctr
+d2i_X509_EXTENSIONS
+X509_PURPOSE_cleanup
+EVP_PKEY_CTX_set_data
+OCSP_REQINFO_it
+TS_REQ_set_msg_imprint
+X509_free
+EVP_CIPHER_iv_length
+BN_GF2m_arr2poly
+ENGINE_register_all_ciphers
+RSA_meth_set_sign
+d2i_ASN1_UTCTIME
+TS_ACCURACY_get_millis
+EVP_PKEY_get0_asn1
+DSA_SIG_new
+DSA_meth_dup
+TS_RESP_CTX_set_time_cb
+BN_bn2binpad
+X509_PURPOSE_set
+DH_meth_get_bn_mod_exp
+EC_POINT_set_compressed_coordinates_GFp
+ASN1_INTEGER_get_uint64
+X509_check_ip_asc
+PKCS12_unpack_p7encdata
+PKEY_USAGE_PERIOD_new
+d2i_RSA_PSS_PARAMS
+OCSP_REQUEST_delete_ext
+EVP_PKEY_encrypt
+IPAddressFamily_it
+d2i_ASN1_OCTET_STRING
+MDC2_Final
+X509_REQ_get_X509_PUBKEY
+ASN1_INTEGER_set_int64
+X509_NAME_get0_der
+X509_check_purpose
+DIST_POINT_NAME_free
+RSA_set_ex_data
+PEM_read_bio_PKCS7
+PKCS7_to_TS_TST_INFO
+X509_VERIFY_PARAM_add1_host
+OSSL_STORE_LOADER_set_find
+EVP_PKEY_meth_get0
+PEM_read_bio_PKCS8
+BIO_hex_string
+USERNOTICE_new
+ENGINE_set_default_EC
+BIO_set_shutdown
+DSA_meth_get0_app_data
+i2t_ASN1_OBJECT
+TS_REQ_get_ext_by_OBJ
+BN_GENCB_set
+PEM_SignFinal
+ENGINE_get_last
+ASN1_TYPE_set1
+CONF_parse_list
+d2i_ASN1_INTEGER
+EVP_PKEY_derive_set_peer
+DSA_SIG_get0
+DH_get0_g
+CMS_add0_recipient_key
+EVP_CIPHER_meth_set_flags
+EVP_PKEY_derive
+BN_exp
+OCSP_ONEREQ_delete_ext
+COMP_get_type
+EVP_rc2_ecb
+OCSP_single_get0_status
+EC_KEY_precompute_mult
+SCRYPT_PARAMS_new
+TS_STATUS_INFO_new
+UI_get_method
+ECPARAMETERS_free
+ASN1_add_stable_module
+CMAC_CTX_free
+OCSP_cert_id_new
+EVP_PKEY_cmp
+DH_get0_p
+DH_set_method
+ASN1_PRINTABLE_it
+DH_get0_q
+SMIME_write_PKCS7
+OCSP_request_add0_id
+i2d_PKCS8_PRIV_KEY_INFO_fp
+BN_lshift1
+EC_KEY_METHOD_set_sign
+RAND_DRBG_new
+BN_GENCB_call
+EVP_bf_ofb
+ENGINE_get_pkey_meths
+d2i_DSAparams
+RSA_padding_add_SSLv23
+X509_TRUST_get_count
+X509_check_host
+X509_OBJECT_get0_X509
+RSA_meth_get_mod_exp
+CMS_unsigned_get_attr
+i2d_OCSP_ONEREQ
+X509_chain_check_suiteb
+OSSL_STORE_ctrl
+BIO_get_host_ip
+ASN1_OCTET_STRING_cmp
+CRYPTO_mem_ctrl
+DH_meth_free
+d2i_PKCS7_ENC_CONTENT
+TS_TST_INFO_set_nonce
+ADMISSIONS_get0_professionInfos
+X509_CRL_get_signature_nid
+RAND_DRBG_uninstantiate
+CRYPTO_THREAD_unlock
+DH_get_default_method
+ASIdentifiers_free
+ENGINE_set_load_privkey_function
+USERNOTICE_it
+OCSP_RESPID_free
+OCSP_CERTSTATUS_free
+X509_STORE_CTX_get_check_policy
+BN_RECP_CTX_set
+BN_generate_prime
+EVP_camellia_128_ctr
+CRYPTO_secure_clear_free
+d2i_OCSP_REQUEST
+ERR_load_strings_const
+i2d_ECPrivateKey
+EVP_camellia_192_cfb1
+i2d_ASIdOrRange
+X509_REQ_add_extensions_nid
+CMS_signed_get_attr_count
+PEM_read_ECPrivateKey
+EVP_PBE_CipherInit
+EVP_PKEY_meth_get_init
+OCSP_check_nonce
+PROXY_CERT_INFO_EXTENSION_it
+d2i_IPAddressRange
+X509_CRL_get_ext
+EVP_CIPHER_asn1_to_param
+ASN1_item_ex_i2d
+BIO_get_callback_ex
+SCT_get_version
+RSA_meth_set_mod_exp
+BN_mod_sub_quick
+EXTENDED_KEY_USAGE_new
+DSA_generate_key
+EC_POINT_set_Jprojective_coordinates_GFp
+PROXY_CERT_INFO_EXTENSION_free
+EVP_camellia_192_cfb8
+i2d_TS_TST_INFO
+OCSP_SERVICELOC_it
+ASN1_TIME_normalize
+EVP_des_ede_cfb64
+BN_is_bit_set
+CT_POLICY_EVAL_CTX_free
+X509_get_X509_PUBKEY
+CONF_set_nconf
+ASN1_GENERALIZEDTIME_free
+CAST_cfb64_encrypt
+PKCS7_final
+d2i_DHparams
+Camellia_cfb128_encrypt
+DES_crypt
+DH_get_1024_160
+i2d_POLICYQUALINFO
+ENGINE_get_finish_function
+X509at_get_attr_by_NID
+GENERAL_NAME_free
+ASN1_INTEGER_free
+ENGINE_get_ciphers
+a2i_ASN1_STRING
+i2d_X509_ATTRIBUTE
+IPAddressOrRange_it
+ENGINE_set_cmd_defns
+RSA_meth_set_flags
+DSA_meth_set_flags
+HMAC_CTX_reset
+X509_STORE_set_check_crl
+X509_NAME_print_ex
+ASN1_TIME_set_string
+ASYNC_WAIT_CTX_clear_fd
+EVP_MD_CTX_reset
+BN_BLINDING_convert_ex
+BN_MONT_CTX_new
+TS_TST_INFO_get_version
+TLS_FEATURE_new
+OSSL_STORE_supports_search
+TS_REQ_get_nonce
+RAND_pseudo_bytes
+RSA_get0_key
+ASN1_BIT_STRING_num_asc
+EC_GROUP_get_curve_GF2m
+PKCS7_get0_signers
+d2i_EDIPARTYNAME
+PKCS7_SIGNER_INFO_it
+Camellia_ecb_encrypt
+UI_UTIL_read_pw
+X509_STORE_set_purpose
+DSA_verify
+PKCS12_get_attr
+EVP_des_ede3_wrap
+SCT_set_version
+ASN1_UTCTIME_print
+EVP_PKEY_meth_add0
+ENGINE_set_default_RSA
+UI_method_get_data_destructor
+TS_ACCURACY_set_micros
+Camellia_cfb1_encrypt
+DSO_METHOD_openssl
+ERR_get_state
+EVP_MD_meth_get_ctrl
+DSO_new
+EVP_PKEY_meth_new
+ENGINE_set_ciphers
+OCSP_BASICRESP_get_ext_count
+ASYNC_cleanup_thread
+ENGINE_by_id
+DH_meth_set_generate_key
+EVP_PKEY_cmp_parameters
+PEM_write_bio_ECPrivateKey
+EVP_PKEY_meth_set_init
+UI_method_set_opener
+EC_GROUP_new_from_ecparameters
+OSSL_STORE_INFO_get1_PARAMS
+ASN1_STRING_new
+PKCS7_add_attribute
+TS_TST_INFO_set_version
+BN_set_bit
+EVP_DigestFinalXOF
+PEM_write_DSAparams
+RC2_cbc_encrypt
+EVP_blake2b512
+EC_GROUP_set_seed
+CMS_RecipientInfo_kari_get0_ctx
+TS_RESP_verify_token
+PKCS8_PRIV_KEY_INFO_new
+EC_POINTs_make_affine
+X509V3_EXT_add_alias
+CMS_add_simple_smimecap
+RSA_pkey_ctx_ctrl
+DES_ecb_encrypt
+BN_mod_exp
+EC_KEY_get_ex_data
+EVP_CIPHER_meth_set_get_asn1_params
+ENGINE_get_DH
+OBJ_get0_data
+X509_CRL_get0_lastUpdate
+EVP_shake128
+X509V3_EXT_add_nconf
+PEM_X509_INFO_read
+TS_ASN1_INTEGER_print_bio
+DES_encrypt1
+ENGINE_set_RSA
+i2a_ASN1_STRING
+DES_encrypt2
+EC_POINT_cmp
+DES_encrypt3
+TS_RESP_CTX_set_def_policy
+PROFESSION_INFO_set0_registrationNumber
+X509_ocspid_print
+EVP_aes_128_ecb
+PKCS12_key_gen_uni
+i2d_EC_PUBKEY_bio
+BN_BLINDING_create_param
+OCSP_request_sign
+ERR_load_EC_strings
+EC_KEY_generate_key
+DH_get_2048_224
+DH_new_method
+RSA_set0_key
+X509_REQ_add1_attr_by_txt
+BIO_meth_get_write_ex
+DISPLAYTEXT_it
+OCSP_RESPDATA_new
+EVP_sha3_512
+TS_TST_INFO_print_bio
+EC_KEY_set_public_key_affine_coordinates
+CMS_ReceiptRequest_free
+RAND_DRBG_get0_private
+CMS_ReceiptRequest_create0
+ASN1_BIT_STRING_set
+i2d_X509_CRL_INFO
+UI_add_error_string
+X509_STORE_up_ref
+X509_policy_node_get0_parent
+ERR_unload_strings
+BN_GF2m_mod_sqr_arr
+EVP_PKEY_paramgen_init
+ERR_load_BN_strings
+OCSP_ONEREQ_new
+X509_CRL_get0_nextUpdate
+EVP_PKEY_meth_free
+ESS_SIGNING_CERT_new
+TS_STATUS_INFO_get0_failure_info
+PKCS12_SAFEBAG_get0_pkcs8
+BIO_meth_set_write_ex
+UI_get0_result_string
+CMS_EncryptedData_set1_key
+d2i_PKCS8PrivateKey_fp
+CRYPTO_ocb128_init
+CRYPTO_ocb128_copy_ctx
+OCSP_REQ_CTX_i2d
+X509_EXTENSION_new
+i2d_DSA_SIG
+EC_KEY_set_ex_data
+TS_RESP_CTX_add_md
+OSSL_STORE_SEARCH_free
+EVP_aes_128_cbc_hmac_sha1
+i2d_ASN1_ENUMERATED
+EVP_MD_meth_get_result_size
+PROFESSION_INFO_set0_professionItems
+b2i_PublicKey
+RSA_get0_factors
+TS_ACCURACY_get_micros
+ASRange_free
+DSA_SIG_free
+TS_CONF_load_key
+PKCS5_PBE_add
+ENGINE_get_EC
+EC_GROUP_new_curve_GF2m
+BN_swap
+X509_LOOKUP_by_issuer_serial
+SCRYPT_PARAMS_free
+OpenSSL_version_num
+RSA_blinding_on
+X509_NAME_ENTRY_set_object
+SRP_Calc_A
+X509_STORE_CTX_get_by_subject
+X509v3_addr_add_inherit
+OTHERNAME_it
+SRP_Calc_B
+X509_ATTRIBUTE_free
+TS_TST_INFO_set_accuracy
+ASN1_GENERALIZEDTIME_it
+TS_RESP_CTX_get_request
+AES_bi_ige_encrypt
+d2i_X509_CERT_AUX
+ERR_load_CT_strings
+X509_policy_level_node_count
+BIO_push
+BN_GENCB_set_old
+X509V3_NAME_from_section
+PKCS7_simple_smimecap
+SCT_set1_signature
+ECParameters_print
+OPENSSL_LH_retrieve
+X509_INFO_new
+BIO_get_new_index
+OCSP_crl_reason_str
+AUTHORITY_KEYID_new
+EVP_PKEY_sign
+UI_method_set_writer
+EVP_CIPHER_CTX_block_size
+EC_POINT_make_affine
+MD4_Final
+SCT_validation_status_string
+ESS_CERT_ID_new
+BIO_lookup
+OPENSSL_sk_set
+ISSUING_DIST_POINT_free
+EVP_PKEY_CTX_str2ctrl
+CRYPTO_free_ex_data
+BN_nnmod
+DSA_meth_set_finish
+ERR_load_EVP_strings
+i2o_SCT_LIST
+POLICY_MAPPING_new
+OSSL_STORE_INFO_new_CRL
+CMS_RecipientInfo_encrypt
+OCSP_response_status_str
+PKCS5_v2_scrypt_keyivgen
+i2d_PKCS8PrivateKeyInfo_fp
+d2i_NETSCAPE_CERT_SEQUENCE
+EC_KEY_get0_private_key
+i2d_re_X509_REQ_tbs
+d2i_ASN1_NULL
+EVP_PBE_find
+EC_KEY_check_key
+EVP_PKEY_set1_EC_KEY
+i2d_OCSP_REQINFO
+ECPKPARAMETERS_it
+DSA_clear_flags
+OTHERNAME_new
+EVP_PKEY_meth_get_paramgen
+PEM_write_NETSCAPE_CERT_SEQUENCE
+X509_CRL_set1_lastUpdate
+SCT_validate
+DES_set_odd_parity
+BIO_get_port
+X509V3_EXT_d2i
+d2i_X509_REQ_fp
+UI_add_info_string
+RSA_padding_check_none
+X509_CRL_dup
+EVP_DigestFinal
+RSA_get0_multi_prime_factors
+BIO_set_callback
+a2i_IPADDRESS
+EVP_aes_128_cfb128
+i2d_DSAPrivateKey_bio
+X509_LOOKUP_ctrl
+BN_get_rfc3526_prime_1536
+X509_CRL_set_meth_data
+BN_is_prime_fasttest
+SEED_set_key
+i2d_AUTHORITY_KEYID
+NCONF_load
+ENGINE_load_ssl_client_cert
+X509_cmp_current_time
+BF_set_key
+ERR_load_DH_strings
+CMS_SignerInfo_get0_pkey_ctx
+RSA_verify_PKCS1_PSS_mgf1
+i2d_PublicKey
+Camellia_encrypt
+X509_SIG_it
+RSA_set0_multi_prime_params
+CONF_modules_load
+EVP_aes_256_cfb1
+X509_NAME_ENTRY_get_object
+ENGINE_ctrl_cmd_string
+ASN1_TYPE_pack_sequence
+X509_get_default_cert_file_env
+EVP_PKEY_meth_get_verify_recover
+X509_CRL_set1_nextUpdate
+BIO_write
+NCONF_dump_bio
+CMS_unsigned_add1_attr_by_NID
+i2d_TS_TST_INFO_fp
+EVP_aes_256_cfb8
+BIO_puts
+TS_RESP_CTX_set_signer_digest
+SRP_Calc_u
+X509_issuer_name_cmp
+ERR_error_string
+X509_VERIFY_PARAM_get_time
+BN_GENCB_free
+ESS_SIGNING_CERT_free
+X509_LOOKUP_meth_get_ctrl
+ASN1_dup
+SRP_Calc_x
+EVP_PKEY_missing_parameters
+OCSP_resp_get0_tbs_sigalg
+d2i_ISSUING_DIST_POINT
+EC_GROUP_clear_free
+OBJ_length
+d2i_X509_fp
+PKCS7_add_signer
+DES_set_key_unchecked
+SRP_Verify_A_mod_N
+OCSP_SINGLERESP_new
+X509_VAL_free
+ASN1_OCTET_STRING_free
+CTLOG_get0_public_key
+DH_get_length
+DISPLAYTEXT_free
+X509_REQ_get_attr_by_OBJ
+CRYPTO_realloc
+TS_VERIFY_CTX_free
+EVP_sha224
+BIO_new_PKCS7
+X509_NAME_get_entry
+EVP_aria_192_cfb1
+DSA_meth_get_finish
+PKCS7_decrypt
+ASN1_PRINTABLE_new
+GENERAL_SUBTREE_new
+i2d_AUTHORITY_INFO_ACCESS
+i2d_ASN1_bio_stream
+PEM_read_PUBKEY
+i2d_CERTIFICATEPOLICIES
+EVP_aria_128_cbc
+i2d_DSAPrivateKey
+X509_print_ex_fp
+d2i_PROFESSION_INFO
+PKCS7_ENVELOPE_free
+EVP_sha3_384
+d2i_SCRYPT_PARAMS
+TXT_DB_create_index
+X509_get1_ocsp
+BN_get_word
+PKCS7_add_crl
+d2i_IPAddressChoice
+i2d_TS_REQ
+CMS_get0_content
+EVP_aria_192_cfb8
+WHIRLPOOL_Update
+EVP_PKEY_CTX_md
+NAMING_AUTHORITY_get0_authorityText
+OBJ_sigid_free
+OPENSSL_hexchar2int
+CONF_imodule_get_usr_data
+DSA_meth_new
+EVP_cast5_cfb64
+BN_to_ASN1_ENUMERATED
+OCSP_set_max_response_length
+TS_VERIFY_CTX_add_flags
+RSA_up_ref
+d2i_TS_MSG_IMPRINT
+UI_get0_output_string
+ASN1_STRING_set_by_NID
+PKCS7_set_cipher
+DH_get_2048_256
+DH_meth_set_finish
+X509_load_cert_crl_file
+EVP_CIPHER_CTX_cipher
+PEM_read_RSA_PUBKEY
+TS_VERIFY_CTX_init
+CMS_is_detached
+OCSP_REQUEST_get_ext_count
+X509_NAME_ENTRY_get_data
+SMIME_text
+BN_is_negative
+RSA_meth_get_pub_enc
+d2i_X509_SIG
+BIO_nwrite0
+X509_STORE_CTX_get_cert_crl
+ENGINE_get_ex_data
+OPENSSL_INIT_new
+BIO_meth_get_read_ex
+X509at_add1_attr
+EVP_add_alg_module
+d2i_TS_TST_INFO_bio
+X509_check_issued
+X509_VERIFY_PARAM_get0
+SHA1_Final
+X509_VERIFY_PARAM_set_time
+X509_find_by_issuer_and_serial
+BN_consttime_swap
+EVP_idea_cbc
+X509_CRL_get0_extensions
+X509_STORE_CTX_get0_current_crl
+X509_LOOKUP_meth_set_ctrl
+OCSP_request_verify
+TS_TST_INFO_get_tsa
+X509_LOOKUP_meth_set_get_by_issuer_serial
+USERNOTICE_free
+BN_kronecker
+X509_NAME_cmp
+TS_STATUS_INFO_free
+BN_generate_prime_ex
+TS_RESP_CTX_set_status_info
+BN_get_rfc3526_prime_2048
+EVP_PKEY_asn1_set_get_priv_key
+EVP_PKEY_CTX_ctrl_str
+EC_KEY_get0_engine
+IPAddressOrRange_free
+EC_KEY_set_method
+OPENSSL_sk_insert
+GENERAL_NAMES_new
+ESS_SIGNING_CERT_V2_dup
+OPENSSL_LH_node_usage_stats_bio
+X509_REQ_sign
+BN_bn2bin
+BIO_indent
+ENGINE_new
+ENGINE_register_digests
+TS_TST_INFO_get_ext_count
+OCSP_check_validity
+X509_get_default_cert_dir
+s2i_ASN1_IA5STRING
+AUTHORITY_INFO_ACCESS_it
+i2d_DSAPrivateKey_fp
+PKCS8_add_keyusage
+NETSCAPE_SPKI_free
+EVP_PKEY_assign
+OCSP_ONEREQ_get_ext_by_critical
+BN_bn2dec
+BN_bntest_rand
+BN_set_word
+EVP_aria_128_ccm
+RSA_meth_set_pub_enc
+DH_new
+EVP_CIPHER_CTX_iv
+ASN1_NULL_it
+EC_GF2m_simple_method
+X509_REVOKED_get0_extensions
+ENGINE_set_ex_data
+BIO_meth_set_read_ex
+EVP_CIPHER_CTX_original_iv
+i2d_SXNETID
+i2d_TS_REQ_fp
+ENGINE_add
+EVP_PKEY_meth_remove
+IDEA_set_decrypt_key
+BN_BLINDING_get_flags
+X509_get_signature_nid
+PEM_read_bio_PrivateKey
+X509_VERIFY_PARAM_set_trust
+ERR_remove_thread_state
+EVP_DigestUpdate
+EVP_MD_meth_get_input_blocksize
+DSA_generate_parameters
+EVP_aria_192_ctr
+DES_cfb_encrypt
+SHA224_Final
+RSA_X931_hash_id
+UTF8_putc
+SCT_set1_log_id
+NCONF_WIN32
+X509V3_EXT_CRL_add_conf
+SXNETID_free
+NCONF_load_fp
+BN_bn2mpi
+X509_NAME_ENTRY_set_data
+ENGINE_get_ssl_client_cert_function
+TS_TST_INFO_get_exts
+OCSP_request_onereq_count
+OCSP_BASICRESP_get_ext
+UI_UTIL_read_pw_string
+RAND_DRBG_set_callbacks
+HMAC_CTX_copy
+BN_lshift
+X509_signature_dump
+ECDSA_SIG_new
+CONF_module_add
+BIO_meth_get_gets
+d2i_EXTENDED_KEY_USAGE
+X509_LOOKUP_meth_get_get_by_subject
+ENGINE_get_flags
+BIO_set_tcp_ndelay
+EVP_chacha20
+BN_set_params
+OSSL_STORE_find
+PKCS12_pbe_crypt
+EVP_aes_128_gcm
+BIO_s_datagram
+X509_ALGOR_set0
+i2d_DSA_PUBKEY_bio
+i2d_PKCS12_BAGS
+EVP_PKEY_add1_attr_by_OBJ
+BIO_fd_non_fatal_error
+X509_ALGOR_dup
+i2d_PKEY_USAGE_PERIOD
+DSO_merge
+PEM_write_bio_EC_PUBKEY
+CRYPTO_gcm128_init
+RSA_padding_add_PKCS1_PSS_mgf1
+PEM_bytes_read_bio
+DES_ofb_encrypt
+PKCS7_RECIP_INFO_it
+RSA_meth_get_multi_prime_keygen
+PKCS7_DIGEST_new
+EVP_PKEY_new_CMAC_key
+X509_NAME_add_entry_by_txt
+EC_KEY_get_method
+DES_ede3_cbc_encrypt
+X509_get_signature_info
+ENGINE_unregister_pkey_meths
+EVP_PKEY_asn1_set_private
+OPENSSL_sk_delete_ptr
+EVP_MD_meth_get_app_datasize
+X509V3_get_string
+X509_NAME_it
+X509_LOOKUP_get_method_data
+d2i_ASN1_OBJECT
+OCSP_response_get1_basic
+OCSP_sendreq_nbio
+ENGINE_register_all_digests
+DSAparams_print
+X509_STORE_add_lookup
+EVP_PKEY_asn1_set_param
+i2d_ASN1_UNIVERSALSTRING
+ENGINE_get_digest_engine
+BN_is_one
+BN_pseudo_rand_range
+EVP_DecodeUpdate
+UI_get0_result
+RAND_DRBG_set_reseed_interval
+BIO_debug_callback
+DES_cbc_cksum
+X509_CINF_it
+OPENSSL_sk_find
+BIO_s_fd
+BIO_number_written
+TS_REQ_get_msg_imprint
+EVP_aes_192_ocb
+EC_GROUP_get_curve
+ENGINE_free
+EVP_PKEY_asn1_set_item
+BIO_closesocket
+EVP_SealFinal
+X509_to_X509_REQ
+i2d_PKCS12_bio
+d2i_ASIdentifiers
+EC_KEY_copy
+X509v3_addr_add_range
+ENGINE_get_DSA
+ZLONG_it
+EVP_sha256
+X509_STORE_set_lookup_certs
+DH_meth_get_generate_key
+CBIGNUM_it
+OSSL_STORE_eof
+PKCS12_add_friendlyname_utf8
+X509_STORE_CTX_get_explicit_policy
+d2i_TS_REQ_bio
+PEM_ASN1_write_bio
+BN_dec2bn
+CMS_set1_signers_certs
+EVP_ENCODE_CTX_new
+BIO_meth_set_gets
+TS_RESP_verify_response
+SXNETID_it
+ADMISSION_SYNTAX_free
+d2i_ESS_CERT_ID_V2
+ASN1_TIME_to_tm
+EVP_camellia_256_cbc
+X509_get0_tbs_sigalg
+EVP_EncodeInit
+i2d_ESS_SIGNING_CERT
+PEM_write_ECPKParameters
+X509_REQ_set_subject_name
+EC_GROUP_free
+X509_cmp
+X509_PUBKEY_set
+BN_num_bits_word
+AES_options
+DSA_OpenSSL
+BN_get_params
+i2a_ACCESS_DESCRIPTION
+ENGINE_init
+X509_REQ_add_extensions
+a2i_GENERAL_NAME
+EVP_get_cipherbyname
+ASN1_T61STRING_it
+X509_NAME_ENTRY_create_by_OBJ
+PKCS7_ISSUER_AND_SERIAL_free
+BIO_nread
+DES_ncbc_encrypt
+DH_get0_pub_key
+d2i_ASN1_UNIVERSALSTRING
+SCT_get0_signature
+OCSP_sendreq_bio
+EVP_MD_meth_set_init
+i2d_PKCS12_fp
+ASN1_PCTX_set_cert_flags
+i2d_PBKDF2PARAM
+X509_LOOKUP_meth_new
+CRYPTO_secure_allocated
+SRP_Calc_server_key
+X509_REVOKED_add1_ext_i2d
+EVP_read_pw_string
+X509_STORE_get_get_issuer
+SMIME_crlf_copy
+ASN1_SCTX_get_app_data
+X509_TRUST_get0
+X509_VERIFY_PARAM_set1_email
+BF_cbc_encrypt
+EVP_CIPHER_param_to_asn1
+DSA_meth_get_mod_exp
+i2d_X509_REQ
+X509_TRUST_get_by_id
+EVP_des_ede_ofb
+d2i_RSAPublicKey_fp
+TS_TST_INFO_get_ext
+X509_get_ex_data
+PKCS8_pkey_add1_attr_by_NID
+EVP_PKEY_set1_DH
+PKCS7_dataDecode
+BIO_accept_ex
+CMS_RecipientInfo_kari_set0_pkey
+OCSP_RESPDATA_it
+CAST_cbc_encrypt
+BN_GF2m_mod_div_arr
+X509_print_ex
+ASN1_SCTX_set_app_data
+DES_random_key
+BIO_s_mem
+POLICY_CONSTRAINTS_free
+EVP_PKEY_meth_set_check
+d2i_X509_NAME_ENTRY
+d2i_PrivateKey_fp
+BIO_new_accept
+CMS_decrypt
+PKCS7_set_signed_attributes
+CONF_get1_default_config_file
+X509_set1_notBefore
+i2d_ASN1_SET_ANY
+RSA_meth_get_priv_enc
+RIPEMD160_Init
+X509_LOOKUP_file
+EVP_des_ofb
+OCSP_SINGLERESP_free
+PKCS8_get_attr
+BN_clear
+CRYPTO_ccm128_decrypt
+X509_VERIFY_PARAM_free
+CMS_SignedData_init
+ASN1_sign
+BIO_number_read
+d2i_ASN1_IA5STRING
+PEM_write_bio_X509_REQ
+TS_OBJ_print_bio
+EVP_aes_192_cfb128
+ENGINE_get_RAND
+OCSP_basic_sign
+X509_VERIFY_PARAM_set1_policies
+i2d_NETSCAPE_CERT_SEQUENCE
+DSA_meth_set_mod_exp
+OSSL_STORE_LOADER_set_load
+DSA_test_flags
+ECDSA_sign_setup
+OSSL_STORE_unregister_loader
+PEM_write_DSA_PUBKEY
+X509_delete_ext
+EC_GROUP_get_trinomial_basis
+X509_print_fp
+ENGINE_get_digests
+i2d_RSAPublicKey_fp
+ERR_load_X509_strings
+X509_CERT_AUX_new
+EC_GROUP_get_degree
+OPENSSL_fork_child
+EVP_CipherFinal
+PKCS7_verify
+SRP_check_known_gN_param
+PEM_read
+CTLOG_STORE_new
+OBJ_bsearch_
+i2d_X509_EXTENSION
+i2d_X509_NAME_ENTRY
+EVP_CIPHER_CTX_set_cipher_data
+EVP_sm4_ctr
+X509_subject_name_hash
+EC_POINT_is_on_curve
+CMS_SignerInfo_get0_algs
+EVP_MD_meth_set_final
+EVP_DigestFinal_ex
+X509_REVOKED_get_ext_by_critical
+EVP_EncodeUpdate
+RSA_meth_set_keygen
+i2d_PKCS7_ENVELOPE
+PEM_read_ECPKParameters
+EVP_PKEY_get_default_digest_nid
+ENGINE_get_pkey_asn1_meth
+EVP_CIPHER_meth_get_init
+EVP_CIPHER_CTX_set_num
+BN_mod_word
+ASRange_new
+PEM_write_PKCS7
+CMS_RecipientInfo_kari_decrypt
+TLS_FEATURE_free
+PEM_write_PKCS8
+BIO_ADDR_clear
+ASN1_TYPE_unpack_sequence
+OSSL_STORE_INFO_get0_PARAMS
+X509_REVOKED_dup
+GENERAL_SUBTREE_free
+ASN1_ENUMERATED_free
+OSSL_STORE_INFO_get_type
+X509_OBJECT_retrieve_by_subject
+EVP_aria_128_ecb
+OPENSSL_LH_free
+EVP_PKEY_get_attr_by_OBJ
+OPENSSL_LH_doall_arg
+ENGINE_set_digests
+X509_CRL_new
+CMS_digest_verify
+BIO_new_dgram
+ASN1_TBOOLEAN_it
+TS_VERIFY_CTX_set_imprint
+PEM_read_bio_DSAparams
+ENGINE_get_default_RSA
+OCSP_RESPONSE_it
+BIO_next
+ASN1_item_d2i_bio
+X509_REQ_get_attr_count
+OCSP_REQ_CTX_http
+EVP_PKEY_asn1_set_ctrl
+CMS_get0_type
+X509_policy_tree_level_count
+EVP_PKEY_meth_set_verify_recover
+ENGINE_set_RAND
+PKCS7_cert_from_signer_info
+PKCS8_pkey_set0
+PKCS7_RECIP_INFO_free
+i2d_X509_CERT_AUX
+X509v3_get_ext
+NCONF_get_string
+EVP_PKEY_CTX_dup
+EVP_aes_192_ofb
+EVP_PKEY_CTX_get_keygen_info
+BN_mod_mul_montgomery
+UI_set_result_ex
+RC2_ecb_encrypt
+CRYPTO_gcm128_release
+NETSCAPE_CERT_SEQUENCE_new
+PEM_read_NETSCAPE_CERT_SEQUENCE
+X509v3_addr_validate_resource_set
+EC_GROUP_dup
+OCSP_copy_nonce
+OPENSSL_1_1_0
+POLICYQUALINFO_new
+d2i_DIST_POINT_NAME
+OCSP_resp_find_status
+OPENSSL_1_1_1
+TXT_DB_get_by_index
+PKCS7_add0_attrib_signing_time
+OPENSSL_sk_set_cmp_func
+X509_NAME_free
+i2d_EC_PUBKEY_fp
+CMS_SignerInfo_get0_signature
+i2d_X509_CINF
+OSSL_STORE_SEARCH_get0_digest
+CMS_RecipientInfo_kari_get0_reks
+X509_STORE_CTX_free
+PEM_dek_info
+EVP_CIPHER_meth_set_impl_ctx_size
+i2d_TS_REQ_bio
+RSA_meth_set_priv_dec
+EVP_idea_ecb
+PKCS7_dup
+ENGINE_add_conf_module
+X509_REQ_get0_pubkey
+ASYNC_WAIT_CTX_get_fd
+ENGINE_load_private_key
+DSO_dsobyaddr
+v2i_GENERAL_NAMES
+X509_EXTENSION_it
+OBJ_ln2nid
+CRYPTO_THREAD_write_lock
+EC_GROUP_set_point_conversion_form
+EC_KEY_set_asn1_flag
+X509_check_private_key
+BN_priv_rand
+CRYPTO_cbc128_decrypt
+X509_LOOKUP_by_subject
+EVP_PKEY_base_id
+NAMING_AUTHORITY_set0_authorityText
+ASN1_verify
+EC_POINT_set_affine_coordinates_GFp
+TS_MSG_IMPRINT_set_msg
+DH_meth_get_compute_key
+ASIdOrRange_free
+EC_GROUP_get_order
+CMS_verify
+i2d_X509_REQ_bio
+TS_ACCURACY_dup
+EVP_CIPHER_meth_set_init
+CMS_get1_ReceiptRequest
+PKCS12_pack_authsafes
+RSA_meth_get_keygen
+ERR_func_error_string
+EVP_PKEY_encrypt_init
+RSA_set_method
+EC_KEY_can_sign
+X509_STORE_CTX_init
+BN_CTX_start
+X509V3_EXT_get_nid
+CMS_get0_eContentType
+RAND_get_rand_method
+X509_PURPOSE_get_trust
+X509_TRUST_cleanup
+PEM_write_bio_ECPKParameters
+ASN1_NULL_free
+X509_policy_node_get0_qualifiers
+ASN1_item_print
+i2d_DIST_POINT_NAME
+X509_VERIFY_PARAM_inherit
+OCSP_basic_add1_nonce
+X509_REQ_set0_signature
+X509_CRL_get0_by_cert
+ASN1_item_i2d
+EVP_PKEY_meth_set_encrypt
+X509_STORE_CTX_get1_chain
+ASN1_SEQUENCE_ANY_it
+ENGINE_set_destroy_function
+SCT_get_signature_nid
+OCSP_accept_responses_new
+PKCS7_sign_add_signer
+RAND_status
+X509_get0_uids
+BASIC_CONSTRAINTS_it
+PKCS7_encrypt
+i2d_ASN1_GENERALIZEDTIME
+UI_add_input_boolean
+TS_RESP_CTX_set_extension_cb
+TXT_DB_write
+X509_STORE_CTX_set_purpose
+OCSP_response_status
+PKCS7_SIGNER_INFO_new
+ASN1_UTCTIME_set_string
+EVP_MD_do_all
+i2d_PKCS8PrivateKey_nid_fp
+NAME_CONSTRAINTS_free
+X509_subject_name_hash_old
+X509_STORE_CTX_get0_current_issuer
+X509_SIG_get0
+X509_STORE_set_check_issued
+OBJ_create
+RSA_PSS_PARAMS_it
+OPENSSL_sk_find_ex
+X509V3_add_value_int
+DSA_set_method
+TS_CONF_set_tsa_name
+ASYNC_block_pause
+PKCS8_PRIV_KEY_INFO_it
+i2d_PKCS7_bio_stream
+OPENSSL_INIT_set_config_appname
+ASN1_STRING_free
+OCSP_REQUEST_get_ext
+X509_time_adj
+EVP_PKEY_meth_get_ctrl
+X509_get0_notAfter
+i2d_X509_REQ_INFO
+i2d_PKCS8PrivateKey_bio
+BIO_int_ctrl
+X509_OBJECT_retrieve_match
+ERR_load_BIO_strings
+OCSP_REQINFO_new
+TS_STATUS_INFO_set_status
+ENGINE_set_load_pubkey_function
+EVP_camellia_128_ofb
+SRP_VBASE_new
+ESS_SIGNING_CERT_V2_new
+i2d_SCRYPT_PARAMS
+X509_get_ext_count
+EVP_PKEY_asn1_find_str
+RAND_poll
+SEED_ofb128_encrypt
+X509_CINF_free
+X509_ATTRIBUTE_create
+PKCS12_SAFEBAG_create_pkcs8_encrypt
+RSA_print
+EVP_des_ede3_ofb
+OCSP_RESPID_set_by_name
+EC_KEY_METHOD_set_compute_key
+EC_KEY_oct2key
+ASN1_STRING_clear_free
+ENGINE_get_load_privkey_function
+BIO_f_buffer
+PEM_read_DSAPrivateKey
+OBJ_add_object
+EC_curve_nist2nid
+DSA_sign
+PEM_read_bio_PUBKEY
+EVP_PKEY_verify_recover
+i2d_BASIC_CONSTRAINTS
+ENGINE_set_init_function
+X509_get_key_usage
+ERR_clear_last_mark
+EVP_CIPHER_key_length
+X509_OBJECT_free
+EVP_EncryptFinal
+EVP_ENCODE_CTX_free
+TS_CONF_set_ess_cert_id_digest
+i2d_EC_PUBKEY
+HMAC_CTX_get_md
+BN_div
+DH_KDF_X9_42
+ERR_set_mark
+OPENSSL_LH_doall
+d2i_ASN1_GENERALIZEDTIME
+EVP_PKEY_security_bits
+X509_CRL_INFO_free
+X509_sign
+PKCS12_SAFEBAG_get1_cert
+BIO_f_md
+BN_MONT_CTX_free
+X509_check_ca
+X509_supported_extension
+EVP_PKEY_asn1_set_check
+DH_generate_parameters_ex
+SXNET_get_id_asc
+BN_CTX_free
+ASN1_SCTX_free
+EVP_PKEY_verify
+IDEA_options
+BN_with_flags
+X509_PKEY_new
+FIPS_mode_set
+d2i_ASN1_BIT_STRING
+o2i_SCT_LIST
+RSA_meth_set_multi_prime_keygen
+BIO_accept
+DIRECTORYSTRING_it
+OCSP_ONEREQ_get_ext
+EVP_aria_192_cfb128
+EVP_aria_256_cbc
+ASN1_item_verify
+X509_CRL_get_lastUpdate
+EVP_PKEY_get_attr_count
+X509_STORE_CTX_set_verify
+RC2_ofb64_encrypt
+TS_TST_INFO_get_ext_by_OBJ
+d2i_PKCS12
+RSA_meth_get_bn_mod_exp
+i2d_X509_VAL
+i2d_ACCESS_DESCRIPTION
+EDIPARTYNAME_free
+EC_GFp_nistp224_method
+PROFESSION_INFO_it
+EVP_camellia_256_ecb
+EVP_PKEY_meth_set_ctrl
+PEM_write_bio_CMS_stream
+DSA_get_method
+X509_subject_name_cmp
+X509_STORE_CTX_get_get_issuer
+X509_ALGOR_new
+X509_trust_clear
+PKCS12_item_pack_safebag
+i2d_ASN1_PRINTABLESTRING
+EC_KEY_get_default_method
+X509_issuer_name_hash
+X509_get0_extensions
+RAND_set_rand_engine
+EC_POINT_invert
+UI_method_set_prompt_constructor
+X509_REVOKED_get_ext_by_OBJ
+PEM_read_bio_PKCS8_PRIV_KEY_INFO
+i2d_RSAPublicKey_bio
+IDEA_cfb64_encrypt
+BN_mul_word
+X509_set_version
+X509_get_default_cert_file
+X509_REQ_sign_ctx
+X509_TRUST_add
+CAST_set_key
+BIO_nread0
+BN_mul
+ASYNC_get_current_job
+X509_CRL_get_nextUpdate
+EC_KEY_clear_flags
+X509_VERIFY_PARAM_set1_ip
+X509_PURPOSE_get0_name
+RSA_security_bits
+DES_ede3_cfb64_encrypt
+X509_SIG_getm
+i2d_ADMISSION_SYNTAX
+X509_EXTENSION_create_by_OBJ
+SHA512_Final
+DH_meth_set_generate_params
+X509V3_string_free
+EVP_CIPHER_type
+POLICY_CONSTRAINTS_it
+ENGINE_unregister_ciphers
+X509_NAME_get_text_by_OBJ
+EC_GFp_nist_method
+X509_STORE_get_lookup_certs
+HMAC_CTX_set_flags
+d2i_ECPrivateKey
+PEM_X509_INFO_write_bio
+CMS_signed_get_attr_by_OBJ
+SHA512
+ASYNC_unblock_pause
+X509_digest
+MD4_Transform
+OCSP_resp_get0_respdata
+PEM_write_bio_PrivateKey_traditional
+OCSP_ONEREQ_it
+ASN1_STRING_set_default_mask
+BIO_ctrl_get_write_guarantee
+CMS_EnvelopedData_create
+EVP_PKEY_meth_get_sign
+PKCS7_DIGEST_it
+ASIdentifierChoice_it
+RSA_get0_dmp1
+CMS_unsigned_add1_attr_by_txt
+DSA_meth_set_sign_setup
+ERR_get_error_line
+BF_ofb64_encrypt
+EVP_PKEY_get0_siphash
+TS_REQ_get_ext_d2i
+RSA_new_method
+PEM_write_bio_ASN1_stream
+X509_up_ref
+BN_X931_derive_prime_ex
+X509_LOOKUP_meth_set_get_by_alias
+BIO_meth_get_create
+SCT_get0_log_id
+ASN1_BIT_STRING_name_print
+EVP_aes_192_wrap
+OSSL_STORE_LOADER_set_error
+ENGINE_load_public_key
+X509_NAME_get_index_by_OBJ
+BIO_ADDR_rawaddress
+d2i_ASN1_PRINTABLESTRING
+i2d_ASN1_TYPE
+PROFESSION_INFO_set0_professionOIDs
+EC_GROUP_get_asn1_flag
+EVP_aria_256_ccm
+ASN1_PRINTABLE_type
+EVP_camellia_128_cfb128
+X509_reject_clear
+d2i_OCSP_CERTSTATUS
+v2i_GENERAL_NAME
+PKCS12_SAFEBAG_get0_safes
+X509_get0_authority_serial
+X509_STORE_CTX_get_verify
+i2d_OCSP_RESPDATA
+CRL_DIST_POINTS_free
+i2b_PVK_bio
+SCT_get_validation_status
+X509v3_get_ext_by_OBJ
+BIO_s_accept
+BN_GENCB_get_arg
+X509_CINF_new
+POLICY_MAPPING_it
+PKCS1_MGF1
+ASYNC_is_capable
+CRYPTO_ctr128_encrypt
+EVP_aria_256_cfb1
+EVP_des_ede3
+AES_ofb128_encrypt
+ERR_peek_last_error_line
+PKCS12_new
+i2d_NAMING_AUTHORITY
+BIO_gets
+EVP_PKEY_CTX_set_app_data
+ENGINE_get_default_DH
+EVP_aria_128_gcm
+EVP_PKEY_asn1_new
+ENGINE_set_default_ciphers
+CT_POLICY_EVAL_CTX_get0_log_store
+X509_STORE_CTX_set0_param
+BIO_copy_next_retry
+EVP_aes_128_ctr
+BIO_read_ex
+EVP_aria_256_cfb8
+X509V3_EXT_CRL_add_nconf
+SCT_set0_log_id
+EVP_CIPHER_meth_get_get_asn1_params
+X509V3_get_value_int
+ASN1_PCTX_set_str_flags
+EC_GROUP_set_curve_name
+i2d_ESS_ISSUER_SERIAL
+BIO_get_data
+RSA_get0_dmq1
+i2d_ASIdentifiers
+PKCS12_pack_p7encdata
+TS_RESP_CTX_add_flags
+d2i_OCSP_BASICRESP
+RSA_size
+EVP_CIPHER_CTX_set_key_length
+BN_rand_range
+RAND_add
+X509_VERIFY_PARAM_lookup
+EVP_PKEY_meth_set_sign
+ECDSA_sign
+d2i_PKCS7_RECIP_INFO
+X509_OBJECT_set1_X509
+ENGINE_get_pkey_meth
+BIO_get_ex_data
+i2d_ASN1_UTF8STRING
+PKCS8_PRIV_KEY_INFO_free
+OCSP_resp_get1_id
+i2v_GENERAL_NAME
+conf_ssl_get
+OCSP_RESPONSE_free
+PEM_read_DSAparams
+ECDH_compute_key
+NETSCAPE_CERT_SEQUENCE_free
+ASYNC_init_thread
+i2d_PKCS8PrivateKey_fp
+OPENSSL_hexstr2buf
+d2i_DISPLAYTEXT
+ASN1_GENERALSTRING_new
+PEM_read_bio_ex
+ASN1_STRING_cmp
+BN_bn2hex
+X509_SIG_free
+ASN1_TYPE_get_octetstring
+d2i_TS_MSG_IMPRINT_fp
+CMS_add0_RevocationInfoChoice
+i2d_PrivateKey_bio
+X509_get0_signature
+CRL_DIST_POINTS_it
+ENGINE_get_default_EC
+EC_KEY_priv2oct
+d2i_PKCS7
+EC_POINT_point2bn
+X509V3_get_d2i
+X509_NAME_oneline
+ACCESS_DESCRIPTION_new
+GENERAL_NAMES_it
+ASN1_INTEGER_set
+Camellia_cfb8_encrypt
+CMS_encrypt
+NAMING_AUTHORITY_it
+RSA_get0_multi_prime_crt_params
+X509V3_EXT_add
+CRYPTO_THREAD_read_lock
+OCSP_onereq_get0_id
+BIO_set_ex_data
+SEED_encrypt
+EVP_desx_cbc
+BN_GF2m_mod
+RSA_padding_check_PKCS1_OAEP
+PKCS7_content_new
+UI_add_user_data
+DH_security_bits
+DSO_get_filename
+BF_encrypt
+DH_generate_key
+PROFESSION_INFO_set0_namingAuthority
+TS_RESP_get_token
+CRYPTO_ccm128_encrypt
+EVP_PKEY_meth_get_verifyctx
+X509_VERIFY_PARAM_get0_peername
+i2d_X509_PUBKEY
+POLICY_CONSTRAINTS_new
+d2i_POLICYQUALINFO
+OCSP_BASICRESP_get_ext_by_OBJ
+EDIPARTYNAME_it
+ERR_remove_state
+EC_KEY_print_fp
+ENGINE_get_name
+PKCS7_ENCRYPT_free
+X509_STORE_CTX_get0_param
+CMS_signed_delete_attr
+ASN1_SCTX_get_item
+X509_EXTENSION_get_data
+d2i_X509_ATTRIBUTE
+BIO_get_shutdown
+EVP_aes_256_wrap_pad
+X509_get1_email
+COMP_compress_block
+BN_mod_mul
+OSSL_STORE_INFO_new_NAME
+CTLOG_STORE_load_default_file
+BIO_free
+EVP_PKEY_asn1_find
+BN_rshift
+DSO_set_filename
+ASN1_STRING_TABLE_add
+OPENSSL_sk_dup
+RSA_meth_set0_app_data
+EVP_ripemd160
+CMS_sign
+X509_LOOKUP_by_fingerprint
+X509_REVOKED_new
+X509_get0_subject_key_id
+CONF_modules_finish
+DH_up_ref
+X509_STORE_CTX_set_time
+SHA384
+DH_check
+AUTHORITY_KEYID_free
+d2i_ECPKParameters
+EVP_add_digest
+SRP_create_verifier_BN
+EVP_PKEY_get1_DSA
+i2o_ECPublicKey
+ASN1_parse_dump
+EVP_PKEY_CTX_new
+d2i_ASN1_PRINTABLE
+ASN1_TIME_to_generalizedtime
+ECPARAMETERS_it
+X509_SIG_INFO_set
+X509_CRL_INFO_new
+OPENSSL_init_crypto
+ENGINE_set_default_RAND
+UTF8_getc
+OSSL_STORE_INFO_get1_CRL
+EC_GROUP_new
+d2i_PKCS7_SIGNER_INFO
+OBJ_nid2ln
+ASN1_UTCTIME_set
+CRYPTO_malloc
+ASN1_OBJECT_create
+DH_meth_set_flags
+EVP_PKEY_meth_get_cleanup
+ECDSA_SIG_get0_r
+ASN1_TYPE_new
+X509_VERIFY_PARAM_set_flags
+ECDSA_SIG_get0_s
+i2d_PKCS7
+PKCS7_ISSUER_AND_SERIAL_digest
+DES_options
+BN_mod_inverse
+UI_get_result_string_length
+PEM_read_X509
+CRYPTO_free_ex_index
+EVP_CIPHER_meth_get_do_cipher
+TS_CONF_set_default_engine
+PEM_write_X509_REQ_NEW
+i2d_IPAddressFamily
+DSA_new
+s2i_ASN1_INTEGER
+OSSL_STORE_SEARCH_by_name
+OSSL_STORE_load
+DH_free
+OCSP_request_set1_name
+d2i_OCSP_REQINFO
+OBJ_NAME_do_all
+BIO_ADDR_free
+BN_div_recp
+PKCS7_new
+TS_REQ_print_bio
+PKCS7_dataInit
+BIO_callback_ctrl
+BN_CTX_new
+i2d_ISSUING_DIST_POINT
+CONF_set_default_method
+PROFESSION_INFO_get0_professionItems
+TS_MSG_IMPRINT_print_bio
+X509v3_asid_is_canonical
+EC_KEY_dup
+ERR_clear_error
+ENGINE_set_name
+TS_RESP_CTX_set_clock_precision_digits
+PEM_proc_type
+OTHERNAME_cmp
+CONF_free
+b2i_PVK_bio
+CAST_ecb_encrypt
+X509_EXTENSION_set_data
+SXNET_get_id_INTEGER
+EVP_blake2s256
+CRYPTO_ocb128_aad
+i2d_X509_AUX
+EVP_BytesToKey
+ASN1_TIME_set_string_X509
+ACCESS_DESCRIPTION_free
+TS_ACCURACY_new
+ASN1_PRINTABLESTRING_free
+BIO_test_flags
+X509_NAME_ENTRY_free
+OCSP_REQUEST_add1_ext_i2d
+EVP_MD_meth_get_cleanup
+EVP_seed_cbc
+CMS_unsigned_get_attr_by_OBJ
+PKCS7_SIGNER_INFO_free
+BN_GF2m_mod_arr
+i2d_ECParameters
+RAND_DRBG_bytes
+ACCESS_DESCRIPTION_it
+GENERAL_NAME_print
+X509_CRL_get_ext_count
+X509v3_asid_inherits
+EVP_PKEY_meth_set_cleanup
+BN_GF2m_mod_solve_quad
+CONF_dump_fp
+ERR_peek_error_line
+X509_VERIFY_PARAM_set_purpose
+PKCS7_add_attrib_smimecap
+BN_mod_exp_simple
+PKCS7_ENCRYPT_new
+CMS_data_create
+EVP_CIPHER_nid
+PEM_ASN1_write
+OBJ_obj2nid
+DH_compute_key_padded
+X509V3_conf_free
+EVP_PKEY_set1_DSA
+X509_get0_serialNumber
+d2i_TS_REQ_fp
+BIO_asn1_set_prefix
+RSA_padding_add_PKCS1_PSS
+OCSP_resp_get0_signer
+ERR_load_RAND_strings
+ASN1_ENUMERATED_set
+OSSL_STORE_INFO_get0_CERT
+X509_STORE_CTX_set_error
+BN_mod_exp_mont_word
+ASN1_item_i2d_bio
+EVP_SealInit
+BN_security_bits
+CRYPTO_cbc128_encrypt
+PEM_write_bio_X509_AUX
+CMS_ContentInfo_free
+DIST_POINT_set_dpname
+X509_REQ_add1_attr_by_OBJ
+BN_value_one
+TS_RESP_CTX_new
+X509_NAME_print
+X509_get0_trust_objects
+PEM_write_DHparams
+X509_STORE_lock
+BIO_ADDRINFO_next
+BUF_MEM_new
+BIO_ADDR_rawport
+SXNET_get_id_ulong
+X509_CRL_it
+OPENSSL_LH_set_down_load
+EVP_PKEY_encrypt_old
+UI_new_method
+BIO_set_retry_reason
+X509V3_add1_i2d
+UI_add_verify_string
+X509_PURPOSE_add
+EVP_MD_meth_set_cleanup
+ASN1_VISIBLESTRING_it
+TS_TST_INFO_set_policy_id
+PEM_read_DHparams
+X509_VERIFY_PARAM_get_hostflags
+EVP_md4
+RSA_print_fp
+X509_VERIFY_PARAM_add0_policy
+CRYPTO_cts128_decrypt
+BN_GENCB_new
+BN_is_prime_ex
+EVP_aria_192_ofb
+EVP_aria_256_ecb
+EVP_md5
+MDC2
+EC_KEY_METHOD_set_keygen
+CTLOG_get0_log_id
+CMS_add1_crl
+X509_load_cert_file
+CAST_decrypt
+OPENSSL_sk_deep_copy
+i2d_X509_CRL
+i2s_ASN1_ENUMERATED
+BN_get0_nist_prime_224
+i2d_RSA_OAEP_PARAMS
+i2d_RSAPrivateKey_fp
+RAND_load_file
+X509_STORE_CTX_get_obj_by_subject
+DH_get_ex_data
+X509_VERIFY_PARAM_set_inh_flags
+EVP_CIPHER_CTX_get_cipher_data
+ASN1_BIT_STRING_set_bit
+i2d_GENERAL_NAME
+X509_CRL_get_ext_by_NID
+BIO_printf
+EVP_MD_do_all_sorted
+ASN1_BIT_STRING_free
+ENGINE_get_table_flags
+EVP_PKEY_CTX_get_cb
+BIO_s_bio
+RAND_DRBG_get0_master
+EVP_MD_meth_get_copy
+ERR_peek_last_error
+X509_STORE_CTX_get0_chain
+OCSP_SINGLERESP_get_ext_count
+CRYPTO_strndup
+OCSP_resp_get0_certs
+OBJ_create_objects
+MD5_Update
+DSA_SIG_set0
+X509V3_EXT_conf_nid
+PEM_write_bio_X509_CRL
+X509_check_ip
+CMS_signed_add1_attr_by_NID
+CRYPTO_nistcts128_decrypt
+BIO_asn1_get_prefix
+ERR_load_ERR_strings
+i2s_ASN1_OCTET_STRING
+d2i_ASN1_ENUMERATED
+ENGINE_set_default
+PKCS7_RECIP_INFO_set
+X509_get_ext_d2i
+CMS_ReceiptRequest_it
+ERR_get_error_line_data
+X509v3_asid_add_id_or_range
+i2d_X509_bio
+X509_STORE_CTX_get_check_revocation
+ENGINE_get_cipher
+BN_GF2m_mod_sqrt_arr
+BN_nist_mod_func
+DH_set_ex_data
+d2i_OCSP_ONEREQ
+err_free_strings_int
+BIO_set_callback_arg
+TS_TST_INFO_get_ordering
+DSA_get0_g
+EC_KEY_set_default_method
+CMS_RecipientInfo_kari_get0_orig_id
+OSSL_STORE_INFO_get1_CERT
+SRP_VBASE_get_by_user
+BN_RECP_CTX_new
+a2d_ASN1_OBJECT
+EVP_PKEY_meth_get_public_check
+i2d_EXTENDED_KEY_USAGE
+X509_VERIFY_PARAM_set1_host
+OSSL_STORE_INFO_type_string
+RSA_get0_engine
+ASYNC_WAIT_CTX_new
+CMS_SignerInfo_verify_content
+d2i_PKCS8_PRIV_KEY_INFO
+NETSCAPE_SPKI_set_pubkey
+TS_TST_INFO_set_ordering
+EVP_PKEY_keygen_init
+DSA_get0_p
+i2d_SCT_LIST
+TS_RESP_CTX_set_certs
+DSA_get0_q
+d2i_TS_TST_INFO_fp
+i2d_RSAPrivateKey_bio
+ERR_load_KDF_strings
+ASN1_item_ex_d2i
+EC_KEY_METHOD_get_keygen
+i2d_PKCS8_PRIV_KEY_INFO_bio
+ENGINE_ctrl
+SMIME_write_ASN1
+NOTICEREF_it
+EVP_aes_256_cfb128
+X509_VERIFY_PARAM_get_depth
+BIO_f_cipher
+OSSL_STORE_INFO_get0_PKEY
+RSA_meth_set_finish
+CRYPTO_get_ex_data
+d2i_PKCS12_fp
+PEM_SignInit
+OPENSSL_buf2hexstr
+i2a_ASN1_ENUMERATED
+EVP_MD_meth_set_ctrl
+ASN1_STRING_print_ex_fp
+X509_STORE_CTX_new
+X509_get_ext
+OCSP_SINGLERESP_get_ext_by_critical
+EVP_EncryptUpdate
+ECPKParameters_print
+TS_TST_INFO_get_accuracy
+OSSL_STORE_LOADER_new
+CRYPTO_ocb128_new
+UI_set_result
+X509v3_get_ext_by_critical
+ASN1_STRING_get_default_mask
+EVP_PKEY_delete_attr
+d2i_NETSCAPE_SPKI
+X509_CRL_sort
+EVP_PKEY_set1_tls_encodedpoint
+BIO_ADDRINFO_socktype
+NAME_CONSTRAINTS_new
+X509v3_addr_add_prefix
+EVP_Digest
+NETSCAPE_SPKI_sign
+CRYPTO_ocb128_decrypt
+EVP_PKEY2PKCS8
+TS_REQ_get_ext
+RSA_meth_dup
+BN_set_flags
+ERR_reason_error_string
+X509_LOOKUP_meth_get_get_by_alias
+X509_VAL_it
+X509_VERIFY_PARAM_table_cleanup
+X509_ALGOR_copy
+ENGINE_get_first
+EVP_aes_128_cfb1
+X509_STORE_load_locations
+EVP_PKEY_paramgen
+ADMISSIONS_get0_admissionAuthority
+d2i_AUTHORITY_KEYID
+EVP_CIPHER_CTX_set_app_data
+BIO_meth_get_ctrl
+d2i_AUTHORITY_INFO_ACCESS
+CRYPTO_set_ex_data
+ENGINE_set_flags
+OCSP_id_issuer_cmp
+EVP_aes_128_cfb8
+X509_REQ_it
+DSO_free
+X509_find_by_subject
+ASYNC_pause_job
+PKCS7_free
+OCSP_SINGLERESP_get_ext_by_NID
+DH_set_length
+X509_policy_level_get0_node
+EC_POINT_set_affine_coordinates
+CRYPTO_set_mem_functions
+CMS_RecipientInfo_set0_password
+TS_VERIFY_CTS_set_certs
+EVP_PKEY_set1_engine
+ASN1_i2d_fp
+EVP_PKEY_meth_set_digestsign
+ADMISSION_SYNTAX_it
+ASN1_parse
+d2i_RSAPrivateKey
+i2d_DSAPublicKey
+TS_RESP_free
+X509_STORE_add_cert
+DSO_up_ref
+EC_KEY_get_flags
+NETSCAPE_SPKI_get_pubkey
+i2d_PKCS8PrivateKey_nid_bio
+NAMING_AUTHORITY_get0_authorityId
+RAND_write_file
+X509V3_EXT_val_prn
+BN_to_ASN1_INTEGER
+d2i_ASN1_SEQUENCE_ANY
+BIO_get_callback
+OBJ_find_sigid_algs
+ENGINE_set_DH
+b2i_PublicKey_bio
+PEM_ASN1_read_bio
+X509_add1_trust_object
+ERR_load_DSO_strings
+X509_set_pubkey
+SCT_set_log_entry_type
+RSA_meth_get0_name
+COMP_CTX_get_type
+EVP_MD_CTX_copy_ex
+DSA_meth_get0_name
+BN_bin2bn
+PKCS12_unpack_p7data
+RSA_meth_get_finish
+OPENSSL_gmtime_adj
+BN_num_bits
+EC_POINT_oct2point
+X509_get_extension_flags
+OPENSSL_sk_pop_free
+EC_KEY_METHOD_get_compute_key
+PKCS12_SAFEBAG_create_cert
+X509_ATTRIBUTE_create_by_NID
+TS_REQ_set_cert_req
+TS_REQ_delete_ext
+DH_get0_pqg
+TS_VERIFY_CTX_cleanup
+DES_ofb64_encrypt
+X509_STORE_CTX_set_error_depth
+i2d_OTHERNAME
+OSSL_STORE_INFO_get1_PKEY
+OSSL_STORE_SEARCH_get0_name
+SHA1_Transform
+SHA224_Update
+PKCS12_BAGS_new
+EVP_PKEY_size
+EVP_MD_flags
+BN_div_word
+EC_POINT_copy
+RSA_bits
+i2d_IPAddressOrRange
+BN_get0_nist_prime_256
+EVP_PKEY_asn1_set_param_check
+EVP_MD_meth_free
+TS_TST_INFO_get_time
+UI_method_set_data_duplicator
+EVP_CIPHER_meth_get_ctrl
+ASN1_BIT_STRING_new
+d2i_USERNOTICE
+PEM_write_bio_Parameters
+d2i_RSA_PUBKEY_bio
+EVP_sm4_ofb
+BIO_meth_set_ctrl
+EVP_PKEY_meth_find
+X509_issuer_name_hash_old
+EC_POINT_get_affine_coordinates_GFp
+BN_nist_mod_192
+PEM_write_bio_PrivateKey
+i2d_NETSCAPE_SPKAC
+d2i_ASIdentifierChoice
+EVP_PKEY_meth_get_digest_custom
+ENGINE_set_EC
+X509_REQ_set_extension_nids
+PEM_write
+X509_STORE_CTX_set0_verified_chain
+POLICYQUALINFO_free
+CONF_get_number
+ASN1_PCTX_get_flags
+X509V3_add_standard_extensions
+OCSP_ONEREQ_get_ext_by_OBJ
+NCONF_new
+SHA384_Update
+X509_STORE_CTX_set_depth
+EVP_DecryptFinal_ex
+EVP_PKEY_get0_DSA
+DH_check_params
+EVP_PKEY_meth_set_keygen
+PKCS12_SAFEBAG_create0_p8inf
+BIO_ADDR_hostname_string
+ASN1_bn_print
+ECDSA_do_sign_ex
+PKCS12_parse
+d2i_TS_RESP_bio
+i2d_X509_CRL_bio
+UI_dup_input_boolean
+EVP_CipherInit
+OBJ_sn2nid
+PKCS7_add_signature
+ASN1_mbstring_copy
+TS_CONF_set_accuracy
+EVP_CIPHER_CTX_set_padding
+X509_STORE_CTX_set0_untrusted
+EVP_bf_cfb64
+EC_KEY_get_enc_flags
+CMS_add1_ReceiptRequest
+OSSL_STORE_INFO_get0_CRL
+TS_RESP_create_response
+CT_POLICY_EVAL_CTX_set1_cert
+d2i_X509_CINF
+OCSP_request_onereq_get0
+DSA_get0_priv_key
+CMS_RecipientInfo_ktri_get0_algs
+EC_GROUP_check
+RAND_DRBG_set_reseed_defaults
+X509_NAME_print_ex_fp
+ASN1_put_object
+OPENSSL_LH_error
+d2i_PKCS8_PRIV_KEY_INFO_bio
+X509_CRL_print_ex
+OBJ_txt2obj
+AES_wrap_key
+X509_TRUST_get0_name
+a2i_ASN1_ENUMERATED
+EVP_MD_block_size
+d2i_DSAPrivateKey_fp
+ASN1_tag2bit
+X509_get_pubkey
+X509_PUBKEY_get0
+EVP_PKEY_asn1_get0_info
+ENGINE_unregister_digests
+X509_STORE_set_cert_crl
+d2i_ASN1_SET_ANY
+EVP_CIPHER_meth_set_iv_length
+ENGINE_get_pkey_asn1_meths
+BN_BLINDING_invert_ex
+EVP_aes_256_cbc
+DH_set0_pqg
+ESS_ISSUER_SERIAL_dup
+ASYNC_WAIT_CTX_get_changed_fds
+RSA_private_encrypt
+BIO_nwrite
+ASN1_item_pack
+EVP_MD_meth_set_flags
+OPENSSL_sk_new
+EVP_des_ede3_cfb64
+PEM_write_PKCS8PrivateKey_nid
+TS_CONF_get_tsa_section
+ENGINE_unregister_pkey_asn1_meths
+SCT_get_source
+EVP_cast5_ofb
+EVP_CIPHER_meth_get_cleanup
+EVP_PKEY_CTX_set0_keygen_info
+d2i_OCSP_RESPBYTES
+BN_abs_is_word
+EVP_EncryptInit
+X509_add1_ext_i2d
+TS_TST_INFO_set_time
+EVP_CIPHER_meth_set_ctrl
+RSA_set_flags
+OCSP_RESPONSE_new
+EVP_seed_ecb
+EVP_aria_128_ctr
+PEM_read_PKCS7
+PEM_read_PKCS8
+UI_dup_input_string
+RSA_get_multi_prime_extra_count
+BN_sqr
+ASN1_item_i2d_fp
+X509_STORE_set_depth
+OCSP_id_cmp
+ENGINE_get_default_RAND
+SMIME_read_CMS
+X509_NAME_add_entry_by_OBJ
+ENGINE_register_pkey_meths
+EVP_aria_256_gcm
+X509_STORE_get_get_crl
+X509V3_EXT_nconf
+X509_CRL_print_fp
+ASN1_ITEM_get
+EVP_ENCODE_CTX_num
+ENGINE_register_all_RSA
+BN_is_prime
+BN_generate_dsa_nonce
+TS_VERIFY_CTX_new
+EC_GROUP_get_point_conversion_form
+EVP_DecodeInit
+EVP_PKEY_meth_get_keygen
+PKCS7_SIGN_ENVELOPE_it
+d2i_SCT_LIST
+EVP_CIPHER_CTX_free
+EVP_CIPHER_meth_set_cleanup
+EC_POINT_dbl
+PKCS12_key_gen_asc
+BIO_ctrl_pending
+BIO_new_mem_buf
+ASN1_TIME_set
+CRYPTO_gcm128_decrypt
+ASN1_OCTET_STRING_it
+ENGINE_set_default_digests
+OCSP_REQUEST_get_ext_by_NID
+OCSP_SERVICELOC_free
+BN_mod_exp_recp
+OCSP_request_add1_nonce
+DH_set_default_method
+CTLOG_new_from_base64
+EVP_CIPHER_CTX_key_length
+PEM_read_bio_Parameters
+BN_nist_mod_521
+i2d_ASN1_T61STRING
+TS_CONF_set_digests
+EC_KEY_new
+RSA_null_method
+CMS_compress
+OBJ_nid2sn
+X509_OBJECT_set1_X509_CRL
+OPENSSL_uni2utf8
+X509V3_EXT_REQ_add_conf
+ASN1_BOOLEAN_it
+X509V3_set_conf_lhash
+EVP_aria_256_cfb128
+X509_STORE_set_get_crl
+TS_ACCURACY_free
+i2d_ASN1_BMPSTRING
+CMS_digest_create
+OPENSSL_strlcat
+UI_add_input_string
+ASN1_UNIVERSALSTRING_free
+EVP_aes_256_ccm
+i2v_GENERAL_NAMES
+X509_CRL_cmp
+EVP_aes_128_ocb
+CMS_add0_crl
+EVP_rc2_ofb
+RSA_meth_free
+BN_free
+ASN1_get_object
+DSAparams_dup
+ERR_peek_error_line_data
+UI_method_set_closer
+ENGINE_set_load_ssl_client_cert_function
+TS_RESP_set_status_info
+PKCS7_print_ctx
+ASN1_d2i_bio
+HMAC_Update
+CMS_unsigned_get0_data_by_OBJ
+CERTIFICATEPOLICIES_new
+OCSP_basic_sign_ctx
+BIO_ADDRINFO_free
+IPAddressRange_it
+EVP_aes_256_wrap
+BN_dup
+EVP_CipherUpdate
+d2i_EC_PUBKEY_fp
+ASN1_INTEGER_it
+PEM_write_PKCS8PrivateKey
+d2i_EC_PUBKEY
+d2i_DSA_PUBKEY
+OSSL_STORE_SEARCH_get0_bytes
+ENGINE_unregister_RAND
+PEM_read_bio_RSA_PUBKEY
+ASYNC_WAIT_CTX_free
+IPAddressChoice_new
+EC_GROUP_get_cofactor
+BIO_get_retry_reason
+IDEA_cbc_encrypt
+d2i_ESS_SIGNING_CERT
+i2d_PKCS8_bio
+COMP_CTX_new
+i2d_X509_CRL_fp
+X509V3_get_value_bool
+OPENSSL_LH_stats_bio
+X509_STORE_CTX_get1_certs
+PKCS12_item_i2d_encrypt
+BN_get_rfc3526_prime_6144
+X509V3_EXT_print
+RSA_meth_get_pub_dec
+DES_decrypt3
+i2d_OCSP_REVOKEDINFO
+ENGINE_register_RAND
+COMP_zlib
+TS_ext_print_bio
+X509_policy_tree_get0_user_policies
+i2d_USERNOTICE
+TS_REQ_set_policy_id
+OPENSSL_cleanse
+d2i_X509_REQ_bio
+ASN1_TYPE_set_int_octetstring
+ASN1_STRING_length_set
+UI_method_get_flusher
+BIO_vfree
+EVP_DecryptInit_ex
+PKCS5_pbe2_set
+EVP_MD_CTX_free
+ASN1_UNIVERSALSTRING_it
+TS_TST_INFO_get_ext_d2i
+PKCS7_set_attributes
+EC_GROUP_get_mont_data
+a2i_IPADDRESS_NC
+ASN1_SET_ANY_it
+CRYPTO_nistcts128_decrypt_block
+BN_BLINDING_lock
+BN_get_rfc2409_prime_768
+ASN1_PCTX_get_cert_flags
+NETSCAPE_SPKAC_new
+CMS_get0_RecipientInfos
+X509_STORE_CTX_set_cert
+ASN1_IA5STRING_it
+ASN1_GENERALSTRING_free
+ENGINE_unregister_DSA
+TS_STATUS_INFO_get0_text
+UI_method_get_prompt_constructor
+DSA_meth_set_verify
+ASN1_ENUMERATED_get_int64
+CRYPTO_secure_malloc
+ERR_print_errors
+OCSP_REVOKEDINFO_new
+PEM_read_RSAPublicKey
+d2i_ASRange
+RSA_meth_set_pub_dec
+OCSP_CRLID_new
+d2i_OCSP_RESPONSE
+OCSP_REQUEST_get1_ext_d2i
+BN_nist_mod_384
+EVP_rc4_40
+ASN1_STRING_type_new
+BN_BLINDING_invert
+OCSP_request_is_signed
+PKCS12_verify_mac
+BIO_free_all
+X509_CRL_digest
+OCSP_BASICRESP_free
+OPENSSL_fork_prepare
+UI_method_get_closer
+X509_VERIFY_PARAM_set1
+AES_cbc_encrypt
+OCSP_SERVICELOC_new
+X509V3_EXT_nconf_nid
+ASN1_GENERALIZEDTIME_set_string
+UI_method_set_flusher
+ASN1_check_infinite_end
+CAST_encrypt
+BN_mod_sqr
+ESS_CERT_ID_V2_free
+PEM_write_ECPrivateKey
+OCSP_parse_url
+EVP_md_null
+BIO_find_type
+X509_CRL_up_ref
+RSA_OAEP_PARAMS_free
+ASN1_TIME_diff
+PEM_write_RSAPrivateKey
+TS_VERIFY_CTX_set_flags
+RSA_PSS_PARAMS_free
+X509_REQ_INFO_free
+X509_STORE_set_check_policy
+ERR_peek_error
+CRYPTO_secure_used
+DIRECTORYSTRING_free
+PKCS12_add_friendlyname_uni
+d2i_CMS_bio
+CRYPTO_memdup
+DSA_print
+d2i_ASN1_TYPE
+EVP_camellia_192_cbc
+RSA_public_decrypt
+PKCS7_SIGN_ENVELOPE_new
+d2i_ECPrivateKey_bio
+EVP_camellia_256_ctr
+X509_print
+OCSP_resp_get0
+ECDSA_sign_ex
+BIO_meth_get_read
+CMS_add1_signer
+X509v3_asid_canonize
+X509_PUBKEY_free
+X509_keyid_get0
+PEM_read_bio_ECPKParameters
+PKCS5_PBKDF2_HMAC
+BIO_dump_cb
+i2d_RSA_PSS_PARAMS
+EVP_PKEY_get0_hmac
+CRYPTO_THREAD_lock_new
+BN_is_zero
+EC_KEY_new_method
+ASYNC_get_wait_ctx
+SCT_get_timestamp
+EC_KEY_key2buf
+CRYPTO_nistcts128_encrypt
+EC_KEY_METHOD_new
+BIO_dup_chain
+OCSP_REQUEST_it
+EVP_aes_192_wrap_pad
+DSA_meth_get_bn_mod_exp
+X509_REQ_get1_email
+OCSP_REQINFO_free
+PROXY_CERT_INFO_EXTENSION_new
+PKCS12_item_decrypt_d2i
+X509_REQ_digest
+X509at_get_attr_by_OBJ
+BN_BLINDING_set_current_thread
+ENGINE_get_destroy_function
+BN_sub
+OPENSSL_sk_sort
+DSA_meth_get_verify
+ENGINE_register_DSA
+TS_REQ_get_ext_by_critical
+OBJ_dup
+PBKDF2PARAM_free
+OBJ_NAME_do_all_sorted
+SHA256_Final
+X509_STORE_CTX_get0_policy_tree
+EVP_aes_128_wrap_pad
+DH_meth_get0_app_data
+X509_STORE_CTX_set0_dane
+d2i_PKCS12_BAGS
+OBJ_find_sigid_by_algs
+EVP_PKEY_CTX_hex2ctrl
+EVP_PKEY_meth_set_verifyctx
+EVP_camellia_128_cfb1
+BIO_new_bio_pair
+CMS_SharedInfo_encode
+EVP_DigestInit
+RSA_meth_new
+ASYNC_start_job
+DH_meth_get_generate_params
+X509_set_ex_data
+X509_issuer_and_serial_cmp
+X509_check_email
+EVP_camellia_128_cfb8
+SEED_cbc_encrypt
+RSA_padding_add_X931
+X509_ALGOR_it
+EVP_aes_128_ofb
+EVP_sha3_224
+EVP_PKEY_derive_init
+i2d_X509_REQ_fp
+EVP_mdc2
+EVP_PKEY_asn1_copy
+EVP_PKEY_meth_set_digestverify
+EC_GROUP_set_generator
+CONF_module_set_usr_data
+OPENSSL_cleanup
+DSA_meth_set0_app_data
+ENGINE_set_pkey_asn1_meths
+PKCS12_mac_present
+BIO_fd_should_retry
+CMS_final
+ASN1_OCTET_STRING_set
+X509_ALGOR_cmp
+NAMING_AUTHORITY_free
+d2i_X509_ALGOR
+X509_PURPOSE_get_by_sname
+X509_CRL_set_issuer_name
+X509_policy_check
+PEM_write_bio_DHxparams
+OCSP_SINGLERESP_it
+DES_string_to_key
+BIO_dump_indent_cb
+EC_GROUP_new_curve_GFp
+HMAC_size
+BIO_meth_set_read
+X509_STORE_get_ex_data
+OPENSSL_sk_value
+EVP_PKEY_get1_DH
+BIO_s_connect
+i2d_DSA_PUBKEY
+i2d_PKCS12
+PKCS12_key_gen_utf8
+X509_PUBKEY_new
+CRYPTO_ocb128_encrypt
+PROFESSION_INFO_get0_professionOIDs
+X509_check_trust
+PKCS5_pbe_set0_algor
+IPAddressChoice_free
+RSA_clear_flags
+ERR_load_CRYPTO_strings
+RSA_PKCS1_OpenSSL
+PEM_write_X509
+OSSL_STORE_do_all_loaders
+MD4_Update
+d2i_DSAPrivateKey_bio
+i2d_TS_ACCURACY
+OPENSSL_fork_parent
+ADMISSIONS_set0_admissionAuthority
+d2i_PKCS12_SAFEBAG
+X509_LOOKUP_shutdown
+EVP_CIPHER_meth_set_do_cipher
+PKCS7_get_issuer_and_serial
+SXNET_add_id_INTEGER
+EVP_DigestVerifyFinal
+X509_STORE_CTX_get_lookup_crls
+X509_STORE_get_cleanup
+OBJ_NAME_new_index
+ASN1_object_size
+X509_pubkey_digest
+i2d_IPAddressRange
+ASN1_UNIVERSALSTRING_to_string
+OCSP_REQ_CTX_free
+EVP_SignFinal
+ASN1_PRINTABLESTRING_new
+OCSP_cert_to_id
+EVP_PKEY_get1_tls_encodedpoint
+EC_GROUP_get_curve_GFp
+EVP_aes_256_cbc_hmac_sha256
+X509V3_extensions_print
+BN_mod_exp_mont
+X509V3_EXT_REQ_add_nconf
+EVP_aes_256_ecb
+UI_new
+POLICYINFO_it
+X509_get_default_cert_area
+WHIRLPOOL
+X509_STORE_set_ex_data
+EVP_PKEY_bits
+OPENSSL_LH_stats
+ADMISSIONS_free
+d2i_PBKDF2PARAM
+CRYPTO_gcm128_aad
+PKCS7_ENVELOPE_new
+BN_from_montgomery
+BN_mod_mul_reciprocal
+UI_process
+i2d_NOTICEREF
+RSA_meth_get_priv_dec
+X509_CRL_METHOD_new
+CRL_DIST_POINTS_new
+i2d_TS_RESP
+CRYPTO_cts128_encrypt_block
+SCT_set0_extensions
+X509_LOOKUP_meth_get_get_by_issuer_serial
+NAME_CONSTRAINTS_check_CN
+DSA_meth_get_init
+X509_VERIFY_PARAM_add0_table
+GENERAL_NAME_dup
+X509V3_EXT_print_fp
+EVP_PKEY_type
+X509_NAME_ENTRY_set
+ERR_load_X509V3_strings
+EVP_CIPHER_get_asn1_iv
+X509_REQ_get0_signature
+ASN1_item_ex_free
+EVP_rc4_hmac_md5
+BN_mod_sqrt
+BIO_sock_should_retry
+SCT_new
+X509_STORE_set_cleanup
+BN_mod_lshift_quick
+d2i_ESS_CERT_ID
+RC4_options
+CRYPTO_THREAD_set_local
+ASN1_STRING_set0
+CRYPTO_ccm128_aad
+TS_RESP_verify_signature
+EVP_get_pw_prompt
+OCSP_SIGNATURE_new
+d2i_ECPrivateKey_fp
+DSO_pathbyaddr
+SHA512_Init
+X509_LOOKUP_meth_set_new_item
+BIO_ctrl
+ASIdOrRange_it
+CAST_ofb64_encrypt
+UI_dup_verify_string
+BN_pseudo_rand
+AES_set_encrypt_key
+TS_TST_INFO_free
+EVP_PKEY_get0_engine
+EVP_PKCS82PKEY
+PKCS12_newpass
+X509_ATTRIBUTE_dup
+HMAC_Init_ex
+X509_REVOKED_add_ext
+BIO_write_ex
+PEM_write_bio_RSAPrivateKey
+X509_OBJECT_get_type
+BN_secure_new
+CRYPTO_ocb128_tag
+ASN1_INTEGER_dup
+CRYPTO_secure_free
+EVP_CIPHER_CTX_new
+CRYPTO_set_mem_debug
+ASN1_BIT_STRING_it
+X509_REQ_get_version
+ASN1_PCTX_free
+CMS_signed_add1_attr_by_txt
+EVP_CIPHER_set_asn1_iv
+ESS_ISSUER_SERIAL_new
+ASN1_SCTX_new
+OPENSSL_sk_reserve
+SEED_cfb128_encrypt
+BIO_meth_get_destroy
+X509_CRL_add1_ext_i2d
+X509_CRL_get_ext_by_critical
+CMS_ReceiptRequest_get0_values
+BN_mod_sub
+DH_new_by_nid
+TS_REQ_dup
+PKCS7_set_digest
+X509V3_section_free
+ECDSA_SIG_get0
+CONF_load_fp
+EVP_PBE_get
+PKCS12_SAFEBAGS_it
+CMS_SignerInfo_get0_signer_id
+NETSCAPE_SPKI_b64_decode
+BIO_ctrl_reset_read_request
+BIO_meth_set_callback_ctrl
+CMS_SignerInfo_set1_signer_cert
+OSSL_STORE_SEARCH_by_alias
+RIPEMD160_Transform
+EVP_CipherFinal_ex
+RAND_DRBG_get_ex_data
+OCSP_SINGLERESP_add_ext
+CRYPTO_THREAD_init_local
+CMAC_CTX_copy
+DSA_meth_set_init
+TS_RESP_CTX_set_ess_cert_id_digest
+TS_VERIFY_CTX_set_store
+BIO_ADDR_service_string
+ASN1_item_ndef_i2d
+i2d_ECPrivateKey_fp
+DH_get0_key
+ASN1_FBOOLEAN_it
+BIO_dump_fp
+PKCS7_SIGNED_free
+X509_REQ_add1_attr
+ADMISSIONS_it
+OPENSSL_INIT_free
+PEM_write_X509_REQ
+BIO_s_null
+EVP_DigestSignInit
+X509_time_adj_ex
+TS_MSG_IMPRINT_get_msg
+RSA_verify
+PKCS12_add_CSPName_asc
+OPENSSL_LH_new
+BIO_meth_set_destroy
+BIO_dgram_non_fatal_error
+EVP_PKEY_meth_get_copy
+AES_decrypt
+d2i_X509_REQ
+EVP_bf_cbc
+TS_TST_INFO_set_tsa
+CRYPTO_nistcts128_encrypt_block
+SXNET_add_id_ulong
+RC2_set_key
+PEM_read_X509_REQ
+X509V3_set_nconf
+i2d_PKCS7_bio
+PKCS7_stream
+EVP_sha3_256
+DES_xcbc_encrypt
+CMS_unsigned_add1_attr_by_OBJ
+X509V3_set_ctx
+BN_lebin2bn
+SXNET_add_id_asc
+X509_policy_tree_get0_policies
+d2i_GENERAL_NAMES
+X509_LOOKUP_meth_set_get_by_fingerprint
+ASN1_INTEGER_to_BN
+ECDSA_verify
+DSO_flags
+OPENSSL_sk_new_reserve
+CMS_SignerInfo_verify
+X509_REVOKED_delete_ext
+i2d_X509_ALGOR
+X509_get_ext_by_NID
+ERR_error_string_n
+X509_get_pubkey_parameters
+BN_print
+RSAPublicKey_it
+PKCS8_pkey_get0_attrs
+BIO_s_file
+ENGINE_get_pkey_asn1_meth_engine
+X509_verify_cert_error_string
+CMS_RecipientEncryptedKey_cert_cmp
+d2i_PKCS7_ENCRYPT
+ENGINE_set_ctrl_function
+EVP_PKEY_verify_recover_init
+EVP_PKEY_CTX_free
+X509_LOOKUP_meth_set_get_by_subject
+X509_CRL_diff
+OPENSSL_isservice
+ASN1_T61STRING_new
+i2d_X509_ALGORS
+i2d_PKCS8_fp
+OCSP_CERTID_it
+BIO_meth_set_create
+X509_STORE_CTX_get_error_depth
+OCSP_REQ_CTX_nbio
+d2i_DSA_SIG
+PEM_write_bio_DSAPrivateKey
+X509V3_EXT_get
+CMS_unsigned_add1_attr
+BIO_dump_indent_fp
+NETSCAPE_SPKI_verify
+OCSP_CERTID_free
+RSA_generate_key
+CRYPTO_gcm128_encrypt
+BN_new
+EVP_aes_128_xts
+TS_MSG_IMPRINT_dup
+i2d_X509_NAME
+DH_set0_key
+EC_GROUP_cmp
+PEM_bytes_read_bio_secmem
+ASN1_add_oid_module
+ADMISSIONS_new
+d2i_PKEY_USAGE_PERIOD
+i2d_CMS_bio_stream
+EVP_MD_CTX_update_fn
+OSSL_STORE_error
+CRYPTO_THREAD_lock_free
+CRYPTO_gcm128_new
+DSA_meth_get_sign_setup
+ASN1_TYPE_cmp
+EVP_MD_CTX_new
+PROFESSION_INFO_get0_namingAuthority
+ASN1_STRING_TABLE_get
+BIO_set_flags
+OCSP_sendreq_new
+BN_add
+DSA_size
+EVP_PKEY_meth_set_copy
+OSSL_STORE_SEARCH_by_issuer_serial
+NAMING_AUTHORITY_set0_authorityURL
+X509_set_proxy_pathlen
+BN_options
+ASN1_item_d2i
+RAND_file_name
+ENGINE_set_default_DSA
+EVP_aria_128_cfb1
+ASN1_UTF8STRING_free
+X509V3_EXT_cleanup
+CRYPTO_ocb128_setiv
+X509v3_asid_validate_resource_set
+PEM_read_bio_ECPrivateKey
+DIST_POINT_NAME_new
+BN_clear_bit
+EVP_aria_256_ctr
+BN_priv_rand_range
+OCSP_response_create
+ECDSA_do_verify
+EC_KEY_new_by_curve_name
+X509_ATTRIBUTE_create_by_txt
+EVP_aria_128_cfb8
+DES_set_key_checked
+d2i_ECParameters
+BN_GF2m_mod_inv
+EVP_camellia_192_ecb
+X509_REQ_set_pubkey
+CMS_EncryptedData_decrypt
+X509_REVOKED_get_ext_count
+PKCS7_digest_from_attributes
+X509_REVOKED_free
+d2i_RSA_PUBKEY_fp
+ASN1_IA5STRING_new
+BIO_get_init
+OPENSSL_INIT_set_config_filename
+EVP_PKEY_asn1_set_security_bits
+i2d_CRL_DIST_POINTS
+CMS_stream
+RSA_set0_crt_params
+X509_STORE_get0_objects
+ERR_peek_last_error_line_data
+OCSP_CRLID_free
+EVP_PBE_scrypt
+DSA_get0_pqg
+OCSP_REQ_CTX_nbio_d2i
+EC_POINT_mul
+EC_GROUP_get_curve_name
+ZINT32_it
+BIO_ADDR_path_string
+NETSCAPE_SPKI_print
+ASN1_VISIBLESTRING_free
+X509_REQ_get_subject_name
+EVP_read_pw_string_min
+IDEA_set_encrypt_key
+ASN1_item_ex_new
+TS_REQ_to_TS_VERIFY_CTX
+ENGINE_set_DSA
+ASN1_TYPE_get
+RSA_padding_check_SSLv23
+TS_VERIFY_CTX_set_data
+ASN1_const_check_infinite_end
+d2i_ASN1_UTF8STRING
+TS_RESP_set_tst_info
+PKCS7_SIGNER_INFO_sign
+OPENSSL_LH_node_stats
+X509_EXTENSION_set_critical
+X509_REVOKED_get0_serialNumber
+BN_GF2m_mod_solve_quad_arr
+OCSP_CRLID_it
+X509_CRL_delete_ext
+PKCS12_SAFEBAG_free
+EVP_PKEY_CTX_get_app_data
+SHA384_Init
+i2d_re_X509_CRL_tbs
+OCSP_RESPID_it
+CRYPTO_ccm128_setiv
+OCSP_RESPBYTES_free
+CMS_verify_receipt
+BN_CTX_get
+EC_KEY_decoded_from_explicit_params
+BN_GF2m_mod_exp
+CRYPTO_gcm128_setiv
+s2i_ASN1_OCTET_STRING
+EVP_PKEY_save_parameters
+X509_chain_up_ref
+ASIdentifiers_new
+EVP_CIPHER_CTX_nid
+BIO_lookup_ex
+DSA_new_method
+X509V3_EXT_conf
+OCSP_REVOKEDINFO_it
+X509_alias_get0
+PKCS12_SAFEBAG_get_bag_nid
+BIO_f_linebuffer
+NETSCAPE_SPKI_new
+X509v3_asid_validate_path
+EVP_PKEY_meth_get_count
+UINT32_it
+CMS_RecipientInfo_set0_key
+RSA_flags
+d2i_ASN1_VISIBLESTRING
+TS_REQ_set_nonce
+d2i_GENERAL_NAME
+i2d_TS_MSG_IMPRINT
+EC_POINT_get_affine_coordinates
+EVP_PKEY_meth_copy
+OSSL_STORE_LOADER_set_eof
+CRYPTO_128_unwrap
+MD4_Init
+OCSP_request_add1_cert
+PEM_read_bio_DHparams
+EVP_aes_256_gcm
+X509_REQ_get_pubkey
+EC_GFp_mont_method
+ECDSA_SIG_free
+DSA_set0_pqg
+X509_CRL_get_version
+X509_REVOKED_get_ext_d2i
+BN_mpi2bn
+EVP_DecryptUpdate
+X509at_add1_attr_by_NID
+ASYNC_WAIT_CTX_get_all_fds
+CMS_dataInit
+i2d_DHxparams
+RSA_verify_ASN1_OCTET_STRING
+X509V3_EXT_add_conf
+X509_NAME_set
+OCSP_RESPID_set_by_key
+EC_POINT_point2oct
+EC_KEY_get_conv_form
+d2i_DSA_PUBKEY_fp
+ESS_SIGNING_CERT_V2_free
+RSA_public_encrypt
+ERR_load_RSA_strings
+ECParameters_print_fp
+i2d_CMS_ContentInfo
+DSO_ctrl
+ENGINE_get_cmd_defns
+PKCS7_ctrl
+DH_check_pub_key
+X509V3_add_value
+d2i_OTHERNAME
+X509_STORE_get_check_crl
+UI_get_string_type
+IDEA_ecb_encrypt
+OCSP_RESPID_new
+d2i_PublicKey
+TS_RESP_CTX_add_policy
+CRYPTO_new_ex_data
+X509v3_addr_canonize
+OSSL_STORE_INFO_new_PARAMS
+TS_RESP_CTX_set_status_info_cond
+CRYPTO_128_wrap_pad
+BIO_sock_info
+CRYPTO_ocb128_cleanup
+d2i_ESS_SIGNING_CERT_V2
+BN_mod_add
+PEM_write_bio_X509
+PEM_SignUpdate
+ECDSA_size
+BIO_vprintf
+i2d_ECDSA_SIG
+ASN1_BIT_STRING_check
+X509_PURPOSE_get_count
+BN_bn2lebinpad
+BIO_set_data
+PEM_read_bio_X509
+OCSP_resp_get0_id
+RAND_DRBG_get0_public
+AUTHORITY_INFO_ACCESS_free
+ECDSA_do_sign
+TS_REQ_get_ext_by_NID
+CMS_ReceiptRequest_new
+EXTENDED_KEY_USAGE_it
+d2i_IPAddressFamily
+DES_set_key
+TS_CONF_set_crypto_device
+ECPKParameters_print_fp
+i2d_PrivateKey_fp
+PKCS8_decrypt
+EVP_CIPHER_CTX_rand_key
+CMS_RecipientInfo_get0_pkey_ctx
+X509_REVOKED_get0_revocationDate
+OCSP_REQ_CTX_new
+TS_REQ_free
+X509_STORE_CTX_get_get_crl
+EC_GROUP_have_precompute_mult
+PKCS7_set0_type_other
+RSA_OAEP_PARAMS_new
+EC_POINT_is_at_infinity
+ISSUING_DIST_POINT_new
+BN_get_rfc3526_prime_4096
+OPENSSL_LH_num_items
+d2i_SXNETID
+d2i_PKCS8_fp
+BIO_read
+EVP_rc2_64_cbc
+CRYPTO_free
+OPENSSL_LH_node_usage_stats
+EVP_EncodeFinal
+MD5_Init
+X509_REQ_INFO_new
+CMS_get0_SignerInfos
+TS_RESP_CTX_add_failure_info
+OBJ_new_nid
+CRYPTO_128_unwrap_pad
+COMP_expand_block
+EC_GROUP_get_ecparameters
+AES_ecb_encrypt
+BIO_set_callback_ex
+RSA_check_key
+TS_TST_INFO_set_serial
+X509_NAME_entry_count
+OSSL_STORE_SEARCH_get0_string
+X509_REQ_to_X509
+OBJ_nid2obj
+i2d_PKCS12_MAC_DATA
+CRYPTO_ofb128_encrypt
+ERR_load_strings
+NCONF_load_bio
+d2i_X509_VAL
+X509_STORE_get_verify_cb
+BIGNUM_it
+ENGINE_up_ref
+PKCS8_set0_pbe
+BIO_new_CMS
+GENERAL_NAME_new
+DSA_get_ex_data
+EVP_chacha20_poly1305
+X509_TRUST_set_default
+CMS_add0_cert
+d2i_DSAPublicKey
+AUTHORITY_INFO_ACCESS_new
+EC_KEY_priv2buf
+OBJ_NAME_init
+ADMISSIONS_set0_namingAuthority
+X509V3_add_value_bool
+NCONF_free
+ENGINE_get_load_pubkey_function
+i2d_PROXY_CERT_INFO_EXTENSION
+UI_method_get_data_duplicator
+i2d_ASIdentifierChoice
+RSA_padding_add_PKCS1_OAEP
+BF_ecb_encrypt
+PKCS12_setup_mac
+RSA_padding_add_PKCS1_OAEP_mgf1
+X509_CRL_add_ext
+UI_dup_user_data
+EVP_EncodeBlock
+OCSP_SINGLERESP_add1_ext_i2d
+RC2_decrypt
+ASN1_item_free
+X509_ATTRIBUTE_get0_type
+EVP_aria_128_ofb
+d2i_PrivateKey
+PEM_read_bio_EC_PUBKEY
+X509_set_issuer_name
+PBE2PARAM_free
+EC_POINT_set_compressed_coordinates_GF2m
+d2i_AutoPrivateKey
+X509_SIG_new
+PKCS7_sign
+ENGINE_register_pkey_asn1_meths
+BIO_get_retry_BIO
+X509_policy_node_get0_policy
+TS_REQ_ext_free
+OSSL_STORE_LOADER_set_expect
+TS_CONF_load_cert
+ASN1_put_eoc
+X509_ATTRIBUTE_new
+EVP_bf_ecb
+BIO_new_socket
+a2i_ASN1_INTEGER
+OPENSSL_sk_push
+d2i_RSA_OAEP_PARAMS
+CRYPTO_THREAD_run_once
+ASN1_INTEGER_new
+CMS_get1_crls
+SHA1
+CMAC_Update
+DSA_set_ex_data
+EVP_MD_CTX_pkey_ctx
+EC_POINT_set_to_infinity
+BIO_sock_error
+CMS_add0_CertificateChoices
+ASN1_PRINTABLE_free
+RSA_generate_key_ex
+OPENSSL_LH_strhash
+NETSCAPE_CERT_SEQUENCE_it
+TS_REQ_new
+X509_signature_print
+ENGINE_load_builtin_engines
+ENGINE_ctrl_cmd
+CRYPTO_secure_actual_size
+d2i_TS_MSG_IMPRINT_bio
+i2d_ASN1_OCTET_STRING
+PKCS12_MAC_DATA_it
+ASN1_NULL_new
+ENGINE_set_default_string
+X509_policy_tree_free
+SEED_ecb_encrypt
+PEM_read_PKCS8_PRIV_KEY_INFO
+AES_cfb1_encrypt
+EVP_PKEY_decrypt_old
+X509_REQ_dup
+EC_KEY_print
+X509_STORE_get_check_issued
+ASN1_GENERALSTRING_it
+X509v3_asid_subset
+EVP_PKEY_meth_set_param_check
+BIO_ADDR_rawmake
+PKCS7_SIGNED_it
+TS_TST_INFO_get_serial
+CMS_uncompress
+PKCS12_decrypt_skey
+EVP_idea_ofb
+EVP_CIPHER_meth_set_set_asn1_params
+RSA_X931_generate_key_ex
+i2d_OCSP_RESPID
+CRYPTO_ccm128_decrypt_ccm64
+TS_CONF_set_signer_key
+ASN1_BMPSTRING_it
+ASN1_GENERALIZEDTIME_set
+ERR_get_next_error_library
+ENGINE_register_all_RAND
+d2i_X509_CRL_bio
+EVP_CIPHER_CTX_ctrl
+CRYPTO_gcm128_encrypt_ctr32
+PKCS7_add_certificate
+OPENSSL_LH_node_stats_bio
+CMS_RecipientEncryptedKey_get0_id
+ASN1_PCTX_set_flags
+OCSP_CERTSTATUS_it
+EVP_PKEY_meth_get0_info
+ASN1_SCTX_get_template
+X509_set_serialNumber
+BN_print_fp
+X509_LOOKUP_meth_set_shutdown
+OPENSSL_gmtime_diff
+ENGINE_cmd_is_executable
+BIO_ctrl_get_read_request
+BN_CTX_end
+OCSP_REQ_CTX_get0_mem_bio
+d2i_PKCS8_bio
+CRYPTO_ocb128_finish
+ENGINE_get_next
+X509_PUBKEY_set0_param
+OSSL_STORE_SEARCH_get_type
+X509_get_pathlen
+EC_GROUP_get0_seed
+OBJ_NAME_add
+SRP_get_default_gN
+PEM_write_bio_NETSCAPE_CERT_SEQUENCE
+ASN1_UTF8STRING_new
+TS_RESP_CTX_get_tst_info
+SCT_LIST_validate
+CMS_add1_cert
+X509_CRL_add0_revoked
+BIO_ADDR_family
+EVP_PKEY_CTX_get0_pkey
+d2i_BASIC_CONSTRAINTS
+EVP_OpenInit
+ASN1_UTCTIME_new
+X509_STORE_set_check_revocation
+X509_REQ_get_attr
+DES_key_sched
+d2i_OCSP_SINGLERESP
+b2i_PrivateKey
+ASN1_STRING_to_UTF8
+NCONF_default
+i2d_ASN1_IA5STRING
+d2i_CMS_ReceiptRequest
+ASN1_T61STRING_free
+SHA512_Transform
+EVP_PKEY_asn1_get_count
+i2d_PBE2PARAM
+BIO_sock_init
+X509_STORE_unlock
+PKCS12_gen_mac
+X509_issuer_and_serial_hash
+ASN1_item_dup
+i2d_PKCS7_ENC_CONTENT
+PKCS12_it
+X509_STORE_set_default_paths
+BN_usub
+OPENSSL_sk_pop
+ASN1_UTCTIME_adj
+PKCS12_create
+X509_cmp_time
+BIO_dump_indent
+ASN1_OBJECT_it
+AES_encrypt
+TXT_DB_insert
+EVP_aes_256_cbc_hmac_sha1
+PEM_read_bio_RSAPrivateKey
+X509_INFO_free
+i2d_ASN1_TIME
+RAND_DRBG_free
+DSA_up_ref
+ASRange_it
+d2i_PUBKEY_bio
+PKCS12_MAC_DATA_free
+d2i_OCSP_SERVICELOC
+i2d_X509_fp
+TS_MSG_IMPRINT_new
+DES_quad_cksum
+SXNET_it
+UI_get_default_method
+PEM_read_DSA_PUBKEY
+HMAC_CTX_free
+CRYPTO_secure_malloc_init
+DH_meth_set0_app_data
+PKCS12_SAFEBAG_create0_pkcs8
+SCT_get0_extensions
+CMS_add0_recipient_password
+RC4
+X509_REQ_check_private_key
+EVP_shake256
+EVP_PKEY_id
+EVP_camellia_192_cfb128
+DSA_meth_set_paramgen
+ASN1_ENUMERATED_new
+EC_KEY_set_private_key
+EVP_MD_CTX_ctrl
+X509v3_addr_subset
+PKCS5_pbkdf2_set
+i2d_OCSP_SINGLERESP
+ASN1_SCTX_get_flags
+CMS_add_standard_smimecap
+EVP_CIPHER_flags
+DH_meth_get0_name
+DSA_bits
+X509_LOOKUP_by_alias
+i2d_GENERAL_NAMES
+ENGINE_finish
+X509_STORE_CTX_set_trust
+ASN1_BIT_STRING_get_bit
+RSAPrivateKey_dup
+X509_ALGOR_set_md
+X509_VERIFY_PARAM_get0_name
+d2i_ASN1_UINTEGER
+d2i_ASIdOrRange
+PEM_write_PrivateKey
+PKCS7_SIGNER_INFO_get0_algs
+X509_PUBKEY_get0_param
+EVP_CIPHER_impl_ctx_size
+d2i_EC_PUBKEY_bio
+IPAddressFamily_free
+OCSP_SIGNATURE_it
+OSSL_STORE_INFO_set0_NAME_description
+i2d_PUBKEY_fp
+BN_add_word
+ASN1_TIME_free
+EVP_PKEY_meth_get_digestsign
+X509_get0_pubkey
+X509_CRL_http_nbio
+OPENSSL_INIT_set_config_file_flags
+d2i_TS_TST_INFO
+EC_GFp_simple_method
+EVP_MD_meth_set_copy
+BN_BLINDING_set_flags
+d2i_X509_CRL_INFO
+IPAddressFamily_new
+BIO_dump
+X509_TRUST_get_trust
+CRYPTO_zalloc
+EVP_PKEY_meth_get_signctx
+EVP_PKEY_meth_set_digest_custom
+ASN1_TYPE_get_int_octetstring
+EVP_CIPHER_CTX_get_app_data
+PKCS7_add1_attrib_digest
+i2d_OCSP_SERVICELOC
+SMIME_write_CMS
+PROFESSION_INFO_get0_registrationNumber
+i2d_PrivateKey
+SRP_user_pwd_free
+X509_getm_notAfter
+EVP_PKEY_new_mac_key
+EVP_PKEY_asn1_set_get_pub_key
+EC_KEY_free
+ASN1_STRING_print
+DSO_convert_filename
+EC_POINT_hex2point
+EC_GROUP_copy
+X509_STORE_CTX_get_ex_data
+EVP_camellia_256_ofb
+DES_ede3_cfb_encrypt
+OPENSSL_sk_num
+X509_STORE_CTX_get1_crls
+EVP_PKEY_CTX_set_cb
+BIO_f_reliable
+DSAparams_print_fp
+X509_VERIFY_PARAM_set_auth_level
+ENGINE_get_RSA
+d2i_PKCS7_SIGN_ENVELOPE
+CRYPTO_128_wrap
+PKCS7_add_signed_attribute
+EVP_DigestInit_ex
+X509_PURPOSE_get_id
+EVP_PKEY_public_check
+X509_STORE_set_trust
+ERR_load_PEM_strings
+PKCS12_add_safe
+X509_STORE_CTX_get_cleanup
+EVP_PKEY_set_type
+X509_LOOKUP_get_store
+OCSP_BASICRESP_add1_ext_i2d
+HMAC
+BIO_ADDRINFO_address
+i2s_ASN1_ENUMERATED_TABLE
+EVP_PKEY_meth_set_signctx
+i2d_DISPLAYTEXT
+BN_GF2m_poly2arr
+GENERAL_NAME_it
+OCSP_REQUEST_new
+DSA_generate_parameters_ex
+PEM_write_bio_PKCS8PrivateKey
+PKEY_USAGE_PERIOD_free
+PKCS7_RECIP_INFO_new
+EVP_PKEY_print_public
+SHA224
+EVP_PKEY_asn1_set_set_pub_key
+OPENSSL_load_builtin_modules
+d2i_ESS_ISSUER_SERIAL
+PEM_write_X509_AUX
+EVP_MD_CTX_set_update_fn
+PKCS5_v2_PBE_keyivgen
+TS_REQ_get_cert_req
+RSA_sign_ASN1_OCTET_STRING
+EVP_MD_meth_get_final
+d2i_X509_AUX
+OPENSSL_strlcpy
+X509_STORE_CTX_set_ex_data
+ERR_load_OSSL_STORE_strings
+i2d_RSA_PUBKEY_fp
+X509_verify
+EVP_des_ede_cbc
+d2i_RSAPublicKey
+PEM_read_X509_AUX
+NOTICEREF_new
+ZINT64_it
+SCT_print
+i2d_OCSP_CERTID
+SCT_set1_extensions
+POLICYINFO_new
+BIO_method_name
+X509_STORE_CTX_get0_untrusted
+EC_POINT_method_of
+X509_load_crl_file
+CMAC_Final
+SCT_set_source
+UI_get_result_maxsize
+ENGINE_get_id
+ASN1_item_unpack
+EC_GROUP_set_curve
+OPENSSL_sk_unshift
+ASN1_ENUMERATED_set_int64
+TS_CONF_set_ordering
+BIO_s_secmem
+CMS_signed_get0_data_by_OBJ
+CMS_ContentInfo_print_ctx
+TS_RESP_print_bio
+DH_generate_parameters
+d2i_ASN1_T61STRING
+EVP_PKEY_get0_poly1305
+EVP_des_cbc
+EVP_CIPHER_do_all_sorted
+PROFESSION_INFO_set0_addProfessionInfo
+ENGINE_get_prev
+X509_get0_authority_key_id
+OCSP_ONEREQ_add1_ext_i2d
+PKCS7_ATTR_VERIFY_it
+SMIME_read_PKCS7
+RSA_meth_set_bn_mod_exp
+X509_REQ_get_attr_by_NID
+BN_GF2m_add
+X509_CRL_get_REVOKED
+CMS_get0_signers
+X509_STORE_CTX_get0_parent_ctx
+OPENSSL_issetugid
+CTLOG_STORE_load_file
+CRYPTO_gcm128_tag
+X509_STORE_CTX_cleanup
+NOTICEREF_free
+ERR_add_error_data
+UINT64_it
+i2d_OCSP_SIGNATURE
+OPENSSL_DIR_read
+DH_test_flags
+TXT_DB_free
+EVP_DigestSignFinal
+ENGINE_get_init_function
+i2b_PrivateKey_bio
+DISPLAYTEXT_new
+EVP_sha512_224
+RSA_padding_add_none
+DSA_get0_key
+BIO_new_connect
+BN_zero_ex
+ERR_load_ASN1_strings
+RSA_get_default_method
+PEM_write_X509_CRL
+d2i_NOTICEREF
+X509_it
+X509_REQ_print_ex
+d2i_X509_CRL
+PKCS7_get_smimecap
+ASN1_PCTX_set_nm_flags
+ASN1_item_sign_ctx
+TS_REQ_get_exts
+SRP_Calc_client_key
+OCSP_resp_count
+X509_STORE_get_cert_crl
+CONF_load_bio
+Camellia_decrypt
+RSA_verify_PKCS1_PSS
+CMAC_resume
+X509_REQ_set1_signature_algo
+PEM_read_X509_CRL
+X509_STORE_set1_param
+i2d_PUBKEY_bio
+PKEY_USAGE_PERIOD_it
+CRYPTO_ccm128_tag
+GENERAL_NAME_set0_othername
+d2i_DSA_PUBKEY_bio
+BIO_snprintf
+PEM_write_bio_RSA_PUBKEY
+i2d_PROXY_POLICY
+PKCS7_ATTR_SIGN_it
+BN_RECP_CTX_free
+X509_PKEY_free
+ENGINE_get_default_DSA
+OCSP_CERTID_dup
+TS_CONF_set_def_policy
+ASN1_OCTET_STRING_dup
+OCSP_RESPBYTES_new
+ENGINE_register_ciphers
+DH_get0_engine
+EVP_PKEY_meth_set_derive
+X509V3_EXT_add_list
+IPAddressOrRange_new
+X509_ATTRIBUTE_get0_data
+X509v3_addr_validate_path
+CMS_RecipientInfo_kari_orig_id_cmp
+PKCS5_PBE_keyivgen
+d2i_DSAPrivateKey
+ASN1_tag2str
+TS_TST_INFO_dup
+i2d_PKCS8PrivateKeyInfo_bio
+X509_REQ_INFO_it
+CRYPTO_THREAD_compare_id
+EVP_sm3
+BIO_meth_get_write
+EVP_CIPHER_CTX_iv_noconst
+BUF_MEM_grow
+EVP_DigestSign
+EVP_sha512
+PEM_write_bio_PKCS7_stream
+PKCS5_pbe_set
+CRYPTO_get_ex_new_index
+ASN1_PCTX_get_oid_flags
+i2d_TS_STATUS_INFO
+OpenSSL_version
+OCSP_REQ_CTX_set1_req
+RSA_get0_crt_params
+X509_REQ_print_fp
+RAND_DRBG_set
+PKCS12_SAFEBAG_get0_type
+CRYPTO_ccm128_encrypt_ccm64
+OPENSSL_strnlen
+d2i_X509_bio
+ASN1_UTF8STRING_it
+DH_get0_priv_key
+EVP_aes_128_wrap
+EVP_aes_192_cbc
+SCT_LIST_free
+EC_GROUP_new_by_curve_name
+d2i_DIRECTORYSTRING
+RSAPrivateKey_it
+EVP_aes_256_ctr
+ERR_print_errors_cb
+X509_REQ_get_extensions
+d2i_OCSP_CRLID
+GENERAL_NAME_get0_value
+RSA_generate_multi_prime_key
+ERR_load_OBJ_strings
+DSA_set0_key
+TS_TST_INFO_set_msg_imprint
+CRYPTO_cts128_decrypt_block
+EC_GFp_nistp521_method
+OPENSSL_atexit
+d2i_PUBKEY
+BIO_s_socket
+EC_KEY_set_group
+CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE
+X509_STORE_set_lookup_crls
+ASN1_TIME_it
+i2a_ASN1_OBJECT
+PKCS7_SIGNED_new
+EVP_des_cfb64
+X509_NAME_hash
+X509v3_addr_is_canonical
+OCSP_BASICRESP_add_ext
+UI_get0_action_string
+UI_free
+BN_uadd
+d2i_OCSP_REVOKEDINFO
+EVP_PKEY_CTX_new_id
+OCSP_SIGNATURE_free
+PKCS7_add_attrib_content_type
+X509_get_default_private_dir
+X509_OBJECT_get0_X509_CRL
+DHparams_dup
+PKCS12_AUTHSAFES_it
+CRYPTO_cfb128_1_encrypt
+PKCS7_ENCRYPT_it
+EVP_CIPHER_CTX_test_flags
+ASIdOrRange_new
+OSSL_STORE_vctrl
+ERR_load_BUF_strings
+X509_NAME_ENTRY_dup
+X509_CRL_print
+EC_KEY_OpenSSL
+ERR_load_ENGINE_strings
+EVP_des_ede3_cfb1
+ASN1_d2i_fp
+ERR_load_PKCS12_strings
+X509V3_EXT_add_nconf_sk
+OCSP_RESPDATA_free
+PKCS12_SAFEBAG_get1_crl
+EVP_PKEY_meth_get_derive
+BN_is_prime_fasttest_ex
+i2d_X509_REVOKED
+EC_GROUP_get_seed_len
+EC_get_builtin_curves
+DH_set_flags
+EC_POINT_set_compressed_coordinates
+d2i_PKCS7_bio
+EVP_PKEY_keygen
+EVP_des_ede3_cfb8
+PKCS7_RECIP_INFO_get0_alg
+i2d_PKCS7_RECIP_INFO
+IDEA_ofb64_encrypt
+TS_STATUS_INFO_get0_status
+SHA256
+UI_method_get_reader
+X509_ATTRIBUTE_set1_object
+i2d_DIRECTORYSTRING
+RAND_DRBG_secure_new
+X509_set_subject_name
+X509_LOOKUP_meth_get_get_by_fingerprint
+TS_ACCURACY_get_seconds
+EVP_PKEY_add1_attr_by_NID
+RSA_meth_set_verify
+PEM_write_PKCS8_PRIV_KEY_INFO
+OTHERNAME_free
+IDEA_encrypt
+DES_ede3_ofb64_encrypt
+OSSL_STORE_INFO_free
+ERR_load_CONF_strings
+EC_GROUP_order_bits
+DSA_meth_get_sign
+RC2_encrypt
+BN_MONT_CTX_set
+EVP_CIPHER_CTX_encrypting
+EVP_aes_192_ccm
+ESS_ISSUER_SERIAL_free
+X509_REQ_new
+RSA_PSS_PARAMS_new
+ASN1_STRING_copy
+X509_policy_tree_get0_level
+DSA_set_flags
+i2d_PKCS7_ISSUER_AND_SERIAL
+OSSL_STORE_INFO_get1_NAME_description
+ASN1_PRINTABLESTRING_it
+CMS_signed_get_attr
+CTLOG_get0_name
+i2d_X509_EXTENSIONS
+X509_get_serialNumber
+UI_get0_user_data
+Camellia_ctr128_encrypt
+X509_PUBKEY_get
+TS_CONF_set_signer_cert
+OSSL_STORE_INFO_get0_NAME
+PKCS7_ISSUER_AND_SERIAL_new
+CMS_ContentInfo_new
+d2i_X509_NAME
+X509_CRL_free
+EC_POINT_dup
+EVP_PKEY_new_raw_public_key
+d2i_SXNET
+NETSCAPE_SPKI_b64_encode
+EC_GROUP_get0_cofactor
+PKCS7_dataFinal
+OSSL_STORE_register_loader
+OSSL_STORE_LOADER_set_close
+TS_ACCURACY_set_seconds
+DES_is_weak_key
+X509_STORE_CTX_get_lookup_certs
+EC_GROUP_set_asn1_flag
+DH_meth_set_bn_mod_exp
+X509v3_addr_inherits
+i2d_OCSP_BASICRESP
+CTLOG_STORE_get0_log_by_id
+EC_KEY_METHOD_free
+OPENSSL_init
+BIO_f_base64
+EVP_camellia_128_cbc
+CONF_modules_load_file
+OPENSSL_memcmp
+X509_PURPOSE_get_by_id
+ESS_CERT_ID_V2_dup
+RSA_padding_add_PKCS1_type_1
+HMAC_Init
+RSA_padding_add_PKCS1_type_2
+OCSP_SINGLERESP_get1_ext_d2i
+EVP_sha512_256
+PEM_write_bio_DSAparams
+EVP_des_ede3_cbc
+EVP_ENCODE_CTX_copy
+X509at_add1_attr_by_txt
+ASN1_STRING_set
+BN_is_word
+EVP_PKEY_CTX_ctrl
+CMS_sign_receipt
+CRYPTO_strdup
+d2i_X509_EXTENSION
+i2d_RSAPublicKey
+ASN1_STRING_TABLE_cleanup
+BN_MONT_CTX_copy
+RSA_free
+X509_sign_ctx
+CMS_signed_add1_attr
+ASN1_TIME_new
+EVP_sha384
+ASN1_item_new
+TS_TST_INFO_add_ext
+NAMING_AUTHORITY_new
+d2i_PKCS7_ENVELOPE
+MD5_Transform
+X509_NAME_ENTRY_create_by_NID
+BIO_new
+CRYPTO_cts128_encrypt
+ASN1_TYPE_free
+ERR_load_COMP_strings
+BN_gcd
+OSSL_STORE_SEARCH_get0_serial
+RSA_meth_get_verify
+DSA_meth_set_sign
+PEM_get_EVP_CIPHER_INFO
+BN_clear_free
+CRYPTO_atomic_add
+UI_set_default_method
+BIO_get_callback_arg
+X509_CERT_AUX_it
+OCSP_basic_add1_cert
+EVP_aria_256_ofb
+ENGINE_register_complete
+d2i_ACCESS_DESCRIPTION
+DSA_do_sign
+X509_STORE_CTX_get_num_untrusted
+CMAC_Init
+BIO_ptr_ctrl
+DSA_do_verify
+DSA_meth_free
+PROFESSION_INFO_free
+ENGINE_set_pkey_meths
+X509_LOOKUP_hash_dir
+EC_METHOD_get_field_type
+CERTIFICATEPOLICIES_it
+ASN1_TIME_adj
+SRP_create_verifier
+i2d_PBEPARAM
+ENGINE_get_digest
+PEM_write_bio_CMS
+X509_get0_pubkey_bitstr
+ASN1_item_d2i_fp
+PKCS7_ENC_CONTENT_new
+BIO_set_next
+TS_RESP_CTX_free
+PKCS7_set_type
+d2i_RSAPrivateKey_bio
+EVP_CipherInit_ex
+NCONF_get_section
+ASYNC_WAIT_CTX_set_wait_fd
+i2d_SXNET
+GENERAL_NAME_get0_otherName
+i2d_PKCS7_SIGNED
+EC_KEY_set_conv_form
+PKCS12_free
+PKCS12_PBE_keyivgen
+TS_CONF_set_signer_digest
+EVP_PKEY_print_params
+RSA_OAEP_PARAMS_it
+EVP_sha1
+i2d_OCSP_CRLID
+PBEPARAM_new
+OSSL_STORE_INFO_get1_NAME
+ASN1_IA5STRING_free
+SRP_VBASE_free
+EVP_MD_meth_set_app_datasize
+CMS_decrypt_set1_key
+X509_CRL_METHOD_free
+i2d_ECPKParameters
+BIO_method_type
+PEM_write_EC_PUBKEY
+SXNET_new
+X509_get_issuer_name
+PEM_write_bio_RSAPublicKey
+OSSL_STORE_expect
+X509_certificate_type
+X509_STORE_CTX_set_current_cert
+EC_KEY_get0_group
+RSA_new
+CMS_RecipientInfo_kekri_get0_id
+EVP_camellia_192_ctr
+CMS_set1_eContentType
+DH_check_pub_key_ex
+ADMISSION_SYNTAX_set0_contentsOfAdmissions
+ERR_print_errors_fp
+RSA_meth_get_init
+EVP_des_ede_ecb
+OSSL_STORE_LOADER_get0_scheme
+i2d_ASN1_PRINTABLE
+d2i_X509_CRL_fp
+X509_http_nbio
+BASIC_CONSTRAINTS_free
+OPENSSL_LH_delete
+X509_EXTENSIONS_it
+OPENSSL_sk_is_sorted
+PEM_read_bio_X509_REQ
+X509_STORE_CTX_get0_cert
+NAME_CONSTRAINTS_it
+i2d_PKCS7_DIGEST
+BIO_gethostbyname
+X509_NAME_ENTRY_it
+CMS_decrypt_set1_pkey
+BUF_MEM_grow_clean
+CMS_unsigned_get_attr_count
+UI_dup_error_string
+PKCS12_init
+d2i_DIST_POINT
+CONF_module_get_usr_data
+EVP_CIPHER_CTX_num
+ERR_pop_to_mark
+conf_ssl_get_cmd
+Camellia_ofb128_encrypt
+ASIdentifierChoice_free
+BN_cmp
+SMIME_read_ASN1
+i2s_ASN1_INTEGER
+d2i_ASN1_GENERALSTRING
+OPENSSL_sk_shift
+CONF_imodule_get_flags
+SRP_VBASE_init
+i2d_PKCS7_NDEF
+X509_CRL_get_ext_by_OBJ
+DIST_POINT_new
+i2d_X509_SIG
+d2i_DHxparams
+EVP_des_ecb
+BIO_clear_flags
+EVP_MD_pkey_type
+X509_REQ_print
+EVP_PKEY_meth_get_param_check
+ISSUING_DIST_POINT_it
+PBEPARAM_it
+OCSP_RESPBYTES_it
+DH_compute_key
+d2i_PKCS7_ISSUER_AND_SERIAL
+TS_TST_INFO_ext_free
+ASIdentifiers_it
+RAND_keep_random_devices_open
+EC_GROUP_set_curve_GF2m
+X509V3_EXT_i2d
+ECDH_KDF_X9_62
+DIST_POINT_NAME_it
+X509v3_add_ext
+BIO_new_NDEF
+PKCS12_SAFEBAG_create_crl
+RSA_blinding_off
+EVP_PKEY_get_attr_by_NID
+ASN1_UTCTIME_free
+CRYPTO_THREAD_cleanup_local
+DES_ecb3_encrypt
+CMS_signed_add1_attr_by_OBJ
+SHA384_Final
+ASN1_TIME_check
+PEM_write_DSAPrivateKey
+BN_reciprocal
+EVP_MD_CTX_set_flags
+X509_CRL_INFO_it
+X509_STORE_set_verify_cb
+DH_meth_set_compute_key
+EC_KEY_METHOD_get_init
+X509V3_add_value_bool_nf
+BN_mod_add_quick
+BIO_socket_nbio
+ECPARAMETERS_new
+ASN1_UTCTIME_it
+OCSP_BASICRESP_delete_ext
+POLICY_MAPPINGS_it
+SCT_set_signature_nid
+OPENSSL_sk_new_null
+OPENSSL_uni2asc
+OSSL_STORE_INFO_get0_NAME_description
+X509_OBJECT_up_ref_count
+RC4_set_key
+EVP_EncryptInit_ex
+RSA_get_version
+i2d_NETSCAPE_SPKI
+d2i_ECDSA_SIG
+i2d_ASN1_VISIBLESTRING
+PEM_write_bio_PUBKEY
+RAND_set_rand_method
+ASN1_INTEGER_get_int64
+X509_EXTENSION_set_object
+i2d_ASN1_UTCTIME
+RSA_meth_set_init
+X509_STORE_CTX_get_check_crl
+i2d_TS_RESP_bio
+CMS_RecipientInfo_set0_pkey
+BN_CTX_secure_new
+PKCS12_add_localkeyid
+X509_STORE_CTX_set0_trusted_stack
+BN_mod_lshift1_quick
+X509_set_proxy_flag
+CRYPTO_secure_malloc_done
+d2i_CERTIFICATEPOLICIES
+RC2_cfb64_encrypt
+EVP_EncryptFinal_ex
+RSA_padding_check_PKCS1_type_1
+X509_STORE_set_verify
+RSA_padding_check_PKCS1_type_2
+ADMISSIONS_set0_professionInfos
+CONF_modules_unload
+EVP_des_ede
+BN_GF2m_mod_div
+OCSP_basic_verify
+PKCS12_set_mac
+BN_to_montgomery
+PEM_write_bio_PKCS7
+CMAC_CTX_new
+EVP_PKEY_get1_EC_KEY
+PEM_write_bio_PKCS8
+OPENSSL_die
+RSA_set0_factors
+EVP_PKEY_get0_DH
+UI_method_get_opener
+EVP_PKEY_get0
+PKCS7_DIGEST_free
+PBEPARAM_free
+PKCS7_get_signer_info
+RSA_set_default_method
+DH_meth_get_flags
+i2d_ASN1_INTEGER
+UI_get_result_minsize
+X509_LOOKUP_meth_get_new_item
+X509_VERIFY_PARAM_get_flags
+BN_rand
+EVP_PKEY_check
+X509_NAME_dup
+EC_POINT_clear_free
+CT_POLICY_EVAL_CTX_set1_issuer
+i2d_RSAPrivateKey
+EVP_PKEY_new
+BIO_f_asn1
+EVP_aes_192_ecb
+AES_set_decrypt_key
+d2i_POLICYINFO
+CRYPTO_memcmp
+CRYPTO_secure_zalloc
+NETSCAPE_SPKAC_free
+RAND_bytes
+OBJ_obj2txt
+PROXY_POLICY_new
+X509_keyid_set1
+EVP_PKEY_asn1_set_public
+ADMISSION_SYNTAX_get0_admissionAuthority
+EC_KEY_METHOD_set_init
+OCSP_BASICRESP_get1_ext_d2i
+ERR_load_UI_strings
+ASN1_OBJECT_free
+TS_TST_INFO_get_nonce
+X509_trusted
+BIO_s_log
+OCSP_CERTID_new
+X509_VERIFY_PARAM_set_hostflags
+BF_cfb64_encrypt
+ASN1_OCTET_STRING_new
+ASN1_OCTET_STRING_NDEF_it
+OCSP_REQUEST_add_ext
+PKCS12_SAFEBAG_get0_attrs
+DH_meth_get_init
+OCSP_SINGLERESP_get_ext_by_OBJ
+PKCS12_PBE_add
+X509V3_get_section
+SXNETID_new
+BN_mask_bits
+ASN1_digest
+DSA_dup_DH
+OPENSSL_config
+BN_GF2m_mod_mul
+TS_TST_INFO_new
+PEM_write_DHxparams
+X509_STORE_CTX_get_verify_cb
+X509_STORE_CTX_get_check_issued
+X509_EXTENSION_get_object
+OBJ_cmp
+BIO_ADDR_new
+EVP_PKEY_meth_get_decrypt
+X509_STORE_free
+CMS_data
+RSA_check_key_ex
+X509_getm_notBefore
+EVP_PKEY_meth_set_paramgen
+X509_STORE_CTX_get_error
+EVP_PKEY_copy_parameters
+X509_NAME_delete_entry
+OPENSSL_asc2uni
+BIO_set_cipher
+PEM_write_CMS
+ERR_lib_error_string
+EC_GROUP_get_basis_type
+X509_STORE_get_verify
+CONF_imodule_get_value
+CMS_add_smimecap
+BN_get_rfc2409_prime_1024
+i2d_OCSP_REQUEST
+EXTENDED_KEY_USAGE_free
+X509_CERT_AUX_free
+SCT_LIST_print
+X509_aux_print
+d2i_X509
+CRYPTO_ccm128_init
+CMS_get1_certs
+OCSP_ONEREQ_get1_ext_d2i
+CMS_dataFinal
+d2i_PBEPARAM
+X509_CRL_get0_signature
+CONF_load
+EC_POINTs_mul
+EVP_PKEY_CTX_get_operation
+PKCS7_it
+X509_ATTRIBUTE_create_by_OBJ
+EVP_MD_CTX_test_flags
+CRYPTO_ctr128_encrypt_ctr32
+ASN1_STRING_length
+X509_REQ_set_version
+PEM_read_CMS
+RSA_meth_get_flags
+EVP_PKEY_get1_RSA
+d2i_TS_ACCURACY
+DSA_meth_get_flags
+PKCS12_add_friendlyname_asc
+BN_BLINDING_convert
+ASN1_PCTX_get_str_flags
+X509_ALGOR_get0
+i2d_DIST_POINT
+DES_pcbc_encrypt
+RIPEMD160
+UI_method_get_writer
+d2i_ADMISSIONS
+FIPS_mode
+BIO_parse_hostserv
+CONF_imodule_get_module
+EVP_PKEY_meth_set_decrypt
+d2i_PKCS12_bio
+BN_nist_mod_224
+GENERAL_SUBTREE_it
+ASN1_TIME_cmp_time_t
+OCSP_ONEREQ_add_ext
+UI_get0_test_string
+d2i_RSAPublicKey_bio
+PKCS7_get_attribute
+ERR_load_TS_strings
+d2i_X509_REQ_INFO
+PEM_read_PrivateKey
+UI_get_result_length
+BN_asc2bn
+X509_NAME_ENTRY_new
+RAND_DRBG_set_ex_data
+EVP_PBE_cleanup
+DH_meth_set_init
+DH_get_nid
+PBE2PARAM_it
+BF_options
+EVP_seed_ofb
+OCSP_crlID_new
+X509_get0_reject_objects
+NCONF_free_data
+ENGINE_register_all_pkey_meths
+ASN1_generate_v3
+d2i_ADMISSION_SYNTAX
+EVP_CIPHER_CTX_set_flags
+X509at_get_attr_count
+OPENSSL_DIR_end
+i2d_EDIPARTYNAME
+X509_get_subject_name
+CRYPTO_get_mem_functions
+EVP_camellia_128_ecb
+TS_TST_INFO_get_ext_by_NID
+COMP_CTX_get_method
+OCSP_REVOKEDINFO_free
+SRP_VBASE_get1_by_user
+EVP_camellia_256_cfb128
+PKCS12_SAFEBAG_get0_p8inf
+i2d_ASN1_OBJECT
+EVP_des_ede3_ecb
+ENGINE_set_finish_function
+PKCS12_SAFEBAG_new
+CRYPTO_clear_free
+DH_clear_flags
+RSA_get0_d
+OPENSSL_utf82uni
+EVP_PKEY_verify_init
+PKCS12_get0_mac
+d2i_CRL_DIST_POINTS
+POLICYQUALINFO_it
+i2a_ASN1_INTEGER
+RSA_get0_e
+PKCS12_add_safes
+X509_STORE_CTX_set_flags
+X509_get_default_cert_dir_env
+CONF_imodule_set_usr_data
+X509_REVOKED_get_ext_by_NID
+d2i_PBE2PARAM
+X509_dup
+BIO_asn1_set_suffix
+X509_CRL_check_suiteb
+RIPEMD160_Final
+ASN1_STRING_print_ex
+i2d_DSAparams
+ZUINT32_it
+RSA_get0_n
+i2d_TS_MSG_IMPRINT_bio
+RSA_get0_p
+GENERAL_NAME_cmp
+X509_EXTENSION_create_by_NID
+EC_KEY_get0_public_key
+EVP_PKEY_set1_RSA
+RSA_get0_q
+SHA256_Init
+X509_ATTRIBUTE_it
+BUF_MEM_free
+X509_TRUST_get_flags
+X509_CRL_get0_by_serial
+d2i_ASN1_TIME
+EC_GROUP_precompute_mult
+OPENSSL_sk_free
+PKCS5_pbe2_set_iv
+X509_NAME_get_text_by_NID
+EVP_CIPHER_meth_dup
+CRYPTO_clear_realloc
+ENGINE_get_pkey_asn1_meth_str
+PKCS12_BAGS_it
+CRYPTO_gcm128_decrypt_ctr32
+d2i_PrivateKey_bio
+i2d_PROFESSION_INFO
+ASN1_item_digest
+EVP_PKEY_CTX_get0_peerkey
+X509_STORE_get0_param
+ERR_load_PKCS7_strings
+BIO_ADDRINFO_family
+EC_POINT_new
+CMS_signed_get_attr_by_NID
+i2d_IPAddressChoice
+EVP_aria_192_cbc
+PKCS12_SAFEBAG_it
+RSAPublicKey_dup
+RSA_meth_get0_app_data
+EVP_PKEY_up_ref
+d2i_NAMING_AUTHORITY
+RAND_seed
+SHA1_Update
+ADMISSION_SYNTAX_new
+EVP_CIPHER_meth_get_set_asn1_params
+ASN1_TIME_compare
+RSA_get0_pss_params
+i2d_PKCS7_fp
+EVP_PKEY_asn1_set_set_priv_key
+DH_meth_dup
+EC_POINT_add
+SHA256_Update
+ESS_CERT_ID_V2_new
+AES_cfb128_encrypt
+OCSP_resp_find
+X509_NAME_get_index_by_NID
+CRYPTO_THREAD_get_current_id
+X509_STORE_set_flags
+X509_get_signature_type
+X509_add1_reject_object
+ENGINE_set_default_pkey_asn1_meths
+EVP_CIPHER_do_all
+i2d_POLICYINFO
+ASN1_INTEGER_cmp
+BIO_bind
+OCSP_BASICRESP_new
+i2d_RSA_PUBKEY_bio
+PKCS7_SIGN_ENVELOPE_free
+EC_POINT_get_affine_coordinates_GF2m
+TS_RESP_get_tst_info
+ASN1_item_sign
+X509_EXTENSION_get_critical
+ECDSA_SIG_set0
+OCSP_url_svcloc_new
+BN_hex2bn
+i2d_TS_TST_INFO_bio
+X509_EXTENSION_free
+CTLOG_STORE_free
+d2i_PUBKEY_fp
+X509_get_extended_key_usage
+X509_LOOKUP_new
+OCSP_REQUEST_get_ext_by_OBJ
+EVP_CIPHER_CTX_reset
+EVP_PKEY_free
+X509v3_get_ext_by_NID
+BN_get_flags
+i2d_CMS_ReceiptRequest
+EVP_PKEY_get_attr
+ASN1_TYPE_set_octetstring
+AUTHORITY_KEYID_it
+PKCS5_pbe2_set_scrypt
+ASN1_STRING_set_default_mask_asc
+BN_mod_exp2_mont
+DH_meth_get_finish
+X509_ATTRIBUTE_get0_object
+OCSP_SINGLERESP_get0_id
+CMS_RecipientInfo_kari_get0_alg
+ADMISSIONS_get0_namingAuthority
+X509_check_akid
+ASN1_i2d_bio
+PEM_write_bio_PKCS8PrivateKey_nid
+PROXY_POLICY_it
+SCRYPT_PARAMS_it
+X509v3_addr_get_afi
+X509_STORE_get_check_policy
+BN_set_negative
+ASN1_GENERALIZEDTIME_check
+ENGINE_register_all_complete
+BIO_meth_free
+BIO_asn1_get_suffix
+CT_POLICY_EVAL_CTX_get0_cert
+d2i_CMS_ContentInfo
+BN_sub_word
+DIST_POINT_free
+DH_size
+EVP_aes_256_ocb
+TS_TST_INFO_get_msg_imprint
+X509_VERIFY_PARAM_set1_ip_asc
+CMS_set_detached
+X509_LOOKUP_meth_free
+d2i_OCSP_RESPDATA
+SHA224_Init
+ASN1_buf_print
+X509_STORE_get_lookup_crls
+SHA256_Transform
+EVP_aria_192_ccm
+X509_REQ_get_signature_nid
+EVP_MD_meth_dup
+EC_POINT_get_Jprojective_coordinates_GFp
+EVP_MD_meth_get_init
+EC_POINT_point2hex
+CT_POLICY_EVAL_CTX_get_time
+ASN1_INTEGER_get
+d2i_X509_ALGORS
+PROFESSION_INFO_new
+BIO_get_accept_socket
+BIO_set_init
+i2d_OCSP_RESPBYTES
+X509_PURPOSE_get0_sname
+RSA_get0_iqmp
+TS_TST_INFO_get_ext_by_critical
+RAND_DRBG_reseed
+X509_STORE_CTX_get_current_cert
+md5
+sha
+crc
+hash
+crypt
+compress
+aes
+rsa
+shamir
+ECDSA
+esdh
+feal
+hmac
+ecb
+cbc
+dsa
+Diffie
+Hellman
\ No newline at end of file
diff --git a/data/findcrypt3.rules b/data/findcrypt3.rules
new file mode 100644
index 0000000..8b004e7
--- /dev/null
+++ b/data/findcrypt3.rules
@@ -0,0 +1,1561 @@
+/*
+    from https://github.com/Yara-Rules/rules/tree/master/Crypto
+    This Yara ruleset is under the GNU-GPLv2 license (http://www.gnu.org/licenses/gpl-2.0.html) and open to any user or organization, as long as you use it under this license.
+*/
+rule Big_Numbers0
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 20:sized"
+		date = "2016-07"
+	strings:
+		$c0 = /[0-9a-fA-F]{20}/ fullword ascii
+	condition:
+		$c0
+}
+
+rule Big_Numbers1
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 32:sized"
+		date = "2016-07"
+	strings:
+		$c0 = /[0-9a-fA-F]{32}/ fullword wide ascii
+	condition:
+		$c0
+}
+
+rule Big_Numbers2
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 48:sized"
+		date = "2016-07"
+	strings:
+		$c0 = /[0-9a-fA-F]{48}/ fullword wide ascii
+	condition:
+		$c0
+}
+
+rule Big_Numbers3
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 64:sized"
+		date = "2016-07"
+	strings:
+        	$c0 = /[0-9a-fA-F]{64}/ fullword wide ascii
+	condition:
+		$c0
+}
+
+rule Big_Numbers4
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 128:sized"
+		date = "2016-08"
+	strings:
+        	$c0 = /[0-9a-fA-F]{128}/ fullword wide ascii
+	condition:
+		$c0
+}
+
+rule Big_Numbers5
+{
+	meta:
+		author = "_pusher_"
+		description = "Looks for big numbers 256:sized"
+		date = "2016-08"
+	strings:
+        	$c0 = /[0-9a-fA-F]{256}/ fullword wide ascii
+	condition:
+		$c0
+}
+
+rule Prime_Constants_char {
+	meta:
+		author = "_pusher_"
+		description = "List of primes [char]"
+		date = "2016-07"
+	strings:
+		$c0 = { 03 05 07 0B 0D 11 13 17 1D 1F 25 29 2B 2F 35 3B 3D 43 47 49 4F 53 59 61 65 67 6B 6D 71 7F 83 89 8B 95 97 9D A3 A7 AD B3 B5 BF C1 C5 C7 D3 DF E3 E5 E9 EF F1 FB }
+	condition:
+		$c0
+}
+
+rule Prime_Constants_long {
+	meta:
+		author = "_pusher_"
+		description = "List of primes [long]"
+		date = "2016-07"
+	strings:
+		$c0 = { 03 00 00 00 05 00 00 00 07 00 00 00 0B 00 00 00 0D 00 00 00 11 00 00 00 13 00 00 00 17 00 00 00 1D 00 00 00 1F 00 00 00 25 00 00 00 29 00 00 00 2B 00 00 00 2F 00 00 00 35 00 00 00 3B 00 00 00 3D 00 00 00 43 00 00 00 47 00 00 00 49 00 00 00 4F 00 00 00 53 00 00 00 59 00 00 00 61 00 00 00 65 00 00 00 67 00 00 00 6B 00 00 00 6D 00 00 00 71 00 00 00 7F 00 00 00 83 00 00 00 89 00 00 00 8B 00 00 00 95 00 00 00 97 00 00 00 9D 00 00 00 A3 00 00 00 A7 00 00 00 AD 00 00 00 B3 00 00 00 B5 00 00 00 BF 00 00 00 C1 00 00 00 C5 00 00 00 C7 00 00 00 D3 00 00 00 DF 00 00 00 E3 00 00 00 E5 00 00 00 E9 00 00 00 EF 00 00 00 F1 00 00 00 FB 00 00 00 }
+	condition:
+		$c0
+}
+
+
+rule Advapi_Hash_API {
+	meta:
+		author = "_pusher_"
+		description = "Looks for advapi API functions"
+		date = "2016-07"
+	strings:
+		$advapi32 = "advapi32.dll" wide ascii nocase
+		$CryptCreateHash = "CryptCreateHash" wide ascii
+		$CryptHashData = "CryptHashData" wide ascii
+		$CryptAcquireContext = "CryptAcquireContext" wide ascii
+	condition:
+		$advapi32 and ($CryptCreateHash and $CryptHashData and $CryptAcquireContext)
+}
+
+rule Crypt32_CryptBinaryToString_API {
+	meta:
+		author = "_pusher_"
+		description = "Looks for crypt32 CryptBinaryToStringA function"
+		date = "2016-08"
+	strings:
+		$crypt32 = "crypt32.dll" wide ascii nocase
+		$CryptBinaryToStringA = "CryptBinaryToStringA" wide ascii
+	condition:
+		$crypt32 and ($CryptBinaryToStringA)
+}
+
+rule CRC32c_poly_Constant {
+	meta:
+		author = "_pusher_"
+		description = "Look for CRC32c (Castagnoli) [poly]"
+		date = "2016-08"
+	strings:
+		$c0 = { 783BF682 }
+	condition:
+		$c0
+}
+
+rule CRC32_poly_Constant {
+	meta:
+		author = "_pusher_"
+		description = "Look for CRC32 [poly]"
+		date = "2015-05"
+		version = "0.1"
+	strings:
+		$c0 = { 2083B8ED }
+	condition:
+		$c0
+}
+
+rule CRC32_table {
+	meta:
+		author = "_pusher_"
+		description = "Look for CRC32 table"
+		date = "2015-05"
+		version = "0.1"
+	strings:
+		$c0 = { 00000000 77073096 EE0E612C 990951BA 076DC419 }
+	condition:
+		$c0
+}
+
+rule CRC32_table_lookup {
+	meta:
+		author = "_pusher_"
+		description = "CRC32 table lookup"
+		date = "2015-06"
+		version = "0.1"
+	strings:
+		$c0 = { 8B 54 24 08 85 D2 7F 03 33 C0 C3 83 C8 FF 33 C9 85 D2 7E 29 56 8B 74 24 08 57 8D 9B 00 00 00 00 0F B6 3C 31 33 F8 81 E7 FF 00 00 00 C1 E8 08 33 04 BD ?? ?? ?? ?? 41 3B CA 7C E5 5F 5E F7 D0 C3 }
+	condition:
+		$c0
+}
+
+rule CRC32b_poly_Constant {
+	meta:
+		author = "_pusher_"
+		description = "Look for CRC32b [poly]"
+		date = "2016-04"
+		version = "0.1"
+	strings:
+		$c0 = { B71DC104 }
+	condition:
+		$c0
+}
+
+
+rule CRC16_table {
+	meta:
+		author = "_pusher_"
+		description = "Look for CRC16 table"
+		date = "2016-04"
+		version = "0.1"
+	strings:
+		$c0 = { 0000 1021 2042 3063 4084 50A5 60C6 70E7 8108 9129 A14A B16B C18C D1AD E1CE F1EF 1231 0210 3273 2252 52B5 4294 72F7 62D6 9339 8318 B37B A35A D3BD C39C F3FF E3DE }
+	condition:
+		$c0
+}
+
+
+rule FlyUtilsCnDES_ECB_Encrypt {
+	meta:
+		author = "_pusher_"
+		description = "Look for FlyUtils.CnDES Encrypt ECB function"
+		date = "2016-07"
+	strings:
+		$c0 = { 55 8B EC 83 C4 E8 53 56 57 33 DB 89 5D E8 89 5D EC 8B D9 89 55 F8 89 45 FC 8B 7D 08 8B 75 20 8B 45 FC E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 80 7D 18 00 74 1A 0F B6 55 18 8D 4D EC 8B 45 F8 E8 ?? ?? ?? ?? 8B 55 EC 8D 45 F8 E8 ?? ?? ?? ?? 80 7D 1C 00 74 1A 0F B6 55 1C 8D 4D E8 8B 45 FC E8 ?? ?? ?? ?? 8B 55 E8 8D 45 FC E8 ?? ?? ?? ?? 85 DB 75 07 E8 ?? ?? ?? ?? 8B D8 85 F6 75 07 E8 ?? ?? ?? ?? 8B F0 53 6A 00 8B 4D FC B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F4 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 6A 00 6A 00 8B 45 F4 E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 50 6A 00 33 C9 B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F0 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 6A 00 6A 00 56 }
+	condition:
+		$c0
+}
+
+rule FlyUtilsCnDES_ECB_Decrypt {
+	meta:
+		author = "_pusher_"
+		description = "Look for FlyUtils.CnDES Decrypt ECB function"
+		date = "2016-07"
+	strings:
+		$c0 = { 55 8B EC 83 C4 E8 53 56 57 33 DB 89 5D E8 89 5D EC 8B F9 89 55 F8 89 45 FC 8B 5D 18 8B 75 20 8B 45 FC E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 84 DB 74 18 8B D3 8D 4D EC 8B 45 F8 E8 ?? ?? ?? ?? 8B 55 EC 8D 45 F8 E8 ?? ?? ?? ?? 85 FF 75 07 E8 ?? ?? ?? ?? 8B F8 85 F6 75 07 E8 ?? ?? ?? ?? 8B F0 8B 4D FC B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F4 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 57 6A 00 33 C9 B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F0 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 6A 00 6A 00 56 E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 50 FF 75 14 FF 75 10 8B 45 0C 50 8B 4D F8 8B 55 F0 8B 45 F4 E8 ?? ?? ?? ?? 6A 00 6A 00 8B 45 F0 E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B 55 08 8B 45 F0 E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 EB 12 E9 ?? ?? ?? ?? 8B 45 08 E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8B 45 F0 33 D2 89 55 F0 E8 ?? ?? ?? ?? C3 }
+	condition:
+		$c0
+}
+
+rule Elf_Hash {
+	meta:
+		author = "_pusher_"
+		description = "Look for ElfHash"
+		date = "2015-06"
+		version = "0.3"
+	strings:
+		$c0 = { 53 56 33 C9 8B DA 4B 85 DB 7C 25 43 C1 E1 04 33 D2 8A 10 03 CA 8B D1 81 E2 00 00 00 F0 85 D2 74 07 8B F2 C1 EE 18 33 CE F7 D2 23 CA 40 4B 75 DC 8B C1 5E 5B C3 }
+		$c1 = { 53 33 D2 85 C0 74 2B EB 23 C1 E2 04 81 E1 FF 00 00 00 03 D1 8B CA 81 E1 00 00 00 F0 85 C9 74 07 8B D9 C1 EB 18 33 D3 F7 D1 23 D1 40 8A 08 84 C9 75 D7 8B C2 5B C3 }
+		$c2 = { 53 56 33 C9 8B D8 85 D2 76 23 C1 E1 04 33 C0 8A 03 03 C8 8B C1 25 00 00 00 F0 85 C0 74 07 8B F0 C1 EE 18 33 CE F7 D0 23 C8 43 4A 75 DD 8B C1 5E 5B C3 }
+		$c3 = { 53 56 57 8B F2 8B D8 8B FB 53 E8 ?? ?? ?? ?? 6B C0 02 71 05 E8 ?? ?? ?? ?? 8B D7 33 C9 8B D8 83 EB 01 71 05 E8 ?? ?? ?? ?? 85 DB 7C 2C 43 C1 E1 04 0F B6 02 03 C8 71 05 E8 ?? ?? ?? ?? 83 C2 01 B8 00 00 00 F0 23 C1 85 C0 74 07 8B F8 C1 EF 18 33 CF F7 D0 23 C8 4B 75 D5 8B C1 99 F7 FE 8B C2 85 C0 7D 09 03 C6 71 05 E8 ?? ?? ?? ?? 5F 5E 5B C3 }
+		$c4 = { 53 33 D2 EB 2C 8B D9 80 C3 BF 80 EB 1A 73 03 80 C1 20 C1 E2 04 81 E1 FF 00 00 00 03 D1 8B CA 81 E1 00 00 00 F0 8B D9 C1 EB 18 33 D3 F7 D1 23 D1 40 8A 08 84 C9 75 CE 8B C2 5B C3 }
+		$c5 = { 89 C2 31 C0 85 D2 74 30 2B 42 FC 74 2B 89 C1 29 C2 31 C0 53 0F B6 1C 11 01 C3 8D 04 1B C1 EB 14 8D 04 C5 00 00 00 00 81 E3 00 0F 00 00 31 D8 83 C1 01 75 E0 C1 E8 04 5B C3 }
+		$c6 = { 53 33 D2 85 C0 74 38 EB 30 8B D9 80 C3 BF 80 EB 1A 73 03 80 C1 20 C1 E2 04 81 E1 FF 00 00 00 03 D1 8B CA 81 E1 00 00 00 F0 85 C9 74 07 8B D9 C1 EB 18 33 D3 F7 D1 23 D1 40 8A 08 84 C9 75 CA 8B C2 5B C3 }
+	condition:
+		any of them
+}
+
+rule BLOWFISH_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for Blowfish constants"
+		date = "2014-01"
+		version = "0.1"
+	strings:
+		$c0 = { D1310BA6 }
+		$c1 = { A60B31D1 }	
+		$c2 = { 98DFB5AC }
+		$c3 = { ACB5DF98 }
+		$c4 = { 2FFD72DB }
+		$c5 = { DB72FD2F }
+		$c6 = { D01ADFB7 }
+		$c7 = { B7DF1AD0 }
+		$c8 = { 4B7A70E9 }
+		$c9 = { E9707A4B }
+		$c10 = { F64C261C }
+		$c11 = { 1C264CF6 }
+	condition:
+		6 of them
+}
+
+rule MD5_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for MD5 constants"
+		date = "2014-01"
+		version = "0.2"
+	strings:
+		// Init constants
+		$c0 = { 67452301 }
+		$c1 = { efcdab89 }
+		$c2 = { 98badcfe }
+		$c3 = { 10325476 }
+		$c4 = { 01234567 }
+		$c5 = { 89ABCDEF }
+		$c6 = { FEDCBA98 }
+		$c7 = { 76543210 }
+		// Round 2
+		$c8 = { F4D50d87 }
+		$c9 = { 78A46AD7 }
+	condition:
+		5 of them
+}
+
+rule MD5_API {
+	meta:
+		author = "_pusher_"
+		description = "Looks for MD5 API"
+		date = "2016-07"
+	strings:
+		$advapi32 = "advapi32.dll" wide ascii nocase
+		$cryptdll = "cryptdll.dll" wide ascii nocase
+		$MD5Init = "MD5Init" wide ascii
+		$MD5Update = "MD5Update" wide ascii
+		$MD5Final = "MD5Final" wide ascii
+	condition:
+		($advapi32 or $cryptdll) and ($MD5Init and $MD5Update and $MD5Final)
+}
+
+rule RC6_Constants {
+	meta:
+		author = "chort (@chort0)"
+		description = "Look for RC6 magic constants in binary"
+		reference = "https://twitter.com/mikko/status/417620511397400576"
+		reference2 = "https://twitter.com/dyngnosis/status/418105168517804033"
+		date = "2013-12"
+		version = "0.2"
+	strings:
+		$c1 = { B7E15163 }
+		$c2 = { 9E3779B9 }
+		$c3 = { 6351E1B7 }
+		$c4 = { B979379E }
+	condition:
+		2 of them
+}
+
+rule RIPEMD160_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for RIPEMD-160 constants"
+		date = "2014-01"
+		version = "0.1"
+	strings:
+		$c0 = { 67452301 }
+		$c1 = { EFCDAB89 }
+		$c2 = { 98BADCFE }
+		$c3 = { 10325476 }
+		$c4 = { C3D2E1F0 }
+		$c5 = { 01234567 }
+		$c6 = { 89ABCDEF }
+		$c7 = { FEDCBA98 }
+		$c8 = { 76543210 }
+		$c9 = { F0E1D2C3 }
+	condition:
+		5 of them
+}
+
+rule SHA1_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for SHA1 constants"
+		date = "2014-01"
+		version = "0.1"
+	strings:
+		$c0 = { 67452301 }
+		$c1 = { EFCDAB89 }
+		$c2 = { 98BADCFE }
+		$c3 = { 10325476 }
+		$c4 = { C3D2E1F0 }
+		$c5 = { 01234567 }
+		$c6 = { 89ABCDEF }
+		$c7 = { FEDCBA98 }
+		$c8 = { 76543210 }
+		$c9 = { F0E1D2C3 }
+		//added by _pusher_ 2016-07 - last round
+		$c10 = { D6C162CA }
+	condition:
+		5 of them
+}
+
+rule SHA256_Constants {
+	meta:
+		author = "Andrew Williams (@recvfrom)"
+		description = "Look for SHA256 constants"
+		date = "2020-10"
+		version = "0.1"
+	strings:
+        $c_le_1 = { 6A09E667 }
+        $c_le_2 = { BB67AE85 }
+        $c_le_3 = { 3C6EF372 }
+        $c_le_4 = { A54FF53A }
+        $c_le_5 = { 510E527F }
+        $c_le_6 = { 9B05688C }
+        $c_le_7 = { 1F83D9AB }
+        $c_le_8 = { 5BE0CD19 }
+
+        $c_be_1 = { 67E6096A }
+        $c_be_2 = { 85AE67BB }
+        $c_be_3 = { 72F36E3C }
+        $c_be_4 = { 3AF54FA5 }
+        $c_be_5 = { 7F520E51 }
+        $c_be_6 = { 8C68059B }
+        $c_be_7 = { ABD9831F }
+        $c_be_8 = { 19CDE05B }
+
+	condition:
+		5 of ($c_be_*) or 5 of ($c_le_*)
+}
+
+rule SHA512_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for SHA384/SHA512 constants"
+		date = "2014-01"
+		version = "0.1"
+	strings:
+		$c0 = { 428a2f98 }
+		$c1 = { 982F8A42 }
+		$c2 = { 71374491 }
+		$c3 = { 91443771 }
+		$c4 = { B5C0FBCF }
+		$c5 = { CFFBC0B5 }
+		$c6 = { E9B5DBA5 }
+		$c7 = { A5DBB5E9 }
+		$c8 = { D728AE22 }
+		$c9 = { 22AE28D7 }
+	condition:
+		5 of them
+}
+
+rule TEAN {
+	meta:
+		author = "_pusher_"
+		description = "Look for TEA Encryption"
+		date = "2016-08"
+	strings:
+		$c0 = { 2037EFC6 }
+	condition:
+		$c0
+}
+
+rule WHIRLPOOL_Constants {
+	meta:
+		author = "phoul (@phoul)"
+		description = "Look for WhirlPool constants"
+		date = "2014-02"
+		version = "0.1"
+	strings:
+		$c0 = { 18186018c07830d8 }
+		$c1 = { d83078c018601818 }
+		$c2 = { 23238c2305af4626 }
+		$c3 = { 2646af05238c2323 }
+	condition:
+		2 of them
+}
+
+rule DarkEYEv3_Cryptor {
+	meta:
+		description = "Rule to detect DarkEYEv3 encrypted executables (often malware)"
+		author = "Florian Roth"
+		reference = "http://darkeyev3.blogspot.fi/"
+		date = "2015-05-24"
+		hash0 = "6b854b967397f7de0da2326bdd5d39e710e2bb12"
+		hash1 = "d53149968eca654fc0e803f925e7526fdac2786c"
+		hash2 = "7e3a8940d446c57504d6a7edb6445681cca31c65"
+		hash3 = "d3dd665dd77b02d7024ac16eb0949f4f598299e7"
+		hash4 = "a907a7b74a096f024efe57953c85464e87275ba3"
+		hash5 = "b1c422155f76f992048377ee50c79fe164b22293"
+		hash6 = "29f5322ce5e9147f09e0a86cc23a7c8dc88721b9"
+		hash7 = "a0382d7c12895489cb37efef74c5f666ea750b05"
+		hash8 = "f3d5b71b7aeeb6cc917d5bb67e2165cf8a2fbe61"
+		score = 55
+	strings:
+		$s0 = "\\DarkEYEV3-" 
+	condition:
+		uint16(0) == 0x5a4d and $s0
+}
+
+rule Miracl_powmod
+{	meta:
+		author = "Maxx"
+		description = "Miracl powmod"
+	strings:
+		$c0 = { 53 55 56 57 E8 ?? ?? ?? ?? 8B F0 8B 86 18 02 00 00 85 C0 0F 85 EC 01 00 00 8B 56 1C 42 8B C2 89 56 1C 83 F8 18 7D 17 C7 44 86 20 12 00 00 00 8B 86 2C 02 00 00 85 C0 74 05 E8 ?? ?? ?? ?? 8B 06 8B 4E 10 3B C1 74 2E 8B 7C 24 1C 57 E8 ?? ?? ?? ?? 83 C4 04 83 F8 02 7C 33 8B 57 04 8B 0E 51 8B 02 50 E8 ?? ?? ?? ?? 83 C4 08 83 F8 01 0F 84 58 01 00 00 EB 17 8B 7C 24 1C 6A 02 57 E8 ?? ?? ?? ?? 83 C4 08 85 C0 0F 84 3F 01 00 00 8B 8E C4 01 00 00 8B 54 24 18 51 52 E8 ?? ?? ?? ?? 8B 86 CC }
+	condition:
+		$c0
+}
+
+rule Miracl_crt
+{	meta:
+		author = "Maxx"
+		description = "Miracl crt"
+	strings:
+		$c0 = { 51 56 57 E8 ?? ?? ?? ?? 8B 74 24 10 8B F8 89 7C 24 08 83 7E 0C 02 0F 8C 99 01 00 00 8B 87 18 02 00 00 85 C0 0F 85 8B 01 00 00 8B 57 1C 42 8B C2 89 57 1C 83 F8 18 7D 17 C7 44 87 20 4A 00 00 00 8B 87 2C 02 00 00 85 C0 74 05 E8 ?? ?? ?? ?? 8B 46 04 8B 54 24 14 53 55 8B 08 8B 02 51 50 E8 ?? ?? ?? ?? 8B 4E 0C B8 01 00 00 00 83 C4 08 33 ED 3B C8 89 44 24 18 0F 8E C5 00 00 00 BF 04 00 00 00 8B 46 04 8B 0C 07 8B 10 8B 44 24 1C 51 52 8B 0C 07 51 E8 ?? ?? ?? ?? 8B 56 04 8B 4E 08 8B 04 }
+	condition:
+		$c0
+}
+
+rule CryptoPP_a_exp_b_mod_c
+{	meta:
+		author = "Maxx"
+		description = "CryptoPP a_exp_b_mod_c"
+	strings:
+		$c0 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 81 EC ?? 00 00 00 56 8B B4 24 B0 00 00 00 57 6A 00 8B CE C7 44 24 0C 00 00 00 00 E8 ?? ?? ?? ?? 84 C0 0F 85 16 01 00 00 8D 4C 24 24 E8 ?? ?? ?? ?? BF 01 00 00 00 56 8D 4C 24 34 89 BC 24 A4 00 00 00 E8 ?? ?? ?? ?? 8B 06 8D 4C 24 3C 50 6A 00 C6 84 24 A8 00 00 00 02 E8 ?? ?? ?? ?? 8D 4C 24 48 C6 84 24 A0 00 00 00 03 E8 ?? ?? ?? ?? C7 44 24 24 ?? ?? ?? ?? 8B 8C 24 AC 00 00 00 8D 54 24 0C 51 52 8D 4C 24 2C C7 84 24 A8 }
+		$c1 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 4C 56 57 33 FF 8D 44 24 0C 89 7C 24 08 C7 44 24 10 ?? ?? ?? ?? C7 44 24 0C ?? ?? ?? ?? 89 44 24 14 8B 74 24 70 8D 4C 24 18 56 89 7C 24 60 E8 ?? ?? ?? ?? 8B 76 08 8D 4C 24 2C 56 57 C6 44 24 64 01 E8 ?? ?? ?? ?? 8D 4C 24 40 C6 44 24 5C 02 E8 ?? ?? ?? ?? C7 44 24 0C ?? ?? ?? ?? 8B 4C 24 6C 8B 54 24 68 8B 74 24 64 51 52 56 8D 4C 24 18 C7 44 24 68 03 00 00 00 E8 ?? ?? ?? ?? 8B 7C 24 4C 8B 4C 24 48 8B D7 33 C0 F3 }
+		$c2 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 34 56 57 33 FF 8D 44 24 0C 89 7C 24 08 C7 44 24 10 ?? ?? ?? ?? C7 44 24 0C ?? ?? ?? ?? 89 44 24 14 8B 74 24 58 8D 4C 24 18 56 89 7C 24 48 E8 ?? ?? ?? ?? 8B 0E C6 44 24 44 01 51 57 8D 4C 24 2C E8 ?? ?? ?? ?? 8D 4C 24 30 C6 44 24 44 02 E8 ?? ?? ?? ?? C7 44 24 0C ?? ?? ?? ?? 8B 54 24 54 8B 44 24 50 8B 74 24 4C 52 50 56 8D 4C 24 18 C7 44 24 50 03 00 00 00 E8 ?? ?? ?? ?? 8B 4C 24 30 8B 7C 24 34 33 C0 F3 AB 8B 4C }
+	condition:
+		any of them
+}
+
+rule CryptoPP_modulo
+{	meta:
+		author = "Maxx"
+		description = "CryptoPP modulo"
+	strings:
+		$c0 = { 83 EC 20 53 55 8B 6C 24 2C 8B D9 85 ED 89 5C 24 08 75 18 8D 4C 24 0C E8 ?? ?? ?? ?? 8D 44 24 0C 68 ?? ?? ?? ?? 50 E8 ?? ?? ?? ?? 8D 4D FF 56 85 CD 57 75 09 8B 53 04 8B 02 23 C1 EB 76 8B CB E8 ?? ?? ?? ?? 83 FD 05 8B C8 77 2D 33 F6 33 FF 49 85 C0 74 18 8B 53 04 8D 41 01 8D 14 8A 8B 0A 03 F1 83 D7 00 48 83 EA 04 85 C0 77 F1 6A 00 55 57 56 E8 ?? ?? ?? ?? EB 3B 33 C0 8B D1 49 85 D2 74 32 8B 54 24 10 33 DB 8D 71 01 8B 52 04 8D 3C 8A 8B 17 33 ED 0B C5 8B 6C 24 34 33 C9 53 0B CA 55 }
+		$c1 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 2C 56 57 8B F1 33 FF 8D 4C 24 20 89 7C 24 08 E8 ?? ?? ?? ?? 8D 4C 24 0C 89 7C 24 3C E8 ?? ?? ?? ?? 8B 44 24 48 8D 4C 24 0C 50 56 8D 54 24 28 51 52 C6 44 24 4C 01 E8 ?? ?? ?? ?? 8B 74 24 54 83 C4 10 8D 44 24 20 8B CE 50 E8 ?? ?? ?? ?? 8B 7C 24 18 8B 4C 24 14 8B D7 33 C0 F3 AB 52 E8 ?? ?? ?? ?? 8B 7C 24 30 8B 4C 24 2C 8B D7 33 C0 C7 44 24 10 ?? ?? ?? ?? 52 F3 AB E8 ?? ?? ?? ?? 8B 4C 24 3C 83 C4 08 8B C6 64 89 }
+		$c2 = { 83 EC 24 53 55 8B 6C 24 30 8B D9 85 ED 89 5C 24 08 75 18 8D 4C 24 0C E8 ?? ?? ?? ?? 8D 44 24 0C 68 ?? ?? ?? ?? 50 E8 ?? ?? ?? ?? 8D 4D FF 56 85 CD 57 75 09 8B 53 0C 8B 02 23 C1 EB 76 8B CB E8 ?? ?? ?? ?? 83 FD 05 8B C8 77 2D 33 F6 33 FF 49 85 C0 74 18 8B 53 0C 8D 41 01 8D 14 8A 8B 0A 03 F1 83 D7 00 48 83 EA 04 85 C0 77 F1 6A 00 55 57 56 E8 ?? ?? ?? ?? EB 3B 33 C0 8B D1 49 85 D2 74 32 8B 54 24 10 33 DB 8D 71 01 8B 52 0C 8D 3C 8A 8B 17 33 ED 0B C5 8B 6C 24 38 33 C9 53 0B CA 55 }
+		$c3 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 1C 56 57 8B F1 33 FF 8D 4C 24 0C 89 7C 24 08 E8 ?? ?? ?? ?? 8D 4C 24 18 89 7C 24 2C E8 ?? ?? ?? ?? 8B 44 24 38 8D 4C 24 18 50 56 8D 54 24 14 51 52 C6 44 24 3C 01 E8 ?? ?? ?? ?? 8B 74 24 44 83 C4 10 8D 44 24 0C 8B CE 50 E8 ?? ?? ?? ?? 8B 4C 24 18 8B 7C 24 1C 33 C0 F3 AB 8B 4C 24 1C 51 E8 ?? ?? ?? ?? 8B 4C 24 10 8B 7C 24 14 33 C0 F3 AB 8B 54 24 14 52 E8 ?? ?? ?? ?? 8B 4C 24 2C 83 C4 08 8B C6 64 89 0D 00 00 00 }
+	condition:
+		any of them
+}
+
+rule FGint_MontgomeryModExp
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		version = "0.2"
+		description = "FGint MontgomeryModExp"
+	strings:
+		$c0 = { 55 8B EC 83 C4 ?? 53 56 57 33 DB 89 5D ?? 8B F1 8B DA 89 45 ?? 8B 7D 08 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 ?? 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 D4 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B CF 8B D6 8B 45 FC E8 ?? ?? ?? ?? 8D 55 D4 8B C7 E8 ?? ?? ?? ?? 3C 02 75 0D 8D 45 D4 E8 ?? ?? ?? ?? E9 }
+		$c1 = { 55 8B EC 83 C4 ?? 53 56 57 33 DB 89 5D ?? 8B F1 8B DA 89 45 ?? 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 D4 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B CF 8B D6 8B 45 FC E8 ?? ?? ?? ?? 8D 55 D4 8B C7 E8 ?? ?? ?? ?? 3C 02 75 0D 8D 45 D4 E8 ?? ?? ?? ?? E9 }
+		$c2 = { 55 8B EC 83 C4 ?? 53 56 57 33 DB 89 5D ?? 8B F1 8B DA 89 45 ?? 8B 7D 08 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 ?? 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 ?? 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 ?? 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 D4 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B CF 8B D6 8B 45 ?? E8 ?? ?? ?? ?? 8D 55 D4 8B C7 E8 ?? ?? ?? ?? 3C 02 75 0D 8D 45 D4 E8 ?? ?? ?? ?? E9 }
+		$c3 = { 55 8B EC 83 C4 ?? 53 56 57 33 DB 89 5D ?? 8B F1 8B DA 89 45 D0 8B 7D 08 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 47 4C 47 00 64 FF 30 64 89 20 8D 55 D4 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B CF 8B D6 8B 45 D0 E8 ?? ?? ?? ?? 8D 55 D4 8B C7 E8 ?? ?? ?? ?? 3C 02 75 0D 8D 45 D4 E8 ?? ?? ?? ?? E9 02 02 00 00 }
+	condition:
+		any of them
+}
+
+rule FGint_FGIntModExp
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint FGIntModExp"
+	strings:
+		$c0 = { 55 8B EC 83 C4 E8 53 56 57 33 DB 89 5D ?? 8B F1 89 55 ?? 8B D8 8B 7D 08 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B 46 04 8B 40 04 83 E0 01 83 F8 01 75 0F 57 8B CE 8B 55 ?? 8B C3 E8 ?? ?? ?? ?? EB ?? 8D 55 ?? 8B 45 ?? E8 ?? ?? ?? ?? 8B D7 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 55 F4 8B C3 E8 ?? ?? ?? ?? 8B 45 }
+	condition:
+		$c0
+}
+
+rule FGint_MulByInt
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint MulByInt"
+	strings:
+		$c0 = { 53 56 57 55 83 C4 E8 89 4C 24 04 8B EA 89 04 24 8B 04 24 8B 40 04 8B 00 89 44 24 08 8B 44 24 08 83 C0 02 50 8D 45 04 B9 01 00 00 00 8B 15 ?? ?? ?? ?? ?? ?? ?? ?? ?? 83 C4 04 33 F6 8B 7C 24 08 85 FF 76 6D BB 01 00 00 00 8B 04 24 8B 40 04 8B 04 98 33 D2 89 44 24 10 89 54 24 14 8B 44 24 04 33 D2 52 50 8B 44 24 18 8B 54 24 1C ?? ?? ?? ?? ?? 89 44 24 10 89 54 24 14 8B C6 33 D2 03 44 24 10 13 54 24 14 89 44 24 10 89 54 24 14 8B 44 24 10 25 FF FF FF 7F 8B 55 04 89 04 9A 8B 44 24 10 8B 54 24 14 0F AC D0 1F C1 EA 1F 8B F0 43 4F 75 98 }
+	condition:
+		$c0
+}
+
+rule FGint_DivMod
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint FGIntDivMod"
+	strings:
+		$c0 = { 55 8B EC 83 C4 BC 53 56 57 8B F1 89 55 F8 89 45 FC 8B 5D 08 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B 45 FC 8A 00 88 45 D7 8B 45 F8 8A 00 88 45 D6 8B 45 FC E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 8B D3 8B 45 FC E8 ?? ?? ?? ?? 8D 55 E0 8B 45 F8 E8 ?? ?? ?? ?? 8B 55 F8 8B 45 FC }
+	condition:
+		$c0
+}
+
+rule FGint_FGIntDestroy
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint FGIntDestroy"
+	strings:
+		$c0 = { 53 8B D8 8D 43 04 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 5B C3 }
+	condition:
+		$c0
+}
+
+rule FGint_Base10StringToGInt
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		version = "0.2"
+		description = "FGint Base10StringToGInt"
+	strings:
+		$c0 = { 55 8B EC B9 04 00 00 00 6A 00 6A 00 49 75 F9 51 53 56 57 8B DA 89 45 FC 8B 45 FC ?? ?? ?? ?? ?? 33 C0 55 ?? ?? ?? ?? ?? 64 FF 30 64 89 20 EB 12 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 ?? ?? ?? ?? ?? 8B 45 FC 8A 00 2C 2D 74 11 04 FD 2C 0A 72 0B 8B 45 FC ?? ?? ?? ?? ?? 48 7F D4 8D 45 E4 50 B9 01 00 00 00 BA 01 00 00 00 8B 45 FC ?? ?? ?? ?? ?? 8B 45 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 75 18 C6 45 EB 00 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 ?? ?? ?? ?? ?? EB 18 C6 45 EB 01 EB 12 8D 45 FC }
+		$c1 = { 55 8B EC 83 C4 D8 53 56 57 33 C9 89 4D D8 89 4D DC 89 4D E0 89 4D E4 89 4D EC 8B DA 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 33 C0 55 68 0F 42 45 00 64 FF 30 64 89 20 EB 12 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 E8 ?? ?? ?? ?? 8B 45 FC 8A 00 2C 2D 74 11 04 FD 2C 0A 72 0B 8B 45 FC E8 ?? ?? ?? ?? 48 7F D4 8D 45 E4 50 B9 01 00 00 00 BA 01 00 00 00 8B 45 FC E8 ?? ?? ?? ?? 8B 45 E4 BA 28 42 45 00 E8 ?? ?? ?? ?? 75 18 C6 45 EB 00 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 E8 ?? ?? ?? ?? EB 18 C6 45 EB 01 }
+		$c2 = { 55 8B EC 83 C4 D8 53 56 33 C9 89 4D D8 89 4D DC 89 4D E0 89 4D F8 89 4D F4 8B DA 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 33 C0 55 68 A6 32 47 00 64 FF 30 64 89 20 EB 12 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 E8 ?? ?? ?? ?? 8B 45 FC 0F B6 00 2C 2D 74 11 04 FD 2C 0A 72 0B 8B 45 FC E8 ?? ?? ?? ?? 48 7F D3 8D 45 E0 50 B9 01 00 00 00 BA 01 00 00 00 8B 45 FC E8 ?? ?? ?? ?? 8B 45 E0 BA BC 32 47 00 E8 ?? ?? ?? ?? 75 18 C6 45 E9 00 8D 45 FC B9 01 00 00 00 BA 01 00 00 00 E8 ?? ?? ?? ?? EB 18 C6 45 E9 01 }
+
+	condition:
+		any of them
+}
+
+rule FGint_ConvertBase256to64
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint ConvertBase256to64"
+	strings:
+		$c0 = { 55 8B EC 81 C4 EC FB FF FF 53 56 57 33 C9 89 8D EC FB FF FF 89 8D F0 FB FF FF 89 4D F8 8B FA 89 45 FC B9 00 01 00 00 8D 85 F4 FB FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 85 F4 FB FF FF BA FF 00 00 00 E8 ?? ?? ?? ?? 8D 45 F8 E8 ?? ?? ?? ?? 8B 45 FC E8 ?? ?? ?? ?? 8B D8 85 DB 7E 2F BE 01 00 00 00 8D 45 F8 8B 55 FC 0F B6 54 32 FF 8B 94 95 F4 FB FF FF E8 ?? ?? ?? ?? 46 4B 75 E5 EB }
+	condition:
+		$c0
+}
+
+rule FGint_ConvertHexStringToBase256String
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		version = "0.2"
+		description = "FGint ConvertHexStringToBase256String"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F0 53 56 33 C9 89 4D F0 89 55 F8 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B 45 F8 E8 ?? ?? ?? ?? 8B 45 FC E8 ?? ?? ?? ?? D1 F8 79 03 83 D0 00 85 C0 7E 5F 89 45 F4 BE 01 00 00 00 8B C6 03 C0 8B 55 FC 8A 54 02 FF 8B 4D FC 8A 44 01 FE 3C 3A 73 0A 8B D8 80 EB 30 C1 E3 04 EB 08 8B D8 80 EB 37 C1 E3 04 80 FA 3A 73 07 80 EA 30 0A DA EB 05 80 EA 37 0A DA 8D 45 F0 8B D3 }
+	condition:
+		$c0
+}
+
+rule FGint_Base256StringToGInt
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint Base256StringToGInt"
+	strings:
+		$c0 = { 55 8B EC 81 C4 F8 FB FF FF 53 56 57 33 C9 89 4D F8 8B FA 89 45 FC 8B 45 FC ?? ?? ?? ?? ?? B9 00 01 00 00 8D 85 F8 FB FF FF 8B 15 ?? ?? ?? ?? ?? ?? ?? ?? ?? 33 C0 55 ?? ?? ?? ?? ?? 64 FF 30 64 89 20 8D 45 F8 ?? ?? ?? ?? ?? 8D 85 F8 FB FF FF BA FF 00 00 00 ?? ?? ?? ?? ?? 8B 45 FC ?? ?? ?? ?? ?? 8B D8 85 DB 7E 34 BE 01 00 00 00 8D 45 F8 8B 55 FC 0F B6 54 32 FF 8B 94 95 F8 FB FF FF ?? ?? ?? ?? ?? 46 4B 75 E5 EB 12 8D 45 F8 B9 01 00 00 00 BA 01 00 00 00 ?? ?? ?? ?? ?? 8B 45 F8 80 38 30 75 0F }
+	condition:
+		$c0
+}
+
+rule FGint_FGIntToBase256String
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		version = "0.2"
+		description = "FGint FGIntToBase256String"
+	strings:
+		$c0 = { 55 8B EC 33 C9 51 51 51 51 53 56 8B F2 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 8D 55 FC E8 ?? ?? ?? ?? EB 10 8D 45 FC 8B 4D FC BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 45 FC E8 ?? ?? ?? ?? 25 07 00 00 80 79 05 48 83 C8 F8 40 85 C0 75 D8 8B 45 FC E8 ?? ?? ?? ?? 8B D8 85 DB 79 03 83 C3 07 C1 FB 03 8B C6 E8 ?? ?? ?? ?? 85 DB 76 4B 8D 45 F4 50 B9 08 00 00 00 BA 01 00 00 00 8B 45 FC E8 ?? ?? ?? ?? 8B 55 F4 8D 45 FB E8 ?? ?? ?? ?? 8D 45 F0 8A 55 FB E8 ?? ?? ?? ?? 8B 55 F0 8B C6 E8 ?? ?? ?? ?? 8D 45 FC B9 08 00 00 00 BA 01 00 00 00 E8 ?? ?? ?? ?? 4B 75 B5 }
+		$c1 = { 55 8B EC 33 C9 51 51 51 51 53 56 8B F2 33 D2 55 68 ?? ?? ?? ?? 64 FF 32 64 89 22 8D 55 FC E8 ?? ?? ?? ?? EB 10 8D 45 FC 8B 4D FC BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 45 FC E8 ?? ?? ?? ?? 25 07 00 00 80 79 05 48 83 C8 F8 40 85 C0 75 D8 8B 45 FC 85 C0 74 05 83 E8 04 8B 00 8B D8 85 DB 79 03 83 C3 07 C1 FB 03 8B C6 E8 ?? ?? ?? ?? 85 DB 76 4C 8D 45 F4 50 B9 08 00 00 00 BA 01 00 00 00 8B 45 FC E8 ?? ?? ?? ?? 8B 55 F4 8D 45 FB E8 ?? ?? ?? ?? 8D 45 F0 0F B6 55 FB E8 ?? ?? ?? ?? 8B 55 F0 8B C6 E8 ?? ?? ?? ?? 8D 45 FC B9 08 00 00 00 BA 01 00 00 00 E8 }
+	condition:
+		any of them
+}
+
+rule FGint_ConvertBase256StringToHexString
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint ConvertBase256StringToHexString"
+	strings:
+		$c0 = { 55 8B EC 33 C9 51 51 51 51 51 51 53 56 57 8B F2 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B C6 E8 ?? ?? ?? ?? 8B 45 FC E8 ?? ?? ?? ?? 8B F8 85 FF 0F 8E AB 00 00 00 C7 45 F8 01 00 00 00 8B 45 FC 8B 55 F8 8A 5C 10 FF 33 C0 8A C3 C1 E8 04 83 F8 0A 73 1E 8D 45 F4 33 D2 8A D3 C1 EA 04 83 C2 30 E8 ?? ?? ?? ?? 8B 55 F4 8B C6 E8 ?? ?? ?? ?? EB 1C 8D 45 F0 33 D2 8A D3 C1 EA 04 83 C2 37 E8 ?? ?? ?? ?? 8B 55 F0 8B C6 E8 ?? ?? ?? ?? 8B C3 24 0F 3C 0A 73 22 8D 45 EC 8B D3 80 E2 0F 81 E2 FF 00 00 00 83 C2 30 E8 ?? ?? ?? ?? 8B 55 EC 8B C6 E8 ?? ?? ?? ?? EB 20 8D 45 E8 8B D3 80 E2 0F 81 E2 FF 00 00 00 83 C2 37 }
+	condition:
+		$c0
+}
+
+
+rule FGint_PGPConvertBase256to64
+{	meta:
+		author = "_pusher_"
+		date = "2016-08"
+		description = "FGint PGPConvertBase256to64"
+	strings:
+		$c0 = { 55 8B EC 81 C4 E8 FB FF FF 53 56 57 33 C9 89 8D E8 FB FF FF 89 4D F8 89 4D F4 89 4D F0 8B FA 89 45 FC B9 00 01 00 00 8D 85 EC FB FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 85 EC FB FF FF BA FF 00 00 00 E8 ?? ?? ?? ?? 8D 45 F8 E8 ?? ?? ?? ?? 8B 45 FC 8B 00 E8 ?? ?? ?? ?? 8B D8 85 DB 7E 22 BE 01 00 00 00 8D 45 F8 8B 55 FC 8B 12 0F B6 54 32 FF 8B 94 95 EC FB FF FF E8 ?? ?? ?? ?? 46 4B 75 E3 8B 45 F8 E8 ?? ?? ?? ?? B9 06 00 00 00 99 F7 F9 85 D2 75 0A 8D 45 F0 E8 ?? ?? ?? ?? EB 4B 8B 45 F8 E8 ?? ?? ?? ?? B9 06 00 00 00 99 F7 F9 83 FA 04 75 1C 8D 45 F8 BA 4C 33 40 00 E8 ?? ?? ?? ?? 8D 45 F0 BA 58 33 40 00 E8 ?? ?? ?? ?? EB 1A 8D 45 F8 BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 F0 BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B C7 E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? B9 06 00 00 00 99 F7 F9 8B D8 85 DB 7E 57 8D 45 F4 50 B9 06 00 00 00 BA 01 00 00 00 8B 45 F8 E8 ?? ?? ?? ?? 8D 45 EC 8B 55 F4 E8 ?? ?? ?? ?? 8D 85 E8 FB FF FF 8B 55 EC 8A 92 ?? ?? ?? ?? E8 }
+	condition:
+		$c0
+}
+
+
+rule FGint_RSAEncrypt
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "FGint RSAEncrypt"
+	strings:
+		$c0 = { 55 8B EC 83 C4 D0 53 56 57 33 DB 89 5D D0 89 5D DC 89 5D D8 89 5D D4 8B F9 89 55 F8 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 E0 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 55 DC 8B C7 E8 ?? ?? ?? ?? 8B 45 DC E8 ?? ?? ?? ?? 8B D8 8D 55 DC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 DC 8B 4D DC BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B F3 4E EB 10 }
+	condition:
+		$c0
+}
+
+rule FGint_RsaDecrypt
+{	meta:
+		author = "Maxx"
+		description = "FGint RsaDecrypt"
+	strings:
+		$c0 = { 55 8B EC 83 C4 A0 53 56 57 33 DB 89 5D A0 89 5D A4 89 5D A8 89 5D B4 89 5D B0 89 5D AC 89 4D F8 8B FA 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 B8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 }
+	condition:
+		$c0
+}
+
+rule FGint_RSAVerify
+{	meta:
+		author = "_pusher_"
+		description = "FGint RSAVerify"
+	strings:
+		$c0 = { 55 8B EC 83 C4 E0 53 56 8B F1 89 55 F8 89 45 FC 8B 5D 0C 8B 45 FC E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 E8 8B 45 F8 E8 ?? ?? ?? ?? 8D 55 F0 8B 45 FC E8 ?? ?? ?? ?? 8D 4D E0 8B D3 8D 45 F0 E8 ?? ?? ?? ?? 8D 55 F0 8D 45 E0 E8 ?? ?? ?? ?? 8D 45 E0 50 8B CB 8B D6 8D 45 E8 E8 ?? ?? ?? ?? 8D 55 E8 8D 45 E0 E8 ?? ?? ?? ?? 8D 55 F0 8D 45 E8 E8 ?? ?? ?? ?? 3C 02 8B 45 08 0F 94 00 8D 45 E8 E8 ?? ?? ?? ?? 8D 45 F0 E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? B9 03 00 00 00 E8 ?? ?? ?? ?? 8D 45 F8 BA 02 00 00 00 E8 ?? ?? ?? ?? C3 }
+	condition:
+		$c0
+}
+
+rule FGint_FindPrimeGoodCurveAndPoint
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		description = "FGint FindPrimeGoodCurveAndPoint"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F4 53 56 57 33 DB 89 5D F4 89 4D FC 8B FA 8B F0 33 C0 55 }
+	condition:
+		$c0
+}
+
+rule FGint_ECElGamalEncrypt
+{	meta:
+		author = "_pusher_"
+		date = "2016-08"
+		description = "FGint ECElGamalEncrypt"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 81 C4 3C FF FF FF 53 56 57 33 DB 89 5D D8 89 5D D4 89 5D D0 8B 75 10 8D 7D 8C A5 A5 A5 A5 A5 8B 75 14 8D 7D A0 A5 A5 A5 A5 A5 8B 75 18 8D 7D DC A5 A5 8B 75 1C 8D 7D E4 A5 A5 8B F1 8D 7D EC A5 A5 8B F2 8D 7D F4 A5 A5 89 45 FC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 A0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 8C 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 85 78 FF FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 85 64 FF FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 85 50 FF FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 85 3C FF FF FF 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 BC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 B4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 7D CF }
+		$c1 = { 55 8B EC 83 C4 A8 53 56 57 33 DB 89 5D A8 89 5D AC 89 5D BC 89 5D B8 89 5D B4 89 4D F4 89 55 F8 89 45 FC 8B 75 0C 8B 45 FC E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 71 14 41 00 64 FF 30 64 89 20 8D 55 BC 8B C6 E8 ?? ?? ?? ?? 8B 45 BC E8 ?? ?? ?? ?? 8B D8 8D 55 BC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 BC 8B 4D BC BA 8C 14 41 00 E8 ?? ?? ?? ?? 8B FB 4F EB 10 8D 45 BC 8B 4D BC BA 98 14 41 00 E8 ?? ?? ?? ?? 8B 45 BC }
+	condition:
+		$c0 or $c1
+}
+
+rule FGint_ECAddPoints
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		description = "FGint ECAddPoints"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 A8 53 56 57 8B 75 0C 8D 7D F0 A5 A5 8B F1 8D 7D F8 A5 A5 8B F2 8D 7D A8 A5 A5 A5 A5 A5 8B F0 8D 7D BC A5 A5 A5 A5 A5 8B 5D 08 8D 45 BC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 A8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 F8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D8 8B 15 ?? ?? ?? ?? E8 }
+	condition:
+		$c0
+}
+
+rule FGint_ECPointKMultiple
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		description = "FGint ECPointKMultiple"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 BC 53 56 57 33 DB 89 5D E4 8B 75 0C 8D 7D E8 A5 A5 8B F1 8D 7D F0 A5 A5 8B F2 8D 7D F8 A5 A5 8B F0 8D 7D D0 A5 A5 A5 A5 A5 8B 5D 08 8D 45 D0 8B 15 ?? ?? ?? 00 E8 ?? ?? ?? ?? 8D 45 F8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 BC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 }
+	condition:
+		$c0
+}
+
+rule FGint_ECPointDestroy
+{	meta:
+		author = "_pusher_"
+		date = "2015-06"
+		description = "FGint ECPointDestroy"
+		version = "0.1"
+	strings:
+		$c0 = { 53 8B D8 8B C3 E8 ?? ?? ?? ?? 8D 43 08 E8 ?? ?? ?? ?? 5B C3 }
+	condition:
+		$c0
+}
+
+rule FGint_DSAPrimeSearch
+{	meta:
+		author = "_pusher_"
+		date = "2016-08"
+		description = "FGint DSAPrimeSearch"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 DC 53 56 8B DA 8B F0 8D 45 F8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 4D F8 8B D6 8B C6 E8 ?? ?? ?? ?? 8D 4D E8 8B D6 8B C3 E8 ?? ?? ?? ?? 8D 55 F0 B8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 4D E0 8D 55 E8 8B C3 E8 ?? ?? ?? ?? 8D 45 E8 E8 ?? ?? ?? ?? 8D 4D E8 8D 55 F0 8D 45 E0 E8 ?? ?? ?? ?? 8D 45 E0 E8 ?? ?? ?? ?? 8D 45 F0 E8 ?? ?? ?? ?? 8B 45 EC 8B 40 04 83 E0 01 85 C0 75 18 8D 4D E0 8B D6 8D 45 E8 E8 ?? ?? ?? ?? 8D 55 E8 8D 45 E0 E8 ?? ?? ?? ?? 8B D3 8D 45 E8 E8 ?? ?? ?? ?? C6 45 DF 00 EB 26 8D 4D E8 8D 55 F8 8B C3 E8 ?? ?? ?? ?? 8B D3 8D 45 E8 E8 ?? ?? ?? ?? 8D 4D DF 8B C3 BA 05 00 00 00 E8 ?? ?? ?? ?? 80 7D DF 00 74 D4 8D 45 F8 E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? B9 04 00 00 00 E8 ?? ?? ?? ?? C3 }
+	condition:
+		$c0
+}
+
+rule FGint_DSASign
+{	meta:
+		author = "_pusher_"
+		date = "2016-08"
+		description = "FGint DSASign"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 CC 53 56 57 89 4D FC 8B DA 8B F8 8B 75 14 8B 45 10 E8 ?? ?? ?? ?? 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 CC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 45 F4 50 8B CF 8B D6 8B 45 FC E8 ?? ?? ?? ?? 8D 4D D4 8B D3 8D 45 F4 E8 ?? ?? ?? ?? 8D 45 F4 E8 ?? ?? ?? ?? 8D 4D F4 8B D3 8B C6 E8 ?? ?? ?? ?? 8D 55 EC 8B 45 10 E8 ?? ?? ?? ?? 8D 45 E4 50 8B CB 8D 55 D4 8B 45 18 E8 ?? ?? ?? ?? 8D 4D DC 8D 55 E4 8D 45 EC E8 ?? ?? ?? ?? 8D 45 EC E8 ?? ?? ?? ?? 8D 45 E4 E8 ?? ?? ?? ?? 8D 45 CC 50 8B CB 8D 55 DC 8D 45 F4 E8 ?? ?? ?? ?? 8D 45 F4 E8 ?? ?? ?? ?? 8D 45 DC E8 ?? ?? ?? ?? 8B 55 0C 8D 45 D4 E8 ?? ?? ?? ?? 8B 55 08 8D 45 CC E8 ?? ?? ?? ?? 8D 45 D4 E8 ?? ?? ?? ?? 8D 45 CC E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8D 45 CC 8B 15 ?? ?? ?? ?? B9 06 00 00 00 E8 }
+	condition:
+		$c0
+}
+
+rule FGint_DSAVerify
+{	meta:
+		author = "_pusher_"
+		date = "2016-08"
+		description = "FGint DSAVerify"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 B4 53 56 57 89 4D FC 8B DA 8B F0 8B 7D 08 8B 45 14 E8 ?? ?? ?? ?? 8B 45 10 E8 ?? ?? ?? ?? 8B 45 0C E8 ?? ?? ?? ?? 8D 45 F4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 EC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 DC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 CC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 BC 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 B4 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 CC 8B 45 0C E8 ?? ?? ?? ?? 8D 4D F4 8B D3 8D 45 CC E8 ?? ?? ?? ?? 8D 55 C4 8B 45 14 E8 ?? ?? ?? ?? 8D 45 EC 50 8B CB 8D 55 F4 8D 45 C4 E8 ?? ?? ?? ?? 8D 45 C4 E8 ?? ?? ?? ?? 8D 55 D4 8B 45 10 E8 ?? ?? ?? ?? 8D 45 E4 50 8B CB 8D 55 F4 8D 45 D4 E8 ?? ?? ?? ?? 8D 45 F4 E8 ?? ?? ?? ?? 8D 45 C4 50 8B CE 8D 55 EC 8B 45 FC E8 ?? ?? ?? ?? 8D 45 BC 50 8B CE 8D 55 E4 8B 45 18 E8 ?? ?? ?? ?? 8D 45 B4 50 8B CE 8D 55 BC 8D 45 C4 E8 ?? ?? ?? ?? 8D 45 C4 E8 }
+	condition:
+		$c0
+}
+
+
+rule DES_Long
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "DES [long]"
+	strings:
+		$c0 = { 10 80 10 40 00 00 00 00 00 80 10 00 00 00 10 40 10 00 00 40 10 80 00 00 00 80 00 40 00 80 10 00 00 80 00 00 10 00 10 40 10 00 00 00 00 80 00 40 10 00 10 00 00 80 10 40 00 00 10 40 10 00 00 00 }
+	condition:
+		$c0
+}
+
+rule DES_sbox
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "DES [sbox]"
+	strings:
+		$c0 = { 00 04 01 01 00 00 00 00 00 00 01 00 04 04 01 01 04 00 01 01 04 04 01 00 04 00 00 00 00 00 01 00 00 04 00 00 00 04 01 01 04 04 01 01 00 04 00 00 04 04 00 01 04 00 01 01 00 00 00 01 04 00 00 00 }
+	condition:
+		$c0
+}
+
+rule DES_pbox_long
+{	meta:
+		author = "_pusher_"
+		date = "2015-05"
+		description = "DES [pbox] [long]"
+	strings:
+		$c0 = { 0F 00 00 00 06 00 00 00 13 00 00 00 14 00 00 00 1C 00 00 00 0B 00 00 00 1B 00 00 00 10 00 00 00 00 00 00 00 0E 00 00 00 16 00 00 00 19 00 00 00 04 00 00 00 11 00 00 00 1E 00 00 00 09 00 00 00 01 00 00 00 07 00 00 00 17 00 00 00 0D 00 00 00 1F 00 00 00 1A 00 00 00 02 00 00 00 08 00 00 00 12 00 00 00 0C 00 00 00 1D 00 00 00 05 00 00 00 }
+	condition:
+		$c0
+}
+
+rule OpenSSL_BN_mod_exp2_mont
+{	meta:
+		author = "Maxx"
+		description = "OpenSSL BN_mod_exp2_mont"
+	strings:
+		$c0 = { B8 30 05 00 00 E8 ?? ?? ?? ?? 8B 84 24 48 05 00 00 53 33 DB 56 8B 08 57 89 5C 24 24 89 5C 24 30 8A 01 89 5C 24 28 A8 01 89 5C 24 0C 75 24 68 89 00 00 00 68 ?? ?? ?? ?? 6A 66 6A 76 6A 03 E8 ?? ?? ?? ?? 83 C4 14 33 C0 5F 5E 5B 81 C4 30 05 00 00 C3 8B 94 24 48 05 00 00 52 E8 ?? ?? ?? ?? 8B F0 8B 84 24 54 05 00 00 50 E8 ?? ?? ?? ?? 83 C4 08 3B F3 8B F8 75 20 3B FB 75 1C 8B 8C 24 40 05 00 00 6A 01 51 E8 ?? ?? ?? ?? 83 C4 08 5F 5E 5B 81 C4 30 05 00 00 C3 3B F7 89 74 24 18 7F 04 89 }
+	condition:
+		$c0
+}
+
+rule OpenSSL_BN_mod_exp_mont
+{	meta:
+		author = "Maxx"
+		description = "OpenSSL BN_mod_exp_mont"
+	strings:
+		$c0 = { B8 A0 02 00 00 E8 ?? ?? ?? ?? 53 56 57 8B BC 24 BC 02 00 00 33 F6 8B 07 89 74 24 24 89 74 24 20 89 74 24 0C F6 00 01 75 24 68 72 01 00 00 68 ?? ?? ?? ?? 6A 66 6A 6D 6A 03 E8 ?? ?? ?? ?? 83 C4 14 33 C0 5F 5E 5B 81 C4 A0 02 00 00 C3 8B 8C 24 B8 02 00 00 51 E8 ?? ?? ?? ?? 8B D8 83 C4 04 3B DE 89 5C 24 18 75 1C 8B 94 24 B0 02 00 00 6A 01 52 E8 ?? ?? ?? ?? 83 C4 08 5F 5E 5B 81 C4 A0 02 00 00 C3 55 8B AC 24 C4 02 00 00 55 E8 ?? ?? ?? ?? 55 E8 ?? ?? ?? ?? 8B F0 55 89 74 24 24 E8 }
+	condition:
+		$c0
+}
+
+rule OpenSSL_BN_mod_exp_recp
+{	meta:
+		author = "Maxx"
+		description = "OpenSSL BN_mod_exp_recp"
+	strings:
+		$c0 = { B8 C8 02 00 00 E8 ?? ?? ?? ?? 8B 84 24 D4 02 00 00 55 56 33 F6 50 89 74 24 1C 89 74 24 18 E8 ?? ?? ?? ?? 8B E8 83 C4 04 3B EE 89 6C 24 0C 75 1B 8B 8C 24 D4 02 00 00 6A 01 51 E8 ?? ?? ?? ?? 83 C4 08 5E 5D 81 C4 C8 02 00 00 C3 53 57 8B BC 24 EC 02 00 00 57 E8 ?? ?? ?? ?? 57 E8 ?? ?? ?? ?? 8B D8 83 C4 08 3B DE 0F 84 E7 02 00 00 8D 54 24 24 52 E8 ?? ?? ?? ?? 8B B4 24 EC 02 00 00 83 C4 04 8B 46 0C 85 C0 74 32 56 53 E8 ?? ?? ?? ?? 83 C4 08 85 C0 0F 84 BA 02 00 00 57 8D 44 24 28 53 }
+	condition:
+		$c0
+}
+
+rule OpenSSL_BN_mod_exp_simple
+{	meta:
+		author = "Maxx"
+		description = "OpenSSL BN_mod_exp_simple"
+	strings:
+		$c0 = { B8 98 02 00 00 E8 ?? ?? ?? ?? 8B 84 24 A4 02 00 00 55 56 33 ED 50 89 6C 24 1C 89 6C 24 18 E8 ?? ?? ?? ?? 8B F0 83 C4 04 3B F5 89 74 24 0C 75 1B 8B 8C 24 A4 02 00 00 6A 01 51 E8 ?? ?? ?? ?? 83 C4 08 5E 5D 81 C4 98 02 00 00 C3 53 57 8B BC 24 BC 02 00 00 57 E8 ?? ?? ?? ?? 57 E8 ?? ?? ?? ?? 8B D8 83 C4 08 3B DD 0F 84 71 02 00 00 8D 54 24 28 52 E8 ?? ?? ?? ?? 8B AC 24 BC 02 00 00 8B 84 24 B4 02 00 00 57 55 8D 4C 24 34 50 51 C7 44 24 30 01 00 00 00 E8 ?? ?? ?? ?? 83 C4 14 85 C0 0F }
+	condition:
+		$c0
+}
+
+rule OpenSSL_BN_mod_exp_inverse
+{	meta:
+		author = "Maxx"
+		description = "OpenSSL BN_mod_exp_inverse"
+	strings:
+		$c0 = { B8 18 00 00 00 E8 ?? ?? ?? ?? 53 55 56 57 8B 7C 24 38 33 C0 57 89 44 24 20 89 44 24 24 E8 ?? ?? ?? ?? 57 E8 ?? ?? ?? ?? 57 89 44 24 1C E8 ?? ?? ?? ?? 57 8B F0 E8 ?? ?? ?? ?? 57 89 44 24 28 E8 ?? ?? ?? ?? 57 8B E8 E8 ?? ?? ?? ?? 57 8B D8 E8 ?? ?? ?? ?? 8B F8 8B 44 24 54 50 89 7C 24 38 E8 ?? ?? ?? ?? 83 C4 20 89 44 24 24 85 C0 8B 44 24 2C 0F 84 78 05 00 00 85 C0 75 05 E8 ?? ?? ?? ?? 85 C0 89 44 24 1C 0F 84 63 05 00 00 8B 4C 24 14 6A 01 51 E8 ?? ?? ?? ?? 6A 00 57 E8 }
+	condition:
+		$c0
+}
+
+rule OpenSSL_DSA
+{
+	meta:
+		author="_pusher_"
+		date="2016-08"
+	strings:	
+		$a0 = "bignum_data" wide ascii nocase
+		$a1 = "DSA_METHOD" wide ascii nocase
+		$a2 = "PDSA" wide ascii nocase
+		$a3 = "dsa_mod_exp" wide ascii nocase
+		$a4 = "bn_mod_exp" wide ascii nocase
+		$a5 = "dsa_do_verify" wide ascii nocase
+		$a6 = "dsa_sign_setup" wide ascii nocase
+		$a7 = "dsa_do_sign" wide ascii nocase
+		$a8 = "dsa_paramgen" wide ascii nocase
+		$a9 = "BN_MONT_CTX" wide ascii nocase
+	condition:
+		7 of ($a*)
+}
+
+rule FGint_RsaSign
+{	meta:
+		author = "Maxx"
+		description = "FGint RsaSign"
+	strings:
+		$c0 = { 55 8B EC 83 C4 B8 53 56 57 89 4D F8 8B FA 89 45 FC 8B 75 0C 8B 5D 10 8B 45 FC E8 ?? ?? ?? ?? 8D 45 F0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 E0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 D0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 C0 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8D 45 B8 8B 15 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8D 55 F0 }
+	condition:
+		$c0
+}
+
+
+rule LockBox_RsaEncryptFile
+{	meta:
+		author = "Maxx"
+		description = "LockBox RsaEncryptFile"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F8 53 56 8B F1 8B DA 6A 20 8B C8 B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 FC 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 68 FF FF 00 00 8B CB B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F8 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8A 45 08 50 8B CE 8B 55 F8 8B 45 FC E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? C3 }
+	condition:
+		$c0
+}
+
+rule LockBox_DecryptRsaEx
+{	meta:
+		author = "Maxx"
+		description = "LockBox DecryptRsaEx"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F4 53 56 57 89 4D F8 89 55 FC 8B D8 33 C0 8A 43 04 0F B7 34 45 ?? ?? ?? ?? 0F B7 3C 45 ?? ?? ?? ?? 8B CE B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F4 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B 55 FC 8B CE 8B 45 F4 E8 ?? ?? ?? ?? 6A 00 B1 02 8B D3 8B 45 F4 E8 ?? ?? ?? ?? 8B 45 F4 E8 ?? ?? ?? ?? 3B C7 7E 16 B9 ?? ?? ?? ?? B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 45 F4 E8 ?? ?? ?? ?? 8B C8 8B 55 F8 8B 45 F4 E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 }
+	condition:
+		$c0
+}
+
+rule LockBox_EncryptRsaEx
+{	meta:
+		author = "Maxx"
+		description = "LockBox EncryptRsaEx"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F8 53 56 57 89 4D FC 8B FA 8B F0 33 C0 8A 46 04 0F B7 1C 45 ?? ?? ?? ?? 8B CB B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 45 F8 33 C0 55 68 ?? ?? ?? ?? 64 FF 30 64 89 20 8B D7 8B 4D 08 8B 45 F8 E8 ?? ?? ?? ?? 6A 01 B1 02 8B D6 8B 45 F8 E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 3B C3 7E 16 B9 ?? ?? ?? ?? B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 45 F8 E8 ?? ?? ?? ?? 8B C8 8B 55 FC 8B 45 F8 E8 ?? ?? ?? ?? 33 C0 5A 59 59 64 89 10 68 ?? ?? ?? ?? 8B 45 F8 E8 }
+	condition:
+		$c0
+}
+
+rule LockBox_TlbRsaKey
+{	meta:
+		author = "Maxx"
+		description = "LockBox TlbRsaKey"
+	strings:
+		$c0 = { 53 56 84 D2 74 08 83 C4 F0 E8 ?? ?? ?? ?? 8B DA 8B F0 33 D2 8B C6 E8 ?? ?? ?? ?? 33 C0 8A 46 04 8B 15 ?? ?? ?? ?? 0F B7 0C 42 B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 46 0C 33 C0 8A 46 04 8B 15 ?? ?? ?? ?? 0F B7 0C 42 B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 89 46 10 8B C6 84 DB 74 0F E8 ?? ?? ?? ?? 64 8F 05 00 00 00 00 83 C4 0C 8B C6 5E 5B C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_bpInit
+{	meta:
+		author = "Maxx"
+		description = "BigDig bpInit"
+	strings:
+		$c0 = { 56 8B 74 24 0C 6A 04 56 E8 ?? ?? ?? ?? 8B C8 8B 44 24 10 83 C4 08 85 C9 89 08 75 04 33 C0 5E C3 89 70 08 C7 40 04 00 00 00 00 5E C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_mpModExp
+{	meta:
+		author = "Maxx"
+		description = "BigDig mpModExp"
+	strings:
+		$c0 = { 56 8B 74 24 18 85 F6 75 05 83 C8 FF 5E C3 53 55 8B 6C 24 18 57 56 55 E8 ?? ?? ?? ?? 8B D8 83 C4 08 BF 00 00 00 80 8B 44 9D FC 85 C7 75 04 D1 EF 75 F8 83 FF 01 75 08 BF 00 00 00 80 4B EB 02 D1 EF 8B 44 24 18 56 8B 74 24 18 50 56 E8 ?? ?? ?? ?? 83 C4 0C 85 DB 74 4F 8D 6C 9D FC 8B 4C 24 24 8B 54 24 20 51 52 56 56 56 E8 ?? ?? ?? ?? 8B 45 00 83 C4 14 85 C7 74 19 8B 44 24 24 8B 4C 24 20 8B 54 24 18 50 51 52 56 56 E8 ?? ?? ?? ?? 83 C4 14 83 FF 01 75 0B 4B BF 00 00 00 80 83 ED 04 EB }
+	condition:
+		$c0
+}
+
+rule BigDig_mpModInv
+{	meta:
+		author = "Maxx"
+		description = "BigDig mpModInv"
+	strings:
+		$c0 = { 81 EC 2C 07 00 00 8D 84 24 CC 00 00 00 53 56 8B B4 24 44 07 00 00 57 56 6A 01 50 E8 ?? ?? ?? ?? 8B 8C 24 4C 07 00 00 56 8D 94 24 80 02 00 00 51 52 E8 ?? ?? ?? ?? 8D 84 24 BC 01 00 00 56 50 E8 ?? ?? ?? ?? 8B 9C 24 64 07 00 00 56 8D 4C 24 30 53 51 E8 ?? ?? ?? ?? 8D 54 24 38 56 52 BF 01 00 00 00 E8 ?? ?? ?? ?? 83 C4 34 85 C0 0F 85 ED 00 00 00 8D 44 24 0C 56 50 8D 8C 24 78 02 00 00 56 8D 94 24 48 03 00 00 51 8D 84 24 18 04 00 00 52 50 E8 ?? ?? ?? ?? 8D 8C 24 BC 01 00 00 56 8D 94 }
+	condition:
+		$c0
+}
+
+rule BigDig_mpModMult
+{	meta:
+		author = "Maxx"
+		description = "BigDig mpModMult"
+	strings:
+		$c0 = { 8B 44 24 0C 8B 4C 24 08 81 EC 98 01 00 00 8D 54 24 00 56 8B B4 24 B0 01 00 00 57 56 50 51 52 E8 ?? ?? ?? ?? 8B 84 24 C0 01 00 00 8B 94 24 B4 01 00 00 8D 3C 36 56 50 8D 4C 24 20 57 51 52 E8 ?? ?? ?? ?? 8D 44 24 2C 57 50 E8 ?? ?? ?? ?? 83 C4 2C 33 C0 5F 5E 81 C4 98 01 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_mpModulo
+{	meta:
+		author = "Maxx"
+		description = "BigDig mpModulo"
+	strings:
+		$c0 = { 8B 44 24 10 81 EC 30 03 00 00 8B 8C 24 38 03 00 00 8D 54 24 00 56 8B B4 24 40 03 00 00 57 8B BC 24 4C 03 00 00 57 50 56 51 8D 84 24 B0 01 00 00 52 50 E8 ?? ?? ?? ?? 8B 94 24 54 03 00 00 8D 4C 24 20 57 51 52 E8 ?? ?? ?? ?? 8D 44 24 2C 56 50 E8 ?? ?? ?? ?? 8D 8C 24 CC 01 00 00 56 51 E8 ?? ?? ?? ?? 83 C4 34 33 C0 5F 5E 81 C4 30 03 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_spModExpB
+{	meta:
+		author = "Maxx"
+		description = "BigDig spModExpB"
+	strings:
+		$c0 = { 53 8B 5C 24 10 55 56 BE 00 00 00 80 85 F3 75 04 D1 EE 75 F8 8B 6C 24 14 8B C5 D1 EE 89 44 24 18 74 48 57 8B 7C 24 20 EB 04 8B 44 24 1C 57 50 50 8D 44 24 28 50 E8 ?? ?? ?? ?? 83 C4 10 85 F3 74 14 8B 4C 24 1C 57 55 8D 54 24 24 51 52 E8 ?? ?? ?? ?? 83 C4 10 D1 EE 75 D0 8B 44 24 14 8B 4C 24 1C 5F 5E 89 08 5D 33 C0 5B C3 8B 54 24 10 5E 5D 5B 89 02 33 C0 C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_spModInv
+{	meta:
+		author = "Maxx"
+		description = "BigDig spModInv"
+	strings:
+		$c0 = { 51 8B 4C 24 10 55 56 BD 01 00 00 00 33 F6 57 8B 7C 24 18 89 6C 24 0C 85 C9 74 42 53 8B C7 33 D2 F7 F1 8B C7 8B F9 8B DA 33 D2 F7 F1 8B CB 0F AF C6 03 C5 8B EE 8B F0 8B 44 24 10 F7 D8 85 DB 89 44 24 10 75 D7 85 C0 5B 7D 13 8B 44 24 1C 8B 4C 24 14 2B C5 5F 89 01 5E 33 C0 5D 59 C3 8B 54 24 14 5F 5E 33 C0 89 2A 5D 59 C3 }
+	condition:
+		$c0
+}
+
+rule BigDig_spModMult
+{	meta:
+		author = "Maxx"
+		description = "BigDig spModMult"
+	strings:
+		$c0 = { 8B 44 24 0C 8B 4C 24 08 83 EC 08 8D 54 24 00 50 51 52 E8 ?? ?? ?? ?? 8B 44 24 24 6A 02 8D 4C 24 10 50 51 E8 ?? ?? ?? ?? 8B 54 24 24 89 02 33 C0 83 C4 20 C3 }
+	condition:
+		$c0
+}
+
+rule CryptoPP_ApplyFunction
+{	meta:
+		author = "Maxx"
+		description = "CryptoPP ApplyFunction"
+	strings:
+		$c0 = { 51 8D 41 E4 56 8B 74 24 0C 83 C1 F0 50 51 8B 4C 24 18 C7 44 24 0C 00 00 00 00 51 56 E8 ?? ?? ?? ?? 83 C4 10 8B C6 5E 59 C2 08 00 }
+		$c1 = { 51 53 56 8B F1 57 6A 00 C7 44 24 10 00 00 00 00 8B 46 04 8B 48 04 8B 5C 31 04 8D 7C 31 04 E8 ?? ?? ?? ?? 50 8B CF FF 53 10 8B 44 24 18 8D 56 08 83 C6 1C 52 56 8B 74 24 1C 50 56 E8 ?? ?? ?? ?? 83 C4 10 8B C6 5F 5E 5B 59 C2 08 00 }
+	condition:
+		any of them
+}
+
+rule CryptoPP_RsaFunction
+{	meta:
+		author = "Maxx"
+		description = "CryptoPP RsaFunction"
+	strings:
+		$c0 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 81 EC 9C 00 00 00 8B 84 24 B0 00 00 00 53 55 56 33 ED 8B F1 57 3B C5 89 B4 24 A8 00 00 00 89 6C 24 10 BF 01 00 00 00 74 18 C7 06 ?? ?? ?? ?? C7 46 20 ?? ?? ?? ?? 89 7C 24 10 89 AC 24 B4 00 00 00 8D 4E 04 E8 ?? ?? ?? ?? 8D 4E 10 89 BC 24 B4 00 00 00 E8 ?? ?? ?? ?? 8B 06 BB ?? ?? ?? ?? BF ?? ?? ?? ?? 8B 48 04 C7 04 31 ?? ?? ?? ?? 8B 16 8B 42 04 8B 54 24 10 83 CA 02 8D 48 E0 89 54 24 10 89 4C 30 FC 89 5C 24 18 89 7C }
+		$c1 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 08 8B 44 24 1C 53 8B 5C 24 1C 56 8B F1 57 33 C9 89 74 24 10 3B C1 89 4C 24 0C 74 7B C7 46 04 ?? ?? ?? ?? C7 46 3C ?? ?? ?? ?? C7 46 30 ?? ?? ?? ?? C7 46 34 ?? ?? ?? ?? 3B D9 75 06 89 4C 24 28 EB 0E 8B 43 04 8B 50 0C 8D 44 1A 04 89 44 24 28 8B 56 3C C7 44 24 0C 07 00 00 00 8B 42 04 C7 44 30 3C ?? ?? ?? ?? 8B 56 3C 8B 42 08 C7 44 30 3C ?? ?? ?? ?? 8B 56 3C C7 46 38 ?? ?? ?? ?? 8B 42 04 C7 44 30 3C }
+		$c2 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 83 EC 08 8B 44 24 18 56 8B F1 57 85 C0 89 74 24 0C C7 44 24 08 00 00 00 00 74 63 C7 46 04 ?? ?? ?? ?? C7 46 3C ?? ?? ?? ?? C7 46 30 ?? ?? ?? ?? C7 46 34 ?? ?? ?? ?? 8B 46 3C C7 44 24 08 07 00 00 00 8B 48 04 C7 44 31 3C ?? ?? ?? ?? 8B 56 3C 8B 42 08 C7 44 30 3C ?? ?? ?? ?? 8B 4E 3C C7 46 38 ?? ?? ?? ?? 8B 51 04 C7 44 32 3C ?? ?? ?? ?? 8B 46 3C 8B 48 08 C7 44 31 3C ?? ?? ?? ?? C7 06 ?? ?? ?? ?? 8D 7E 04 6A 00 8B CF }
+	condition:
+		any of them
+}
+
+rule CryptoPP_Integer_constructor
+{	meta:
+		author = "Maxx"
+		description = "CryptoPP Integer constructor"
+	strings:
+		$c0 = { 8B 44 24 08 56 83 F8 08 8B F1 77 09 8B 14 85 ?? ?? ?? ?? EB 37 83 F8 10 77 07 BA 10 00 00 00 EB 2B 83 F8 20 77 07 BA 20 00 00 00 EB 1F 83 F8 40 77 07 BA 40 00 00 00 EB 13 48 50 E8 ?? ?? ?? ?? BA 01 00 00 00 8B C8 83 C4 04 D3 E2 8D 04 95 00 00 00 00 89 16 50 E8 ?? ?? ?? ?? 8B 4C 24 0C 89 46 04 C7 46 08 00 00 00 00 89 08 8B 0E 8B 46 04 83 C4 04 49 74 0F 57 8D 78 04 33 C0 F3 AB 8B C6 5F 5E C2 08 00 8B C6 5E C2 08 00 }
+		$c1 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 51 56 8B F1 89 74 24 04 C7 06 ?? ?? ?? ?? 6A 08 C7 44 24 14 00 00 00 00 C7 46 08 02 00 00 00 E8 ?? ?? ?? ?? 89 46 0C C7 46 10 00 00 00 00 C7 06 ?? ?? ?? ?? 8B 46 0C 83 C4 04 C7 40 04 00 00 00 00 8B 4E 0C 8B C6 5E C7 01 00 00 00 00 8B 4C 24 04 64 89 0D 00 00 00 00 83 C4 10 C3 }
+		$c2 = { 6A FF 68 ?? ?? ?? ?? 64 A1 00 00 00 00 50 64 89 25 00 00 00 00 51 56 8B F1 57 89 74 24 08 C7 06 ?? ?? ?? ?? 8B 7C 24 1C C7 44 24 14 00 00 00 00 8B CF E8 ?? ?? ?? ?? 83 F8 08 77 09 8B 14 85 ?? ?? ?? ?? EB 37 83 F8 10 77 07 BA 10 00 00 00 EB 2B 83 F8 20 77 07 BA 20 00 00 00 EB 1F 83 F8 40 77 07 BA 40 00 00 00 EB 13 48 50 E8 ?? ?? ?? ?? BA 01 00 00 00 8B C8 83 C4 04 D3 E2 85 D2 89 56 08 76 12 8D 04 95 00 00 00 00 50 E8 ?? ?? ?? ?? 83 C4 04 EB 02 33 C0 89 46 0C 8B 4F 10 89 4E 10 }
+		$c3 = { 56 57 8B 7C 24 0C 8B F1 8B CF E8 ?? ?? ?? ?? 83 F8 08 77 09 8B 14 85 ?? ?? ?? ?? EB 37 83 F8 10 77 07 BA 10 00 00 00 EB 2B 83 F8 20 77 07 BA 20 00 00 00 EB 1F 83 F8 40 77 07 BA 40 00 00 00 EB 13 48 50 E8 ?? ?? ?? ?? BA 01 00 00 00 8B C8 83 C4 04 D3 E2 8D 04 95 00 00 00 00 89 16 50 E8 ?? ?? ?? ?? 8B 16 89 46 04 8B 4F 08 83 C4 04 89 4E 08 8B 4F 04 85 D2 76 0D 2B C8 8B 3C 01 89 38 83 C0 04 4A 75 F5 8B C6 5F 5E C2 04 00 }
+	condition:
+		any of them
+}
+
+rule RijnDael_AES
+{	meta:
+		author = "_pusher_"
+		description = "RijnDael AES"
+		date = "2016-06"
+	strings:
+		$c0 = { A5 63 63 C6 84 7C 7C F8 }
+	condition:
+		$c0
+}
+
+rule RijnDael_AES_CHAR
+{	meta:
+		author = "_pusher_"
+		description = "RijnDael AES (check2) [char]"
+		date = "2016-06"
+	strings:
+		$c0 = { 63 7C 77 7B F2 6B 6F C5 30 01 67 2B FE D7 AB 76 CA 82 C9 7D FA 59 47 F0 AD D4 A2 AF 9C A4 72 C0 }
+	condition:
+		$c0
+}
+
+rule RijnDael_AES_CHAR_inv
+{	meta:
+		author = "_pusher_"
+		description = "RijnDael AES S-inv [char]"
+		//needs improvement
+		date = "2016-07"
+	strings:
+		$c0 = { 48 38 47 00 88 17 33 D2 8A 56 0D 8A 92 48 38 47 00 88 57 01 33 D2 8A 56 0A 8A 92 48 38 47 00 88 57 02 33 D2 8A 56 07 8A 92 48 38 47 00 88 57 03 33 D2 8A 56 04 8A 92 }
+	condition:
+		$c0
+}
+
+rule RijnDael_AES_LONG
+{	meta:
+		author = "_pusher_"
+		description = "RijnDael AES"
+		date = "2016-06"
+	strings:
+		$c0 = { 63 7C 77 7B F2 6B 6F C5 30 01 67 2B FE D7 AB 76 CA 82 C9 7D FA 59 47 F0 AD D4 A2 AF 9C A4 72 C0 }
+	condition:
+		$c0
+}
+
+rule RijnDael_AES_LONG_inv
+{	meta:
+		author = "edeca"
+		description = "RijnDael AES"
+		date = "2019-10"
+	strings:
+		$c0 = { 52 09 6A D5 30 36 A5 38 BF 40 A3 9E 81 F3 D7 FB 7C E3 39 82 9B 2F FF 87 34 8E 43 44 C4 DE E9 CB }
+	condition:
+		$c0
+}
+
+rule RijnDael_AES_RCON
+{	meta:
+		author = "edeca"
+		description = "RijnDael AES round constants"
+		date = "2019-10"
+	strings:
+		$c0 = { 8D 01 02 04 08 10 20 40 80 1B 36 6C D8 AB 4D 9A }
+	condition:
+		$c0
+}
+
+rule RsaRef2_NN_modExp
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 NN_modExp"
+	strings:
+		$c0 = { 81 EC 1C 02 00 00 53 55 56 8B B4 24 30 02 00 00 57 8B BC 24 44 02 00 00 57 8D 84 24 A4 00 00 00 56 50 E8 ?? ?? ?? ?? 8B 9C 24 4C 02 00 00 57 53 8D 8C 24 B4 00 00 00 56 8D 94 24 3C 01 00 00 51 52 E8 ?? ?? ?? ?? 57 53 8D 84 24 4C 01 00 00 56 8D 8C 24 D4 01 00 00 50 51 E8 ?? ?? ?? ?? 8D 54 24 50 57 52 E8 ?? ?? ?? ?? 8B 84 24 78 02 00 00 8B B4 24 74 02 00 00 50 56 C7 44 24 60 01 00 00 00 E8 ?? ?? ?? ?? 8D 48 FF 83 C4 44 8B E9 89 4C 24 18 85 ED 0F 8C AF 00 00 00 8D 34 AE 89 74 24 }
+	condition:
+		any of them
+}
+
+rule RsaRef2_NN_modInv
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 NN_modInv"
+	strings:
+		$c0 = { 81 EC A4 04 00 00 53 56 8B B4 24 BC 04 00 00 57 8D 84 24 ?? 00 00 00 56 50 E8 ?? ?? ?? ?? 8D 8C 24 1C 01 00 00 BF 01 00 00 00 56 51 89 BC 24 A0 00 00 00 E8 ?? ?? ?? ?? 8B 94 24 C8 04 00 00 56 8D 84 24 AC 01 00 00 52 50 E8 ?? ?? ?? ?? 8B 9C 24 D8 04 00 00 56 8D 4C 24 2C 53 51 E8 ?? ?? ?? ?? 8D 54 24 34 56 52 E8 ?? ?? ?? ?? 83 C4 30 85 C0 0F 85 ED 00 00 00 8D 44 24 0C 56 50 8D 8C 24 A0 01 00 00 56 8D 94 24 AC 02 00 00 51 8D 84 24 34 03 00 00 52 50 E8 ?? ?? ?? ?? 8D 8C 24 2C 01 }
+	condition:
+		$c0
+}
+
+rule RsaRef2_NN_modMult
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 NN_modMult"
+	strings:
+		$c0 = { 8B 44 24 0C 8B 4C 24 08 81 EC 08 01 00 00 8D 54 24 00 56 8B B4 24 20 01 00 00 56 50 51 52 E8 ?? ?? ?? ?? 8B 84 24 2C 01 00 00 56 8D 0C 36 50 8B 84 24 28 01 00 00 8D 54 24 1C 51 52 50 E8 ?? ?? ?? ?? 68 08 01 00 00 8D 4C 24 2C 6A 00 51 E8 ?? ?? ?? ?? 83 C4 30 5E 81 C4 08 01 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule RsaRef2_RsaPrivateDecrypt
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 RsaPrivateDecrypt"
+	strings:
+		$c0 = { 8B 44 24 14 81 EC 84 00 00 00 8B 8C 24 94 00 00 00 56 8B 30 83 C6 07 C1 EE 03 3B CE 76 0D B8 06 04 00 00 5E 81 C4 84 00 00 00 C3 50 8B 84 24 98 00 00 00 51 8D 4C 24 0C 50 8D 54 24 14 51 52 E8 ?? ?? ?? ?? 83 C4 14 85 C0 0F 85 8B 00 00 00 39 74 24 04 74 0D B8 06 04 00 00 5E 81 C4 84 00 00 00 C3 8A 44 24 08 84 C0 75 6B 8A 4C 24 09 B8 02 00 00 00 3A C8 75 5E 8D 4E FF 3B C8 76 0D 8A 54 04 08 84 D2 74 05 40 3B C1 72 F3 40 3B C6 73 45 8B 94 24 ?? 00 00 00 8B CE 2B C8 89 0A 8D 51 0B }
+	condition:
+		$c0
+}
+
+rule RsaRef2_RsaPrivateEncrypt
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 RsaPrivateEncrypt"
+	strings:
+		$c0 = { 8B 44 24 14 8B 54 24 10 81 EC 80 00 00 00 8D 4A 0B 56 8B 30 83 C6 07 C1 EE 03 3B CE 76 0D B8 06 04 00 00 5E 81 C4 80 00 00 00 C3 8B CE B8 02 00 00 00 2B CA C6 44 24 04 00 49 C6 44 24 05 01 3B C8 76 23 53 55 8D 69 FE 57 8B CD 83 C8 FF 8B D9 8D 7C 24 12 C1 E9 02 F3 AB 8B CB 83 E1 03 F3 AA 8D 45 02 5F 5D 5B 52 8B 94 24 94 00 00 00 C6 44 04 08 00 8D 44 04 09 52 50 E8 ?? ?? ?? ?? 8B 8C 24 A4 00 00 00 8B 84 24 98 00 00 00 51 8B 8C 24 98 00 00 00 8D 54 24 14 56 52 50 51 E8 }
+	condition:
+		$c0
+}
+
+rule RsaRef2_RsaPublicDecrypt
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 RsaPublicDecrypt"
+	strings:
+		$c0 = { 8B 44 24 14 81 EC 84 00 00 00 8B 8C 24 94 00 00 00 56 8B 30 83 C6 07 C1 EE 03 3B CE 76 0D B8 06 04 00 00 5E 81 C4 84 00 00 00 C3 50 8B 84 24 98 00 00 00 51 8D 4C 24 0C 50 8D 54 24 14 51 52 E8 ?? ?? ?? ?? 83 C4 14 85 C0 0F 85 8E 00 00 00 39 74 24 04 74 0D B8 06 04 00 00 5E 81 C4 84 00 00 00 C3 8A 44 24 08 84 C0 75 6E 80 7C 24 09 01 75 67 B8 02 00 00 00 8D 4E FF 3B C8 76 0D B2 FF 38 54 04 08 75 05 40 3B C1 72 F5 8A 4C 04 08 40 84 C9 75 45 8B 94 24 ?? 00 00 00 8B CE 2B C8 89 0A }
+	condition:
+		$c0
+}
+
+rule RsaRef2_RsaPublicEncrypt
+{	meta:
+		author = "Maxx"
+		description = "RsaRef2 RsaPublicEncrypt"
+	strings:
+		$c0 = { 8B 44 24 14 81 EC 84 00 00 00 53 8B 9C 24 98 00 00 00 57 8B 38 83 C7 07 8D 4B 0B C1 EF 03 3B CF 76 0E 5F B8 06 04 00 00 5B 81 C4 84 00 00 00 C3 8B D7 55 2B D3 56 BE 02 00 00 00 C6 44 24 14 00 8D 6A FF C6 44 24 15 02 3B EE 76 28 8B 84 24 AC 00 00 00 8D 4C 24 13 50 6A 01 51 E8 ?? ?? ?? ?? 8A 44 24 1F 83 C4 0C 84 C0 74 E1 88 44 34 14 46 3B F5 72 D8 8B 94 24 A0 00 00 00 53 8D 44 34 19 52 50 C6 44 34 20 00 E8 ?? ?? ?? ?? 8B 8C 24 B4 00 00 00 8B 84 24 A8 00 00 00 51 8B 8C 24 A8 00 }
+	condition:
+		$c0
+}
+
+rule RsaEuro_NN_modInv
+{	meta:
+		author = "Maxx"
+		description = "RsaEuro NN_modInv"
+	strings:
+		$c0 = { 81 EC A4 04 00 00 53 56 8B B4 24 BC 04 00 00 57 8D 44 24 0C 56 50 E8 ?? ?? ?? ?? 8D 8C 24 1C 01 00 00 BF 01 00 00 00 56 51 89 7C 24 1C E8 ?? ?? ?? ?? 8B 94 24 C8 04 00 00 56 8D 84 24 AC 01 00 00 52 50 E8 ?? ?? ?? ?? 8B 9C 24 D8 04 00 00 56 8D 8C 24 B0 00 00 00 53 51 E8 ?? ?? ?? ?? 8D 94 24 B8 00 00 00 56 52 E8 ?? ?? ?? ?? 83 C4 30 85 C0 0F 85 F8 00 00 00 8D 84 24 ?? 00 00 00 56 50 8D 8C 24 A0 01 00 00 56 8D 94 24 AC 02 00 00 51 8D 84 24 34 03 00 00 52 50 E8 ?? ?? ?? ?? 8D 8C }
+	condition:
+		$c0
+}
+
+rule RsaEuro_NN_modMult
+{	meta:
+		author = "Maxx"
+		description = "RsaEuro NN_modMult"
+	strings:
+		$c0 = { 8B 44 24 0C 8B 4C 24 08 81 EC 08 01 00 00 8D 54 24 00 56 8B B4 24 20 01 00 00 56 50 51 52 E8 ?? ?? ?? ?? 8B 84 24 2C 01 00 00 56 8D 0C 36 50 8B 84 24 28 01 00 00 8D 54 24 1C 51 52 50 E8 ?? ?? ?? ?? 83 C4 24 5E 81 C4 08 01 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule Miracl_Big_constructor
+{	meta:
+		author = "Maxx"
+		description = "Miracl Big constructor"
+	strings:
+		$c0 = { 56 8B F1 6A 00 E8 ?? ?? ?? ?? 83 C4 04 89 06 8B C6 5E C3 }
+	condition:
+		$c0
+}
+
+rule Miracl_mirvar
+{	meta:
+		author = "Maxx"
+		description = "Miracl mirvar"
+	strings:
+		$c0 = { 56 E8 ?? ?? ?? ?? 8B 88 18 02 00 00 85 C9 74 04 33 C0 5E C3 8B 88 8C 00 00 00 85 C9 75 0E 6A 12 E8 ?? ?? ?? ?? 83 C4 04 33 C0 5E C3 8B 80 38 02 00 00 6A 01 50 E8 ?? ?? ?? ?? 8B F0 83 C4 08 85 F6 75 02 5E C3 8D 46 04 8B C8 8B D0 83 E1 03 2B D1 83 C2 08 89 10 8B 44 24 08 85 C0 74 0A 56 50 E8 ?? ?? ?? ?? 83 C4 08 8B C6 5E C3 }
+		$c1 = { 56 57 E8 ?? ?? ?? ?? 8B F0 8B 86 2C 02 00 00 85 C0 74 05 5F 33 C0 5E C3 8B 56 1C 42 8B C2 89 56 1C 83 F8 18 7D 17 C7 44 86 20 17 00 00 00 8B 86 40 02 00 00 85 C0 74 05 E8 ?? ?? ?? ?? 8B 86 8C 00 00 00 85 C0 75 16 6A 12 E8 ?? ?? ?? ?? 8B 46 1C 83 C4 04 48 89 46 1C 5F 33 C0 5E C3 8B 46 18 6A 01 8D 0C 85 0C 00 00 00 51 E8 ?? ?? ?? ?? 8B F8 83 C4 08 85 FF 75 0C 8B 46 1C 5F 48 89 46 1C 33 C0 5E C3 8D 47 04 8B D0 8B C8 83 E2 03 2B CA 83 C1 08 89 08 8B 44 24 0C 85 C0 74 0A 57 50 E8 }
+		$c2 = { 56 57 E8 ?? ?? ?? ?? 8B F0 8B 86 18 02 00 00 85 C0 74 05 5F 33 C0 5E C3 8B 56 1C 42 8B C2 89 56 1C 83 F8 18 7D 17 C7 44 86 20 17 00 00 00 8B 86 2C 02 00 00 85 C0 74 05 E8 ?? ?? ?? ?? 8B 86 8C 00 00 00 85 C0 75 16 6A 12 E8 ?? ?? ?? ?? 8B 46 1C 83 C4 04 48 89 46 1C 5F 33 C0 5E C3 8B 86 A4 02 00 00 6A 01 50 E8 ?? ?? ?? ?? 8B F8 83 C4 08 85 FF 75 0C 8B 46 1C 5F 48 89 46 1C 33 C0 5E C3 8D 47 04 8B C8 8B D0 83 E1 03 2B D1 83 C2 08 89 10 8B 44 24 0C 85 C0 74 0A 57 50 E8 }
+	condition:
+		any of them
+}
+
+rule Miracl_mirsys_init
+{	meta:
+		author = "Maxx"
+		description = "Miracl mirsys init"
+	strings:
+		$c0 = { 53 55 57 E8 ?? ?? ?? ?? A3 ?? ?? ?? ?? E8 ?? ?? ?? ?? 33 DB A3 ?? ?? ?? ?? 3B C3 75 06 5F 5D 33 C0 5B C3 89 58 1C A1 ?? ?? ?? ?? BD 01 00 00 00 89 58 20 A1 ?? ?? ?? ?? 8B 50 1C 42 89 50 1C A1 ?? ?? ?? ?? 8B 48 1C C7 44 88 20 1D 00 00 00 8B 15 ?? ?? ?? ?? 89 9A 14 02 00 00 A1 ?? ?? ?? ?? 89 98 70 01 00 00 8B 0D ?? ?? ?? ?? 89 99 78 01 00 00 8B 15 ?? ?? ?? ?? 89 9A 98 01 00 00 A1 ?? ?? ?? ?? 89 58 14 8B 44 24 14 3B C5 0F 84 6C 05 00 00 3D 00 00 00 80 0F 87 61 05 00 00 50 E8 }
+	condition:
+		$c0
+}
+
+/* //gives many false positives sorry Storm Shadow
+rule x509_public_key_infrastructure_cert
+{	meta:
+		desc = "X.509 PKI Certificate"
+		ext = "crt"
+	strings:
+		$c0 = { 30 82 ?? ?? 30 82 ?? ?? }
+	condition: 
+		$c0
+}
+
+rule pkcs8_private_key_information_syntax_standard
+{	meta:
+		desc = "Found PKCS #8: Private-Key"
+		ext = "key"
+	strings: 
+		$c0 = { 30 82 ?? ?? 02 01 00 }
+	condition:
+		$c0
+}
+*/
+
+rule BASE64_table {
+	meta:
+		author = "_pusher_"
+		description = "Look for Base64 table"
+		date = "2015-07"
+		version = "0.1"
+	strings:
+		$c0 = { 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 75 76 77 78 79 7A 30 31 32 33 34 35 36 37 38 39 2B 2F }
+	condition:
+		$c0
+}
+
+rule Delphi_Random {
+	meta:
+		author = "_pusher_"
+		description = "Look for Random function"
+		date = "2015-08"
+		version = "0.1"
+	strings:
+		$c0 = { 53 31 DB 69 93 ?? ?? ?? ?? 05 84 08 08 42 89 93 ?? ?? ?? ?? F7 E2 89 D0 5B C3 }
+		//x64 rad
+		$c1 = { 8B 05 ?? ?? ?? ?? 69 C0 05 84 08 08 83 C0 01 89 05 ?? ?? ?? ?? 8B C9 8B C0 48 0F AF C8 48 C1 E9 20 89 C8 C3 }
+	condition:
+		any of them
+}
+
+rule Delphi_RandomRange {
+	meta:
+		author = "_pusher_"
+		description = "Look for RandomRange function"
+		date = "2016-06"
+		version = "0.1"
+	strings:
+		$c0 = { 56 8B F2 8B D8 3B F3 7D 0E 8B C3 2B C6 E8 ?? ?? ?? ?? 03 C6 5E 5B C3 8B C6 2B C3 E8 ?? ?? ?? ?? 03 C3 5E 5B C3 }
+	condition:
+		$c0
+}
+
+rule Delphi_FormShow {
+	meta:
+		author = "_pusher_"
+		description = "Look for Form.Show function"
+		date = "2016-06"
+		version = "0.1"
+	strings:
+		$c0 = { 53 8B D8 B2 01 8B C3 E8 ?? ?? ?? ?? 8B C3 E8 ?? ?? ?? ?? 5B C3 }
+		//x64 rad
+		$c1 = { 53 48 83 EC 20 48 89 CB 48 89 D9 B2 01 E8 ?? ?? ?? ?? 48 89 D9 E8 ?? ?? ?? ?? 48 83 C4 20 5B C3 }
+	condition:
+		any of them
+}
+
+rule Delphi_CompareCall {
+	meta:
+		author = "_pusher_"
+		description = "Look for Compare string function"
+		date = "2016-07"
+	strings:
+		$c0 = { 53 56 57 89 C6 89 D7 39 D0 0F 84 8F 00 00 00 85 F6 74 68 85 FF 74 6B 8B 46 FC 8B 57 FC 29 D0 77 02 01 C2 52 C1 EA 02 74 26 8B 0E 8B 1F 39 D9 75 58 4A 74 15 8B 4E 04 8B 5F 04 39 D9 75 4B 83 C6 08 83 C7 08 4A 75 E2 EB 06 83 C6 04 83 C7 04 5A 83 E2 03 74 22 8B 0E 8B 1F 38 D9 75 41 4A 74 17 38 FD 75 3A 4A 74 10 81 E3 00 00 FF 00 81 E1 00 00 FF 00 39 D9 75 27 01 C0 EB 23 8B 57 FC 29 D0 EB 1C 8B 46 FC 29 D0 EB 15 5A 38 D9 75 10 38 FD 75 0C C1 E9 10 C1 EB 10 38 D9 75 02 38 FD 5F 5E 5B C3 }
+		//newer delphi
+		$c1 = { 39 D0 74 30 85 D0 74 22 8B 48 FC 3B 4A FC 75 24 01 C9 01 C8 01 CA F7 D9 53 8B 1C 01 3B 1C 11 75 07 83 C1 04 78 F3 31 C0 5B C3}
+		//x64
+		$c2 = { 41 56 41 55 57 56 53 48 83 EC 20 48 89 D3 48 3B CB 75 05 48 33 C0 EB 74 48 85 C9 75 07 8B 43 FC F7 D8 EB 68 48 85 DB 75 05 8B 41 FC EB 5E 8B 79 FC 44 8B 6B FC 89 FE 41 3B F5 7E 03 44 89 EE E8 ?? ?? ?? ?? 49 89 C6 48 89 D9 E8 ?? ?? ?? ?? 48 89 C1 85 F6 7E 30 41 0F B7 06 0F B7 11 2B C2 85 C0 75 29 83 FE 01 74 1E 41 0F B7 46 02 0F B7 51 02 2B C2 85 C0 75 15 49 83 C6 04 48 83 C1 04 83 EE 02 85 F6 7F D0 90 8B C7 41 2B C5 48 83 C4 20 5B 5E 5F 41 5D 41 5E C3 }
+ 	condition:
+		any of them
+}
+
+rule Delphi_Copy {
+	meta:
+		author = "_pusher_"
+		description = "Look for Copy function"
+		date = "2016-06"
+		version = "0.1"
+	strings:
+		$c0 = { 53 85 C0 74 2D 8B 58 FC 85 DB 74 26 4A 7C 1B 39 DA 7D 1F 29 D3 85 C9 7C 19 39 D9 7F 11 01 C2 8B 44 24 08 E8 ?? ?? ?? ?? EB 11 31 D2 EB E5 89 D9 EB EB 8B 44 24 08 E8 ?? ?? ?? ?? 5B C2 04 00 }
+		//x64 rad
+		$c1 = { 53 48 83 EC 20 48 89 CB 44 89 C0 48 33 C9 48 85 D2 74 03 8B 4A FC 83 F8 01 7D 05 48 33 C0 EB 09 83 E8 01 3B C1 7E 02 89 C8 45 85 C9 7D 05 48 33 C9 EB 0A 2B C8 41 3B C9 7E 03 44 89 C9 49 89 D8 48 63 C0 48 8D 14 42 89 C8 4C 89 C1 41 89 C0 E8 ?? ?? ?? ?? 48 89 D8 48 83 C4 20 5B C3 }
+	condition:
+		any of them
+}
+
+rule Delphi_IntToStr {
+	meta:
+		author = "_pusher_"
+		description = "Look for IntToStr function"
+		date = "2016-04"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 81 C4 00 FF FF FF 53 56 8B F2 8B D8 FF 75 0C FF 75 08 8D 85 00 FF FF FF E8 ?? ?? ?? ?? 8D 95 00 FF FF FF 8B C6 E8 ?? ?? ?? ?? EB 0E 8B 0E 8B C6 BA ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 06 E8 ?? ?? ?? ?? 33 D2 8A D3 3B C2 72 E3 5E 5B 8B E5 5D C2 08 00 }
+		//x64 rad
+		$c1 = { 53 48 83 EC 20 48 89 CB 48 85 D2 7D 10 48 89 D9 48 F7 DA 41 B0 01 E8 ?? ?? ?? ?? EB 0B 48 89 D9 4D 33 C0 E8 ?? ?? ?? ?? 48 89 D8 48 83 C4 20 5B C3 }
+	condition:
+		any of them
+}
+
+
+rule Delphi_StrToInt {
+	meta:
+		author = "_pusher_"
+		description = "Look for StrToInt function"
+		date = "2016-06"
+		version = "0.1"
+	strings:
+		$c0 = { 53 56 83 C4 F4 8B D8 8B D4 8B C3 E8 ?? ?? ?? ?? 8B F0 83 3C 24 00 74 19 89 5C 24 04 C6 44 24 08 0B 8D 54 24 04 A1 ?? ?? ?? ?? 33 C9 E8 ?? ?? ?? ?? 8B C6 83 C4 0C 5E 5B C3 }
+		//x64 rad
+		$c1 = { 55 56 53 48 83 EC 40 48 8B EC 48 89 CB 48 89 D9 48 8D 55 3C E8 ?? ?? ?? ?? 89 C6 83 7D 3C 00 74 1B 48 89 5D 20 C6 45 28 11 48 8B 0D ?? ?? ?? ?? 48 8D 55 20 4D 33 C0 E8 ?? ?? ?? ?? 89 F0 48 8D 65 40 5B 5E 5D C3 }
+	condition:
+		any of them
+}
+
+rule Delphi_DecodeDate {
+	meta:
+		author = "_pusher_"
+		description = "Look for DecodeDate (DecodeDateFully) function"
+		date = "2016-06"
+		version = "0.1"
+	strings:
+		$c0 = { 55 8B EC 83 C4 E8 53 56 89 4D F4 89 55 F8 89 45 FC 8B 5D 08 FF 75 10 FF 75 0C 8D 45 E8 E8 ?? ?? ?? ?? 8B 4D EC 85 C9 7F 24 8B 45 FC 66 C7 00 00 00 8B 45 F8 66 C7 00 00 00 8B 45 F4 66 C7 00 00 00 66 C7 03 00 00 33 D2 E9 F2 00 00 00 8B C1 BE 07 00 00 00 99 F7 FE 42 66 89 13 49 66 BB 01 00 81 F9 B1 3A 02 00 7C 13 81 E9 B1 3A 02 00 66 81 C3 90 01 81 F9 B1 3A 02 00 7D ED 8D 45 F2 50 8D 45 F0 66 BA AC 8E 91 E8 ?? ?? ?? ?? 66 83 7D F0 04 75 0A 66 FF 4D F0 66 81 45 F2 AC 8E 66 6B 45 F0 64 66 03 D8 8D 45 F2 50 8D 4D F0 0F B7 45 F2 66 BA B5 05 E8 ?? ?? ?? ?? 66 8B 45 F0 C1 E0 02 66 03 D8 8D 45 F2 50 8D 4D F0 0F B7 45 F2 66 BA 6D 01 E8 ?? ?? ?? ?? 66 83 7D F0 04 75 0A 66 FF 4D F0 66 81 45 F2 6D 01 66 03 5D F0 8B C3 E8 ?? ?? ?? ?? 8B D0 33 C0 8A C2 8D 04 40 8D 34 C5 ?? ?? ?? ?? 66 B8 01 00 0F B7 C8 66 8B 4C 4E FE 66 89 4D F0 66 8B 4D F2 66 3B 4D F0 72 0B 66 8B 4D F0 66 29 4D F2 40 EB DF 8B 4D FC 66 89 19 8B 4D F8 66 89 01 66 8B 45 F2 40 8B 4D F4 66 89 01 8B C2 5E 5B 8B E5 5D C2 0C 00 }
+		//x64
+		$c1 = { 55 41 55 57 56 53 48 83 EC 30 48 8B EC 48 89 D3 4C 89 C6 4C 89 CF E8 ?? ?? ?? ?? 48 8B C8 48 C1 E9 20 85 C9 7F 23 66 C7 03 00 00 66 C7 06 00 00 66 C7 07 00 00 48 8B 85 80 00 00 00 66 C7 00 00 00 48 33 C0 E9 19 01 00 00 4C 8B 85 80 00 00 00 41 C7 C1 07 00 00 00 8B C1 99 41 F7 F9 66 83 C2 01 66 41 89 10 83 E9 01 66 41 BD 01 00 81 F9 B1 3A 02 00 7C 14 81 E9 B1 3A 02 00 66 41 81 C5 90 01 81 F9 B1 3A 02 00 7D EC 90 66 BA AC 8E 4C 8D 45 2C 4C 8D 4D 2E E8 ?? ?? ?? ?? 66 83 7D 2C 04 75 0B 66 83 6D 2C 01 66 81 45 2E AC 8E 66 6B 45 2C 64 66 44 03 E8 0F B7 4D 2E 66 BA B5 05 4C 8D 45 2C 4C 8D 4D 2E E8 ?? ?? ?? ?? 48 0F B7 45 2C 03 C0 03 C0 66 44 03 E8 0F B7 4D 2E 66 BA 6D 01 4C 8D 45 2C 4C 8D 4D 2E E8 ?? ?? ?? ?? 66 83 7D 2C 04 75 0B 66 83 6D 2C 01 66 81 45 2E 6D 01 66 44 03 6D 2C 44 89 E9 E8 ?? ?? ?? ?? 48 8D 0D ?? ?? ?? ?? 48 0F B6 D0 48 8D 14 52 48 8D 14 D1 66 B9 01 00 4C 0F B7 C1 4E 0F B7 44 42 FE 66 44 89 45 2C 4C 0F B7 45 2E 66 44 3B 45 2C 72 10 4C 0F B7 45 2C 66 44 29 45 2E 66 }
+	condition:
+		any of them
+}
+
+
+rule Unknown_Random {
+	meta:
+		author = "_pusher_"
+		description = "Look for Random function"
+		date = "2016-07"
+	strings:
+		$c0 = { 55 8B EC 52 8B 45 08 69 15 ?? ?? ?? ?? 05 84 08 08 42 89 15 ?? ?? ?? ?? F7 E2 8B C2 5A C9 C2 04 00 }
+	condition:
+		$c0
+}
+
+rule VC6_Random {
+	meta:
+		author = "_pusher_"
+		description = "Look for Random function"
+		date = "2016-02"
+	strings:
+		$c0 = { A1 ?? ?? ?? ?? 69 C0 FD 43 03 00 05 C3 9E 26 00 A3 ?? ?? ?? ?? C1 F8 10 25 FF 7F 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule VC8_Random {
+	meta:
+		author = "_pusher_"
+		description = "Look for Random function"
+		date = "2016-01"
+		version = "0.1"
+	strings:
+		$c0 = { E8 ?? ?? ?? ?? 8B 48 14 69 C9 FD 43 03 00 81 C1 C3 9E 26 00 89 48 14 8B C1 C1 E8 10 25 FF 7F 00 00 C3 }
+	condition:
+		$c0
+}
+
+rule DCP_RIJNDAEL_Init {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP RijnDael Init"
+		date = "2016-07"
+	strings:
+		$c0 = { 55 8B EC 51 53 56 57 89 4D FC 8B FA 8B D8 8B 75 08 56 8B D7 8B 4D FC 8B C3 E8 ?? ?? ?? ?? 8B D7 8B 4D FC 8B C3 8B 38 FF 57 ?? 85 F6 75 25 8D 43 38 33 C9 BA 10 00 00 00 E8 ?? ?? ?? ?? 8D 4B 38 8D 53 38 8B C3 8B 30 FF 56 ?? 8B C3 8B 10 FF 52 ?? EB 16 8D 53 38 8B C6 B9 10 00 00 00 E8 ?? ?? ?? ?? 8B C3 8B 10 FF 52 ?? 5F 5E 5B 59 5D C2 04 00 }
+	condition:
+		$c0
+}
+
+rule DCP_RIJNDAEL_EncryptECB {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP RijnDael EncryptECB"
+		date = "2016-07"
+	strings:
+		$c0 = { 53 56 57 55 83 C4 B4 89 0C 24 8D 74 24 08 8D 7C 24 28 80 78 30 00 75 16 B9 ?? ?? ?? ?? B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 0A 89 0F 8B CA 83 C1 04 8B 09 8D 5F 04 89 0B 8B CA 83 C1 08 8B 09 8D 5F 08 89 0B 83 C2 0C 8B 12 8D 4F 0C 89 11 8B 50 58 83 EA 02 85 D2 0F 82 3B 01 00 00 42 89 54 24 04 33 D2 8B 0F 8B DA C1 E3 02 33 4C D8 5C 89 0E 8D 4F 04 8B 09 33 4C D8 60 8D 6E 04 89 4D 00 8D 4F 08 8B 09 33 4C D8 64 8D 6E 08 89 4D 00 8D 4F 0C 8B 09 33 4C D8 68 8D 5E 0C 89 0B 33 C9 8A 0E 8D 0C 8D }
+	condition:
+		$c0
+}
+
+rule DCP_BLOWFISH_Init {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP Blowfish Init"
+		date = "2016-07"
+	strings:
+		$c0 = { 53 56 57 55 8B F2 8B F8 8B CF B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B D8 8B C3 8B 10 FF 52 34 8B C6 E8 ?? ?? ?? ?? 50 8B C6 E8 ?? ?? ?? ?? 8B D0 8B C3 59 8B 30 FF 56 3C 8B 43 3C 85 C0 79 03 83 C0 07 C1 F8 03 E8 ?? ?? ?? ?? 8B F0 8B D6 8B C3 8B 08 FF 51 40 8B 47 40 8B 6B 3C 3B C5 7D 0F 6A 00 8B C8 8B D6 8B C7 8B 38 FF 57 30 EB 0D 6A 00 8B D6 8B CD 8B C7 8B 38 FF 57 30 8B 53 3C 85 D2 79 03 83 C2 07 C1 FA 03 8B C6 B9 FF 00 00 00 E8 ?? ?? ?? ?? 8B 53 3C 85 D2 79 03 83 C2 07 C1 FA 03 8B C6 E8 ?? ?? ?? ?? 8B C3 E8 ?? ?? ?? ?? 5D 5F 5E 5B C3 }
+	condition:
+		$c0
+}
+
+
+rule DCP_BLOWFISH_EncryptCBC {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP Blowfish EncryptCBC"
+		date = "2016-07"
+	strings:
+		$c0 = { 55 8B EC 83 C4 F0 53 56 57 89 4D F8 89 55 FC 8B D8 80 7B 34 00 75 16 B9 ?? ?? ?? ?? B2 01 A1 ?? ?? ?? ?? E8 ?? ?? ?? ?? E8 ?? ?? ?? ?? 8B 7D 08 85 FF 79 03 83 C7 07 C1 FF 03 85 FF 7E 56 BE 01 00 00 00 6A 08 8B 45 FC 8B D6 4A C1 E2 03 03 C2 8D 4D F0 8D 53 54 E8 ?? ?? ?? ?? 8D 4D F0 8D 55 F0 8B C3 E8 ?? ?? ?? ?? 8B 55 F8 8B C6 48 C1 E0 03 03 D0 8D 45 F0 B9 08 00 00 00 E8 ?? ?? ?? ?? 8D 53 54 8D 45 F0 B9 08 00 00 00 E8 ?? ?? ?? ?? 46 4F 75 AF 8B 75 08 81 E6 07 00 00 80 79 05 4E 83 CE F8 46 85 F6 74 26 8D 4D F0 8D 53 54 8B C3 E8 ?? ?? ?? ?? 56 8B 4D F8 03 4D 08 2B CE 8B 55 FC 03 55 08 2B D6 8D 45 F0 E8 ?? ?? ?? ?? 8D 45 F0 B9 FF 00 00 00 BA 08 00 00 00 E8 ?? ?? ?? ?? 5F 5E 5B 8B E5 5D C2 04 00 }
+	condition:
+		$c0
+}
+
+rule DCP_DES_Init {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP Des Init"
+		date = "2016-02"
+	strings:
+		$c0 = { 55 8B EC 51 53 56 57 89 4D FC 8B FA 8B D8 8B 75 08 56 8B D7 8B 4D FC 8B C3 E8 FE F9 FF FF 8B D7 8B 4D FC 8B C3 8B 38 FF 57 5C 85 F6 75 25 8D 43 38 33 C9 BA 08 00 00 00 E8 F3 A9 FA FF 8D 4B 38 8D 53 38 8B C3 8B 30 FF 56 6C 8B C3 8B 10 FF 52 48 EB 16 8D 53 38 8B C6 B9 08 00 00 00 E8 6E A7 FA FF 8B C3 8B 10 FF 52 48 5F 5E 5B 59 5D C2 04 00 }
+		$c1 = { 55 8B EC 51 53 56 57 89 4D FC 8B FA 8B D8 8B 75 08 56 8B D7 8B 4D FC 8B C3 E8 EE D4 FF FF 8B D7 8B 4D FC 8B C3 8B 38 FF 57 74 85 F6 75 2B 8D 43 40 B9 FF 00 00 00 BA 08 00 00 00 E8 ?? ?? ?? ?? 8D 4B 40 8D 53 40 8B C3 8B 30 FF 96 84 00 00 00 8B C3 8B 10 FF 52 58 EB 16 8D 53 40 8B C6 B9 08 00 00 00 E8 ?? ?? ?? ?? 8B C3 8B 10 FF 52 58 5F 5E 5B 59 5D C2 04 00 }
+	condition:
+		any of them
+}
+
+
+rule DCP_DES_EncryptECB {
+	meta:
+		author = "_pusher_"
+		description = "Look for DCP Des EncryptECB"
+		date = "2016-02"
+	strings:
+		$c0 = { 53 80 78 ?? 00 75 16 B9 ?? ?? ?? 00 B2 01 A1 ?? ?? ?? 00 E8 ?? ?? ?? FF E8 ?? ?? ?? FF 8D 58 ?? 53 E8 ?? ?? FF FF 5B C3 }
+	condition:
+		any of them
+}
+
+rule TEA_DELTA2 {
+	meta:
+		author = "_pusher_"
+		description = "TEA DELTA"
+		date = "2016-02"
+	strings:
+		$c0 = { 9E 37 79 B9 }
+		$c1 = { 61 C8 86 47 }
+	condition:
+		any of them
+}
+
+rule TEA_DELTA {
+	meta:
+		author = "_pusher_"
+		description = "TEA DELTA"
+		date = "2016-02"
+	strings:
+		$c0 = { B9 79 37 9E }
+		$c1 = { 47 86 C8 61 }
+	condition:
+		any of them
+}
+
+rule TEA_SUM {
+	meta:
+		author = "_pusher_"
+		description = "TEA SUM"
+		date = "2016-02"
+	strings:
+		$c0 = { 90 9B 77 E3 }
+	condition:
+		any of them
+}
+
+rule Sosemanuk
+{
+    /* Notes:
+     *
+     * - mul_a and mul_ia are commonly stored in a 4-byte value array, so
+     *   look for a 4-byte little endian equivalant also
+     *
+     * - mul_a and mul_ia start with four zero bytes, which is a fairly common
+     *   pattern in EXEs.  Including these bytes in the strings below is likely
+     *   worse for scan performance than omitting them, but I'm leaving them in
+     *   because findcrypt-yara leverages the yara API to map substring matches
+     *   to binary offsets (and then into virtual addresses), and the virtual
+     *   address for the start of these is likely to have more xrefs than the
+     *   the virtual address of (matching_offset + 4).  If, instead, better
+     *   performance is desired for your use case, just remove the zero bytes
+     *   from the strings below.
+     *
+     * Reference:
+     * - https://labs.sentinelone.com/enter-the-maze-demystifying-an-affiliate-involved-in-maze-snow/
+     */
+    strings:
+        $mul_a_be = {00 00 00 00 E1 9F CF 13 6B 97 37 26 8A 08 F8 35 [992] B5 5B 4D DE 54 C4 82 CD DE CC 7A F8 3F 53 B5 EB}
+        $mul_a_le = {00 00 00 00 13 CF 9F E1 26 37 97 6B 35 F8 08 8A [992] DE 4D 5B B5 CD 82 C4 54 F8 7A CC DE EB B5 53 3F}
+        $mul_ia_be = {00 00 00 00 18 0F 40 CD 30 1E 80 33 28 11 C0 FE [992] 9E E2 65 1C 86 ED 25 D1 AE FC E5 2F B6 F3 A5 E2}
+        $mul_ia_le = {00 00 00 00 CD 40 0F 18 33 80 1E 30 FE C0 11 28 [992] 1C 65 E2 9E D1 25 ED 86 2F E5 FC AE E2 A5 F3 B6}
+
+    condition:
+        any of them
+}
+
+rule salsa20 {
+	meta:
+		author = "eric"
+		description = "salsa20/chacha20 fixed words"
+		date = "2020-10"
+	strings:
+		$c0 = "expand 32-byte k" ascii
+	condition:
+		$c0
+}
diff --git a/data/suspicious_symbol_name.txt b/data/suspicious_symbol_name.txt
new file mode 100644
index 0000000..83c1d35
--- /dev/null
+++ b/data/suspicious_symbol_name.txt
@@ -0,0 +1,8 @@
+md5
+sha1
+sha512
+sha
+crc
+hash
+crypt
+compress
\ No newline at end of file
diff --git a/findcrypt.py b/findcrypt.py
new file mode 100644
index 0000000..e6793fa
--- /dev/null
+++ b/findcrypt.py
@@ -0,0 +1,66 @@
+import yara
+import sys
+import argparse
+from elftools.elf.elffile import ELFFile
+from elftools.elf.sections import (
+    SymbolTableSection, SymbolTableIndexSection
+)
+from elftools.common.exceptions import ELFError
+
+"""
+todo: 
+	search for a list of cryptographic function to add more functions
+"""
+
+def get_symbols(filename):
+	functions = []
+	try:
+		with open(filename, 'rb') as f:
+			elf = ELFFile(f)
+			symbol_tables = [(idx, s) for idx, s in enumerate(elf.iter_sections()) if isinstance(s, SymbolTableSection)]
+			for section_index, section in symbol_tables:
+				for nsym, symbol in enumerate(section.iter_symbols()):
+					# print(symbol.name)
+					functions.append(symbol.name)
+	except ELFError as e:
+		print(f"[-] ELF error : {e}")
+		sys.exit(1)
+	return functions
+
+
+def search_cryptographic_func(filename):
+	func_names = open("data/crypto_func_name.txt", "r").read().split("\n")
+	syms = get_symbols(filename)
+	print("[~] searching for cryptographic functions ...")
+	for i in syms:
+		for u in func_names:
+			# print(f"{i.lower()} : {u}")
+			if u in i.lower():
+				print(f"  {i}")
+
+
+def parse_file(filename, print_offsets=False):
+	print(f"[~] parsing {filename}")
+	rules = yara.compile("data/findcrypt3.rules")
+	matches = rules.match(filepath=filename)
+
+	for match in matches:
+		print(f"[+] {match} found")
+		if print_offsets:
+			print(f"offsets : {{ {', '.join([hex(values.instances[0].offset) for values in match.strings])} }}")
+
+if __name__ == "__main__":
+	argparser = argparse.ArgumentParser( usage='%(prog)s [options] <file>', prog=f"python3 {sys.argv[0]}")
+	argparser.add_argument('file', nargs='?', default=None, help='file to parse')
+	argparser.add_argument('-o', '--offsets', action='store_true', help='print offsets of values found.')
+	argparser.add_argument('-f', '--function', action='store_true', help='search for cryptographic functions (only ELF)')
+
+	args = argparser.parse_args()
+
+	if not args.file:
+		argparser.print_help()
+		sys.exit(0)
+
+	parse_file(args.file, print_offsets=args.offsets)
+	if args.function:
+		search_cryptographic_func(args.file)
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..28e0871
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,3 @@
+yara-python
+elftools
+argparse
\ No newline at end of file